From owner-freebsd-isp Sun Jul 22 6:25:30 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id C77E737B405 for ; Sun, 22 Jul 2001 06:25:26 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6MDOiF90940; Sun, 22 Jul 2001 06:24:44 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Sun, 22 Jul 2001 06:24:43 -0700 Message-ID: <995808283.3b5ad41b4657a@Mail.SavvyWorld.Net> Date: Sun, 22 Jul 2001 06:24:43 -0700 To: Jim Weeks Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Joker problem References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It took them about 10 days to answer the last email that I sent. ed Quoting Jim Weeks : | Ok, | | I will take most of the responsibility for this. I made a mistake and | will probably do so again. I have registered hundreds of domains | through Joker.com and untill this episode, have had no problems. I am | just wondering if anyone else has experienced this. | | First, I logged in under my regular admin address and registered a new | clients domain. Second, I mistyped the owner, admin, and billing e-mail | address with an undeliverable AOL address. However, I typed in and | checked the appropriate box to make the tech handle my own. As you can | guess, the same undeliverable address was recorded for every contact | position. | | Now, I can login under my regular admin address and change any aspect of | the new undeliverable e-mail/admin handle except the undeliverable | address, which is needed if you ever want to make changes to or renew this | domain in the future. | | So far, I haven't even been able to get a response from Joker on this | subject at all. | | Any suggestions would be appreciated, | | -- | Jim Weeks | | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-isp" in the body of the message | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 7: 8: 1 2001 Delivered-To: freebsd-isp@freebsd.org Received: from shell.devco.net (shell.devco.net [196.15.188.7]) by hub.freebsd.org (Postfix) with ESMTP id 30EA837B401 for ; Sun, 22 Jul 2001 07:07:59 -0700 (PDT) (envelope-from bvi@shell.devco.net) Received: from bvi by shell.devco.net with local (Exim 3.20 #2) id 15OJx0-000G88-00; Sun, 22 Jul 2001 16:11:18 +0200 Date: Sun, 22 Jul 2001 16:11:18 +0200 From: Barry Irwin To: Dave VanAuken Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Gigabyte GS-SR101 and GS-SR102 1U rackmount... Message-ID: <20010722161118.C44952@devco.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from dave@hawk-systems.com on Fri, Jul 20, 2001 at 02:08:15PM -0400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri 2001-07-20 (14:08), Dave VanAuken wrote: > Any experience using either of these in a FreeBSD 4.3 stable environment? > > have asked them for some answers on SCSI and ATA raid technology used for > compatability purposes. Look forward to any first hand experience from a > FreeBSD(possible?) usage and from a hardware construction(solid? looks shabby?). Hardware construction is pretty solid, nice looking cases, cable guides, and rounded edges on the caseing. I've been wanting to get these in to have a look with but still waiting for the local supplier. Got to have a close look at them about 2 months ago at the Gigabyte product launch. Barry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 7:21:52 2001 Delivered-To: freebsd-isp@freebsd.org Received: from femail4.sdc1.sfba.home.com (femail4.sdc1.sfba.home.com [24.0.95.84]) by hub.freebsd.org (Postfix) with ESMTP id EFD8D37B401 for ; Sun, 22 Jul 2001 07:21:49 -0700 (PDT) (envelope-from jim@siteplus.net) Received: from veager.siteplus.net ([65.14.122.116]) by femail4.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010722142149.JXRW14903.femail4.sdc1.sfba.home.com@veager.siteplus.net>; Sun, 22 Jul 2001 07:21:49 -0700 Date: Sun, 22 Jul 2001 10:21:48 -0400 (EDT) From: Jim Weeks To: Edwin Culp Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Joker problem In-Reply-To: <995808283.3b5ad41b4657a@Mail.SavvyWorld.Net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, 22 Jul 2001, Edwin Culp wrote: > It took them about 10 days to answer the last email that I sent. Thanks, but it has already been 12 days since I first tried to contact them. Maybe they are more behind on answering than usual. I suppose I could wait a couple of weeks and complain to ICANN if they continue to refuse a response. -- Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 7:23:21 2001 Delivered-To: freebsd-isp@freebsd.org Received: from psknet.com (voyager.psknet.com [63.171.251.15]) by hub.freebsd.org (Postfix) with SMTP id 2FA4237B401 for ; Sun, 22 Jul 2001 07:23:17 -0700 (PDT) (envelope-from troy@psknet.com) Received: (qmail 71726 invoked by uid 85); 22 Jul 2001 14:23:16 -0000 Received: from troy@psknet.com by voyager.psknet.com with qmail-scanner-0.95 (uvscan: v4.1.20/v4143. . Clean. Processed in 0.271474 secs); 22 Jul 2001 14:23:16 -0000 Received: from abyss.dashit.net (HELO abyss) (gunk@63.171.251.250) by voyager.psknet.com with SMTP; 22 Jul 2001 14:23:15 -0000 From: "Troy Settle" To: Subject: RE: Joker problem Date: Sun, 22 Jul 2001 10:23:15 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal In-Reply-To: <995808283.3b5ad41b4657a@Mail.SavvyWorld.Net> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Last email I sent to joker.com has been over a year unanswered. After the first couple months, I switched everything over to an OpenSRS RSP (http://www.namespeed.com). Couldn't be happier, I get support via phone, email, or irc almost anytime I need it. Though, with some 70 or 80 domains, I've been thinking about getting myself signed up as an RSP with OpenSRS. -- Troy Settle Pulaski Networks 540.994.4254 - 866.477.5638 http://www.psknet.com ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Edwin Culp ** Sent: Sunday, July 22, 2001 9:25 AM ** To: Jim Weeks ** Cc: freebsd-isp@FreeBSD.ORG ** Subject: Re: Joker problem ** ** ** It took them about 10 days to answer the last email that I sent. ** ** ed ** ** Quoting Jim Weeks : ** ** | Ok, ** | ** | I will take most of the responsibility for this. I made a mistake and ** | will probably do so again. I have registered hundreds of domains ** | through Joker.com and untill this episode, have had no problems. I am ** | just wondering if anyone else has experienced this. ** | ** | First, I logged in under my regular admin address and registered a new ** | clients domain. Second, I mistyped the owner, admin, and ** billing e-mail ** | address with an undeliverable AOL address. However, I typed in and ** | checked the appropriate box to make the tech handle my own. As you can ** | guess, the same undeliverable address was recorded for every contact ** | position. ** | ** | Now, I can login under my regular admin address and change any ** aspect of ** | the new undeliverable e-mail/admin handle except the undeliverable ** | address, which is needed if you ever want to make changes to ** or renew this ** | domain in the future. ** | ** | So far, I haven't even been able to get a response from Joker on this ** | subject at all. ** | ** | Any suggestions would be appreciated, ** | ** | -- ** | Jim Weeks ** | ** | ** | ** | To Unsubscribe: send mail to majordomo@FreeBSD.org ** | with "unsubscribe freebsd-isp" in the body of the message ** | ** ** ----------------------------------------------------------------------- ** The illiterate of the 21st century will not be ** those who cannot read and write, ** but those who cannot learn, unlearn and relearn. ** --Alvin Toffler ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 8:11:30 2001 Delivered-To: freebsd-isp@freebsd.org Received: from orion.buckhorn.net (lfkn-adsl-static-net1-48.txucom.net [207.70.145.248]) by hub.freebsd.org (Postfix) with ESMTP id D45E237B405 for ; Sun, 22 Jul 2001 08:11:27 -0700 (PDT) (envelope-from bob@buckhorn.net) Received: from buckhorn.net (localhost.buckhorn.net.net [127.0.0.1]) by orion.buckhorn.net (Postfix) with ESMTP id A85614060 for ; Sun, 22 Jul 2001 10:11:11 -0500 (CDT) Message-ID: <3B5AED0F.F8CE7C64@buckhorn.net> Date: Sun, 22 Jul 2001 10:11:11 -0500 From: Bob Martin X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@FreeBSD.org Subject: IMAP servers Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I've decided that it's time to re-invent our e-mail system. Sendmail has already been replaced by postfix. Now it's time to deal with IMAP. What I need is an IMAP server that handles virtual domains, "virtual" (non system) users, and that can handle different imap name spaces. SASL authentication is also a must, as is a very low price tag. Scalability and performance would be nice, but at the moment, it's not essential. I've narrowed it down to 2 servers. Cyrus. Does everything but virtual domains. Courier. Does everything but user defined name spaces. As it stands now, I'm going to "fix" one of the two. Question is, which one? I really have 2 questions. 1) Is there another well developed IMAP server I should look at? 2) If you are using one of these 2, what are it's good and bad points. If you'll reply to me off list, I'll summarize and post the summary back to the list. Thanks for the help! Bob Martin -- But in our enthusiasm, we could not resist a radical overhaul of the system, in which all of its major weaknesses have been exposed, analyzed, and replaced with new weaknesses. -- Bruce Leverett, "Register Allocation in Optimizing Compilers" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 9:21:41 2001 Delivered-To: freebsd-isp@freebsd.org Received: from femail4.sdc1.sfba.home.com (femail4.sdc1.sfba.home.com [24.0.95.84]) by hub.freebsd.org (Postfix) with ESMTP id 1B64E37B403 for ; Sun, 22 Jul 2001 09:21:38 -0700 (PDT) (envelope-from jim@siteplus.net) Received: from veager.siteplus.net ([65.14.122.116]) by femail4.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010722162137.MYCY14903.femail4.sdc1.sfba.home.com@veager.siteplus.net>; Sun, 22 Jul 2001 09:21:37 -0700 Date: Sun, 22 Jul 2001 12:21:36 -0400 (EDT) From: Jim Weeks To: Troy Settle Cc: freebsd-isp@FreeBSD.ORG Subject: RE: Joker problem In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, 22 Jul 2001, Troy Settle wrote: > > Last email I sent to joker.com has been over a year unanswered. After the > first couple months, I switched everything over to an OpenSRS RSP > (http://www.namespeed.com). Couldn't be happier, I get support via phone, > email, or irc almost anytime I need it. > > Though, with some 70 or 80 domains, I've been thinking about getting myself > signed up as an RSP with OpenSRS. Troy, Thanks for the link to Namespeed. I will certainly give them strong consideration. I am just at a loss as to what to do about this particular domain. It will be alright for the next year, but I have succeeded in successfully locking myself, or the owner for that matter, out of any further administration or renewal of the domain. -- Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 9:30:45 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id B612237B403 for ; Sun, 22 Jul 2001 09:30:38 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6MGUZU15129; Sun, 22 Jul 2001 09:30:35 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Sun, 22 Jul 2001 09:30:34 -0700 Message-ID: <995819434.3b5affaaa6413@Mail.SavvyWorld.Net> Date: Sun, 22 Jul 2001 09:30:34 -0700 To: Troy Settle Cc: freebsd-isp@FreeBSD.ORG Subject: RE: Joker problem References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Quoting Troy Settle : | | Last email I sent to joker.com has been over a year unanswered. After the | first couple months, I switched everything over to an OpenSRS RSP | (http://www.namespeed.com). Couldn't be happier, I get support via phone, | email, or irc almost anytime I need it. | | Though, with some 70 or 80 domains, I've been thinking about getting myself | signed up as an RSP with OpenSRS. Troy, Thanks for the info. I just read through it quickly and could not really find any drawbacks, have you? I need a solution. I've got a couple hundred domains scattered between four registars, and have a click through to register.com, that generates a little cash flow. This looks like a neat way to get all my eggs in one basket. I was planing to do this with gandi.net but this is even a little cheaper(depends on the euro). I guess it's time to print contracts to be signed and faxed:-( That is a downside, I guess. ed | | -- | Troy Settle | Pulaski Networks | 540.994.4254 - 866.477.5638 | http://www.psknet.com | | | ** -----Original Message----- | ** From: owner-freebsd-isp@FreeBSD.ORG | ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Edwin Culp | ** Sent: Sunday, July 22, 2001 9:25 AM | ** To: Jim Weeks | ** Cc: freebsd-isp@FreeBSD.ORG | ** Subject: Re: Joker problem | ** | ** | ** It took them about 10 days to answer the last email that I sent. | ** | ** ed | ** | ** Quoting Jim Weeks : | ** | ** | Ok, | ** | | ** | I will take most of the responsibility for this. I made a mistake and | ** | will probably do so again. I have registered hundreds of domains | ** | through Joker.com and untill this episode, have had no problems. I am | ** | just wondering if anyone else has experienced this. | ** | | ** | First, I logged in under my regular admin address and registered a new | ** | clients domain. Second, I mistyped the owner, admin, and | ** billing e-mail | ** | address with an undeliverable AOL address. However, I typed in and | ** | checked the appropriate box to make the tech handle my own. As you | can | ** | guess, the same undeliverable address was recorded for every contact | ** | position. | ** | | ** | Now, I can login under my regular admin address and change any | ** aspect of | ** | the new undeliverable e-mail/admin handle except the undeliverable | ** | address, which is needed if you ever want to make changes to | ** or renew this | ** | domain in the future. | ** | | ** | So far, I haven't even been able to get a response from Joker on this | ** | subject at all. | ** | | ** | Any suggestions would be appreciated, | ** | | ** | -- | ** | Jim Weeks | ** | | ** | | ** | | ** | To Unsubscribe: send mail to majordomo@FreeBSD.org | ** | with "unsubscribe freebsd-isp" in the body of the message | ** | | ** | ** ----------------------------------------------------------------------- | ** The illiterate of the 21st century will not be | ** those who cannot read and write, | ** but those who cannot learn, unlearn and relearn. | ** --Alvin Toffler | ** | ** To Unsubscribe: send mail to majordomo@FreeBSD.org | ** with "unsubscribe freebsd-isp" in the body of the message | ** | ** | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-isp" in the body of the message | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 10:31:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from tortugas.irbs.com (tortugas.irbs.com [216.86.160.243]) by hub.freebsd.org (Postfix) with ESMTP id A75C237B405 for ; Sun, 22 Jul 2001 10:31:13 -0700 (PDT) (envelope-from jc@irbs.com) Received: by tortugas.irbs.com (Postfix, from userid 108) id 387051366A; Sun, 22 Jul 2001 13:31:03 -0400 (EDT) Date: Sun, 22 Jul 2001 13:31:03 -0400 From: John Capo To: freebsd-isp@FreeBSD.org Subject: Re: IMAP servers Message-ID: <20010722133103.A7059@tortugas.irbs.com> Reply-To: jc@irbs.com References: <3B5AED0F.F8CE7C64@buckhorn.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B5AED0F.F8CE7C64@buckhorn.net>; from bob@buckhorn.net on Sun, Jul 22, 2001 at 10:11:11AM -0500 X-Organization: IRBS Engineering, inc. 954-463-3771 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Last week I switched from postfix/procmail delivering to Maildirs for virtual domains to postfix/procmail/cyrus. Virtual domains are easy to implement with postfix and cyrus. I let postfix map user@domain.com to imap+user_domain_com with a mysql table and virtual_maps=mysql:/blahblahblah. Procmail is the mailbox_command delivery agent. I created a fallback_transport to procmail via the pipe driver: procmail unix - n n - - pipe flags=R user=cyrus argv=/usr/local/bin/procmail USER=${user} EXTENSION=${extension} Users in /etc/passwd have their mail delivered by the mailbox_command, in my case procmail, and everything goes to procmail/cyrus via the fallback_transport. I use procmail because it was the easy to implement junkmail filtering and attachment filename munging to disable the sircam worm and friends. The fallback_transport could be directly to cyrus or to cyrus via some other filter. The mailbox_command could be something other than procmail. A minimal ~cyrus/.procmailrc: DELIVERMAIL="/usr/local/cyrus/bin/deliver" :0 | $DELIVERMAIL $EXTENSION I modified lib/auth_unix.c to map '@', '%', and '.' in usernames to '_' since '.' is the mailbox seperator in cyrus. This lets me assign unique usernames/mailboxes like joe@domain.com, joe@otherdomain.com, joe@yadomain.com, and so on. Netscape POP does not permit user@domain.com style usernames. Netscape turns user@domain.com to user@domain.com@popserver.com so I tell Netscape POP users to use user%domain.com instead. user@domain.com does work for Netscape IMAP and Outlook POP. Bottom line is if you let postfix do the virtual domain to mailbox name mapping, and you don't need user@domain.com style usernames, cyrus works out of the box. John Capo IRBS Engineering, Inc. Quoting Bob Martin (bob@buckhorn.net): > I've decided that it's time to re-invent our e-mail system. Sendmail has > already been replaced by postfix. Now it's time to deal with IMAP. > > What I need is an IMAP server that handles virtual domains, "virtual" > (non system) users, and that can handle different imap name spaces. SASL > authentication is also a must, as is a very low price tag. Scalability > and performance would be nice, but at the moment, it's not essential. > > I've narrowed it down to 2 servers. > Cyrus. Does everything but virtual domains. > Courier. Does everything but user defined name spaces. > > As it stands now, I'm going to "fix" one of the two. Question is, which > one? > > I really have 2 questions. 1) Is there another well developed IMAP > server I should look at? 2) If you are using one of these 2, what are > it's good and bad points. > > If you'll reply to me off list, I'll summarize and post the summary back > to the list. > > Thanks for the help! > Bob Martin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 10:33:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailsrv.amplex.net (mailsrv.amplex.net [209.57.124.54]) by hub.freebsd.org (Postfix) with ESMTP id D679937B403 for ; Sun, 22 Jul 2001 10:33:56 -0700 (PDT) (envelope-from mark@amplex.net) Received: from mark2000 (dhcp58.amplex.net [209.57.124.58]) by mailsrv.amplex.net (8.11.2/8.11.2) with SMTP id f6MHY2b01452 for ; Sun, 22 Jul 2001 13:34:02 -0400 (EDT) From: "Mark Radabaugh - Amplex" To: Subject: RE: Joker problem Date: Sun, 22 Jul 2001 13:33:56 -0400 Message-ID: <001001c112d4$7bb300e0$3a7c39d1@amplex.net> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal In-Reply-To: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Setting up with Tucows is pretty painless and you get MUCH more control over the domain registration. You can set it up so that anyone can register/maintain domains or just implement what you want for yourself. Go for it. Hum.. On second thought just register them with us :-) Mark Radabaugh Amplex (419) 833-3635 > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Troy Settle > Sent: Sunday, July 22, 2001 10:23 AM > To: freebsd-isp@FreeBSD.ORG > Subject: RE: Joker problem > > > > Last email I sent to joker.com has been over a year > unanswered. After the > first couple months, I switched everything over to an OpenSRS RSP > (http://www.namespeed.com). Couldn't be happier, I get > support via phone, > email, or irc almost anytime I need it. > > Though, with some 70 or 80 domains, I've been thinking about > getting myself > signed up as an RSP with OpenSRS. > > -- > Troy Settle > Pulaski Networks > 540.994.4254 - 866.477.5638 > http://www.psknet.com > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 11:55:31 2001 Delivered-To: freebsd-isp@freebsd.org Received: from orion.buckhorn.net (lfkn-adsl-static-net1-48.txucom.net [207.70.145.248]) by hub.freebsd.org (Postfix) with ESMTP id E2DFA37B401 for ; Sun, 22 Jul 2001 11:55:25 -0700 (PDT) (envelope-from bob@buckhorn.net) Received: from buckhorn.net (localhost.buckhorn.net.net [127.0.0.1]) by orion.buckhorn.net (Postfix) with ESMTP id 8ECAA4060; Sun, 22 Jul 2001 13:55:18 -0500 (CDT) Message-ID: <3B5B2196.4B8B07C4@buckhorn.net> Date: Sun, 22 Jul 2001 13:55:18 -0500 From: Bob Martin X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: jc@irbs.com, freebsd-isp@FreeBSD.org Subject: Re: IMAP servers References: <3B5AED0F.F8CE7C64@buckhorn.net> <20010722133103.A7059@tortugas.irbs.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org John Capo wrote: > > *This message was transferred with a trial version of CommuniGate(tm) Pro* > Last week I switched from postfix/procmail delivering to Maildirs > for virtual domains to postfix/procmail/cyrus. Virtual domains > are easy to implement with postfix and cyrus. > > I let postfix map user@domain.com to imap+user_domain_com with a > mysql table and virtual_maps=mysql:/blahblahblah. Procmail is the > mailbox_command delivery agent. I created a fallback_transport to > procmail via the pipe driver: > > procmail unix - n n - - pipe > flags=R user=cyrus argv=/usr/local/bin/procmail USER=${user} EXTENSION=${extension} > > Users in /etc/passwd have their mail delivered by the mailbox_command, > in my case procmail, and everything goes to procmail/cyrus via the > fallback_transport. > > I use procmail because it was the easy to implement junkmail > filtering and attachment filename munging to disable the sircam > worm and friends. The fallback_transport could be directly to > cyrus or to cyrus via some other filter. The mailbox_command could > be something other than procmail. > > A minimal ~cyrus/.procmailrc: > > DELIVERMAIL="/usr/local/cyrus/bin/deliver" > > :0 > | $DELIVERMAIL $EXTENSION > > I modified lib/auth_unix.c to map '@', '%', and '.' in usernames > to '_' since '.' is the mailbox seperator in cyrus. This lets me > assign unique usernames/mailboxes like joe@domain.com, joe@otherdomain.com, > joe@yadomain.com, and so on. > > Netscape POP does not permit user@domain.com style usernames. > Netscape turns user@domain.com to user@domain.com@popserver.com so > I tell Netscape POP users to use user%domain.com instead. > user@domain.com does work for Netscape IMAP and Outlook POP. > > Bottom line is if you let postfix do the virtual domain to mailbox > name mapping, and you don't need user@domain.com style usernames, > cyrus works out of the box. > > John Capo > IRBS Engineering, Inc. > John, First thanks for the input. One of the problems we are facing is the need to use flat usernames (no @ or %) I have several customers that are not into changing several hundred clients . That's what I mean about cyrus not doing virtual domains, at least out of the box. The key is the IMAP or POP3 login. One of the options I'm considering is a hack on SASL to get the IP the auth request comes in on and then pass that on to a modified pam_mysql or use pam_radius. I had looked at having cyrus listen on different IP's, but that gets really messy. As a foot note, we use a postfix box as a spamfilter/gateway for all of our e-mail, and we even filter mail for some other folks. The set up we use just relays the mail on to another server, but it could do local deliveries too. Along with doing RBL lookups, postfix can do header and body checks. Bob Martin -- But in our enthusiasm, we could not resist a radical overhaul of the system, in which all of its major weaknesses have been exposed, analyzed, and replaced with new weaknesses. -- Bruce Leverett, "Register Allocation in Optimizing Compilers" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 12:49:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.mediaways.net (mail.mediaways.net [193.189.224.113]) by hub.freebsd.org (Postfix) with SMTP id 0EC9F37B401 for ; Sun, 22 Jul 2001 12:49:39 -0700 (PDT) (envelope-from andy.wolf@schwaben.de) Received: (qmail 4540 invoked by uid 4221); 22 Jul 2001 19:49:35 -0000 Received: from xdsd-d5141a2c.pool.mediaways.net (HELO chuck) (213.20.26.44) by smtp-relay.mediaways.net with SMTP; 22 Jul 2001 19:49:35 -0000 From: "Andy Wolf" To: "Bob Martin" , , Subject: RE: IMAP servers Date: Sun, 22 Jul 2001 21:53:39 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <3B5B2196.4B8B07C4@buckhorn.net> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, perhaps Perdition would be helpful: http://www.nl.vergenet.net/linux/perdition/ It is a flexible POP3/IMAP-proxy which is quite useful in large environments... just my 2 cents...Andy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 14:24:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 387C237B405 for ; Sun, 22 Jul 2001 14:24:41 -0700 (PDT) (envelope-from alexus@usa.com) Received: (qmail 59317 invoked from network); 22 Jul 2001 21:24:42 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 22 Jul 2001 21:24:42 -0000 Message-ID: <002101c112f5$09bb1e70$0100a8c0@alexus> From: "alexus" To: Subject: IPs/VHOST/ALIAS/IDENTd/IRC Date: Sun, 22 Jul 2001 17:26:57 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi I have 2 IPs on my box 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) I put both of those IPs into my /etc/rc.conf file alexus@~# grep fxp0 /etc/rc.conf ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" alexus@~# ifconfig fxp0 fxp0: flags=8943 mtu 1500 inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 ether 00:60:94:a5:cb:44 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP alexus@~# so looks like they up and running fine although I'm having one problem (at least so far) whenever I'm trying to IRC from my box from my primary IP .145 ( oXyeTb.com ) everything seems to be in order whenever I'm trying to use my second IP .151 ( bigballz.com ) I can't get on IRC at all.. some of IRC server tells me that my ident isn't installed even though it *is* installed and I'm being able to logon to same server from my first IP just fine here is prove that i *do* have ident (port 113) running alexus@~# netstat -ta | grep auth tcp4 0 0 *.auth *.* LISTEN alexus@~# grep 113 /etc/services | grep tcp auth 113/tcp ident tap #Authentication Service alexus@~# is there some special way I need to add any additional IPs or what am I doing wrong? thanks in advance To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 21:44:29 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 84BBA37B403 for ; Sun, 22 Jul 2001 21:44:24 -0700 (PDT) (envelope-from alexus@usa.com) Received: (qmail 60871 invoked from network); 23 Jul 2001 04:44:27 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 04:44:27 -0000 Message-ID: <001501c11332$77c6bbd0$0100a8c0@alexus> From: "alexus" To: "Bob Martin" Cc: References: <002101c112f5$09bb1e70$0100a8c0@alexus> <3B5B48BD.3ED6F4B0@buckhorn.net> Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 00:46:41 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org su-2.05# sysctl net.inet.ip.forwarding net.inet.ip.forwarding: 1 su-2.05# ifconfig fxp0 fxp0: flags=8943 mtu 1500 inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 ether 00:60:94:a5:cb:44 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP su-2.05# i've tryed to change netmask of second ip to .255 instead of .0 but it doesn't seems to help:( and i also checked my forwarding settings, it was already set to 1 ----- Original Message ----- From: "Bob Martin" To: "alexus" Sent: Sunday, July 22, 2001 5:42 PM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > alexus wrote: > > > > Hi > > > > I have 2 IPs on my box > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > I put both of those IPs into my /etc/rc.conf file > > > > alexus@~# grep fxp0 /etc/rc.conf > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > alexus@~# ifconfig fxp0 > > fxp0: flags=8943 mtu 1500 > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 > > ether 00:60:94:a5:cb:44 > > media: autoselect (100baseTX ) status: active > > supported media: autoselect 100baseTX 100baseTX > > 10baseT/UTP 10baseT/UTP > > alexus@~# > > > > so looks like they up and running fine > > > > although I'm having one problem (at least so far) > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > oXyeTb.com ) everything seems to be in order > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I can't get on > > IRC at all.. some of IRC server tells me that my ident isn't installed even > > though it *is* installed and I'm being able to logon to same server from my > > first IP just fine > > > > here is prove that i *do* have ident (port 113) running > > > > alexus@~# netstat -ta | grep auth > > tcp4 0 0 *.auth *.* LISTEN > > alexus@~# grep 113 /etc/services | grep tcp > > auth 113/tcp ident tap #Authentication Service > > alexus@~# > > > > is there some special way I need to add any additional IPs or what am I > > doing wrong? > > > > thanks in advance > > > You need to change the netmask of the alias to 255.255.255.255, and make > sure that gateway is enabled. > > You can change the IP with ifconfig, and you can enable the gateway > with: > sysctl -w net.inet.ip.forwarding=1 > > All of this is in the archives 8^) > > bob > -- > But in our enthusiasm, we could not resist a radical overhaul of the > system, in which all of its major weaknesses have been exposed, > analyzed, and replaced with new weaknesses. > -- Bruce Leverett, "Register Allocation in Optimizing Compilers" > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 21:57:45 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id D073D37B401 for ; Sun, 22 Jul 2001 21:57:38 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id WAA18728; Sun, 22 Jul 2001 22:56:21 -0600 (MDT) Date: Sun, 22 Jul 2001 22:56:21 -0600 (MDT) From: "Forrest W. Christian" To: alexus Cc: Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: <001501c11332$77c6bbd0$0100a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ident appears to be working on your box on both ports: -------------------TEST OUTPUT BEGIN mail# telnet 66.92.98.151 ident Trying 66.92.98.151... Connected to bigballz.com. Escape character is '^]'. ^] telnet> z Suspended mail# netstat -an | grep 66.92 tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 ESTABLISHED mail# fg telnet 66.92.98.151 ident 113,4183 113 , 4183 : USERID : UNKNOWN : root Connection closed by foreign host. ------------------TEST OUTPUT END ------------------TEST OUTPUT BEGIN mail# telnet 66.92.98.145 ident Trying 66.92.98.145... Connected to oXyeTb.com. Escape character is '^]'. ^] telnet> z Suspended mail# netstat -an | grep 66.92 tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 ESTABLISHED mail# fg telnet 66.92.98.145 ident 113,4242 113 , 4242 : USERID : UNKNOWN : root Connection closed by foreign host. ------------------TEST OUTPUT END I'd look elsewhere, however: Have you considered running a "warm-fuzzy" ident? It lets a lot less information out about your system. Use this perl script: -------- CUT ----------- #!/usr/local/bin/perl ($a, $b) = split(/[,\n\r ]+/,<>); print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; -------- CUT ----------- And reference it from your inetd.conf instead of the ident code. On Mon, 23 Jul 2001, alexus wrote: > Date: Mon, 23 Jul 2001 00:46:41 -0400 > From: alexus > To: Bob Martin > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > su-2.05# sysctl net.inet.ip.forwarding > net.inet.ip.forwarding: 1 > su-2.05# ifconfig fxp0 > fxp0: flags=8943 mtu 1500 > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > ether 00:60:94:a5:cb:44 > media: autoselect (100baseTX ) status: active > supported media: autoselect 100baseTX 100baseTX > 10baseT/UTP 10baseT/UTP > su-2.05# > > i've tryed to change netmask of second ip to .255 instead of .0 but it > doesn't seems to help:( > > and i also checked my forwarding settings, it was already set to 1 > > ----- Original Message ----- > From: "Bob Martin" > To: "alexus" > Sent: Sunday, July 22, 2001 5:42 PM > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > alexus wrote: > > > > > > Hi > > > > > > I have 2 IPs on my box > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > alexus@~# ifconfig fxp0 > > > fxp0: flags=8943 mtu > 1500 > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 > > > ether 00:60:94:a5:cb:44 > > > media: autoselect (100baseTX ) status: active > > > supported media: autoselect 100baseTX 100baseTX > > > 10baseT/UTP 10baseT/UTP > > > alexus@~# > > > > > > so looks like they up and running fine > > > > > > although I'm having one problem (at least so far) > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > oXyeTb.com ) everything seems to be in order > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I can't > get on > > > IRC at all.. some of IRC server tells me that my ident isn't installed > even > > > though it *is* installed and I'm being able to logon to same server from > my > > > first IP just fine > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > alexus@~# netstat -ta | grep auth > > > tcp4 0 0 *.auth *.* > LISTEN > > > alexus@~# grep 113 /etc/services | grep tcp > > > auth 113/tcp ident tap #Authentication Service > > > alexus@~# > > > > > > is there some special way I need to add any additional IPs or what am I > > > doing wrong? > > > > > > thanks in advance > > > > > You need to change the netmask of the alias to 255.255.255.255, and make > > sure that gateway is enabled. > > > > You can change the IP with ifconfig, and you can enable the gateway > > with: > > sysctl -w net.inet.ip.forwarding=1 > > > > All of this is in the archives 8^) > > > > bob > > -- > > But in our enthusiasm, we could not resist a radical overhaul of the > > system, in which all of its major weaknesses have been exposed, > > analyzed, and replaced with new weaknesses. > > -- Bruce Leverett, "Register Allocation in Optimizing Compilers" > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 22:14:27 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id B986D37B401 for ; Sun, 22 Jul 2001 22:14:14 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 60981 invoked from network); 23 Jul 2001 05:14:16 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 05:14:16 -0000 Message-ID: <001901c11336$a24a3ae0$0100a8c0@alexus> From: "alexus" To: "Forrest W. Christian" Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 01:16:30 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org could that be due to i have different broadcast? what broadcast do anyway? what is it for ----- Original Message ----- From: "Forrest W. Christian" To: "alexus" Cc: "Bob Martin" ; Sent: Monday, July 23, 2001 12:56 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > Ident appears to be working on your box on both ports: > > -------------------TEST OUTPUT BEGIN > mail# telnet 66.92.98.151 ident > Trying 66.92.98.151... > Connected to bigballz.com. > Escape character is '^]'. > ^] > telnet> z > > Suspended > mail# netstat -an | grep 66.92 > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > ESTABLISHED > mail# fg > telnet 66.92.98.151 ident > 113,4183 > 113 , 4183 : USERID : UNKNOWN : root > Connection closed by foreign host. > ------------------TEST OUTPUT END > > ------------------TEST OUTPUT BEGIN > mail# telnet 66.92.98.145 ident > Trying 66.92.98.145... > Connected to oXyeTb.com. > Escape character is '^]'. > ^] > telnet> z > > Suspended > mail# netstat -an | grep 66.92 > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > ESTABLISHED > mail# fg > telnet 66.92.98.145 ident > 113,4242 > 113 , 4242 : USERID : UNKNOWN : root > Connection closed by foreign host. > ------------------TEST OUTPUT END > > I'd look elsewhere, however: > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > information out about your system. > > Use this perl script: > > -------- CUT ----------- > #!/usr/local/bin/perl > ($a, $b) = split(/[,\n\r ]+/,<>); > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > -------- CUT ----------- > > And reference it from your inetd.conf instead of the ident code. > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > From: alexus > > To: Bob Martin > > Cc: freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > su-2.05# sysctl net.inet.ip.forwarding > > net.inet.ip.forwarding: 1 > > su-2.05# ifconfig fxp0 > > fxp0: flags=8943 mtu 1500 > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > ether 00:60:94:a5:cb:44 > > media: autoselect (100baseTX ) status: active > > supported media: autoselect 100baseTX 100baseTX > > 10baseT/UTP 10baseT/UTP > > su-2.05# > > > > i've tryed to change netmask of second ip to .255 instead of .0 but it > > doesn't seems to help:( > > > > and i also checked my forwarding settings, it was already set to 1 > > > > ----- Original Message ----- > > From: "Bob Martin" > > To: "alexus" > > Sent: Sunday, July 22, 2001 5:42 PM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > alexus wrote: > > > > > > > > Hi > > > > > > > > I have 2 IPs on my box > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > alexus@~# ifconfig fxp0 > > > > fxp0: flags=8943 mtu > > 1500 > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 > > > > ether 00:60:94:a5:cb:44 > > > > media: autoselect (100baseTX ) status: active > > > > supported media: autoselect 100baseTX 100baseTX > > > > 10baseT/UTP 10baseT/UTP > > > > alexus@~# > > > > > > > > so looks like they up and running fine > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > oXyeTb.com ) everything seems to be in order > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I can't > > get on > > > > IRC at all.. some of IRC server tells me that my ident isn't installed > > even > > > > though it *is* installed and I'm being able to logon to same server from > > my > > > > first IP just fine > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > alexus@~# netstat -ta | grep auth > > > > tcp4 0 0 *.auth *.* > > LISTEN > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > auth 113/tcp ident tap #Authentication Service > > > > alexus@~# > > > > > > > > is there some special way I need to add any additional IPs or what am I > > > > doing wrong? > > > > > > > > thanks in advance > > > > > > > You need to change the netmask of the alias to 255.255.255.255, and make > > > sure that gateway is enabled. > > > > > > You can change the IP with ifconfig, and you can enable the gateway > > > with: > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > All of this is in the archives 8^) > > > > > > bob > > > -- > > > But in our enthusiasm, we could not resist a radical overhaul of the > > > system, in which all of its major weaknesses have been exposed, > > > analyzed, and replaced with new weaknesses. > > > -- Bruce Leverett, "Register Allocation in Optimizing Compilers" > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 22:24: 2 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id DA8E437B403 for ; Sun, 22 Jul 2001 22:23:52 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id XAA18781; Sun, 22 Jul 2001 23:22:31 -0600 (MDT) Date: Sun, 22 Jul 2001 23:22:31 -0600 (MDT) From: "Forrest W. Christian" To: alexus Cc: Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: <001901c11336$a24a3ae0$0100a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org No. Something else OTHER than ident is broken. Ident is working as designed. On Mon, 23 Jul 2001, alexus wrote: > Date: Mon, 23 Jul 2001 01:16:30 -0400 > From: alexus > To: Forrest W. Christian > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > could that be due to > > i have different broadcast? > > what broadcast do anyway? what is it for > > ----- Original Message ----- > From: "Forrest W. Christian" > To: "alexus" > Cc: "Bob Martin" ; > Sent: Monday, July 23, 2001 12:56 AM > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > Ident appears to be working on your box on both ports: > > > > -------------------TEST OUTPUT BEGIN > > mail# telnet 66.92.98.151 ident > > Trying 66.92.98.151... > > Connected to bigballz.com. > > Escape character is '^]'. > > ^] > > telnet> z > > > > Suspended > > mail# netstat -an | grep 66.92 > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > ESTABLISHED > > mail# fg > > telnet 66.92.98.151 ident > > 113,4183 > > 113 , 4183 : USERID : UNKNOWN : root > > Connection closed by foreign host. > > ------------------TEST OUTPUT END > > > > ------------------TEST OUTPUT BEGIN > > mail# telnet 66.92.98.145 ident > > Trying 66.92.98.145... > > Connected to oXyeTb.com. > > Escape character is '^]'. > > ^] > > telnet> z > > > > Suspended > > mail# netstat -an | grep 66.92 > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > ESTABLISHED > > mail# fg > > telnet 66.92.98.145 ident > > 113,4242 > > 113 , 4242 : USERID : UNKNOWN : root > > Connection closed by foreign host. > > ------------------TEST OUTPUT END > > > > I'd look elsewhere, however: > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > > information out about your system. > > > > Use this perl script: > > > > -------- CUT ----------- > > #!/usr/local/bin/perl > > ($a, $b) = split(/[,\n\r ]+/,<>); > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > -------- CUT ----------- > > > > And reference it from your inetd.conf instead of the ident code. > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > From: alexus > > > To: Bob Martin > > > Cc: freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > net.inet.ip.forwarding: 1 > > > su-2.05# ifconfig fxp0 > > > fxp0: flags=8943 mtu > 1500 > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > > ether 00:60:94:a5:cb:44 > > > media: autoselect (100baseTX ) status: active > > > supported media: autoselect 100baseTX 100baseTX > > > 10baseT/UTP 10baseT/UTP > > > su-2.05# > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 but it > > > doesn't seems to help:( > > > > > > and i also checked my forwarding settings, it was already set to 1 > > > > > > ----- Original Message ----- > > > From: "Bob Martin" > > > To: "alexus" > > > Sent: Sunday, July 22, 2001 5:42 PM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > alexus wrote: > > > > > > > > > > Hi > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > > alexus@~# ifconfig fxp0 > > > > > fxp0: flags=8943 mtu > > > 1500 > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > ether 00:60:94:a5:cb:44 > > > > > media: autoselect (100baseTX ) status: active > > > > > supported media: autoselect 100baseTX > 100baseTX > > > > > 10baseT/UTP 10baseT/UTP > > > > > alexus@~# > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > > oXyeTb.com ) everything seems to be in order > > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I > can't > > > get on > > > > > IRC at all.. some of IRC server tells me that my ident isn't > installed > > > even > > > > > though it *is* installed and I'm being able to logon to same server > from > > > my > > > > > first IP just fine > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > tcp4 0 0 *.auth *.* > > > LISTEN > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > auth 113/tcp ident tap #Authentication Service > > > > > alexus@~# > > > > > > > > > > is there some special way I need to add any additional IPs or what > am I > > > > > doing wrong? > > > > > > > > > > thanks in advance > > > > > > > > > You need to change the netmask of the alias to 255.255.255.255, and > make > > > > sure that gateway is enabled. > > > > > > > > You can change the IP with ifconfig, and you can enable the gateway > > > > with: > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > All of this is in the archives 8^) > > > > > > > > bob > > > > -- > > > > But in our enthusiasm, we could not resist a radical overhaul of the > > > > system, in which all of its major weaknesses have been exposed, > > > > analyzed, and replaced with new weaknesses. > > > > -- Bruce Leverett, "Register Allocation in Optimizing Compilers" > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 22:31:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 2BBF837B405 for ; Sun, 22 Jul 2001 22:31:31 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 61073 invoked from network); 23 Jul 2001 05:31:32 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 05:31:32 -0000 Message-ID: <000901c11339$0bd90480$0100a8c0@alexus> From: "alexus" To: "Forrest W. Christian" Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 01:33:45 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org su-2.05# ifconfig fxp0 fxp0: flags=8943 mtu 1500 inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 ether 00:60:94:a5:cb:44 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP su-2.05# i even changed my broadcast .. same *ahem* thing... ----- Original Message ----- From: "Forrest W. Christian" To: "alexus" Cc: "Bob Martin" ; Sent: Monday, July 23, 2001 1:22 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > No. Something else OTHER than ident is broken. > > Ident is working as designed. > > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > From: alexus > > To: Forrest W. Christian > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > could that be due to > > > > i have different broadcast? > > > > what broadcast do anyway? what is it for > > > > ----- Original Message ----- > > From: "Forrest W. Christian" > > To: "alexus" > > Cc: "Bob Martin" ; > > Sent: Monday, July 23, 2001 12:56 AM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > Ident appears to be working on your box on both ports: > > > > > > -------------------TEST OUTPUT BEGIN > > > mail# telnet 66.92.98.151 ident > > > Trying 66.92.98.151... > > > Connected to bigballz.com. > > > Escape character is '^]'. > > > ^] > > > telnet> z > > > > > > Suspended > > > mail# netstat -an | grep 66.92 > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > ESTABLISHED > > > mail# fg > > > telnet 66.92.98.151 ident > > > 113,4183 > > > 113 , 4183 : USERID : UNKNOWN : root > > > Connection closed by foreign host. > > > ------------------TEST OUTPUT END > > > > > > ------------------TEST OUTPUT BEGIN > > > mail# telnet 66.92.98.145 ident > > > Trying 66.92.98.145... > > > Connected to oXyeTb.com. > > > Escape character is '^]'. > > > ^] > > > telnet> z > > > > > > Suspended > > > mail# netstat -an | grep 66.92 > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > ESTABLISHED > > > mail# fg > > > telnet 66.92.98.145 ident > > > 113,4242 > > > 113 , 4242 : USERID : UNKNOWN : root > > > Connection closed by foreign host. > > > ------------------TEST OUTPUT END > > > > > > I'd look elsewhere, however: > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > > > information out about your system. > > > > > > Use this perl script: > > > > > > -------- CUT ----------- > > > #!/usr/local/bin/perl > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > -------- CUT ----------- > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > From: alexus > > > > To: Bob Martin > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > net.inet.ip.forwarding: 1 > > > > su-2.05# ifconfig fxp0 > > > > fxp0: flags=8943 mtu > > 1500 > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > > > ether 00:60:94:a5:cb:44 > > > > media: autoselect (100baseTX ) status: active > > > > supported media: autoselect 100baseTX 100baseTX > > > > 10baseT/UTP 10baseT/UTP > > > > su-2.05# > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 but it > > > > doesn't seems to help:( > > > > > > > > and i also checked my forwarding settings, it was already set to 1 > > > > > > > > ----- Original Message ----- > > > > From: "Bob Martin" > > > > To: "alexus" > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > Hi > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > > > alexus@~# ifconfig fxp0 > > > > > > fxp0: flags=8943 mtu > > > > 1500 > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > > ether 00:60:94:a5:cb:44 > > > > > > media: autoselect (100baseTX ) status: active > > > > > > supported media: autoselect 100baseTX > > 100baseTX > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > alexus@~# > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I > > can't > > > > get on > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > installed > > > > even > > > > > > though it *is* installed and I'm being able to logon to same server > > from > > > > my > > > > > > first IP just fine > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > tcp4 0 0 *.auth *.* > > > > LISTEN > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > auth 113/tcp ident tap #Authentication Service > > > > > > alexus@~# > > > > > > > > > > > > is there some special way I need to add any additional IPs or what > > am I > > > > > > doing wrong? > > > > > > > > > > > > thanks in advance > > > > > > > > > > > You need to change the netmask of the alias to 255.255.255.255, and > > make > > > > > sure that gateway is enabled. > > > > > > > > > > You can change the IP with ifconfig, and you can enable the gateway > > > > > with: > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > bob > > > > > -- > > > > > But in our enthusiasm, we could not resist a radical overhaul of the > > > > > system, in which all of its major weaknesses have been exposed, > > > > > analyzed, and replaced with new weaknesses. > > > > > -- Bruce Leverett, "Register Allocation in Optimizing Compilers" > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > ---------------------------------------------------------------------- > > > The Innovation Machine Ltd. P.O. Box 5749 > > > http://www.imach.com/ Helena, MT 59604 > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > ---------------------------------------------------------------------- > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 22:34:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id 2346B37B405 for ; Sun, 22 Jul 2001 22:34:34 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id XAA18814; Sun, 22 Jul 2001 23:33:13 -0600 (MDT) Date: Sun, 22 Jul 2001 23:33:13 -0600 (MDT) From: "Forrest W. Christian" To: alexus Cc: Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: <000901c11339$0bd90480$0100a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org What errors are you seeing on the IRC server? On Mon, 23 Jul 2001, alexus wrote: > Date: Mon, 23 Jul 2001 01:33:45 -0400 > From: alexus > To: Forrest W. Christian > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > su-2.05# ifconfig fxp0 > fxp0: flags=8943 mtu 1500 > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > ether 00:60:94:a5:cb:44 > media: autoselect (100baseTX ) status: active > supported media: autoselect 100baseTX 100baseTX > 10baseT/UTP 10baseT/UTP > su-2.05# > > i even changed my broadcast .. same *ahem* thing... > > ----- Original Message ----- > From: "Forrest W. Christian" > To: "alexus" > Cc: "Bob Martin" ; > Sent: Monday, July 23, 2001 1:22 AM > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > No. Something else OTHER than ident is broken. > > > > Ident is working as designed. > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > From: alexus > > > To: Forrest W. Christian > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > could that be due to > > > > > > i have different broadcast? > > > > > > what broadcast do anyway? what is it for > > > > > > ----- Original Message ----- > > > From: "Forrest W. Christian" > > > To: "alexus" > > > Cc: "Bob Martin" ; > > > Sent: Monday, July 23, 2001 12:56 AM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > mail# telnet 66.92.98.151 ident > > > > Trying 66.92.98.151... > > > > Connected to bigballz.com. > > > > Escape character is '^]'. > > > > ^] > > > > telnet> z > > > > > > > > Suspended > > > > mail# netstat -an | grep 66.92 > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > ESTABLISHED > > > > mail# fg > > > > telnet 66.92.98.151 ident > > > > 113,4183 > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > Connection closed by foreign host. > > > > ------------------TEST OUTPUT END > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > mail# telnet 66.92.98.145 ident > > > > Trying 66.92.98.145... > > > > Connected to oXyeTb.com. > > > > Escape character is '^]'. > > > > ^] > > > > telnet> z > > > > > > > > Suspended > > > > mail# netstat -an | grep 66.92 > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > ESTABLISHED > > > > mail# fg > > > > telnet 66.92.98.145 ident > > > > 113,4242 > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > Connection closed by foreign host. > > > > ------------------TEST OUTPUT END > > > > > > > > I'd look elsewhere, however: > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > > > > information out about your system. > > > > > > > > Use this perl script: > > > > > > > > -------- CUT ----------- > > > > #!/usr/local/bin/perl > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > -------- CUT ----------- > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > From: alexus > > > > > To: Bob Martin > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > net.inet.ip.forwarding: 1 > > > > > su-2.05# ifconfig fxp0 > > > > > fxp0: flags=8943 mtu > > > 1500 > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > > > > ether 00:60:94:a5:cb:44 > > > > > media: autoselect (100baseTX ) status: active > > > > > supported media: autoselect 100baseTX > 100baseTX > > > > > 10baseT/UTP 10baseT/UTP > > > > > su-2.05# > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 but > it > > > > > doesn't seems to help:( > > > > > > > > > > and i also checked my forwarding settings, it was already set to 1 > > > > > > > > > > ----- Original Message ----- > > > > > From: "Bob Martin" > > > > > To: "alexus" > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > fxp0: flags=8943 > mtu > > > > > 1500 > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > 66.92.98.255 > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > 66.92.98.255 > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > media: autoselect (100baseTX ) status: > active > > > > > > > supported media: autoselect 100baseTX > > > 100baseTX > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > alexus@~# > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I > > > can't > > > > > get on > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > installed > > > > > even > > > > > > > though it *is* installed and I'm being able to logon to same > server > > > from > > > > > my > > > > > > > first IP just fine > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > tcp4 0 0 *.auth *.* > > > > > LISTEN > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > auth 113/tcp ident tap #Authentication Service > > > > > > > alexus@~# > > > > > > > > > > > > > > is there some special way I need to add any additional IPs or > what > > > am I > > > > > > > doing wrong? > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > You need to change the netmask of the alias to 255.255.255.255, > and > > > make > > > > > > sure that gateway is enabled. > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > gateway > > > > > > with: > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > bob > > > > > > -- > > > > > > But in our enthusiasm, we could not resist a radical overhaul of > the > > > > > > system, in which all of its major weaknesses have been exposed, > > > > > > analyzed, and replaced with new weaknesses. > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > Compilers" > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > ---------------------------------------------------------------------- > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > http://www.imach.com/ Helena, MT 59604 > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > ---------------------------------------------------------------------- > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 23: 6:32 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id C8A7537B401 for ; Sun, 22 Jul 2001 23:06:18 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 61177 invoked from network); 23 Jul 2001 06:06:20 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 06:06:20 -0000 Message-ID: <000001c1133d$e8ccc030$0100a8c0@alexus> From: "alexus" To: "Forrest W. Christian" Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 01:47:32 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org well ... let's see ųíų Connecting to port 6667 of server irc.lightning.net [refnum 0] [lightning] *** Looking up your hostname... [lightning] *** Found your hostname, cached [lightning] *** Checking Ident [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) ųíų Closing Link: a1exus[alexus@255.255.255.255] (Banned) ųíų Connection closed from irc.lightning.net: Undefined error: 0 ----- Original Message ----- From: "Forrest W. Christian" To: "alexus" Cc: "Bob Martin" ; Sent: Monday, July 23, 2001 1:33 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > What errors are you seeing on the IRC server? > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > From: alexus > > To: Forrest W. Christian > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > su-2.05# ifconfig fxp0 > > fxp0: flags=8943 mtu 1500 > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > ether 00:60:94:a5:cb:44 > > media: autoselect (100baseTX ) status: active > > supported media: autoselect 100baseTX 100baseTX > > 10baseT/UTP 10baseT/UTP > > su-2.05# > > > > i even changed my broadcast .. same *ahem* thing... > > > > ----- Original Message ----- > > From: "Forrest W. Christian" > > To: "alexus" > > Cc: "Bob Martin" ; > > Sent: Monday, July 23, 2001 1:22 AM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > No. Something else OTHER than ident is broken. > > > > > > Ident is working as designed. > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > From: alexus > > > > To: Forrest W. Christian > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > could that be due to > > > > > > > > i have different broadcast? > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > ----- Original Message ----- > > > > From: "Forrest W. Christian" > > > > To: "alexus" > > > > Cc: "Bob Martin" ; > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > mail# telnet 66.92.98.151 ident > > > > > Trying 66.92.98.151... > > > > > Connected to bigballz.com. > > > > > Escape character is '^]'. > > > > > ^] > > > > > telnet> z > > > > > > > > > > Suspended > > > > > mail# netstat -an | grep 66.92 > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > ESTABLISHED > > > > > mail# fg > > > > > telnet 66.92.98.151 ident > > > > > 113,4183 > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > Connection closed by foreign host. > > > > > ------------------TEST OUTPUT END > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > mail# telnet 66.92.98.145 ident > > > > > Trying 66.92.98.145... > > > > > Connected to oXyeTb.com. > > > > > Escape character is '^]'. > > > > > ^] > > > > > telnet> z > > > > > > > > > > Suspended > > > > > mail# netstat -an | grep 66.92 > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > ESTABLISHED > > > > > mail# fg > > > > > telnet 66.92.98.145 ident > > > > > 113,4242 > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > Connection closed by foreign host. > > > > > ------------------TEST OUTPUT END > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > > > > > information out about your system. > > > > > > > > > > Use this perl script: > > > > > > > > > > -------- CUT ----------- > > > > > #!/usr/local/bin/perl > > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > -------- CUT ----------- > > > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > From: alexus > > > > > > To: Bob Martin > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > net.inet.ip.forwarding: 1 > > > > > > su-2.05# ifconfig fxp0 > > > > > > fxp0: flags=8943 mtu > > > > 1500 > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > > > > > ether 00:60:94:a5:cb:44 > > > > > > media: autoselect (100baseTX ) status: active > > > > > > supported media: autoselect 100baseTX > > 100baseTX > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > su-2.05# > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 but > > it > > > > > > doesn't seems to help:( > > > > > > > > > > > > and i also checked my forwarding settings, it was already set to 1 > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Bob Martin" > > > > > > To: "alexus" > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > fxp0: flags=8943 > > mtu > > > > > > 1500 > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > media: autoselect (100baseTX ) status: > > active > > > > > > > > supported media: autoselect 100baseTX > > > > 100baseTX > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I > > > > can't > > > > > > get on > > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > > installed > > > > > > even > > > > > > > > though it *is* installed and I'm being able to logon to same > > server > > > > from > > > > > > my > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > LISTEN > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > auth 113/tcp ident tap #Authentication Service > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > is there some special way I need to add any additional IPs or > > what > > > > am I > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > You need to change the netmask of the alias to 255.255.255.255, > > and > > > > make > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > gateway > > > > > > > with: > > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > bob > > > > > > > -- > > > > > > > But in our enthusiasm, we could not resist a radical overhaul of > > the > > > > > > > system, in which all of its major weaknesses have been exposed, > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > ---------------------------------------------------------------------- > > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > > http://www.imach.com/ Helena, MT 59604 > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > > ---------------------------------------------------------------------- > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > ---------------------------------------------------------------------- > > > The Innovation Machine Ltd. P.O. Box 5749 > > > http://www.imach.com/ Helena, MT 59604 > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > ---------------------------------------------------------------------- > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jul 22 23: 7: 2 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 300F137B406 for ; Sun, 22 Jul 2001 23:06:50 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 61203 invoked from network); 23 Jul 2001 06:06:52 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 06:06:52 -0000 Message-ID: <000c01c1133d$fbb5c110$0100a8c0@alexus> From: "alexus" To: "Forrest W. Christian" Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 02:09:07 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2479.0006 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org well ... let's see ųíų Connecting to port 6667 of server irc.lightning.net [refnum 0] [lightning] *** Looking up your hostname... [lightning] *** Found your hostname, cached [lightning] *** Checking Ident [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) ųíų Closing Link: a1exus[alexus@255.255.255.255] (Banned) ųíų Connection closed from irc.lightning.net: Undefined error: 0 ----- Original Message ----- From: "Forrest W. Christian" To: "alexus" Cc: "Bob Martin" ; Sent: Monday, July 23, 2001 1:33 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > What errors are you seeing on the IRC server? > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > From: alexus > > To: Forrest W. Christian > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > su-2.05# ifconfig fxp0 > > fxp0: flags=8943 mtu 1500 > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > ether 00:60:94:a5:cb:44 > > media: autoselect (100baseTX ) status: active > > supported media: autoselect 100baseTX 100baseTX > > 10baseT/UTP 10baseT/UTP > > su-2.05# > > > > i even changed my broadcast .. same *ahem* thing... > > > > ----- Original Message ----- > > From: "Forrest W. Christian" > > To: "alexus" > > Cc: "Bob Martin" ; > > Sent: Monday, July 23, 2001 1:22 AM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > No. Something else OTHER than ident is broken. > > > > > > Ident is working as designed. > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > From: alexus > > > > To: Forrest W. Christian > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > could that be due to > > > > > > > > i have different broadcast? > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > ----- Original Message ----- > > > > From: "Forrest W. Christian" > > > > To: "alexus" > > > > Cc: "Bob Martin" ; > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > mail# telnet 66.92.98.151 ident > > > > > Trying 66.92.98.151... > > > > > Connected to bigballz.com. > > > > > Escape character is '^]'. > > > > > ^] > > > > > telnet> z > > > > > > > > > > Suspended > > > > > mail# netstat -an | grep 66.92 > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > ESTABLISHED > > > > > mail# fg > > > > > telnet 66.92.98.151 ident > > > > > 113,4183 > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > Connection closed by foreign host. > > > > > ------------------TEST OUTPUT END > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > mail# telnet 66.92.98.145 ident > > > > > Trying 66.92.98.145... > > > > > Connected to oXyeTb.com. > > > > > Escape character is '^]'. > > > > > ^] > > > > > telnet> z > > > > > > > > > > Suspended > > > > > mail# netstat -an | grep 66.92 > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > ESTABLISHED > > > > > mail# fg > > > > > telnet 66.92.98.145 ident > > > > > 113,4242 > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > Connection closed by foreign host. > > > > > ------------------TEST OUTPUT END > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot less > > > > > information out about your system. > > > > > > > > > > Use this perl script: > > > > > > > > > > -------- CUT ----------- > > > > > #!/usr/local/bin/perl > > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > -------- CUT ----------- > > > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > From: alexus > > > > > > To: Bob Martin > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > net.inet.ip.forwarding: 1 > > > > > > su-2.05# ifconfig fxp0 > > > > > > fxp0: flags=8943 mtu > > > > 1500 > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.151 > > > > > > ether 00:60:94:a5:cb:44 > > > > > > media: autoselect (100baseTX ) status: active > > > > > > supported media: autoselect 100baseTX > > 100baseTX > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > su-2.05# > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 but > > it > > > > > > doesn't seems to help:( > > > > > > > > > > > > and i also checked my forwarding settings, it was already set to 1 > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Bob Martin" > > > > > > To: "alexus" > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( bigballz.com ) > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask 255.255.255.0" > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > fxp0: flags=8943 > > mtu > > > > > > 1500 > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > media: autoselect (100baseTX ) status: > > active > > > > > > > > supported media: autoselect 100baseTX > > > > 100baseTX > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP .145 ( > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > whenever I'm trying to use my second IP .151 ( bigballz.com ) I > > > > can't > > > > > > get on > > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > > installed > > > > > > even > > > > > > > > though it *is* installed and I'm being able to logon to same > > server > > > > from > > > > > > my > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > LISTEN > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > auth 113/tcp ident tap #Authentication Service > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > is there some special way I need to add any additional IPs or > > what > > > > am I > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > You need to change the netmask of the alias to 255.255.255.255, > > and > > > > make > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > gateway > > > > > > > with: > > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > bob > > > > > > > -- > > > > > > > But in our enthusiasm, we could not resist a radical overhaul of > > the > > > > > > > system, in which all of its major weaknesses have been exposed, > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > ---------------------------------------------------------------------- > > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > > http://www.imach.com/ Helena, MT 59604 > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > > ---------------------------------------------------------------------- > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > ---------------------------------------------------------------------- > > > The Innovation Machine Ltd. P.O. Box 5749 > > > http://www.imach.com/ Helena, MT 59604 > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > ---------------------------------------------------------------------- > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 7:48:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id AB8BA37B403 for ; Mon, 23 Jul 2001 07:48:23 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id IAA19580; Mon, 23 Jul 2001 08:47:01 -0600 (MDT) Date: Mon, 23 Jul 2001 08:47:01 -0600 (MDT) From: "Forrest W. Christian" To: alexus Cc: Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: <000001c1133d$e8ccc030$0100a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Try a different irc server, or try a different ident server (like the warm-fuzzy perl script I gave you). On Mon, 23 Jul 2001, alexus wrote: > Date: Mon, 23 Jul 2001 01:47:32 -0400 > From: alexus > To: Forrest W. Christian > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC >=20 > well ... let's see >=20 > =F9=ED=F9 Connecting to port 6667 of server irc.lightning.net [refnum 0] > [lightning] *** Looking up your hostname... > [lightning] *** Found your hostname, cached > [lightning] *** Checking Ident > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > =F9=ED=F9 Closing Link: a1exus[alexus@255.255.255.255] (Banned) > =F9=ED=F9 Connection closed from irc.lightning.net: Undefined error: 0 >=20 > ----- Original Message ----- > From: "Forrest W. Christian" > To: "alexus" > Cc: "Bob Martin" ; > Sent: Monday, July 23, 2001 1:33 AM > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC >=20 >=20 > > What errors are you seeing on the IRC server? > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > From: alexus > > > To: Forrest W. Christian > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > su-2.05# ifconfig fxp0 > > > fxp0: flags=3D8943 mt= u > 1500 > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > > ether 00:60:94:a5:cb:44 > > > media: autoselect (100baseTX ) status: active > > > supported media: autoselect 100baseTX 100baseTX > > > 10baseT/UTP 10baseT/UTP > > > su-2.05# > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > ----- Original Message ----- > > > From: "Forrest W. Christian" > > > To: "alexus" > > > Cc: "Bob Martin" ; > > > Sent: Monday, July 23, 2001 1:22 AM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > Ident is working as designed. > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > From: alexus > > > > > To: Forrest W. Christian > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > could that be due to > > > > > > > > > > i have different broadcast? > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > ----- Original Message ----- > > > > > From: "Forrest W. Christian" > > > > > To: "alexus" > > > > > Cc: "Bob Martin" ; > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > mail# telnet 66.92.98.151 ident > > > > > > Trying 66.92.98.151... > > > > > > Connected to bigballz.com. > > > > > > Escape character is '^]'. > > > > > > ^] > > > > > > telnet> z > > > > > > > > > > > > Suspended > > > > > > mail# netstat -an | grep 66.92 > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > > ESTABLISHED > > > > > > mail# fg > > > > > > telnet 66.92.98.151 ident > > > > > > 113,4183 > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > Connection closed by foreign host. > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > mail# telnet 66.92.98.145 ident > > > > > > Trying 66.92.98.145... > > > > > > Connected to oXyeTb.com. > > > > > > Escape character is '^]'. > > > > > > ^] > > > > > > telnet> z > > > > > > > > > > > > Suspended > > > > > > mail# netstat -an | grep 66.92 > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > > ESTABLISHED > > > > > > mail# fg > > > > > > telnet 66.92.98.145 ident > > > > > > 113,4242 > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > Connection closed by foreign host. > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lo= t > less > > > > > > information out about your system. > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > -------- CUT ----------- > > > > > > #!/usr/local/bin/perl > > > > > > ($a, $b) =3D split(/[,\n\r ]+/,<>); > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > -------- CUT ----------- > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident code= =2E > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > From: alexus > > > > > > > To: Bob Martin > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > fxp0: flags=3D8943 > mtu > > > > > 1500 > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > 66.92.98.255 > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > 66.92.98.151 > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > media: autoselect (100baseTX ) status: > active > > > > > > > supported media: autoselect 100baseTX > > > 100baseTX > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > su-2.05# > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of = =2E0 > but > > > it > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already set= to > 1 > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Bob Martin" > > > > > > > To: "alexus" > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > bigballz.com ) > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > ifconfig_fxp0=3D"inet 66.92.98.145 netmask 255.255.255.0= " > > > > > > > > > ifconfig_fxp0_alias0=3D"inet 66.92.98.151 netmask > 255.255.255.0" > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > fxp0: > flags=3D8943 > > > mtu > > > > > > > 1500 > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > media: autoselect (100baseTX ) statu= s: > > > active > > > > > > > > > supported media: autoselect 100baseTX > > > > > 100baseTX > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP > .145 ( > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > whenever I'm trying to use my second IP .151 ( > bigballz.com ) I > > > > > can't > > > > > > > get on > > > > > > > > > IRC at all.. some of IRC server tells me that my ident is= n't > > > > > installed > > > > > > > even > > > > > > > > > though it *is* installed and I'm being able to logon to s= ame > > > server > > > > > from > > > > > > > my > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > LISTEN > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > auth 113/tcp ident tap #Authentication > Service > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > is there some special way I need to add any additional IP= s > or > > > what > > > > > am I > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > 255.255.255.255, > > > and > > > > > make > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > > gateway > > > > > > > > with: > > > > > > > > sysctl -w net.inet.ip.forwarding=3D1 > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > bob > > > > > > > > -- > > > > > > > > But in our enthusiasm, we could not resist a radical overha= ul > of > > > the > > > > > > > > system, in which all of its major weaknesses have been > exposed, > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > ---------------------------------------------------------------------- > > > > > > The Innovation Machine Ltd. P.O. B= ox > 5749 > > > > > > http://www.imach.com/ Helena, MT > 59604 > > > > > > Home of PacketFlux Technogies and BackupDNS.com > (406)-442-6648 > > > > > > > ---------------------------------------------------------------------- > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > -------------------------------------------------------------------= --- > > > > The Innovation Machine Ltd. P.O. Box 5= 749 > > > > http://www.imach.com/ Helena, MT 59= 604 > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6= 648 > > > > -------------------------------------------------------------------= --- > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > >=20 - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 7:56:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from asbestos.wolf (nat211.145.mpoweredpc.net [142.177.211.145]) by hub.freebsd.org (Postfix) with ESMTP id C686C37B406 for ; Mon, 23 Jul 2001 07:56:17 -0700 (PDT) (envelope-from jeff@tht.net) Received: from localhost (bignose@localhost) by asbestos.wolf (8.11.3/8.11.3) with ESMTP id f6NEuAt02678; Mon, 23 Jul 2001 11:56:11 -0300 (ADT) (envelope-from jeff@tht.net) X-Authentication-Warning: asbestos.tsunamicreek.com: bignose owned process doing -bs Date: Mon, 23 Jul 2001 11:56:09 -0300 (ADT) From: X-X-Sender: Reply-To: To: "Forrest W. Christian" Cc: alexus , Bob Martin , Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: Message-ID: <20010723115334.A300-100000@asbestos.wolf> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Ok, i'm not sure i understand the entire shceme, but from the mumbo below, i assume that one machine is behind a natd firewall ? that means that when you try to connect from the inner machine the irc server is trying to get inetd info from your firewall. your firewall doesn't pass this request on. so what you want to do is install an inetd that will basically respond to anything i use "lie inetd" or - linetd . it cured this problem for me. jeff On Mon, 23 Jul 2001, Forrest W. Christian wrote: > Try a different irc server, or try a different ident server (like the > warm-fuzzy perl script I gave you). > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 01:47:32 -0400 > > From: alexus > > To: Forrest W. Christian > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > well ... let's see > > > > =F9=ED=F9 Connecting to port 6667 of server irc.lightning.net [refnum 0= ] > > [lightning] *** Looking up your hostname... > > [lightning] *** Found your hostname, cached > > [lightning] *** Checking Ident > > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > > =F9=ED=F9 Closing Link: a1exus[alexus@255.255.255.255] (Banned) > > =F9=ED=F9 Connection closed from irc.lightning.net: Undefined error: 0 > > > > ----- Original Message ----- > > From: "Forrest W. Christian" > > To: "alexus" > > Cc: "Bob Martin" ; > > Sent: Monday, July 23, 2001 1:33 AM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > What errors are you seeing on the IRC server? > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > > From: alexus > > > > To: Forrest W. Christian > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > su-2.05# ifconfig fxp0 > > > > fxp0: flags=3D8943 = mtu > > 1500 > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > > > ether 00:60:94:a5:cb:44 > > > > media: autoselect (100baseTX ) status: active > > > > supported media: autoselect 100baseTX 100base= TX > > > > 10baseT/UTP 10baseT/UTP > > > > su-2.05# > > > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > > > ----- Original Message ----- > > > > From: "Forrest W. Christian" > > > > To: "alexus" > > > > Cc: "Bob Martin" ; > > > > Sent: Monday, July 23, 2001 1:22 AM > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > > > Ident is working as designed. > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > > From: alexus > > > > > > To: Forrest W. Christian > > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > could that be due to > > > > > > > > > > > > i have different broadcast? > > > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Forrest W. Christian" > > > > > > To: "alexus" > > > > > > Cc: "Bob Martin" ; > > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > > mail# telnet 66.92.98.151 ident > > > > > > > Trying 66.92.98.151... > > > > > > > Connected to bigballz.com. > > > > > > > Escape character is '^]'. > > > > > > > ^] > > > > > > > telnet> z > > > > > > > > > > > > > > Suspended > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > > > ESTABLISHED > > > > > > > mail# fg > > > > > > > telnet 66.92.98.151 ident > > > > > > > 113,4183 > > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > > Connection closed by foreign host. > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > > mail# telnet 66.92.98.145 ident > > > > > > > Trying 66.92.98.145... > > > > > > > Connected to oXyeTb.com. > > > > > > > Escape character is '^]'. > > > > > > > ^] > > > > > > > telnet> z > > > > > > > > > > > > > > Suspended > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > > > ESTABLISHED > > > > > > > mail# fg > > > > > > > telnet 66.92.98.145 ident > > > > > > > 113,4242 > > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > > Connection closed by foreign host. > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a = lot > > less > > > > > > > information out about your system. > > > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > > > -------- CUT ----------- > > > > > > > #!/usr/local/bin/perl > > > > > > > ($a, $b) =3D split(/[,\n\r ]+/,<>); > > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > > -------- CUT ----------- > > > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident co= de. > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > > From: alexus > > > > > > > > To: Bob Martin > > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > > fxp0: flags=3D8943 > > mtu > > > > > > 1500 > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > > 66.92.98.151 > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > media: autoselect (100baseTX ) status: > > active > > > > > > > > supported media: autoselect 100baseTX > > > > 100baseTX > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > su-2.05# > > > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead o= f .0 > > but > > > > it > > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already s= et to > > 1 > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > From: "Bob Martin" > > > > > > > > To: "alexus" > > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > > bigballz.com ) > > > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > > ifconfig_fxp0=3D"inet 66.92.98.145 netmask 255.255.255= =2E0" > > > > > > > > > > ifconfig_fxp0_alias0=3D"inet 66.92.98.151 netmask > > 255.255.255.0" > > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > > fxp0: > > flags=3D8943 > > > > mtu > > > > > > > > 1500 > > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > > 66.92.98.255 > > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > > > 66.92.98.255 > > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > > media: autoselect (100baseTX ) sta= tus: > > > > active > > > > > > > > > > supported media: autoselect 100baseTX > > > > > > 100baseTX > > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary = IP > > .145 ( > > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > > whenever I'm trying to use my second IP .151 ( > > bigballz.com ) I > > > > > > can't > > > > > > > > get on > > > > > > > > > > IRC at all.. some of IRC server tells me that my ident = isn't > > > > > > installed > > > > > > > > even > > > > > > > > > > though it *is* installed and I'm being able to logon to= same > > > > server > > > > > > from > > > > > > > > my > > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > > LISTEN > > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > > auth 113/tcp ident tap #Authentication > > Service > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > is there some special way I need to add any additional = IPs > > or > > > > what > > > > > > am I > > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > > 255.255.255.255, > > > > and > > > > > > make > > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable t= he > > > > gateway > > > > > > > > > with: > > > > > > > > > sysctl -w net.inet.ip.forwarding=3D1 > > > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > > > bob > > > > > > > > > -- > > > > > > > > > But in our enthusiasm, we could not resist a radical over= haul > > of > > > > the > > > > > > > > > system, in which all of its major weaknesses have been > > exposed, > > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > > > ---------------------------------------------------------------------= - > > > > > > > The Innovation Machine Ltd. P.O.= Box > > 5749 > > > > > > > http://www.imach.com/ Helena, = MT > > 59604 > > > > > > > Home of PacketFlux Technogies and BackupDNS.com > > (406)-442-6648 > > > > > > > > > ---------------------------------------------------------------------= - > > > > > > > Protect your personal freedoms - visit http://www.lp.or= g/ > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > -----------------------------------------------------------------= ----- > > > > > The Innovation Machine Ltd. P.O. Box= 5749 > > > > > http://www.imach.com/ Helena, MT = 59604 > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442= -6648 > > > > > -----------------------------------------------------------------= ----- > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > ---------------------------------------------------------------------= - > > > The Innovation Machine Ltd. P.O. Box 574= 9 > > > http://www.imach.com/ Helena, MT 5960= 4 > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-664= 8 > > > ---------------------------------------------------------------------= - > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 8: 9: 8 2001 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.iMach.com (workhorse.iMach.com [206.127.77.89]) by hub.freebsd.org (Postfix) with ESMTP id 9C0B337B407 for ; Mon, 23 Jul 2001 08:08:53 -0700 (PDT) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.iMach.com (8.9.3/8.9.3) with ESMTP id JAA19748; Mon, 23 Jul 2001 09:07:26 -0600 (MDT) Date: Mon, 23 Jul 2001 09:07:26 -0600 (MDT) From: "Forrest W. Christian" To: jeff@tht.net Cc: alexus , Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC In-Reply-To: <20010723115334.A300-100000@asbestos.wolf> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Jeff, I have tested both his IDENT ports from here and they are working just fine. I'm not sure why the IRC server is yelping. I suspect either it doesn't like something subtle about the ident response or it is giving a bogus error message, and is really throwing him off because of some other reason. Thus my two recommendations below (try a different identd, connect to a different server) On Mon, 23 Jul 2001 jeff@tht.net wrote: > Date: Mon, 23 Jul 2001 11:56:09 -0300 (ADT) > From: jeff@tht.net > To: Forrest W. Christian > Cc: alexus , Bob Martin , > freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC >=20 > Hi, >=20 > Ok, i'm not sure i understand the entire shceme, but from > the mumbo below, i assume that one machine is behind a natd > firewall ? >=20 > that means that when you try to connect from the inner machine > the irc server is trying to get inetd info from your firewall. >=20 > your firewall doesn't pass this request on. so what you want > to do is install an inetd that will basically respond to anything >=20 > i use "lie inetd" or - linetd . it cured this problem for me. >=20 > jeff >=20 >=20 > On Mon, 23 Jul 2001, Forrest W. Christian wrote: >=20 > > Try a different irc server, or try a different ident server (like the > > warm-fuzzy perl script I gave you). > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 01:47:32 -0400 > > > From: alexus > > > To: Forrest W. Christian > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > well ... let's see > > > > > > =F9=ED=F9 Connecting to port 6667 of server irc.lightning.net [refnum= 0] > > > [lightning] *** Looking up your hostname... > > > [lightning] *** Found your hostname, cached > > > [lightning] *** Checking Ident > > > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > > > =F9=ED=F9 Closing Link: a1exus[alexus@255.255.255.255] (Banned) > > > =F9=ED=F9 Connection closed from irc.lightning.net: Undefined error: = 0 > > > > > > ----- Original Message ----- > > > From: "Forrest W. Christian" > > > To: "alexus" > > > Cc: "Bob Martin" ; > > > Sent: Monday, July 23, 2001 1:33 AM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > What errors are you seeing on the IRC server? > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > > > From: alexus > > > > > To: Forrest W. Christian > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > su-2.05# ifconfig fxp0 > > > > > fxp0: flags=3D8943 mtu > > > 1500 > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.2= 55 > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.2= 55 > > > > > ether 00:60:94:a5:cb:44 > > > > > media: autoselect (100baseTX ) status: activ= e > > > > > supported media: autoselect 100baseTX 100ba= seTX > > > > > 10baseT/UTP 10baseT/UTP > > > > > su-2.05# > > > > > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > > > > > ----- Original Message ----- > > > > > From: "Forrest W. Christian" > > > > > To: "alexus" > > > > > Cc: "Bob Martin" ; > > > > > Sent: Monday, July 23, 2001 1:22 AM > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > > > > > Ident is working as designed. > > > > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > > > From: alexus > > > > > > > To: Forrest W. Christian > > > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > could that be due to > > > > > > > > > > > > > > i have different broadcast? > > > > > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Forrest W. Christian" > > > > > > > To: "alexus" > > > > > > > Cc: "Bob Martin" ; > > > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > > > mail# telnet 66.92.98.151 ident > > > > > > > > Trying 66.92.98.151... > > > > > > > > Connected to bigballz.com. > > > > > > > > Escape character is '^]'. > > > > > > > > ^] > > > > > > > > telnet> z > > > > > > > > > > > > > > > > Suspended > > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.11= 3 > > > > > > > > ESTABLISHED > > > > > > > > mail# fg > > > > > > > > telnet 66.92.98.151 ident > > > > > > > > 113,4183 > > > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > > > Connection closed by foreign host. > > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > > > mail# telnet 66.92.98.145 ident > > > > > > > > Trying 66.92.98.145... > > > > > > > > Connected to oXyeTb.com. > > > > > > > > Escape character is '^]'. > > > > > > > > ^] > > > > > > > > telnet> z > > > > > > > > > > > > > > > > Suspended > > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.11= 3 > > > > > > > > ESTABLISHED > > > > > > > > mail# fg > > > > > > > > telnet 66.92.98.145 ident > > > > > > > > 113,4242 > > > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > > > Connection closed by foreign host. > > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets = a lot > > > less > > > > > > > > information out about your system. > > > > > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > > > > > -------- CUT ----------- > > > > > > > > #!/usr/local/bin/perl > > > > > > > > ($a, $b) =3D split(/[,\n\r ]+/,<>); > > > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > > > -------- CUT ----------- > > > > > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident = code. > > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > > > From: alexus > > > > > > > > > To: Bob Martin > > > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > > > fxp0: flags=3D8943 > > > mtu > > > > > > > 1500 > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > > > 66.92.98.151 > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > media: autoselect (100baseTX ) statu= s: > > > active > > > > > > > > > supported media: autoselect 100baseTX > > > > > 100baseTX > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > su-2.05# > > > > > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead= of .0 > > > but > > > > > it > > > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already= set to > > > 1 > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > From: "Bob Martin" > > > > > > > > > To: "alexus" > > > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > > > bigballz.com ) > > > > > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > > > ifconfig_fxp0=3D"inet 66.92.98.145 netmask 255.255.2= 55.0" > > > > > > > > > > > ifconfig_fxp0_alias0=3D"inet 66.92.98.151 netmask > > > 255.255.255.0" > > > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > > > fxp0: > > > flags=3D8943 > > > > > mtu > > > > > > > > > 1500 > > > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcas= t > > > > > 66.92.98.255 > > > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcas= t > > > > > 66.92.98.255 > > > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > > > media: autoselect (100baseTX ) s= tatus: > > > > > active > > > > > > > > > > > supported media: autoselect 100baseTX > > > > > > > 100baseTX > > > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primar= y IP > > > .145 ( > > > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > > > whenever I'm trying to use my second IP .151 ( > > > bigballz.com ) I > > > > > > > can't > > > > > > > > > get on > > > > > > > > > > > IRC at all.. some of IRC server tells me that my iden= t isn't > > > > > > > installed > > > > > > > > > even > > > > > > > > > > > though it *is* installed and I'm being able to logon = to same > > > > > server > > > > > > > from > > > > > > > > > my > > > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) runni= ng > > > > > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > > > LISTEN > > > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > > > auth 113/tcp ident tap #Authenticati= on > > > Service > > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > > > is there some special way I need to add any additiona= l IPs > > > or > > > > > what > > > > > > > am I > > > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > > > 255.255.255.255, > > > > > and > > > > > > > make > > > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable= the > > > > > gateway > > > > > > > > > > with: > > > > > > > > > > sysctl -w net.inet.ip.forwarding=3D1 > > > > > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > > > > > bob > > > > > > > > > > -- > > > > > > > > > > But in our enthusiasm, we could not resist a radical ov= erhaul > > > of > > > > > the > > > > > > > > > > system, in which all of its major weaknesses have been > > > exposed, > > > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizi= ng > > > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > > > > > -------------------------------------------------------------------= --- > > > > > > > > The Innovation Machine Ltd. P.= O. Box > > > 5749 > > > > > > > > http://www.imach.com/ Helena= , MT > > > 59604 > > > > > > > > Home of PacketFlux Technogies and BackupDNS.com > > > (406)-442-6648 > > > > > > > > > > > -------------------------------------------------------------------= --- > > > > > > > > Protect your personal freedoms - visit http://www.lp.= org/ > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > ---------------------------------------------------------------= ------- > > > > > > The Innovation Machine Ltd. P.O. B= ox 5749 > > > > > > http://www.imach.com/ Helena, MT= 59604 > > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-4= 42-6648 > > > > > > ---------------------------------------------------------------= ------- > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > -------------------------------------------------------------------= --- > > > > The Innovation Machine Ltd. P.O. Box 5= 749 > > > > http://www.imach.com/ Helena, MT 59= 604 > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6= 648 > > > > -------------------------------------------------------------------= --- > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message >=20 - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 9: 3:23 2001 Delivered-To: freebsd-isp@freebsd.org Received: from trinity.magpage.com (trinity.magpage.com [216.155.0.8]) by hub.freebsd.org (Postfix) with ESMTP id E9E4C37B406 for ; Mon, 23 Jul 2001 09:03:12 -0700 (PDT) (envelope-from dfrazier@magpage.com) Received: from magpage.com (dfrazier@poomba.magpage.com [216.155.24.136]) by trinity.magpage.com (8.11.3/8.11.3) with ESMTP id f6NG32U05460; Mon, 23 Jul 2001 12:03:02 -0400 (EDT) Message-ID: <3B5C4AB5.1080102@magpage.com> Date: Mon, 23 Jul 2001 12:03:01 -0400 From: Daniel Frazier User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010702 X-Accept-Language: en-us MIME-Version: 1.0 To: Paul Robinson Cc: Peter Brezny , freebsd-isp@FreeBSD.ORG Subject: Re: increasing amount of ram, what to do about /swap? References: <20010719210227.C34395@jake.akitanet.co.uk> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-RRT-Status: UNKNOWN Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Paul Robinson wrote: > > To be honest, in my experience, FBSD hardly ever touches swap, and that is a > Good Thing(tm). The "double the size of RAM" is really a Linux rule of > thumb, and trust me, Linux uses swap all the time. > heh, just the other day a co-worker asked me why I always made swap double the size of RAM and the only answer I had was "I've always done it that way." I knew there had to be a better explanation, and within a few minutes of searching www.freebsd.org I found this... quoted from: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-initial.html "The kernel's VM paging algorithms are tuned to perform best when the swap partition is at least two times the size of main memory. Configuring too little swap can lead to inefficiencies in the VM page scanning code as well as create issues later on if you add more memory to your machine." sounds like a good enough reason to stick the the swap=2xRAM rule to me... -- ---------------------------------------------------------------------- Daniel Frazier Tel: 302-239-5900 Ext. 231 Systems Administrator Fax: 302-239-3909 MAGPAGE, We Power the Internet WWW: http://www.magpage.com/ "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, Historical Review of Pennsylvania, 1759. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 9:10:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.cableaz.com (mail.cableaz.com [63.241.154.20]) by hub.freebsd.org (Postfix) with ESMTP id 0E5DF37B405 for ; Mon, 23 Jul 2001 09:10:54 -0700 (PDT) (envelope-from jeremy@cableaz.com) Received: from caz ([63.241.150.19]) by mail.cableaz.com (Build 101 8.9.3/NT-8.9.3) with SMTP id JAA00032 for ; Mon, 23 Jul 2001 09:09:22 -0700 Message-ID: <000901c11391$9e8e5c00$1396f13f@caz> From: "Jeremy Buckner" To: Subject: TFTP Date: Mon, 23 Jul 2001 09:07:48 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I currently have a 4.2 box configured to run the built-in tftp that it comes with. The box itself is not that powerful so I am building a new one. This box needs to be able to answer as much as 2000 tftp queries at one time, without the service "looping" and terminating. How do I stop that? Also, should I use the tftp that it comes with or is there a more robust one? By the way, this is for cable modem applications if that matters... Thanks, Jeremy Buckner IT Admin CableAmerica To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 9:44:14 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 7DF5637B406 for ; Mon, 23 Jul 2001 09:43:12 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 64494 invoked from network); 23 Jul 2001 16:43:14 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 16:43:14 -0000 Message-ID: <003901c11396$8b4b3af0$0d00a8c0@alexus> From: "alexus" To: "Forrest W. Christian" Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 12:43:04 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org different irc server... they all comes to this... another thing is when i finnaly got on irc (apparantly i got on irc server that doesn't check for ident) it showd to me that my host is oXyeTb.com instead of bigballz.com there for.. it trying to use 2nd ip but somehow it roll over to first in addition to that due to some ip issue ident didn't respond correctly ----- Original Message ----- From: "Forrest W. Christian" To: "alexus" Cc: "Bob Martin" ; Sent: Monday, July 23, 2001 10:47 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Try a different irc server, or try a different ident server (like the warm-fuzzy perl script I gave you). On Mon, 23 Jul 2001, alexus wrote: > Date: Mon, 23 Jul 2001 01:47:32 -0400 > From: alexus > To: Forrest W. Christian > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > well ... let's see > > ųíų Connecting to port 6667 of server irc.lightning.net [refnum 0] > [lightning] *** Looking up your hostname... > [lightning] *** Found your hostname, cached > [lightning] *** Checking Ident > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > ųíų Closing Link: a1exus[alexus@255.255.255.255] (Banned) > ųíų Connection closed from irc.lightning.net: Undefined error: 0 > > ----- Original Message ----- > From: "Forrest W. Christian" > To: "alexus" > Cc: "Bob Martin" ; > Sent: Monday, July 23, 2001 1:33 AM > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > What errors are you seeing on the IRC server? > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > From: alexus > > > To: Forrest W. Christian > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > su-2.05# ifconfig fxp0 > > > fxp0: flags=8943 mtu > 1500 > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > > ether 00:60:94:a5:cb:44 > > > media: autoselect (100baseTX ) status: active > > > supported media: autoselect 100baseTX 100baseTX > > > 10baseT/UTP 10baseT/UTP > > > su-2.05# > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > ----- Original Message ----- > > > From: "Forrest W. Christian" > > > To: "alexus" > > > Cc: "Bob Martin" ; > > > Sent: Monday, July 23, 2001 1:22 AM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > Ident is working as designed. > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > From: alexus > > > > > To: Forrest W. Christian > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > could that be due to > > > > > > > > > > i have different broadcast? > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > ----- Original Message ----- > > > > > From: "Forrest W. Christian" > > > > > To: "alexus" > > > > > Cc: "Bob Martin" ; > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > mail# telnet 66.92.98.151 ident > > > > > > Trying 66.92.98.151... > > > > > > Connected to bigballz.com. > > > > > > Escape character is '^]'. > > > > > > ^] > > > > > > telnet> z > > > > > > > > > > > > Suspended > > > > > > mail# netstat -an | grep 66.92 > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > > ESTABLISHED > > > > > > mail# fg > > > > > > telnet 66.92.98.151 ident > > > > > > 113,4183 > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > Connection closed by foreign host. > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > mail# telnet 66.92.98.145 ident > > > > > > Trying 66.92.98.145... > > > > > > Connected to oXyeTb.com. > > > > > > Escape character is '^]'. > > > > > > ^] > > > > > > telnet> z > > > > > > > > > > > > Suspended > > > > > > mail# netstat -an | grep 66.92 > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > > ESTABLISHED > > > > > > mail# fg > > > > > > telnet 66.92.98.145 ident > > > > > > 113,4242 > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > Connection closed by foreign host. > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot > less > > > > > > information out about your system. > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > -------- CUT ----------- > > > > > > #!/usr/local/bin/perl > > > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > -------- CUT ----------- > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > From: alexus > > > > > > > To: Bob Martin > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > fxp0: flags=8943 > mtu > > > > > 1500 > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > 66.92.98.255 > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > 66.92.98.151 > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > media: autoselect (100baseTX ) status: > active > > > > > > > supported media: autoselect 100baseTX > > > 100baseTX > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > su-2.05# > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 > but > > > it > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already set to > 1 > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Bob Martin" > > > > > > > To: "alexus" > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > bigballz.com ) > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask > 255.255.255.0" > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > fxp0: > flags=8943 > > > mtu > > > > > > > 1500 > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > media: autoselect (100baseTX ) status: > > > active > > > > > > > > > supported media: autoselect 100baseTX > > > > > 100baseTX > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP > .145 ( > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > whenever I'm trying to use my second IP .151 ( > bigballz.com ) I > > > > > can't > > > > > > > get on > > > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > > > installed > > > > > > > even > > > > > > > > > though it *is* installed and I'm being able to logon to same > > > server > > > > > from > > > > > > > my > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > LISTEN > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > auth 113/tcp ident tap #Authentication > Service > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > is there some special way I need to add any additional IPs > or > > > what > > > > > am I > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > 255.255.255.255, > > > and > > > > > make > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > > gateway > > > > > > > > with: > > > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > bob > > > > > > > > -- > > > > > > > > But in our enthusiasm, we could not resist a radical overhaul > of > > > the > > > > > > > > system, in which all of its major weaknesses have been > exposed, > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > ---------------------------------------------------------------------- > > > > > > The Innovation Machine Ltd. P.O. Box > 5749 > > > > > > http://www.imach.com/ Helena, MT > 59604 > > > > > > Home of PacketFlux Technogies and BackupDNS.com > (406)-442-6648 > > > > > > > ---------------------------------------------------------------------- > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > ---------------------------------------------------------------------- > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > http://www.imach.com/ Helena, MT 59604 > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > ---------------------------------------------------------------------- > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 9:48:22 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 621CD37B406 for ; Mon, 23 Jul 2001 09:48:05 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 64561 invoked from network); 23 Jul 2001 16:48:09 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 16:48:09 -0000 Message-ID: <004001c11397$3b618200$0d00a8c0@alexus> From: "alexus" To: , "Forrest W. Christian" Cc: "Bob Martin" , References: <20010723115334.A300-100000@asbestos.wolf> Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 12:47:59 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org uh.. if you'll read our "mumbo" or at least search it you won't find NAT word in it.. what we trying to discuss is adding additional IPs address as an alias to existing ethernet interface... and for some reason it doesn't work properly i'm having problem to irc with 2nd ip alexus@~# ifconfig fxp0 fxp0: flags=8943 mtu 1500 inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 ether 00:60:94:a5:cb:44 media: autoselect (100baseTX ) status: active supported media: autoselect 100baseTX 100baseTX 10baseT/UTP 10baseT/UTP alexus@~# ----- Original Message ----- From: To: "Forrest W. Christian" Cc: "alexus" ; "Bob Martin" ; Sent: Monday, July 23, 2001 10:56 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Hi, Ok, i'm not sure i understand the entire shceme, but from the mumbo below, i assume that one machine is behind a natd firewall ? that means that when you try to connect from the inner machine the irc server is trying to get inetd info from your firewall. your firewall doesn't pass this request on. so what you want to do is install an inetd that will basically respond to anything i use "lie inetd" or - linetd . it cured this problem for me. jeff On Mon, 23 Jul 2001, Forrest W. Christian wrote: > Try a different irc server, or try a different ident server (like the > warm-fuzzy perl script I gave you). > > On Mon, 23 Jul 2001, alexus wrote: > > > Date: Mon, 23 Jul 2001 01:47:32 -0400 > > From: alexus > > To: Forrest W. Christian > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > well ... let's see > > > > ųíų Connecting to port 6667 of server irc.lightning.net [refnum 0] > > [lightning] *** Looking up your hostname... > > [lightning] *** Found your hostname, cached > > [lightning] *** Checking Ident > > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > > ųíų Closing Link: a1exus[alexus@255.255.255.255] (Banned) > > ųíų Connection closed from irc.lightning.net: Undefined error: 0 > > > > ----- Original Message ----- > > From: "Forrest W. Christian" > > To: "alexus" > > Cc: "Bob Martin" ; > > Sent: Monday, July 23, 2001 1:33 AM > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > What errors are you seeing on the IRC server? > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > > From: alexus > > > > To: Forrest W. Christian > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > su-2.05# ifconfig fxp0 > > > > fxp0: flags=8943 mtu > > 1500 > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > > > ether 00:60:94:a5:cb:44 > > > > media: autoselect (100baseTX ) status: active > > > > supported media: autoselect 100baseTX 100baseTX > > > > 10baseT/UTP 10baseT/UTP > > > > su-2.05# > > > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > > > ----- Original Message ----- > > > > From: "Forrest W. Christian" > > > > To: "alexus" > > > > Cc: "Bob Martin" ; > > > > Sent: Monday, July 23, 2001 1:22 AM > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > > > Ident is working as designed. > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > > From: alexus > > > > > > To: Forrest W. Christian > > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > could that be due to > > > > > > > > > > > > i have different broadcast? > > > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Forrest W. Christian" > > > > > > To: "alexus" > > > > > > Cc: "Bob Martin" ; > > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > > mail# telnet 66.92.98.151 ident > > > > > > > Trying 66.92.98.151... > > > > > > > Connected to bigballz.com. > > > > > > > Escape character is '^]'. > > > > > > > ^] > > > > > > > telnet> z > > > > > > > > > > > > > > Suspended > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > > > ESTABLISHED > > > > > > > mail# fg > > > > > > > telnet 66.92.98.151 ident > > > > > > > 113,4183 > > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > > Connection closed by foreign host. > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > > mail# telnet 66.92.98.145 ident > > > > > > > Trying 66.92.98.145... > > > > > > > Connected to oXyeTb.com. > > > > > > > Escape character is '^]'. > > > > > > > ^] > > > > > > > telnet> z > > > > > > > > > > > > > > Suspended > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > > > ESTABLISHED > > > > > > > mail# fg > > > > > > > telnet 66.92.98.145 ident > > > > > > > 113,4242 > > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > > Connection closed by foreign host. > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot > > less > > > > > > > information out about your system. > > > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > > > -------- CUT ----------- > > > > > > > #!/usr/local/bin/perl > > > > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > > -------- CUT ----------- > > > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > > From: alexus > > > > > > > > To: Bob Martin > > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > > fxp0: flags=8943 > > mtu > > > > > > 1500 > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > 66.92.98.255 > > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > > 66.92.98.151 > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > media: autoselect (100baseTX ) status: > > active > > > > > > > > supported media: autoselect 100baseTX > > > > 100baseTX > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > su-2.05# > > > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 > > but > > > > it > > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already set to > > 1 > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > From: "Bob Martin" > > > > > > > > To: "alexus" > > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > > bigballz.com ) > > > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask > > 255.255.255.0" > > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > > fxp0: > > flags=8943 > > > > mtu > > > > > > > > 1500 > > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > > 66.92.98.255 > > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > > > 66.92.98.255 > > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > > media: autoselect (100baseTX ) status: > > > > active > > > > > > > > > > supported media: autoselect 100baseTX > > > > > > 100baseTX > > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP > > .145 ( > > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > > whenever I'm trying to use my second IP .151 ( > > bigballz.com ) I > > > > > > can't > > > > > > > > get on > > > > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > > > > installed > > > > > > > > even > > > > > > > > > > though it *is* installed and I'm being able to logon to same > > > > server > > > > > > from > > > > > > > > my > > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > > LISTEN > > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > > auth 113/tcp ident tap #Authentication > > Service > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > is there some special way I need to add any additional IPs > > or > > > > what > > > > > > am I > > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > > 255.255.255.255, > > > > and > > > > > > make > > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > > > gateway > > > > > > > > > with: > > > > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > > > bob > > > > > > > > > -- > > > > > > > > > But in our enthusiasm, we could not resist a radical overhaul > > of > > > > the > > > > > > > > > system, in which all of its major weaknesses have been > > exposed, > > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > > > ---------------------------------------------------------------------- > > > > > > > The Innovation Machine Ltd. P.O. Box > > 5749 > > > > > > > http://www.imach.com/ Helena, MT > > 59604 > > > > > > > Home of PacketFlux Technogies and BackupDNS.com > > (406)-442-6648 > > > > > > > > > ---------------------------------------------------------------------- > > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > ---------------------------------------------------------------------- > > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > > http://www.imach.com/ Helena, MT 59604 > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > > ---------------------------------------------------------------------- > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > ---------------------------------------------------------------------- > > > The Innovation Machine Ltd. P.O. Box 5749 > > > http://www.imach.com/ Helena, MT 59604 > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > ---------------------------------------------------------------------- > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > The Innovation Machine Ltd. P.O. Box 5749 > http://www.imach.com/ Helena, MT 59604 > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > ---------------------------------------------------------------------- > Protect your personal freedoms - visit http://www.lp.org/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 9:52:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 45CC137B408 for ; Mon, 23 Jul 2001 09:52:32 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 64740 invoked from network); 23 Jul 2001 16:52:36 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 23 Jul 2001 16:52:36 -0000 Message-ID: <004601c11397$da46d870$0d00a8c0@alexus> From: "alexus" To: "Forrest W. Christian" , Cc: "Bob Martin" , References: Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Date: Mon, 23 Jul 2001 12:52:26 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i know for sure that this isn't ident issue due to i can irc fine from first ip just fine... so its definatly something else.. ----- Original Message ----- From: "Forrest W. Christian" To: Cc: "alexus" ; "Bob Martin" ; Sent: Monday, July 23, 2001 11:07 AM Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC Jeff, I have tested both his IDENT ports from here and they are working just fine. I'm not sure why the IRC server is yelping. I suspect either it doesn't like something subtle about the ident response or it is giving a bogus error message, and is really throwing him off because of some other reason. Thus my two recommendations below (try a different identd, connect to a different server) On Mon, 23 Jul 2001 jeff@tht.net wrote: > Date: Mon, 23 Jul 2001 11:56:09 -0300 (ADT) > From: jeff@tht.net > To: Forrest W. Christian > Cc: alexus , Bob Martin , > freebsd-isp@FreeBSD.ORG > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > Hi, > > Ok, i'm not sure i understand the entire shceme, but from > the mumbo below, i assume that one machine is behind a natd > firewall ? > > that means that when you try to connect from the inner machine > the irc server is trying to get inetd info from your firewall. > > your firewall doesn't pass this request on. so what you want > to do is install an inetd that will basically respond to anything > > i use "lie inetd" or - linetd . it cured this problem for me. > > jeff > > > On Mon, 23 Jul 2001, Forrest W. Christian wrote: > > > Try a different irc server, or try a different ident server (like the > > warm-fuzzy perl script I gave you). > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > Date: Mon, 23 Jul 2001 01:47:32 -0400 > > > From: alexus > > > To: Forrest W. Christian > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > well ... let's see > > > > > > ųíų Connecting to port 6667 of server irc.lightning.net [refnum 0] > > > [lightning] *** Looking up your hostname... > > > [lightning] *** Found your hostname, cached > > > [lightning] *** Checking Ident > > > [lightning] *** Banned: Install Identd for access (2001/4/18 09.20) > > > ųíų Closing Link: a1exus[alexus@255.255.255.255] (Banned) > > > ųíų Connection closed from irc.lightning.net: Undefined error: 0 > > > > > > ----- Original Message ----- > > > From: "Forrest W. Christian" > > > To: "alexus" > > > Cc: "Bob Martin" ; > > > Sent: Monday, July 23, 2001 1:33 AM > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > What errors are you seeing on the IRC server? > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > Date: Mon, 23 Jul 2001 01:33:45 -0400 > > > > > From: alexus > > > > > To: Forrest W. Christian > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > su-2.05# ifconfig fxp0 > > > > > fxp0: flags=8943 mtu > > > 1500 > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast 66.92.98.255 > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast 66.92.98.255 > > > > > ether 00:60:94:a5:cb:44 > > > > > media: autoselect (100baseTX ) status: active > > > > > supported media: autoselect 100baseTX 100baseTX > > > > > 10baseT/UTP 10baseT/UTP > > > > > su-2.05# > > > > > > > > > > i even changed my broadcast .. same *ahem* thing... > > > > > > > > > > ----- Original Message ----- > > > > > From: "Forrest W. Christian" > > > > > To: "alexus" > > > > > Cc: "Bob Martin" ; > > > > > Sent: Monday, July 23, 2001 1:22 AM > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > No. Something else OTHER than ident is broken. > > > > > > > > > > > > Ident is working as designed. > > > > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 01:16:30 -0400 > > > > > > > From: alexus > > > > > > > To: Forrest W. Christian > > > > > > > Cc: Bob Martin , freebsd-isp@FreeBSD.ORG > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > could that be due to > > > > > > > > > > > > > > i have different broadcast? > > > > > > > > > > > > > > what broadcast do anyway? what is it for > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Forrest W. Christian" > > > > > > > To: "alexus" > > > > > > > Cc: "Bob Martin" ; > > > > > > > Sent: Monday, July 23, 2001 12:56 AM > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > Ident appears to be working on your box on both ports: > > > > > > > > > > > > > > > > -------------------TEST OUTPUT BEGIN > > > > > > > > mail# telnet 66.92.98.151 ident > > > > > > > > Trying 66.92.98.151... > > > > > > > > Connected to bigballz.com. > > > > > > > > Escape character is '^]'. > > > > > > > > ^] > > > > > > > > telnet> z > > > > > > > > > > > > > > > > Suspended > > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > > tcp4 0 0 206.127.64.140.4188 66.92.98.151.113 > > > > > > > > ESTABLISHED > > > > > > > > mail# fg > > > > > > > > telnet 66.92.98.151 ident > > > > > > > > 113,4183 > > > > > > > > 113 , 4183 : USERID : UNKNOWN : root > > > > > > > > Connection closed by foreign host. > > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > > > ------------------TEST OUTPUT BEGIN > > > > > > > > mail# telnet 66.92.98.145 ident > > > > > > > > Trying 66.92.98.145... > > > > > > > > Connected to oXyeTb.com. > > > > > > > > Escape character is '^]'. > > > > > > > > ^] > > > > > > > > telnet> z > > > > > > > > > > > > > > > > Suspended > > > > > > > > mail# netstat -an | grep 66.92 > > > > > > > > tcp4 0 0 206.127.64.140.4242 66.92.98.145.113 > > > > > > > > ESTABLISHED > > > > > > > > mail# fg > > > > > > > > telnet 66.92.98.145 ident > > > > > > > > 113,4242 > > > > > > > > 113 , 4242 : USERID : UNKNOWN : root > > > > > > > > Connection closed by foreign host. > > > > > > > > ------------------TEST OUTPUT END > > > > > > > > > > > > > > > > I'd look elsewhere, however: > > > > > > > > > > > > > > > > Have you considered running a "warm-fuzzy" ident? It lets a lot > > > less > > > > > > > > information out about your system. > > > > > > > > > > > > > > > > Use this perl script: > > > > > > > > > > > > > > > > -------- CUT ----------- > > > > > > > > #!/usr/local/bin/perl > > > > > > > > ($a, $b) = split(/[,\n\r ]+/,<>); > > > > > > > > print "$a , $b : USERID : UNIX : Warm-Fuzzy\r\n"; > > > > > > > > -------- CUT ----------- > > > > > > > > > > > > > > > > And reference it from your inetd.conf instead of the ident code. > > > > > > > > > > > > > > > > On Mon, 23 Jul 2001, alexus wrote: > > > > > > > > > > > > > > > > > Date: Mon, 23 Jul 2001 00:46:41 -0400 > > > > > > > > > From: alexus > > > > > > > > > To: Bob Martin > > > > > > > > > Cc: freebsd-isp@FreeBSD.ORG > > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > su-2.05# sysctl net.inet.ip.forwarding > > > > > > > > > net.inet.ip.forwarding: 1 > > > > > > > > > su-2.05# ifconfig fxp0 > > > > > > > > > fxp0: flags=8943 > > > mtu > > > > > > > 1500 > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > 66.92.98.255 > > > > > > > > > inet 66.92.98.151 netmask 0xffffffff broadcast > > > 66.92.98.151 > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > media: autoselect (100baseTX ) status: > > > active > > > > > > > > > supported media: autoselect 100baseTX > > > > > 100baseTX > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > su-2.05# > > > > > > > > > > > > > > > > > > i've tryed to change netmask of second ip to .255 instead of .0 > > > but > > > > > it > > > > > > > > > doesn't seems to help:( > > > > > > > > > > > > > > > > > > and i also checked my forwarding settings, it was already set to > > > 1 > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > From: "Bob Martin" > > > > > > > > > To: "alexus" > > > > > > > > > Sent: Sunday, July 22, 2001 5:42 PM > > > > > > > > > Subject: Re: IPs/VHOST/ALIAS/IDENTd/IRC > > > > > > > > > > > > > > > > > > > > > > > > > > > > alexus wrote: > > > > > > > > > > > > > > > > > > > > > > Hi > > > > > > > > > > > > > > > > > > > > > > I have 2 IPs on my box > > > > > > > > > > > > > > > > > > > > > > 66.92.98.145 ( oXyeTb.com ) and 66.92.98.151 ( > > > bigballz.com ) > > > > > > > > > > > > > > > > > > > > > > I put both of those IPs into my /etc/rc.conf file > > > > > > > > > > > > > > > > > > > > > > alexus@~# grep fxp0 /etc/rc.conf > > > > > > > > > > > ifconfig_fxp0="inet 66.92.98.145 netmask 255.255.255.0" > > > > > > > > > > > ifconfig_fxp0_alias0="inet 66.92.98.151 netmask > > > 255.255.255.0" > > > > > > > > > > > alexus@~# ifconfig fxp0 > > > > > > > > > > > fxp0: > > > flags=8943 > > > > > mtu > > > > > > > > > 1500 > > > > > > > > > > > inet 66.92.98.145 netmask 0xffffff00 broadcast > > > > > 66.92.98.255 > > > > > > > > > > > inet 66.92.98.151 netmask 0xffffff00 broadcast > > > > > 66.92.98.255 > > > > > > > > > > > ether 00:60:94:a5:cb:44 > > > > > > > > > > > media: autoselect (100baseTX ) status: > > > > > active > > > > > > > > > > > supported media: autoselect 100baseTX > > > > > > > 100baseTX > > > > > > > > > > > 10baseT/UTP 10baseT/UTP > > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > > > so looks like they up and running fine > > > > > > > > > > > > > > > > > > > > > > although I'm having one problem (at least so far) > > > > > > > > > > > > > > > > > > > > > > whenever I'm trying to IRC from my box from my primary IP > > > .145 ( > > > > > > > > > > > oXyeTb.com ) everything seems to be in order > > > > > > > > > > > whenever I'm trying to use my second IP .151 ( > > > bigballz.com ) I > > > > > > > can't > > > > > > > > > get on > > > > > > > > > > > IRC at all.. some of IRC server tells me that my ident isn't > > > > > > > installed > > > > > > > > > even > > > > > > > > > > > though it *is* installed and I'm being able to logon to same > > > > > server > > > > > > > from > > > > > > > > > my > > > > > > > > > > > first IP just fine > > > > > > > > > > > > > > > > > > > > > > here is prove that i *do* have ident (port 113) running > > > > > > > > > > > > > > > > > > > > > > alexus@~# netstat -ta | grep auth > > > > > > > > > > > tcp4 0 0 *.auth *.* > > > > > > > > > LISTEN > > > > > > > > > > > alexus@~# grep 113 /etc/services | grep tcp > > > > > > > > > > > auth 113/tcp ident tap #Authentication > > > Service > > > > > > > > > > > alexus@~# > > > > > > > > > > > > > > > > > > > > > > is there some special way I need to add any additional IPs > > > or > > > > > what > > > > > > > am I > > > > > > > > > > > doing wrong? > > > > > > > > > > > > > > > > > > > > > > thanks in advance > > > > > > > > > > > > > > > > > > > > > You need to change the netmask of the alias to > > > 255.255.255.255, > > > > > and > > > > > > > make > > > > > > > > > > sure that gateway is enabled. > > > > > > > > > > > > > > > > > > > > You can change the IP with ifconfig, and you can enable the > > > > > gateway > > > > > > > > > > with: > > > > > > > > > > sysctl -w net.inet.ip.forwarding=1 > > > > > > > > > > > > > > > > > > > > All of this is in the archives 8^) > > > > > > > > > > > > > > > > > > > > bob > > > > > > > > > > -- > > > > > > > > > > But in our enthusiasm, we could not resist a radical overhaul > > > of > > > > > the > > > > > > > > > > system, in which all of its major weaknesses have been > > > exposed, > > > > > > > > > > analyzed, and replaced with new weaknesses. > > > > > > > > > > -- Bruce Leverett, "Register Allocation in Optimizing > > > > > Compilers" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > > > > > > ---------------------------------------------------------------------- > > > > > > > > The Innovation Machine Ltd. P.O. Box > > > 5749 > > > > > > > > http://www.imach.com/ Helena, MT > > > 59604 > > > > > > > > Home of PacketFlux Technogies and BackupDNS.com > > > (406)-442-6648 > > > > > > > > > > > ---------------------------------------------------------------------- > > > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > > > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > > > ---------------------------------------------------------------------- > > > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > > > http://www.imach.com/ Helena, MT 59604 > > > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > > > ---------------------------------------------------------------------- > > > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > > > ---------------------------------------------------------------------- > > > > The Innovation Machine Ltd. P.O. Box 5749 > > > > http://www.imach.com/ Helena, MT 59604 > > > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > > > ---------------------------------------------------------------------- > > > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > > > > > > > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > > ---------------------------------------------------------------------- > > The Innovation Machine Ltd. P.O. Box 5749 > > http://www.imach.com/ Helena, MT 59604 > > Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 > > ---------------------------------------------------------------------- > > Protect your personal freedoms - visit http://www.lp.org/ > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jul 23 19:31:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from opensrs.saignon.net (216-120-17-31.dsl.cust.tfb.com [216.120.17.31]) by hub.freebsd.org (Postfix) with ESMTP id 6F8BC37B403 for ; Mon, 23 Jul 2001 19:31:35 -0700 (PDT) (envelope-from tony@saignon.net) Received: from tsaignmobl (216-120-17-17.dsl.cust.tfb.com [216.120.17.17]) by opensrs.saignon.net (8.11.4/8.11.3) with SMTP id f6O2Wl411922 for ; Mon, 23 Jul 2001 19:32:47 -0700 (PDT) (envelope-from tony@saignon.net) From: Tony Saign To: Subject: Redundant setup on a budget?? Date: Mon, 23 Jul 2001 19:31:33 -0700 Message-ID: <000101c113e8$c1f9f990$0600a8c0@tsaignmobl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We are a VERY small outfit, (with limited funds as well) and I would like to provide a somewhat fault tolerant setup, can anyone offer some advice??? Currently have 1 FreeBSD 4.3 machine providing web, email, and secondary DNS services. I have another identical 2 system ready @ a moments notice to replace the primary in the event of a hardware problem. I tested this out, I can simply dump the last good backup on it, and to my surprise everything looks good! My question is this: Given the fact that we have 2 systems available what would the easiest way to accomplish an 'automated' rollover of services?? Could the machines be somehow synchronized, similar to the PDC/BDC NT model?? I can do this in a Windows NT (YUK!!!!!!) environment, but have limited experience with BSD. I am in process of removing our NT server!!!!! :) (happy happy joy joy!) Feel free to offer advice off-list, it would be GREATLY appreciated. THANK YOU in advance, -Tony To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 2:20:16 2001 Delivered-To: freebsd-isp@freebsd.org Received: from paperboy.sixforty.co.uk (paperboy.sixforty.co.uk [195.10.242.11]) by hub.freebsd.org (Postfix) with ESMTP id 320BB37B40E for ; Tue, 24 Jul 2001 02:20:07 -0700 (PDT) (envelope-from freebsd-isp@sixforty.co.uk) Received: (from root@localhost) by paperboy.sixforty.co.uk (8.11.1/8.11.1) id f6O9K3Z28464; Tue, 24 Jul 2001 10:20:03 +0100 (BST) (envelope-from freebsd-isp@sixforty.co.uk) Delivered-To: tony@saignon.net Received: from lfarr (daisy.int.epcdirect.co.uk [192.168.6.200]) by paperboy.sixforty.co.uk (8.11.1/8.11.1av) with ESMTP id f6O9Jve28424; Tue, 24 Jul 2001 10:19:57 +0100 (BST) (envelope-from freebsd-isp@sixforty.co.uk) From: "Lawrence Farr" To: "'Tony Saign'" , Subject: RE: Redundant setup on a budget?? Date: Tue, 24 Jul 2001 10:19:45 +0100 Message-ID: <000f01c11421$c7abdcd0$c806a8c0@lfarr> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 In-Reply-To: <000101c113e8$c1f9f990$0600a8c0@tsaignmobl> X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Have it set to another IP, and if it can't ping the first one for 2 minutes or whatever time you fancy, do an ifconfig to take the main machines IP, and restart all your services. Or even easier echo the new IP to the end of rc.conf and reboot! -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Tony Saign Sent: 24 July 2001 03:32 To: freebsd-isp@FreeBSD.ORG Subject: Redundant setup on a budget?? We are a VERY small outfit, (with limited funds as well) and I would like to provide a somewhat fault tolerant setup, can anyone offer some advice??? Currently have 1 FreeBSD 4.3 machine providing web, email, and secondary DNS services. I have another identical 2 system ready @ a moments notice to replace the primary in the event of a hardware problem. I tested this out, I can simply dump the last good backup on it, and to my surprise everything looks good! My question is this: Given the fact that we have 2 systems available what would the easiest way to accomplish an 'automated' rollover of services?? Could the machines be somehow synchronized, similar to the PDC/BDC NT model?? I can do this in a Windows NT (YUK!!!!!!) environment, but have limited experience with BSD. I am in process of removing our NT server!!!!! :) (happy happy joy joy!) Feel free to offer advice off-list, it would be GREATLY appreciated. THANK YOU in advance, -Tony To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 2:58:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from relay.tecc.co.uk (luggage.tecc.co.uk [193.128.6.129]) by hub.freebsd.org (Postfix) with SMTP id C5B0537B403 for ; Tue, 24 Jul 2001 02:58:06 -0700 (PDT) (envelope-from andy@tecc.co.uk) Received: from southampton [195.217.37.155] by relay.tecc.co.uk with smtp (Exim 1.70 #1) id 15Oywt-0000OD-00; Tue, 24 Jul 2001 10:57:55 +0100 From: "Andy" To: "Lawrence Farr" , "'Tony Saign'" , Subject: RE: Redundant setup on a budget?? Date: Tue, 24 Jul 2001 10:57:55 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 In-Reply-To: <000f01c11421$c7abdcd0$c806a8c0@lfarr> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Have it set to another IP, and if it can't ping the first one for 2 > minutes > or whatever time you fancy, do an ifconfig to take the main machines IP, > and restart > all your services. > > Or even easier echo the new IP to the end of rc.conf and reboot! /usr/ports/net/vrrpd why wait two minutes when it can be done in 2 seconds ;) Regards Andy > We are a VERY small outfit, (with limited funds as well) and I > would like to provide a somewhat fault tolerant setup, can > anyone offer some advice??? > > Currently have 1 FreeBSD 4.3 machine providing web, email, and > secondary DNS services. I have another identical 2 system ready > @ a moments notice to replace the primary in the event of a > hardware problem. I tested this out, I can simply dump the last > good backup on it, and to my surprise everything looks good! > > My question is this: > Given the fact that we have 2 systems available what would the > easiest way to accomplish an 'automated' rollover of services?? > Could the machines be somehow synchronized, similar to the > PDC/BDC NT model?? > > I can do this in a Windows NT (YUK!!!!!!) environment, but have > limited experience with BSD. I am in process of removing our NT > server!!!!! :) (happy happy joy joy!) > > Feel free to offer advice off-list, it would be GREATLY appreciated. > > THANK YOU in advance, > > -Tony To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 6:13: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id 61D5137B405 for ; Tue, 24 Jul 2001 06:13:03 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6ODCqv11926; Tue, 24 Jul 2001 06:12:52 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Tue, 24 Jul 2001 06:12:52 -0700 Message-ID: <995980372.3b5d745405f48@Mail.SavvyWorld.Net> Date: Tue, 24 Jul 2001 06:12:52 -0700 To: Andy Cc: Lawrence Farr , "'Tony Saign'" , freebsd-isp@FreeBSD.ORG Subject: RE: Redundant setup on a budget?? References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Quoting Andy : | > Have it set to another IP, and if it can't ping the first one for 2 | > minutes | > or whatever time you fancy, do an ifconfig to take the main machines IP, | > and restart | > all your services. | > | > Or even easier echo the new IP to the end of rc.conf and reboot! | | /usr/ports/net/vrrpd I didn't find it in ports but I did find it at http://w3.arobas.net/~jetienne/vrrpd/ and it sounds as like a good potential solution. ed | | why wait two minutes when it can be done in 2 seconds ;) | | Regards | Andy | | | > We are a VERY small outfit, (with limited funds as well) and I | > would like to provide a somewhat fault tolerant setup, can | > anyone offer some advice??? | > | > Currently have 1 FreeBSD 4.3 machine providing web, email, and | > secondary DNS services. I have another identical 2 system ready | > @ a moments notice to replace the primary in the event of a | > hardware problem. I tested this out, I can simply dump the last | > good backup on it, and to my surprise everything looks good! | > | > My question is this: | > Given the fact that we have 2 systems available what would the | > easiest way to accomplish an 'automated' rollover of services?? | > Could the machines be somehow synchronized, similar to the | > PDC/BDC NT model?? | > | > I can do this in a Windows NT (YUK!!!!!!) environment, but have | > limited experience with BSD. I am in process of removing our NT | > server!!!!! :) (happy happy joy joy!) | > | > Feel free to offer advice off-list, it would be GREATLY appreciated. | > | > THANK YOU in advance, | > | > -Tony | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-isp" in the body of the message | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 6:48: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailman.thenap.com (mailman.thenap.com [209.190.0.10]) by hub.freebsd.org (Postfix) with ESMTP id C6F5537B403 for ; Tue, 24 Jul 2001 06:48:03 -0700 (PDT) (envelope-from drew.weaver@thenap.com) Received: by mailman.thenap.com with Internet Mail Service (5.5.2653.19) id ; Tue, 24 Jul 2001 09:48:03 -0400 Message-ID: From: "Drew J. Weaver" To: "'freebsd-isp@freebsd.org'" Subject: Can someone do me a favor? Date: Tue, 24 Jul 2001 09:48:02 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C11447.4217E3E0" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C11447.4217E3E0 Content-Type: text/plain; charset="iso-8859-1" try and resolve through any of these dns servers 206.222.1.2, 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2 I just implemented the allow-query command in my named.conf on all of these servers and much to my shygrin i dont think its actually limiting anything? It appears to still be wide open. -Drew ------_=_NextPart_001_01C11447.4217E3E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Can someone do me a favor?

        try and = resolve through any of these dns servers
206.222.1.2, 206.222.1.3, 209.51.192.194, = 206.222.1.4, 209.51.193.2

I just implemented the allow-query command in my = named.conf on all of these servers and much to my shygrin i dont think = its actually limiting anything?

It appears to still be wide open.

-Drew






------_=_NextPart_001_01C11447.4217E3E0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 6:55:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from spider.suxx.eu.org (spider.suxx.eu.org [194.249.141.2]) by hub.freebsd.org (Postfix) with ESMTP id 942FA37B401 for ; Tue, 24 Jul 2001 06:55:52 -0700 (PDT) (envelope-from maddave@suxx.eu.org) Received: by spider.suxx.eu.org (Postfix, from userid 1000) id 3112A17751; Tue, 24 Jul 2001 16:10:08 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by spider.suxx.eu.org (Postfix) with ESMTP id 0F50932B9E; Tue, 24 Jul 2001 16:10:08 +0200 (CEST) Date: Tue, 24 Jul 2001 16:10:07 +0200 (CEST) From: David Delibasic To: "Drew J. Weaver" Cc: "'freebsd-isp@freebsd.org'" Subject: Re: Can someone do me a favor? In-Reply-To: Message-ID: <20010724160809.I54127-100000@spider.suxx.eu.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I can resolve through all this nameservers except dns4.ee.net. When I query dns4.ee.net i get: *** dns4.ee.net can't find www.hp.com: No response from server D. On Tue, 24 Jul 2001, Drew J. Weaver wrote: > try and resolve through any of these dns servers > 206.222.1.2, 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2 > > I just implemented the allow-query command in my named.conf on all of these > servers and much to my shygrin i dont think its actually limiting anything? > > It appears to still be wide open. > > -Drew > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 6:58: 6 2001 Delivered-To: freebsd-isp@freebsd.org Received: from relay.tecc.co.uk (luggage.tecc.co.uk [193.128.6.129]) by hub.freebsd.org (Postfix) with SMTP id BFD6937B408 for ; Tue, 24 Jul 2001 06:58:01 -0700 (PDT) (envelope-from andy@tecc.co.uk) Received: from southampton [195.217.37.155] by relay.tecc.co.uk with smtp (Exim 1.70 #1) id 15P2hD-0001lX-00; Tue, 24 Jul 2001 14:57:59 +0100 From: "Andy" To: "Edwin Culp" Cc: "Lawrence Farr" , "'Tony Saign'" , Subject: RE: Redundant setup on a budget?? Date: Tue, 24 Jul 2001 14:57:59 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 In-Reply-To: <995980372.3b5d745405f48@Mail.SavvyWorld.Net> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It's in the ports as of 4.3-RELEASE The one you mention is the Linux version which doesn't run on fBSD. The vrrpd in the ports I mentions *is* the Linux version ported to fBSD with it's GPL intact ;) Regards Andy > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Edwin Culp > Sent: 24 July 2001 14:13 > To: Andy > Cc: Lawrence Farr; 'Tony Saign'; freebsd-isp@FreeBSD.ORG > Subject: RE: Redundant setup on a budget?? > > > Quoting Andy : > > | > Have it set to another IP, and if it can't ping the first one for 2 > | > minutes > | > or whatever time you fancy, do an ifconfig to take the main > machines IP, > | > and restart > | > all your services. > | > > | > Or even easier echo the new IP to the end of rc.conf and reboot! > | > | /usr/ports/net/vrrpd > > I didn't find it in ports but I did find it at > http://w3.arobas.net/~jetienne/vrrpd/ > and it sounds as like a good potential solution. > > ed > | > | why wait two minutes when it can be done in 2 seconds ;) > | > | Regards > | Andy > | > | > | > We are a VERY small outfit, (with limited funds as well) and I > | > would like to provide a somewhat fault tolerant setup, can > | > anyone offer some advice??? > | > > | > Currently have 1 FreeBSD 4.3 machine providing web, email, and > | > secondary DNS services. I have another identical 2 system ready > | > @ a moments notice to replace the primary in the event of a > | > hardware problem. I tested this out, I can simply dump the last > | > good backup on it, and to my surprise everything looks good! > | > > | > My question is this: > | > Given the fact that we have 2 systems available what would the > | > easiest way to accomplish an 'automated' rollover of services?? > | > Could the machines be somehow synchronized, similar to the > | > PDC/BDC NT model?? > | > > | > I can do this in a Windows NT (YUK!!!!!!) environment, but have > | > limited experience with BSD. I am in process of removing our NT > | > server!!!!! :) (happy happy joy joy!) > | > > | > Feel free to offer advice off-list, it would be GREATLY appreciated. > | > > | > THANK YOU in advance, > | > > | > -Tony > | > | > | To Unsubscribe: send mail to majordomo@FreeBSD.org > | with "unsubscribe freebsd-isp" in the body of the message > | > > ----------------------------------------------------------------------- > The illiterate of the 21st century will not be > those who cannot read and write, > but those who cannot learn, unlearn and relearn. > --Alvin Toffler > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 7: 5:20 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtp.kka.com (smtp.kka.com [63.141.65.2]) by hub.freebsd.org (Postfix) with ESMTP id 2A07637B407 for ; Tue, 24 Jul 2001 07:05:15 -0700 (PDT) (envelope-from Eric_Stanfield@kenokozie.com) Subject: Need help re: telnetd patch To: freebsd-isp@freebsd.org X-Mailer: Lotus Notes Release 5.0.2a November 23, 1999 Message-ID: From: Eric_Stanfield@kenokozie.com Date: Tue, 24 Jul 2001 09:03:44 -0500 X-MIMETrack: Serialize by Router on Notes1st/Keno(Release 5.0.4 |June 8, 2000) at 07/24/2001 09:03:45 AM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Following the instructions for applying the telnet daemon patch released yesterday to fix up the root exploit with the current daemon, I'm stuck as to what to enter at this point: ns1# patch -p < /root/compile/telnetd.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: libexec/telnetd/ext.h |=================================================================== |RCS file: /home/ncvs/src/libexec/telnetd/ext.h,v |retrieving revision 1.8 |retrieving revision 1.10 |diff -u -r1.8 -r1.10 |--- libexec/telnetd/ext.h 2000/11/19 10:01:27 1.8 |+++ libexec/telnetd/ext.h 2001/07/23 22:00:51 1.10 -------------------------- File to patch: What file do I tell it to patch? The instructions sent with the security advisory just say # cd /usr/src/ # patch -p < /path/to/patch # cd /usr/src/libexec/telnetd # make depend && make all install The 2nd step there gives me the 'File to patch' prompt above. Could someone please tell me how to proceed? Thanks, -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eric Stanfield, K2Access Keno Kozie Associates 222 N LaSalle #1500 Chicago, IL 60606 (312) 332-3000 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 7: 6:45 2001 Delivered-To: freebsd-isp@freebsd.org Received: from kermit.netivity.nl (wc-68.r-195-85-144.essentkabel.com [195.85.144.68]) by hub.freebsd.org (Postfix) with ESMTP id C072E37B409 for ; Tue, 24 Jul 2001 07:06:37 -0700 (PDT) (envelope-from enriko.groen@netivity.nl) Received: by KERMIT with Internet Mail Service (5.5.2650.21) id ; Tue, 24 Jul 2001 16:06:36 +0200 Message-ID: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> From: Enriko Groen To: 'Tony Saign' , freebsd-isp@freebsd.org Subject: RE: Redundant setup on a budget?? Date: Tue, 24 Jul 2001 16:06:35 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > -----Original Message----- > From: Tony Saign [mailto:tony@saignon.net] > > We are a VERY small outfit, (with limited funds as well) and > I would like > to provide a somewhat fault tolerant setup, can anyone offer > some advice??? > > My question is this: > Given the fact that we have 2 systems available what would > the easiest way > to accomplish an 'automated' rollover of services?? > Could the machines be somehow synchronized, similar to the PDC/BDC NT > model?? I would suggest clustering the two machines... Why leave a backup machine running all the time with nothing to do while it could reduce the load on the first server? A standby backup machine will most probably come up and then you discover that it's configured badly or doesn't work and you didn't notice. I'm also thinking of doing this... I'm in the same kind of situation... Have no experience yet with clustering... -- Enriko Groen, Hosting manager -------------------------------------------------------- netivity bv www.netivity.nl enriko.groen@netivity.nl 038 - 850 1000 van nagellstraat 4 8011 eb zwolle -------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 7:18: 4 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.wrdp.com (harp.dublin.wrdp.net [212.147.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 191A037B401 for ; Tue, 24 Jul 2001 07:18:02 -0700 (PDT) (envelope-from jraftery@wrdp.com) Received: from jraftery (dhcp-0-142.dublin.wrdp.net [172.16.0.142]) by mail.wrdp.com (Postfix) with SMTP id 327F22D786 for ; Tue, 24 Jul 2001 14:18:00 +0000 (GMT) From: "James Raftery" To: Subject: RE: Can someone do me a favor? Date: Tue, 24 Jul 2001 15:18:00 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Did you use allow-recursion or allow-query? All are providing non-recursive service to me, which suggests allow-recursion rather than allow-query. If you're sure you used allow-query, did you reconfig/reload named? Can you put your named.conf somewhere where we can get a look at it? Regards, james -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Drew J. Weaver Sent: 24 July 2001 14:48 To: 'freebsd-isp@freebsd.org' Subject: Can someone do me a favor? try and resolve through any of these dns servers 206.222.1.2, 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2 I just implemented the allow-query command in my named.conf on all of these servers and much to my shygrin i dont think its actually limiting anything? It appears to still be wide open. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 7:34:26 2001 Delivered-To: freebsd-isp@freebsd.org Received: from relay.tecc.co.uk (luggage.tecc.co.uk [193.128.6.129]) by hub.freebsd.org (Postfix) with SMTP id A559837B405 for ; Tue, 24 Jul 2001 07:34:22 -0700 (PDT) (envelope-from andy@tecc.co.uk) Received: from southampton [195.217.37.155] by relay.tecc.co.uk with smtp (Exim 1.70 #1) id 15P3GP-0001tZ-00; Tue, 24 Jul 2001 15:34:21 +0100 From: "Andy" To: "Enriko Groen" , "'Tony Saign'" , Subject: RE: Redundant setup on a budget?? Date: Tue, 24 Jul 2001 15:34:21 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 In-Reply-To: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I would suggest clustering the two machines... > Why leave a backup machine running all the time with nothing to > do while it > could reduce the load on the first server? This great till one keels over and then the other one must take the load (which you failed to monitor) then, under 2x stress you didn't account for, boom, no servers as the one on it's own dies under stress. Been there, bought the hat thanks. I use the previous method. However, once in a while I whip out the ethernet cable of the main server, if your backup's screwed you soon know, your expecting a problem remember. Good if the backup kicks in fine. If it doesn't at least at that point 2sec sfter shoving the cable back your in business and just leaving you to fix a bust backup server ;) Regards Andy, as they say PPPPPP > > A standby backup machine will most probably come up and then you discover > that it's configured badly or doesn't work and you didn't notice. > > I'm also thinking of doing this... I'm in the same kind of situation... > Have no experience yet with clustering... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 7:41:10 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id EA64E37B401 for ; Tue, 24 Jul 2001 07:41:03 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P3M9-000GMB-00; Tue, 24 Jul 2001 15:40:17 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P3Nz-000BLL-00; Tue, 24 Jul 2001 15:42:11 +0100 Date: Tue, 24 Jul 2001 15:42:11 +0100 From: Paul Robinson To: Enriko Groen Cc: 'Tony Saign' , freebsd-isp@freebsd.org Subject: Re: Redundant setup on a budget?? Message-ID: <20010724154211.C34017@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS>; from enriko.groen@netivity.nl on Tue, Jul 24, 2001 at 04:06:35PM +0200 X-Scanner: exiscan *15P3M9-000GMB-00*$AK$BZ5F8w2MAF0GfacjPZsTK0* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Enriko Groen wrote: > I'm also thinking of doing this... I'm in the same kind of situation... > Have no experience yet with clustering... Apart from homebrew proprietary systems, I'm in a similar position. freebsd-clustering seems a rather quiet list (to say the least!) so I've started digging around on my own. Due out next month is this: http://www.oreilly.com/catalog/serverload/ which might be worth a read. I've already put in my pre-order with Amazon.co.uk, so if it's any good when it comes out, I'll let you know. The way I see it, I'm loathed to spend Ģ20k+ for a decent L4 load balancing switch, when I'm sure there has to be software out there to do as good a job for FreeBSD. I just haven't found it, which means I might have to sit down and look at writing it. Polyserve offer a commercial solution and I believe that a copy of their software is shipped with an eval license if you buy FBSD CDs from Walnut Creek, but I've never played with it. I have however seen it demo'ed at a trade show in London, and to me it looked more suited for the primary/backup configuration, that I also don't wish to use. I have a huge workload on at the moment, but on the bottom of the pile is to dedicate some time to playing with clustering stuff like web, mail and mysql servers under FBSD, documenting up the experience, and putting it up somewhere public. Until that point, do any of you guys have any resources, or even better, whitepapers or (gasp!) software for FreeBSD clustering? Perhaps we should move off to -clustering and continue this... anybody? -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:40:39 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.cableaz.com (mail.cableaz.com [63.241.154.20]) by hub.freebsd.org (Postfix) with ESMTP id E3BB737B406 for ; Tue, 24 Jul 2001 08:40:36 -0700 (PDT) (envelope-from jeremy@cableaz.com) Received: from caz ([63.241.150.19]) by mail.cableaz.com (Build 101 8.9.3/NT-8.9.3) with SMTP id IAA13741 for ; Tue, 24 Jul 2001 08:39:03 -0700 Message-ID: <000701c11456$8e3893a0$1396f13f@caz> From: "Jeremy Buckner" To: Subject: Web Caching Engine Date: Tue, 24 Jul 2001 08:37:32 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Has anyone ever used/configured FreeBSD as a web caching engine. Can it be done or do I have to buy the $50,000 Cisco product? Also it be seamless to my customers (no setting proxy settings or anything like that). Any ideas? Thanks, Jeremy Buckner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:47:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [204.244.213.49]) by hub.freebsd.org (Postfix) with ESMTP id 50C6037B40C for ; Tue, 24 Jul 2001 08:47:53 -0700 (PDT) (envelope-from tom@sdf.com) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 15P481-0001T3-00; Tue, 24 Jul 2001 08:29:45 -0700 Date: Tue, 24 Jul 2001 08:29:43 -0700 (PDT) From: Tom Samplonius To: Jeremy Buckner Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine In-Reply-To: <000701c11456$8e3893a0$1396f13f@caz> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 24 Jul 2001, Jeremy Buckner wrote: > Has anyone ever used/configured FreeBSD as a web caching > engine. Can it be done or do I have to buy the $50,000 Cisco > product? Also it be seamless to my customers (no setting > proxy settings or anything like that). Any ideas? > Uhh... does Cisco make a cache? They make load balances, and content aware switches, but their cache product certainly isn't well known if it exists. If people are putting in dedicated caches, they go with NetApp NetCaches, or CacheFlow. You can do something similar in FreeBSD. You do transparent cache redirection, and Squid can do the caching. You will not get the request per second rates that a NetApp or CacheFlow can do, but if your site isn't large, no one will know the difference. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:48: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 616C037B409 for ; Tue, 24 Jul 2001 08:47:43 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 72660 invoked from network); 24 Jul 2001 15:47:51 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 24 Jul 2001 15:47:51 -0000 Message-ID: <007a01c11457$f7385920$0d00a8c0@alexus> From: "alexus" To: "Drew J. Weaver" , References: Subject: Re: Can someone do me a favor? Date: Tue, 24 Jul 2001 11:47:38 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0077_01C11436.6FDA46D0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0077_01C11436.6FDA46D0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Can someone do me a favor?alexus@~# host 206.222.1.2 2.1.222.206.IN-ADDR.ARPA domain name pointer dns2.ee.net alexus@~# host 206.222.1.3 3.1.222.206.IN-ADDR.ARPA domain name pointer dns3.ee.net alexus@~# host 209.51.192.194 194.192.51.209.IN-ADDR.ARPA domain name pointer = ns1.netservice.columbus-nap.net alexus@~# host 206.222.1.4 =20 4.1.222.206.IN-ADDR.ARPA domain name pointer dns4.ee.net alexus@~# host 209.51.193.2 2.193.51.209.IN-ADDR.ARPA domain name pointer dns1.ee.net alexus@~#=20 allow-query has nothin to do with trying to resolve it.. allow query = only limit ips from using your ns let's say if you only put your ip, you'll be the only one who can query = your ns..=20 read how dns works.. ----- Original Message -----=20 From: Drew J. Weaver=20 To: 'freebsd-isp@freebsd.org'=20 Sent: Tuesday, July 24, 2001 9:48 AM Subject: Can someone do me a favor? try and resolve through any of these dns servers=20 206.222.1.2, 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2=20 I just implemented the allow-query command in my named.conf on all of = these servers and much to my shygrin i dont think its actually limiting = anything? It appears to still be wide open.=20 -Drew=20 ------=_NextPart_000_0077_01C11436.6FDA46D0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Can someone do me a favor?
alexus@~# host=20 206.222.1.2
2.1.222.206.IN-ADDR.ARPA domain name pointer=20 dns2.ee.net
alexus@~# host 206.222.1.3
3.1.222.206.IN-ADDR.ARPA = domain=20 name pointer dns3.ee.net
alexus@~# host=20 209.51.192.194
194.192.51.209.IN-ADDR.ARPA domain name pointer=20 ns1.netservice.columbus-nap.net
alexus@~# host = 206.222.1.4  =20
4.1.222.206.IN-ADDR.ARPA domain name pointer = dns4.ee.net
alexus@~# host=20 209.51.193.2
2.193.51.209.IN-ADDR.ARPA domain name pointer=20 dns1.ee.net
alexus@~#
 
allow-query has nothin to do = with trying to=20 resolve it.. allow query only limit ips from using your ns
 
let's say if you only put your = ip, you'll=20 be the only one who can query your ns..
 
read how dns = works..
 
----- Original Message -----
From:=20 Drew J.=20 Weaver
Sent: Tuesday, July 24, 2001 = 9:48=20 AM
Subject: Can someone do me a = favor?

        try and = resolve=20 through any of these dns servers
206.222.1.2,=20 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2

I just implemented the allow-query command in my = named.conf on=20 all of these servers and much to my shygrin i dont think its actually = limiting=20 anything?

It appears to still be wide open.

-Drew =






------=_NextPart_000_0077_01C11436.6FDA46D0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:49: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 7EC4E37B409 for ; Tue, 24 Jul 2001 08:48:59 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P4Q6-000KV0-00; Tue, 24 Jul 2001 16:48:26 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P4Ry-000F08-00; Tue, 24 Jul 2001 16:50:22 +0100 Date: Tue, 24 Jul 2001 16:50:22 +0100 From: Paul Robinson To: Jeremy Buckner Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine Message-ID: <20010724165022.A57652@jake.akitanet.co.uk> References: <000701c11456$8e3893a0$1396f13f@caz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000701c11456$8e3893a0$1396f13f@caz>; from jeremy@cableaz.com on Tue, Jul 24, 2001 at 08:37:32AM -0700 X-Scanner: exiscan *15P4Q6-000KV0-00*$AK$ucCH2Sv9cniG2JJ/.EBjH0* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Jeremy Buckner wrote: > Has anyone ever used/configured FreeBSD as a web caching > engine. Can it be done or do I have to buy the $50,000 Cisco > product? Also it be seamless to my customers (no setting > proxy settings or anything like that). Any ideas? Take a look at squid. If you put it in transparent mode, it's behaviour is the same as expensive products. However, you may want to look at bakeoff results to see if it's powerful enough for what you need: http://cacheoff.ircache.net/ -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:52:48 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.cableaz.com (mail.cableaz.com [63.241.154.20]) by hub.freebsd.org (Postfix) with ESMTP id ECB5537B40C for ; Tue, 24 Jul 2001 08:52:43 -0700 (PDT) (envelope-from jeremy@cableaz.com) Received: from caz ([63.241.150.19]) by mail.cableaz.com (Build 101 8.9.3/NT-8.9.3) with SMTP id IAA13923; Tue, 24 Jul 2001 08:51:08 -0700 Message-ID: <002501c11458$3e331fe0$1396f13f@caz> From: "Jeremy Buckner" To: "Paul Robinson" Cc: References: <000701c11456$8e3893a0$1396f13f@caz> <20010724165022.A57652@jake.akitanet.co.uk> Subject: Re: Web Caching Engine Date: Tue, 24 Jul 2001 08:49:37 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I guess I should have included my intentions here. I have about 2000 cable modem customers and the number is going up. I need the caching engine to save bandwidth across the fiber when possible. ----- Original Message ----- From: "Paul Robinson" To: "Jeremy Buckner" Cc: Sent: Tuesday, July 24, 2001 8:50 AM Subject: Re: Web Caching Engine > On Jul 24, Jeremy Buckner wrote: > > > Has anyone ever used/configured FreeBSD as a web caching > > engine. Can it be done or do I have to buy the $50,000 Cisco > > product? Also it be seamless to my customers (no setting > > proxy settings or anything like that). Any ideas? > > Take a look at squid. If you put it in transparent mode, it's behaviour is > the same as expensive products. However, you may want to look at bakeoff > results to see if it's powerful enough for what you need: > > http://cacheoff.ircache.net/ > > -- > Paul Robinson ,--------------------------------------- > Technical Director @ Akita | A computer lets you make more mistakes > PO Box 604, Manchester, M60 3PR | than any other invention with the > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > | Tequila - Mitch Ratcliffe > `----- > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 8:56:46 2001 Delivered-To: freebsd-isp@freebsd.org Received: from crdras.crd.ge.COM (crdras.crd.GE.COM [192.35.44.7]) by hub.freebsd.org (Postfix) with ESMTP id 1665637B408 for ; Tue, 24 Jul 2001 08:56:39 -0700 (PDT) (envelope-from lapinski@crd.ge.com) Received: from crdras.crd.ge.COM (localhost [127.0.0.1]) by crdras.crd.ge.COM (18xxx/8.9.3/8.9.3) with ESMTP id LAA15704 for ; Tue, 24 Jul 2001 11:56:36 -0400 (EDT) Received: from crdns.crd.ge.com (crdns [3.1.7.107]) by crdras.crd.ge.COM (25/8.9.3/8.9.3) with ESMTP id LAA15695; Tue, 24 Jul 2001 11:56:30 -0400 (EDT) Received: from exc01crdge.crd.ge.com (exc01crdge.crd.ge.com [3.1.116.47]) by crdns.crd.ge.com (8.9.3/8.9.3) with ESMTP id LAA26437; Tue, 24 Jul 2001 11:56:38 -0400 (EDT) Received: by exc01crdge.crd.ge.com with Internet Mail Service (5.5.2653.19) id <391C1MN4>; Tue, 24 Jul 2001 11:56:24 -0400 Message-ID: From: "Lapinski, Michael (CRD)" To: "'alexus'" , "Drew J. Weaver" , freebsd-isp@FreeBSD.ORG Subject: RE: Can someone do me a favor? Date: Tue, 24 Jul 2001 11:56:22 -0400 X-Mailer: Internet Mail Service (5.5.2653.19) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "try and resolve through any of these dns servers " resolve through not resolve. read your email before responding to it.. -------------------------------------------------- Michael Lapinski Computer Scientist GE Corporate Research & Development Everything is on the Network and Everything is a Service. (http://www.oai.org/FIPER.html) -----Original Message----- From: alexus [mailto:ml@db.nexgen.com] Sent: Tuesday, July 24, 2001 11:48 AM To: Drew J. Weaver; freebsd-isp@FreeBSD.ORG Subject: Re: Can someone do me a favor? alexus@~# host 206.222.1.2 2.1.222.206.IN-ADDR.ARPA domain name pointer dns2.ee.net alexus@~# host 206.222.1.3 3.1.222.206.IN-ADDR.ARPA domain name pointer dns3.ee.net alexus@~# host 209.51.192.194 194.192.51.209.IN-ADDR.ARPA domain name pointer ns1.netservice.columbus-nap.net alexus@~# host 206.222.1.4 4.1.222.206.IN-ADDR.ARPA domain name pointer dns4.ee.net alexus@~# host 209.51.193.2 2.193.51.209.IN-ADDR.ARPA domain name pointer dns1.ee.net alexus@~# allow-query has nothin to do with trying to resolve it.. allow query only limit ips from using your ns let's say if you only put your ip, you'll be the only one who can query your ns.. read how dns works.. ----- Original Message ----- From: Drew J. Weaver To: 'freebsd-isp@freebsd.org' Sent: Tuesday, July 24, 2001 9:48 AM Subject: Can someone do me a favor? try and resolve through any of these dns servers 206.222.1.2, 206.222.1.3, 209.51.192.194, 206.222.1.4, 209.51.193.2 I just implemented the allow-query command in my named.conf on all of these servers and much to my shygrin i dont think its actually limiting anything? It appears to still be wide open. -Drew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 9: 2:45 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 5B30037B408 for ; Tue, 24 Jul 2001 09:02:38 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P4dO-000LTO-00; Tue, 24 Jul 2001 17:02:10 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P4fG-000Fpz-00; Tue, 24 Jul 2001 17:04:06 +0100 Date: Tue, 24 Jul 2001 17:04:06 +0100 From: Paul Robinson To: Jeremy Buckner Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine Message-ID: <20010724170406.A59797@jake.akitanet.co.uk> References: <000701c11456$8e3893a0$1396f13f@caz> <20010724165022.A57652@jake.akitanet.co.uk> <002501c11458$3e331fe0$1396f13f@caz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <002501c11458$3e331fe0$1396f13f@caz>; from jeremy@cableaz.com on Tue, Jul 24, 2001 at 08:49:37AM -0700 X-Scanner: exiscan *15P4dO-000LTO-00*$AK$tDO/ZUJJE1ZeAbuCf8EV31* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Jeremy Buckner wrote: > I guess I should have included my intentions here. I have > about 2000 cable modem customers and the number is going up. > I need the caching engine to save bandwidth across the fiber > when possible. So, are you talking about putting cacheing in on a small box on a customer's site, or before your uplink to your provider? If it's the latter, read my previous post. Go and read the paper for the third bakeoff. Decide which product is suitable for you. If you think Squid can handle it install it and test it. Personally, I would reccomend you spend time looking at all the other manufacturers and consider getting something faster than squid but cheaper than Cisco. Cisco is over-priced junk anyway, IMHO. (And yes, I know I'm going to get flamed to bits for expressing that opinion. Still...) -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 9: 9:24 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.cableaz.com (mail.cableaz.com [63.241.154.20]) by hub.freebsd.org (Postfix) with ESMTP id 2F83F37B401 for ; Tue, 24 Jul 2001 09:09:16 -0700 (PDT) (envelope-from jeremy@cableaz.com) Received: from caz ([63.241.150.19]) by mail.cableaz.com (Build 101 8.9.3/NT-8.9.3) with SMTP id JAA14164; Tue, 24 Jul 2001 09:07:40 -0700 Message-ID: <004d01c1145a$8dbefa00$1396f13f@caz> From: "Jeremy Buckner" To: "Paul Robinson" Cc: References: <000701c11456$8e3893a0$1396f13f@caz> <20010724165022.A57652@jake.akitanet.co.uk> <002501c11458$3e331fe0$1396f13f@caz> <20010724170406.A59797@jake.akitanet.co.uk> Subject: Re: Web Caching Engine Date: Tue, 24 Jul 2001 09:06:09 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Well, all of our customers are residential, no businesses. Everyone comes back to this office (the headend) and then to our provider and on to the Internet. We get charged according to the bandwidth consumption from us to them (AT&T) across our fiber. I just want to eliminate as much of that traffic as possible without re-configuring all my customers. Thanks for the advice I will begin my search.. Jeremy Buckner IT Administrator CableAmerica Corp. ----- Original Message ----- From: "Paul Robinson" To: "Jeremy Buckner" Cc: Sent: Tuesday, July 24, 2001 9:04 AM Subject: Re: Web Caching Engine > On Jul 24, Jeremy Buckner wrote: > > > I guess I should have included my intentions here. I have > > about 2000 cable modem customers and the number is going up. > > I need the caching engine to save bandwidth across the fiber > > when possible. > > So, are you talking about putting cacheing in on a small box on a customer's > site, or before your uplink to your provider? If it's the latter, read my > previous post. Go and read the paper for the third bakeoff. Decide which > product is suitable for you. If you think Squid can handle it install it and > test it. > > Personally, I would reccomend you spend time looking at all the other > manufacturers and consider getting something faster than squid but cheaper > than Cisco. Cisco is over-priced junk anyway, IMHO. (And yes, I know I'm > going to get flamed to bits for expressing that opinion. Still...) > > -- > Paul Robinson ,--------------------------------------- > Technical Director @ Akita | A computer lets you make more mistakes > PO Box 604, Manchester, M60 3PR | than any other invention with the > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > | Tequila - Mitch Ratcliffe > `----- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 9:18:34 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id AE06537B407 for ; Tue, 24 Jul 2001 09:18:29 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P4sb-000MT5-00; Tue, 24 Jul 2001 17:17:53 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P4uT-000GgX-00; Tue, 24 Jul 2001 17:19:49 +0100 Date: Tue, 24 Jul 2001 17:19:49 +0100 From: Paul Robinson To: Jeremy Buckner Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine Message-ID: <20010724171949.A62776@jake.akitanet.co.uk> References: <000701c11456$8e3893a0$1396f13f@caz> <20010724165022.A57652@jake.akitanet.co.uk> <002501c11458$3e331fe0$1396f13f@caz> <20010724170406.A59797@jake.akitanet.co.uk> <004d01c1145a$8dbefa00$1396f13f@caz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <004d01c1145a$8dbefa00$1396f13f@caz>; from jeremy@cableaz.com on Tue, Jul 24, 2001 at 09:06:09AM -0700 X-Scanner: exiscan *15P4sb-000MT5-00*$AK$/9AvLq6Cr3FzJ8JIYmOfj1* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Jeremy Buckner wrote: > Well, all of our customers are residential, no businesses. > Everyone comes back to this office (the headend) and then to > our provider and on to the Internet. We get charged > according to the bandwidth consumption from us to them > (AT&T) across our fiber. I just want to eliminate as much of > that traffic as possible without re-configuring all my > customers. Thanks for the advice I will begin my search.. You've done it again. When you refer to being billed for bandwidth consumption to "them" it's not 100% clear if you're referring to customers or provider. I'm assuming you mean provider. On one of my last jobs we beta-tested quite a few of these boxes, and I think they settled on Novell kit. I would reccomend staying away from NetApp due to costs, but Squid might be able to do what you need. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 9:30:34 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 88AD637B403 for ; Tue, 24 Jul 2001 09:30:23 -0700 (PDT) (envelope-from LConrad@Go2France.com) Received: from mail.Go2France.com (ms1.meiway.com [212.73.210.73]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id AA05516B38 for ; Tue, 24 Jul 2001 18:30:21 +0200 (CEST) Received: from IBM-HIRXKN66F0W.Go2France.com [195.115.185.184] by mail.Go2France.com with ESMTP (SMTPD32-6.06) id A4C7162C020C; Tue, 24 Jul 2001 18:39:35 +0200 Message-Id: <5.1.0.14.0.20010724182634.035a0ff8@mail.Go2France.com> X-Sender: LConrad@Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 24 Jul 2001 18:31:15 +0200 To: freebsd-isp@freebsd.org From: Len Conrad Subject: Re: Can someone do me a favor? In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org For dig @testdns nytimes.com, I get > try and resolve through any of these dns servers >206.222.1.2 referral >206.222.1.3 referral >, 209.51.192.194 referral >, 206.222.1.4 connection refused >, 209.51.193.2 referral Len http://MenAndMice.com/DNS-training http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 9:35:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id E388937B40A for ; Tue, 24 Jul 2001 09:34:59 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6OGYMt54958; Tue, 24 Jul 2001 09:34:22 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Tue, 24 Jul 2001 09:34:22 -0700 Message-ID: <995992462.3b5da38ea5f8e@Mail.SavvyWorld.Net> Date: Tue, 24 Jul 2001 09:34:22 -0700 To: Andy Cc: Lawrence Farr , "'Tony Saign'" , freebsd-isp@FreeBSD.ORG Subject: RE: Redundant setup on a budget?? References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks, Andy. That is really strange. I don't have it in current and I'm supping everything daily and building world. :-( I don't really understand. I've got to be missing something really stupid. Would it be too much to ask for you to send me the port in a tgz? I'd really like to try it. Thanks, ed Quoting Andy : | It's in the ports as of 4.3-RELEASE | The one you mention is the Linux version | which doesn't run on fBSD. The vrrpd in | the ports I mentions *is* the Linux version | ported to fBSD with it's GPL intact ;) | | Regards | Andy | | > -----Original Message----- | > From: owner-freebsd-isp@FreeBSD.ORG | > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Edwin Culp | > Sent: 24 July 2001 14:13 | > To: Andy | > Cc: Lawrence Farr; 'Tony Saign'; freebsd-isp@FreeBSD.ORG | > Subject: RE: Redundant setup on a budget?? | > | > | > Quoting Andy : | > | > | > Have it set to another IP, and if it can't ping the first one for 2 | > | > minutes | > | > or whatever time you fancy, do an ifconfig to take the main | > machines IP, | > | > and restart | > | > all your services. | > | > | > | > Or even easier echo the new IP to the end of rc.conf and reboot! | > | | > | /usr/ports/net/vrrpd | > | > I didn't find it in ports but I did find it at | > http://w3.arobas.net/~jetienne/vrrpd/ | > and it sounds as like a good potential solution. | > | > ed | > | | > | why wait two minutes when it can be done in 2 seconds ;) | > | | > | Regards | > | Andy | > | | > | | > | > We are a VERY small outfit, (with limited funds as well) and I | > | > would like to provide a somewhat fault tolerant setup, can | > | > anyone offer some advice??? | > | > | > | > Currently have 1 FreeBSD 4.3 machine providing web, email, and | > | > secondary DNS services. I have another identical 2 system ready | > | > @ a moments notice to replace the primary in the event of a | > | > hardware problem. I tested this out, I can simply dump the last | > | > good backup on it, and to my surprise everything looks good! | > | > | > | > My question is this: | > | > Given the fact that we have 2 systems available what would the | > | > easiest way to accomplish an 'automated' rollover of services?? | > | > Could the machines be somehow synchronized, similar to the | > | > PDC/BDC NT model?? | > | > | > | > I can do this in a Windows NT (YUK!!!!!!) environment, but have | > | > limited experience with BSD. I am in process of removing our NT | > | > server!!!!! :) (happy happy joy joy!) | > | > | > | > Feel free to offer advice off-list, it would be GREATLY appreciated. | > | > | > | > THANK YOU in advance, | > | > | > | > -Tony | > | | > | | > | To Unsubscribe: send mail to majordomo@FreeBSD.org | > | with "unsubscribe freebsd-isp" in the body of the message | > | | > | > ----------------------------------------------------------------------- | > The illiterate of the 21st century will not be | > those who cannot read and write, | > but those who cannot learn, unlearn and relearn. | > --Alvin Toffler | > | > To Unsubscribe: send mail to majordomo@FreeBSD.org | > with "unsubscribe freebsd-isp" in the body of the message | > | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 10:14: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id 9E9BA37B50B for ; Tue, 24 Jul 2001 10:13:55 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6OHDmp55383; Tue, 24 Jul 2001 10:13:48 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Tue, 24 Jul 2001 10:13:48 -0700 Message-ID: <995994828.3b5daccc8a259@Mail.SavvyWorld.Net> Date: Tue, 24 Jul 2001 10:13:48 -0700 To: Jeremy Buckner Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine References: <000701c11456$8e3893a0$1396f13f@caz> In-Reply-To: <000701c11456$8e3893a0$1396f13f@caz> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Squid works well for me. It's in ports. ed Quoting Jeremy Buckner : | Has anyone ever used/configured FreeBSD as a web caching | engine. Can it be done or do I have to buy the $50,000 Cisco | product? Also it be seamless to my customers (no setting | proxy settings or anything like that). Any ideas? | | Thanks, | Jeremy Buckner | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-isp" in the body of the message | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 10:28:18 2001 Delivered-To: freebsd-isp@freebsd.org Received: from dell.nexicom.net (dell.nexicom.net [216.168.96.13]) by hub.freebsd.org (Postfix) with ESMTP id 9B83C37B403 for ; Tue, 24 Jul 2001 10:28:12 -0700 (PDT) (envelope-from pauls@nexicom.net) Received: (from root@localhost) by dell.nexicom.net (8.11.1/8.11.1) id f6OHNRr06193; Tue, 24 Jul 2001 13:23:27 -0400 Received: from mail.nexicom.net (mail.nexicom.net [216.168.96.10]) by dell.nexicom.net (8.11.3/8.11.1) with ESMTP id f6OHNOQ06083; Tue, 24 Jul 2001 13:23:25 -0400 Received: from pauls (nexredback-216-168-107-112.nexicom.net [216.168.107.112] (may be forged)) by mail.nexicom.net (8.11.1/8.11.1) with SMTP id f6OHS8D10255; Tue, 24 Jul 2001 13:28:08 -0400 (EDT) From: Paul Stewart To: "Jeremy Buckner" , Subject: RE: Web Caching Engine Date: Tue, 24 Jul 2001 13:25:43 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <000701c11456$8e3893a0$1396f13f@caz> Importance: Normal Nexicom: scanned by Inflex 1.0.6 - (http://pldaniels.com/inflex/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Personally, I would buy a good layer 4 switch (Foundry is my personal favourite) and then run an array of Squid boxes peering off one another... We run three caching servers here with a Foundry switch. They get fed information via Cidera sattelite and also via Akomi boxes as well... works great! :) We used to have a Cacheflow system in place which wasn't nearly as effecient as the Squid system. Paul -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jeremy Buckner Sent: July 24, 2001 11:38 AM To: freebsd-isp@FreeBSD.ORG Subject: Web Caching Engine Has anyone ever used/configured FreeBSD as a web caching engine. Can it be done or do I have to buy the $50,000 Cisco product? Also it be seamless to my customers (no setting proxy settings or anything like that). Any ideas? Thanks, Jeremy Buckner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 10:28:21 2001 Delivered-To: freebsd-isp@freebsd.org Received: from everest.wananchi.com (everest.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id E191437B401 for ; Tue, 24 Jul 2001 10:28:11 -0700 (PDT) (envelope-from wash@wananchi.com) Received: from wash by everest.wananchi.com with local (Exim 3.31 #5) id 15P5yX-000GMq-00 for freebsd-isp@FreeBSD.org; Tue, 24 Jul 2001 20:28:05 +0300 Date: Tue, 24 Jul 2001 20:28:05 +0300 From: Odhiambo Washington To: FBSD-ISP Subject: Another Favor request with RADIUS Message-ID: <20010724202805.B90847@everest.wananchi.com> Mail-Followup-To: Odhiambo Washington , FBSD-ISP Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ZmUaFz6apKcXQszQ" Content-Disposition: inline User-Agent: Mutt/1.3.19i X-Disclaimer: My opinions do not necessarily represent those of my employer. X-Operating-System: FreeBSD 4.3-STABLE i386 X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 8:03PM up 4 days, 2:25, 1 user, load averages: 1.17, 0.56, 0.27 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --ZmUaFz6apKcXQszQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable With the vast amount of experience available on this list, I hope someone has at least used some proprietary software called EXTENT RBS (For ISPs) and some legacy equipment from Livingston called Portmaster 2E. I've spent most of my life with Portmaster 2E and was whistling all the way home when my boss decide that we can now advance to Cisco Access Servers. Due to some emergency my boss dumped another Portmaster 2E and a USR Modem rack into my office. Being the boss he says there are 20 phone lines lying idle and what I need to do is to get the portmaster accepting dialins. Now I run this RBS Stuff (sorry, it only runs on Linux) and it works superb with the Cisco 3600 Access Servers. Not with the portmaster. I am not inexperienced with the Portmaster but this one has gotten me stumped. When I do test runs, the modems handshake okay but authentication fails. I have configured the Portmaster well, with a share secret btn it and the RBS Radius Server. I've also read the RBS manual once again and exhausted all pages talking about the Livingston product. Nothing shows even on the logs for the RBS Radius server. I am suspecting a port mismatch between the Portmaster and the RBS.=20 While that is simple suspicion, I've read some very nice portmaster manuals at www.express.ru/docs/ but still can't seem to find a setting to change the port the Portmaster is using to communicate. My memory seems to have fast faded but I think the portmaster uses port 1645 UDP for radius auth. Can someone verify this? RBS uses port 1812 (auth) and 1813 (accounting). Portmaster has ComOS 3.5 but I can upgrade. I need some help, if someone has any ideas. MTIA -Wash -- Odhiambo Washington Wananchi Online Ltd., wash@wananchi.com 1st Flr Loita Hse. Tel: 254 2 313985 Loita Street., Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE. Don't marry for money; you can borrow it cheaper.=20 -Scottish Proverb=20 --ZmUaFz6apKcXQszQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XbAln7LIsuxjem8RApwGAKCRyKuTCH8O9fyeDy03A2g/ZThp9ACfWYtx UyXygH5UCN2T9EV+ibTNHdE= =vN4M -----END PGP SIGNATURE----- --ZmUaFz6apKcXQszQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 10:41:22 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id D90DA37B405 for ; Tue, 24 Jul 2001 10:41:19 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P6AH-0001sB-00; Tue, 24 Jul 2001 18:40:13 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P6CA-000LRG-00; Tue, 24 Jul 2001 18:42:10 +0100 Date: Tue, 24 Jul 2001 18:42:10 +0100 From: Paul Robinson To: Paul Stewart Cc: Jeremy Buckner , freebsd-isp@freebsd.org Subject: Re: Web Caching Engine Message-ID: <20010724184210.A81356@jake.akitanet.co.uk> References: <000701c11456$8e3893a0$1396f13f@caz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ; from pauls@nexicom.net on Tue, Jul 24, 2001 at 01:25:43PM -0400 X-Scanner: exiscan *15P6AH-0001sB-00*$AK$su8OGjjtJHcypOShN5bEw/* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Paul Stewart wrote: > Personally, I would buy a good layer 4 switch (Foundry is my personal > favourite) and then run an array of Squid boxes peering off one another... Do you know if there is any code that will allow you to do L4 switching with a FreeBSD box and a bunch of NICs? Foundry is pricey considering what it is, and in my expereince they tend to fall over quite a bit. Although last time I played with them, they were brand new and effectively we had beta units. Some time ago now. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 10:45:53 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 79B9E37B407 for ; Tue, 24 Jul 2001 10:45:50 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P6ES-000252-00; Tue, 24 Jul 2001 18:44:32 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P6GM-000Le3-00; Tue, 24 Jul 2001 18:46:30 +0100 Date: Tue, 24 Jul 2001 18:46:30 +0100 From: Paul Robinson To: Odhiambo Washington Cc: FBSD-ISP Subject: Re: Another Favor request with RADIUS Message-ID: <20010724184630.B81356@jake.akitanet.co.uk> References: <20010724202805.B90847@everest.wananchi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <20010724202805.B90847@everest.wananchi.com>; from wash@wananchi.com on Tue, Jul 24, 2001 at 08:28:05PM +0300 X-Scanner: exiscan *15P6ES-000252-00*$AK$o1IwfaX3V3.pVB1fLEilN0* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Odhiambo Washington wrote: > change the port the Portmaster is using to communicate. My memory seems to > have fast faded but I think the portmaster uses port 1645 UDP for radius > auth. Can someone verify this? RBS uses port 1812 (auth) and 1813 > (accounting). Portmaster has ComOS 3.5 but I can upgrade. A lot of older kit uses the lower ports, newer stuff uses the (correct) higher ports, and I don't know about linux (this being freebsd-isp) but I know /etc/services on FBSD has had the higher ports set for RADIUS use by default, and has done since at least 3.2-RELEASE. I don't know about Portmaster in particular so can't advise as to how you can get it to use different ports (should be in the RADIUS server config, or at least it is on stuff like CVX with which I am a bit more au fait), but had you considered changing the ports this RBS uses. I would imagine it might just be pulling the port numbers from /etc/services Hope you get it up and running soon. --=20 Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the=20 T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 11: 5: 8 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mercury.jorsm.com (mercury.jorsm.com [207.112.128.9]) by hub.freebsd.org (Postfix) with ESMTP id 8D42037B401 for ; Tue, 24 Jul 2001 11:05:06 -0700 (PDT) (envelope-from jeff@mercury.jorsm.com) Received: by mercury.jorsm.com (Postfix, from userid 101) id A5731E4AA9; Tue, 24 Jul 2001 13:05:02 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by mercury.jorsm.com (Postfix) with ESMTP id 96A3BE0C36; Tue, 24 Jul 2001 13:05:02 -0500 (CDT) Date: Tue, 24 Jul 2001 13:05:02 -0500 (CDT) From: Jeff Lynch To: Paul Robinson Cc: freebsd-isp@freebsd.org Subject: Re: Web Caching Engine In-Reply-To: <20010724184210.A81356@jake.akitanet.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 24 Jul 2001, Paul Robinson wrote: > On Jul 24, Paul Stewart wrote: > > > Personally, I would buy a good layer 4 switch (Foundry is my personal > > favourite) and then run an array of Squid boxes peering off one another... > > Do you know if there is any code that will allow you to do L4 switching with > a FreeBSD box and a bunch of NICs? Foundry is pricey considering what it is, > and in my expereince they tend to fall over quite a bit. Although last time > I played with them, they were brand new and effectively we had beta > units. Some time ago now. You might try Coyote Point Systems Equalizer or FreeQualizer. Disclaimer, we don't have any experiences with either, so this is not necessarily a recommendation but something to take a look at. --jeff ============================================================================ Jeffrey A. Lynch | JORSM Internet, Regional Internet Services email: jeff@jorsm.com | 7 Area Codes in Chicagoland and NW Indiana Voice: (219)322-2180 | 100Mbps+ Connectivity, 56K-DS3, V.90, ISDN Autoresponse: info@jorsm.com | Quality Service, Affordable Prices http://www.jorsm.com | Serving Gov, Biz, Residential Since 1995 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 12: 2: 1 2001 Delivered-To: freebsd-isp@freebsd.org Received: from inu.net (mail.inu.net [63.151.4.24]) by hub.freebsd.org (Postfix) with ESMTP id D6CD237B406 for ; Tue, 24 Jul 2001 12:01:54 -0700 (PDT) (envelope-from bob@buckhorn.net) Received: from buckhorn.net [63.151.3.239] by inu.net with ESMTP (SMTPD32-5.05) id A2A1830D010C; Tue, 24 Jul 2001 13:46:57 -0500 Message-ID: <3B5DC296.2004DE71@buckhorn.net> Date: Tue, 24 Jul 2001 13:46:46 -0500 From: Bob Martin Reply-To: bob@inu.net X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.2-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Odhiambo Washington Cc: FBSD-ISP Subject: Re: Another Favor request with RADIUS References: <20010724202805.B90847@everest.wananchi.com> Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Odhiambo Washington wrote: > > With the vast amount of experience available on this list, I hope someone > has at least used some proprietary software called EXTENT RBS (For > ISPs) and some legacy equipment from Livingston called Portmaster 2E. > > I've spent most of my life with Portmaster 2E and was whistling all the > way home when my boss decide that we can now advance to Cisco Access > Servers. Due to some emergency my boss dumped another Portmaster 2E and a > USR Modem rack into my office. Being the boss he says there are 20 phone > lines lying idle and what I need to do is to get the portmaster accepting > dialins. > > Now I run this RBS Stuff (sorry, it only runs on Linux) and it works > superb with the Cisco 3600 Access Servers. > > Not with the portmaster. I am not inexperienced with the Portmaster but > this one has gotten me stumped. When I do test runs, the modems handshake > okay but authentication fails. I have configured the Portmaster well, with > a share secret btn it and the RBS Radius Server. I've also read the RBS > manual once again and exhausted all pages talking about the Livingston > product. Nothing shows even on the logs for the RBS Radius server. > > I am suspecting a port mismatch between the Portmaster and the RBS. > While that is simple suspicion, I've read some very nice portmaster > manuals at www.express.ru/docs/ but still can't seem to find a setting to > change the port the Portmaster is using to communicate. My memory seems to > have fast faded but I think the portmaster uses port 1645 UDP for radius > auth. Can someone verify this? RBS uses port 1812 (auth) and 1813 > (accounting). Portmaster has ComOS 3.5 but I can upgrade. > > I need some help, if someone has any ideas. > > MTIA > > -Wash > Your PM2's use the old numbers, 1645/1646 IIRC, the PM Console software will let you change this. -- Bob Martin, CTO InterNet Unlimited http://www.inu.net mailto:bob@inu.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 12:30: 9 2001 Delivered-To: freebsd-isp@freebsd.org Received: from dell.nexicom.net (dell.nexicom.net [216.168.96.13]) by hub.freebsd.org (Postfix) with ESMTP id 69B9037B406 for ; Tue, 24 Jul 2001 12:30:00 -0700 (PDT) (envelope-from pauls@nexicom.net) Received: (from root@localhost) by dell.nexicom.net (8.11.1/8.11.1) id f6OJPEN15434; Tue, 24 Jul 2001 15:25:14 -0400 Received: from mail.nexicom.net (mail.nexicom.net [216.168.96.10]) by dell.nexicom.net (8.11.3/8.11.1) with ESMTP id f6OJPCQ15332; Tue, 24 Jul 2001 15:25:13 -0400 Received: from pauls (nexredback-216-168-107-112.nexicom.net [216.168.107.112] (may be forged)) by mail.nexicom.net (8.11.1/8.11.1) with SMTP id f6OJTuD18637; Tue, 24 Jul 2001 15:29:56 -0400 (EDT) From: Paul Stewart To: "Jeff Lynch" , "Paul Robinson" Cc: Subject: RE: Web Caching Engine Date: Tue, 24 Jul 2001 15:27:29 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Nexicom: scanned by Inflex 1.0.6 - (http://pldaniels.com/inflex/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org One other thing is that Squid in particular has a web accelator mode that I haven't personally played with. If you install two NIC's and route between them, Squid is supposed to be able to transparently cache on whatever ports you tell it... I may have misunderstood this option, but it's worth looking into as well..:) Paul -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jeff Lynch Sent: July 24, 2001 2:05 PM To: Paul Robinson Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Web Caching Engine On Tue, 24 Jul 2001, Paul Robinson wrote: > On Jul 24, Paul Stewart wrote: > > > Personally, I would buy a good layer 4 switch (Foundry is my personal > > favourite) and then run an array of Squid boxes peering off one another... > > Do you know if there is any code that will allow you to do L4 switching with > a FreeBSD box and a bunch of NICs? Foundry is pricey considering what it is, > and in my expereince they tend to fall over quite a bit. Although last time > I played with them, they were brand new and effectively we had beta > units. Some time ago now. You might try Coyote Point Systems Equalizer or FreeQualizer. Disclaimer, we don't have any experiences with either, so this is not necessarily a recommendation but something to take a look at. --jeff ============================================================================ Jeffrey A. Lynch | JORSM Internet, Regional Internet Services email: jeff@jorsm.com | 7 Area Codes in Chicagoland and NW Indiana Voice: (219)322-2180 | 100Mbps+ Connectivity, 56K-DS3, V.90, ISDN Autoresponse: info@jorsm.com | Quality Service, Affordable Prices http://www.jorsm.com | Serving Gov, Biz, Residential Since 1995 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 12:51:35 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id EB3F437B403 for ; Tue, 24 Jul 2001 12:51:32 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 75673 invoked from network); 24 Jul 2001 19:51:41 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 24 Jul 2001 19:51:41 -0000 Message-ID: <009601c1147a$06eb15c0$0d00a8c0@alexus> From: "alexus" To: Subject: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 15:51:27 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think it'd be whole a lot different) but anyway.. I went to http://www.livingston.com/ and i was confused due to they have version for linux for other os but not for FreeBSD.. anyone dealt with that? any suggestions? (besides using ports/packages) Thank you in advance To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 12:55: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtp.kka.com (smtp.kka.com [63.141.65.2]) by hub.freebsd.org (Postfix) with ESMTP id BE35F37B401 for ; Tue, 24 Jul 2001 12:55:04 -0700 (PDT) (envelope-from Eric_Stanfield@kenokozie.com) Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE To: "alexus" Cc: freebsd-isp@freebsd.org X-Mailer: Lotus Notes Release 5.0.2a November 23, 1999 Message-ID: From: Eric_Stanfield@kenokozie.com Date: Tue, 24 Jul 2001 14:53:31 -0500 X-MIMETrack: Serialize by Router on Notes1st/Keno(Release 5.0.4 |June 8, 2000) at 07/24/2001 02:53:34 PM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Cistron works great for me (Max dial-in units). -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eric Stanfield, K2Access Keno Kozie Associates 222 N LaSalle #1500 Chicago, IL 60606 (312) 332-3000 "alexus" To: Sent by: cc: owner-freebsd-isp@F Subject: RADIUS server on FreeBSD 4.x-RELEASE reeBSD.ORG 07/24/01 02:51 PM Hello I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think it'd be whole a lot different) but anyway.. I went to http://www.livingston.com/ and i was confused due to they have version for linux for other os but not for FreeBSD.. anyone dealt with that? any suggestions? (besides using ports/packages) Thank you in advance To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 13: 0: 6 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 5043437B405 for ; Tue, 24 Jul 2001 13:00:01 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 75871 invoked from network); 24 Jul 2001 20:00:10 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 24 Jul 2001 20:00:10 -0000 Message-ID: <004101c1147b$366583c0$0d00a8c0@alexus> From: "alexus" To: Cc: References: Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 15:59:56 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org is there any difference between http://www.freeradius.org/ and http://www.livingston.com/ ? which one should i choice? ----- Original Message ----- From: To: "alexus" Cc: Sent: Tuesday, July 24, 2001 3:53 PM Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > > Cistron works great for me (Max dial-in units). > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > Eric Stanfield, K2Access > Keno Kozie Associates > 222 N LaSalle #1500 > Chicago, IL 60606 > (312) 332-3000 > > > > > > "alexus" > To: > Sent by: cc: > owner-freebsd-isp@F Subject: RADIUS server on FreeBSD 4.x-RELEASE > reeBSD.ORG > > > 07/24/01 02:51 PM > > > > > > Hello > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think > it'd > be whole a lot different) but anyway.. > > I went to http://www.livingston.com/ and i was confused due to they have > version for linux for other os but not for FreeBSD.. > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Thank you in advance > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 13: 3: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailman.thenap.com (mailman.thenap.com [209.190.0.10]) by hub.freebsd.org (Postfix) with ESMTP id 8C8CA37B407 for ; Tue, 24 Jul 2001 13:02:58 -0700 (PDT) (envelope-from drew.weaver@thenap.com) Received: by mailman.thenap.com with Internet Mail Service (5.5.2653.19) id ; Tue, 24 Jul 2001 16:20:00 -0400 Message-ID: From: "Drew J. Weaver" To: 'alexus' , Eric_Stanfield@kenokozie.com Cc: freebsd-isp@freebsd.org Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 16:20:00 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C1147E.03CFA820" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C1147E.03CFA820 Content-Type: text/plain; charset="iso-8859-1" I suppose they all have different features and et cetera, I still use Merit 3.6B because i dont have time to try and figure out all of the annoyances in getting another Radius system working with our RAS. -Drew -----Original Message----- From: alexus [mailto:ml@db.nexgen.com] Sent: Tuesday, July 24, 2001 4:00 PM To: Eric_Stanfield@kenokozie.com Cc: freebsd-isp@freebsd.org Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE is there any difference between http://www.freeradius.org/ and http://www.livingston.com/ ? which one should i choice? ----- Original Message ----- From: To: "alexus" Cc: Sent: Tuesday, July 24, 2001 3:53 PM Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > > Cistron works great for me (Max dial-in units). > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > Eric Stanfield, K2Access > Keno Kozie Associates > 222 N LaSalle #1500 > Chicago, IL 60606 > (312) 332-3000 > > > > > > "alexus" > To: > Sent by: cc: > owner-freebsd-isp@F Subject: RADIUS server on FreeBSD 4.x-RELEASE > reeBSD.ORG > > > 07/24/01 02:51 PM > > > > > > Hello > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think > it'd > be whole a lot different) but anyway.. > > I went to http://www.livingston.com/ and i was confused due to they have > version for linux for other os but not for FreeBSD.. > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Thank you in advance > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message ------_=_NextPart_001_01C1147E.03CFA820 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: RADIUS server on FreeBSD 4.x-RELEASE

I suppose they all have different features and et = cetera, I still use Merit 3.6B because i dont have time to try and = figure out all of the annoyances in getting another Radius system = working with our RAS.

-Drew


-----Original Message-----
From: alexus [mailto:ml@db.nexgen.com]
Sent: Tuesday, July 24, 2001 4:00 PM
To: Eric_Stanfield@kenokozie.com
Cc: freebsd-isp@freebsd.org
Subject: Re: RADIUS server on FreeBSD = 4.x-RELEASE


is there any difference between http://www.freeradius.org/ and
http://www.livingston.com/ ?

which one should i choice?

----- Original Message -----
From: <Eric_Stanfield@kenokozie.com>
To: "alexus" = <ml@db.nexgen.com>
Cc: <freebsd-isp@freebsd.org>
Sent: Tuesday, July 24, 2001 3:53 PM
Subject: Re: RADIUS server on FreeBSD = 4.x-RELEASE


>
> Cistron works great for me (Max dial-in = units).
>
> = -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D= -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
>
> Eric Stanfield, K2Access
> Keno Kozie Associates
> 222 N LaSalle #1500
> Chicago, IL 60606
> (312) 332-3000
>
>
>
>
>
>          = ;           = "alexus"
>          = ;           = <ml@db.nexgen.com>        = To:
<freebsd-isp@FreeBSD.ORG>
>          = ;           Sent = by:           &nb= sp;       cc:
>          = ;           = owner-freebsd-isp@F        = Subject:     RADIUS server
on FreeBSD 4.x-RELEASE
>          = ;           = reeBSD.ORG
>
>
>          = ;           07/24/01 = 02:51 PM
>
>
>
>
>
> Hello
>
> I need to install RADIUS server on FreeBSD 4.2 = and/or 4.3 (I dont think
> it'd
> be whole a lot different) but anyway..
>
> I went to http://www.livingston.com/ and i was confused due = to they have
> version for linux for other os but not for = FreeBSD..
>
> anyone dealt with that? any suggestions? = (besides using ports/packages)
>
> Thank you in advance
>
>
> To Unsubscribe: send mail to = majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the = body of the message
>
>
>
>
>


To Unsubscribe: send mail to = majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body = of the message

------_=_NextPart_001_01C1147E.03CFA820-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 13:13:21 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 0B07737B406 for ; Tue, 24 Jul 2001 13:13:09 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 76019 invoked from network); 24 Jul 2001 20:13:17 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 24 Jul 2001 20:13:17 -0000 Message-ID: <001301c1147d$0b146cc0$0d00a8c0@alexus> From: "alexus" To: "Drew J. Weaver" , Cc: References: Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 16:13:02 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01C1145B.83BE22A0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0010_01C1145B.83BE22A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: RADIUS server on FreeBSD 4.x-RELEASEcan someone suggest any reviews = for most popular ones? ----- Original Message -----=20 From: Drew J. Weaver=20 To: 'alexus' ; Eric_Stanfield@kenokozie.com=20 Cc: freebsd-isp@freebsd.org=20 Sent: Tuesday, July 24, 2001 4:20 PM Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE I suppose they all have different features and et cetera, I still use = Merit 3.6B because i dont have time to try and figure out all of the = annoyances in getting another Radius system working with our RAS. -Drew=20 -----Original Message-----=20 From: alexus [mailto:ml@db.nexgen.com]=20 Sent: Tuesday, July 24, 2001 4:00 PM=20 To: Eric_Stanfield@kenokozie.com=20 Cc: freebsd-isp@freebsd.org=20 Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE=20 is there any difference between http://www.freeradius.org/ and=20 http://www.livingston.com/ ?=20 which one should i choice?=20 ----- Original Message -----=20 From: =20 To: "alexus" =20 Cc: =20 Sent: Tuesday, July 24, 2001 3:53 PM=20 Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE=20 >=20 > Cistron works great for me (Max dial-in units).=20 >=20 > = -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=20 >=20 > Eric Stanfield, K2Access=20 > Keno Kozie Associates=20 > 222 N LaSalle #1500=20 > Chicago, IL 60606=20 > (312) 332-3000=20 >=20 >=20 >=20 >=20 >=20 > "alexus"=20 > To:=20 =20 > Sent by: cc:=20 > owner-freebsd-isp@F Subject: RADIUS = server=20 on FreeBSD 4.x-RELEASE=20 > reeBSD.ORG=20 >=20 >=20 > 07/24/01 02:51 PM=20 >=20 >=20 >=20 >=20 >=20 > Hello=20 >=20 > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont = think=20 > it'd=20 > be whole a lot different) but anyway..=20 >=20 > I went to http://www.livingston.com/ and i was confused due to they = have=20 > version for linux for other os but not for FreeBSD..=20 >=20 > anyone dealt with that? any suggestions? (besides using = ports/packages)=20 >=20 > Thank you in advance=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org=20 > with "unsubscribe freebsd-isp" in the body of the message=20 >=20 >=20 >=20 >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org=20 with "unsubscribe freebsd-isp" in the body of the message=20 ------=_NextPart_000_0010_01C1145B.83BE22A0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: RADIUS server on FreeBSD 4.x-RELEASE
can someone suggest any reviews = for most=20 popular ones?
 
----- Original Message -----
From:=20 Drew J.=20 Weaver
To: 'alexus' ; Eric_Stanfield@kenokozie.com= =20
Sent: Tuesday, July 24, 2001 = 4:20=20 PM
Subject: RE: RADIUS server on = FreeBSD=20 4.x-RELEASE

I suppose they all have different features and et = cetera, I=20 still use Merit 3.6B because i dont have time to try and figure out = all of the=20 annoyances in getting another Radius system working with our = RAS.

-Drew


-----Original Message-----
From:=20 alexus [mailto:ml@db.nexgen.com]=20
Sent: Tuesday, July 24, 2001 4:00 PM =
To: Eric_Stanfield@kenokozie.com= =20
Cc: freebsd-isp@freebsd.org=20
Subject: Re: RADIUS server on FreeBSD = 4.x-RELEASE=20


is there any difference between http://www.freeradius.org/=20 and
http://www.livingston.com/ ?

which one should i choice?

----- Original Message -----
From:=20 <Eric_Stanfield@kenokozie.com>
To: = "alexus"=20 <ml@db.nexgen.com>
Cc:=20 <freebsd-isp@freebsd.org>
Sent: = Tuesday, July=20 24, 2001 3:53 PM
Subject: Re: RADIUS server = on FreeBSD=20 4.x-RELEASE


>
> Cistron works = great for me=20 (Max dial-in units).
>
>=20 = -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-= =3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=20
>
> Eric Stanfield, = K2Access
> Keno Kozie Associates =
> 222 N LaSalle #1500
> = Chicago, IL=20 60606
> (312) 332-3000
>
>
>=20
>
> =
>          =           =20 "alexus"
>          =           =20 = <ml@db.nexgen.com>         = To:
<freebsd-isp@FreeBSD.ORG> =
>          =           =20 Sent=20 = by:           &nbs= p;      =20 cc:
>          =           =20 owner-freebsd-isp@F       =20 Subject:     RADIUS server
on=20 FreeBSD 4.x-RELEASE
>          =           =20 reeBSD.ORG
>
>=20
>          =           =20 07/24/01 02:51 PM
>
>
>
>=20
>
> Hello =
>
> I need to install RADIUS = server on=20 FreeBSD 4.2 and/or 4.3 (I dont think
> = it'd=20
> be whole a lot different) but anyway.. =
>
> I went to http://www.livingston.com/=20 and i was confused due to they have
> = version for=20 linux for other os but not for FreeBSD..
>=20
> anyone dealt with that? any suggestions? = (besides using=20 ports/packages)
>
>=20 Thank you in advance
>
>
> To Unsubscribe: send mail = to=20 majordomo@FreeBSD.org
> with "unsubscribe = freebsd-isp" in the body of the message
>=20
>
> =
>
>


To Unsubscribe: send mail to = majordomo@FreeBSD.org=20
with "unsubscribe freebsd-isp" in the body of the=20 message

------=_NextPart_000_0010_01C1145B.83BE22A0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 13:54:14 2001 Delivered-To: freebsd-isp@freebsd.org Received: from sunny.fishnet.com (sunny.fishnet.com [209.150.200.6]) by hub.freebsd.org (Postfix) with ESMTP id 56BED37B403 for ; Tue, 24 Jul 2001 13:54:12 -0700 (PDT) (envelope-from mschlosser@eschelon.com) Received: from walleye.corp.fishnet.com (209.150.197.205) by sunny.fishnet.com (5.0.048) id 3B49D9C4000F980E; Tue, 24 Jul 2001 15:54:01 -0500 Received: by walleye.corp.fishnet.com with Internet Mail Service (5.5.2653.19) id ; Tue, 24 Jul 2001 15:57:31 -0500 Message-ID: <2FA3BA0C7551724CA6DDF4E345360505049E89@walleye.corp.fishnet.com> From: "Schlosser, Matt D." To: 'Jeremy Buckner' , "'freebsd-isp@FreeBSD.ORG'" Subject: RE: Web Caching Engine Date: Tue, 24 Jul 2001 15:57:30 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We use CacheFlow products. http://www.cacheflow.com/ As much as home-made is nice, a system designed for it seems to do best. These are great. -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jeremy Buckner Sent: Tuesday, July 24, 2001 10:38 AM To: freebsd-isp@FreeBSD.ORG Subject: Web Caching Engine Has anyone ever used/configured FreeBSD as a web caching engine. Can it be done or do I have to buy the $50,000 Cisco product? Also it be seamless to my customers (no setting proxy settings or anything like that). Any ideas? Thanks, Jeremy Buckner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 14:36:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 11C3237B403 for ; Tue, 24 Jul 2001 14:36:07 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15P9pb-000FhJ-00; Tue, 24 Jul 2001 22:35:07 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15P9rY-0008Oq-00; Tue, 24 Jul 2001 22:37:08 +0100 Date: Tue, 24 Jul 2001 22:37:08 +0100 From: Paul Robinson To: alexus Cc: freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010724223708.E83511@jake.akitanet.co.uk> References: <009601c1147a$06eb15c0$0d00a8c0@alexus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <009601c1147a$06eb15c0$0d00a8c0@alexus>; from ml@db.nexgen.com on Tue, Jul 24, 2001 at 03:51:27PM -0400 X-Scanner: exiscan *15P9pb-000FhJ-00*$AK$hL9pp3F6d/n5iB6DRNh.s/* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, alexus wrote: > Hello > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think it'd > be whole a lot different) but anyway.. > > I went to http://www.livingston.com/ and i was confused due to they have > version for linux for other os but not for FreeBSD.. > > anyone dealt with that? any suggestions? (besides using ports/packages) Suggestion number one: don't use Livingston RADIUS. The following have all been played with by myself, and although they require a bit of work to get up and running (all RADIUS software has a bit of a learning curve due to lack of proper documentation), they have all worked well for me in a production environment: Cistron - probably the most popular RADIUS server out there. Many of the ones below here are cistron-derived FreeRadius - promising work, technically "not suitable for production environments" but it seems quite stable to me ICRADIUS - specifically designed for users to exist in a MySQL table, so you get a web front-end to it. In addition, accounting goes to MySQL, so you can write code that produces nice stats quite quickly XTRadius - I have had very little experience with this, but this is by far the most flexible version providing you have time to write code. I haven't had a chance to benchmark it yet, but am planning to do soon to see how the external calls affect performance. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 15: 8:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from inet03.citec.qld.gov.au (inet03.citec.qld.gov.au [203.5.10.10]) by hub.freebsd.org (Postfix) with ESMTP id 9175737B405 for ; Tue, 24 Jul 2001 15:08:31 -0700 (PDT) (envelope-from sgcccdc@citec.qld.gov.au) Received: by inet03.citec.qld.gov.au; id IAA24303; Wed, 25 Jul 2001 08:08:29 +1000 (EST) Received: from citecub.citec.qld.gov.au( 131.242.4.98) by inet03.citec.qld.gov.au via smap (V2.0) id xma024227; Wed, 25 Jul 01 08:08:21 +1000 Received: from guru.citec.qld.gov.au by citecub.citec.qld.gov.au (SMI-8.6/SMI-SVR4) id IAA02968; Wed, 25 Jul 2001 08:08:20 +1000 Received: from localhost (sgcccdc@localhost) by guru.citec.qld.gov.au (8.9.3/8.9.3) with ESMTP id IAA56873; Wed, 25 Jul 2001 08:08:15 +1000 (EST) (envelope-from sgcccdc@citec.qld.gov.au) X-Authentication-Warning: guru.citec.qld.gov.au: sgcccdc owned process doing -bs Date: Wed, 25 Jul 2001 08:08:14 +1000 (EST) From: Colin Campbell To: Edwin Culp Cc: Andy , Lawrence Farr , "'Tony Saign'" , Subject: RE: Redundant setup on a budget?? In-Reply-To: <995992462.3b5da38ea5f8e@Mail.SavvyWorld.Net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, On Tue, 24 Jul 2001, Edwin Culp wrote: > Thanks, Andy. > > That is really strange. I don't have it in current and I'm supping > everything daily and building world. :-( I don't really understand. > I've got to be missing something really stupid. > > Would it be too much to ask for you to send me the port in a tgz? I'd > really like to try it. Have a look at http://www.freebsd.org/ports/net.html There's sources and a package. I found it by visting www.freebsd.org and searching for vrrpd. Not that difficult really. Colin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 15:18:56 2001 Delivered-To: freebsd-isp@freebsd.org Received: from kira.epconline.net (kira2.epconline.net [209.83.132.2]) by hub.freebsd.org (Postfix) with ESMTP id DB53137B401 for ; Tue, 24 Jul 2001 15:18:51 -0700 (PDT) (envelope-from carock@epconline.net) Received: from therock (betterguard.epconline.net [207.206.185.193]) by kira.epconline.net (8.11.4/8.11.4) with SMTP id f6OMIpZ88551 for ; Tue, 24 Jul 2001 17:18:51 -0500 (CDT) From: "Chuck Rock" To: Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 17:18:51 -0500 Message-ID: <004a01c1148e$9e210440$1805010a@epconline.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal In-Reply-To: <20010724223708.E83511@jake.akitanet.co.uk> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org What's wrong with ... ascend-radius-980618 ? Chuck > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Paul Robinson > Sent: Tuesday, July 24, 2001 4:37 PM > To: alexus > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > > > On Jul 24, alexus wrote: > > > Hello > > > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I > dont think it'd > > be whole a lot different) but anyway.. > > > > I went to http://www.livingston.com/ and i was confused due to they have > > version for linux for other os but not for FreeBSD.. > > > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Suggestion number one: don't use Livingston RADIUS. The following have all > been played with by myself, and although they require a bit of work to get > up and running (all RADIUS software has a bit of a learning curve due to > lack of proper documentation), they have all worked well for me in a > production environment: > > Cistron - probably the most popular RADIUS server out there. Many of the > ones below here are cistron-derived > > FreeRadius - promising work, technically "not suitable for production > environments" but it seems quite stable to me > > ICRADIUS - specifically designed for users to exist in a MySQL > table, so you > get a web front-end to it. In addition, accounting goes to MySQL, > so you can > write code that produces nice stats quite quickly > > XTRadius - I have had very little experience with this, but this is by far > the most flexible version providing you have time to write code. I haven't > had a chance to benchmark it yet, but am planning to do soon to > see how the > external calls affect performance. > > -- > Paul Robinson ,--------------------------------------- > Technical Director @ Akita | A computer lets you make more mistakes > PO Box 604, Manchester, M60 3PR | than any other invention with the > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > | Tequila - Mitch Ratcliffe > `----- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 15:48:55 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id BB6F837B405 for ; Tue, 24 Jul 2001 15:48:50 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 77156 invoked from network); 24 Jul 2001 22:49:01 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 24 Jul 2001 22:49:01 -0000 Message-ID: <002f01c11492$cc245b40$0d00a8c0@alexus> From: "alexus" To: "Chuck Rock" , References: <004a01c1148e$9e210440$1805010a@epconline.net> Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Date: Tue, 24 Jul 2001 18:48:46 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i never said anything wrong with this specific RADIUS i'm just trying to find out more about all that is out there i wanna know which is people choice and why they choice this one and not another one ----- Original Message ----- From: "Chuck Rock" To: Sent: Tuesday, July 24, 2001 6:18 PM Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE > What's wrong with ... ascend-radius-980618 ? > > Chuck > > > -----Original Message----- > > From: owner-freebsd-isp@FreeBSD.ORG > > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Paul Robinson > > Sent: Tuesday, July 24, 2001 4:37 PM > > To: alexus > > Cc: freebsd-isp@FreeBSD.ORG > > Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > > > > > > On Jul 24, alexus wrote: > > > > > Hello > > > > > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I > > dont think it'd > > > be whole a lot different) but anyway.. > > > > > > I went to http://www.livingston.com/ and i was confused due to they have > > > version for linux for other os but not for FreeBSD.. > > > > > > anyone dealt with that? any suggestions? (besides using ports/packages) > > > > Suggestion number one: don't use Livingston RADIUS. The following have all > > been played with by myself, and although they require a bit of work to get > > up and running (all RADIUS software has a bit of a learning curve due to > > lack of proper documentation), they have all worked well for me in a > > production environment: > > > > Cistron - probably the most popular RADIUS server out there. Many of the > > ones below here are cistron-derived > > > > FreeRadius - promising work, technically "not suitable for production > > environments" but it seems quite stable to me > > > > ICRADIUS - specifically designed for users to exist in a MySQL > > table, so you > > get a web front-end to it. In addition, accounting goes to MySQL, > > so you can > > write code that produces nice stats quite quickly > > > > XTRadius - I have had very little experience with this, but this is by far > > the most flexible version providing you have time to write code. I haven't > > had a chance to benchmark it yet, but am planning to do soon to > > see how the > > external calls affect performance. > > > > -- > > Paul Robinson ,--------------------------------------- > > Technical Director @ Akita | A computer lets you make more mistakes > > PO Box 604, Manchester, M60 3PR | than any other invention with the > > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > > | Tequila - Mitch Ratcliffe > > `----- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 15:55:20 2001 Delivered-To: freebsd-isp@freebsd.org Received: from gizmo.internode.com.au (gizmo.internode.com.au [192.83.231.115]) by hub.freebsd.org (Postfix) with ESMTP id E88C737B405 for ; Tue, 24 Jul 2001 15:55:16 -0700 (PDT) (envelope-from newton@gizmo.internode.com.au) Received: (from newton@localhost) by gizmo.internode.com.au (8.11.0/8.9.3) id f6OMsUQ19680; Wed, 25 Jul 2001 08:24:30 +0930 (CST) (envelope-from newton) Date: Wed, 25 Jul 2001 08:24:30 +0930 From: Mark Newton To: alexus Cc: Chuck Rock , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725082430.A19609@internode.com.au> References: <004a01c1148e$9e210440$1805010a@epconline.net> <002f01c11492$cc245b40$0d00a8c0@alexus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <002f01c11492$cc245b40$0d00a8c0@alexus> X-PGP-Key: http://www.on.net/~newton/pgpkey.txt Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Jul 24, 2001 at 06:48:46PM -0400, alexus wrote: > i never said anything wrong with this specific RADIUS > i'm just trying to find out more about all that is out there > i wanna know which is people choice and why they choice this one and not > another one Radiator. http://www.open.com.au/radiator God's own Radius server. Supports everything you'll ever need, is rock-solid stable, has ridiculously capable support from the authors, lots of support for things like Radius proxying, Cisco VPDN, etc, lots of authentication methods (any DBI-supported database, flat-file, passwd, Merit RADIUS config file, Livingston RADIUS config file, just about anything else), and lots of accounting repositories (logfile, SQL databases, CSV for import into Excel, inbuilt support for several commercial and open-source ISP billing packages, etc). And you get source code. This product has solved so many problems on our network, I have no hesitation in recommending it to anyone. - mark [ no connection to Open Systems, just a very satisfied customer ] -- Mark Newton Email: newton@internode.com.au (W) Network Engineer Email: newton@atdot.dotat.org (H) Internode Systems Pty Ltd Desk: +61-8-82232999 "Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 19:13:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from lily.ezo.net (lily.ezo.net [206.102.130.13]) by hub.freebsd.org (Postfix) with ESMTP id 051BF37B406 for ; Tue, 24 Jul 2001 19:13:40 -0700 (PDT) (envelope-from jflowers@ezo.net) Received: from lily.ezo.net (jflowers@localhost.ezo.net [127.0.0.1]) by lily.ezo.net (8.11.3/8.11.3) with SMTP id f6P2Fjf20399; Tue, 24 Jul 2001 22:15:45 -0400 (EDT) Date: Tue, 24 Jul 2001 22:15:45 -0400 (EDT) From: Jim Flowers To: alexus Cc: freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <009601c1147a$06eb15c0$0d00a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Just compile the unix version on FreeBSD and follow the instructions. It works fine. Jim Flowers #4 ISP on C|NET, #1 in Ohio On Tue, 24 Jul 2001, alexus wrote: > Hello > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think it'd > be whole a lot different) but anyway.. > > I went to http://www.livingston.com/ and i was confused due to they have > version for linux for other os but not for FreeBSD.. > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Thank you in advance > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 19:27:48 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 34CE037B406 for ; Tue, 24 Jul 2001 19:27:45 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6P2ROM90390; Tue, 24 Jul 2001 16:27:24 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Tue, 24 Jul 2001 16:27:23 -1000 (HST) From: Vincent Poy To: Paul Robinson Cc: alexus , Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010724223708.E83511@jake.akitanet.co.uk> Message-ID: <20010724162706.B50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 24 Jul 2001, Paul Robinson wrote: > On Jul 24, alexus wrote: > > > Hello > > > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I dont think it'd > > be whole a lot different) but anyway.. > > > > I went to http://www.livingston.com/ and i was confused due to they have > > version for linux for other os but not for FreeBSD.. > > > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Suggestion number one: don't use Livingston RADIUS. The following have all > been played with by myself, and although they require a bit of work to get > up and running (all RADIUS software has a bit of a learning curve due to > lack of proper documentation), they have all worked well for me in a > production environment: > > Cistron - probably the most popular RADIUS server out there. Many of the > ones below here are cistron-derived > > FreeRadius - promising work, technically "not suitable for production > environments" but it seems quite stable to me > > ICRADIUS - specifically designed for users to exist in a MySQL table, so you > get a web front-end to it. In addition, accounting goes to MySQL, so you can > write code that produces nice stats quite quickly > > XTRadius - I have had very little experience with this, but this is by far > the most flexible version providing you have time to write code. I haven't > had a chance to benchmark it yet, but am planning to do soon to see how the > external calls affect performance. Any comments on Merit Radius? Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 20: 9: 9 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailgate-1.netcommplete.com.au (mailgate-1.netcommplete.com.au [203.42.246.247]) by hub.freebsd.org (Postfix) with ESMTP id 5DB2537B406 for ; Tue, 24 Jul 2001 20:08:48 -0700 (PDT) (envelope-from smuller@netcommplete.com.au) Received: from smullerlaptop (unknown [203.42.246.234]) by mailgate-1.netcommplete.com.au (Postfix) with SMTP id 267ED7A1B for ; Wed, 25 Jul 2001 13:14:24 +1000 (EST) Reply-To: From: "Scott Muller" To: Subject: RE: Web Caching Engine Date: Wed, 25 Jul 2001 13:08:37 +1000 Message-ID: <004f01c114b7$19c89130$eaf62acb@smullerlaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 In-Reply-To: <2FA3BA0C7551724CA6DDF4E345360505049E89@walleye.corp.fishnet.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We use Cabletron/Enterasys SSR 2000's http://www.enterasys.com/products/items/SSR-2-B128/ (or whatever they're called this month!) and Cacheflow boxes with no problem at all. We sit at about 43% of data loaded from the local cacheflow, damn dynamic content :). Scott. > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Schlosser, Matt D. > Sent: Wednesday, July 25, 2001 6:58 AM > To: 'Jeremy Buckner'; 'freebsd-isp@FreeBSD.ORG' > Subject: RE: Web Caching Engine > > > We use CacheFlow products. http://www.cacheflow.com/ > > As much as home-made is nice, a system designed for it seems > to do best. > These are great. > > > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jeremy Buckner > Sent: Tuesday, July 24, 2001 10:38 AM > To: freebsd-isp@FreeBSD.ORG > Subject: Web Caching Engine > > > Has anyone ever used/configured FreeBSD as a web caching > engine. Can it be done or do I have to buy the $50,000 Cisco > product? Also it be seamless to my customers (no setting > proxy settings or anything like that). Any ideas? > > Thanks, > Jeremy Buckner > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jul 24 23:10:24 2001 Delivered-To: freebsd-isp@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id 212F237B403 for ; Tue, 24 Jul 2001 23:10:19 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 57420 invoked by uid 1001); 25 Jul 2001 06:10:00 +0000 (GMT) To: newton@internode.com.au Cc: ml@db.nexgen.com, carock@epconline.net, freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE From: sthaug@nethelp.no In-Reply-To: Your message of "Wed, 25 Jul 2001 08:24:30 +0930" References: <20010725082430.A19609@internode.com.au> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Wed, 25 Jul 2001 08:09:59 +0200 Message-ID: <57418.996041399@verdi.nethelp.no> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Radiator. http://www.open.com.au/radiator > > God's own Radius server. Supports everything you'll ever need, is > rock-solid stable, has ridiculously capable support from the authors, > lots of support for things like Radius proxying, Cisco VPDN, etc, lots > of authentication methods (any DBI-supported database, flat-file, passwd, > Merit RADIUS config file, Livingston RADIUS config file, just about > anything else), and lots of accounting repositories (logfile, SQL databases, > CSV for import into Excel, inbuilt support for several commercial and > open-source ISP billing packages, etc). > > And you get source code. Amen to this recommendation of Radiator. We use it, and it works very well. It's not freeware, however, it is *very* reasonably priced, and the support on the Radiator list is wonderful. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 1:56:10 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 1222237B406 for ; Wed, 25 Jul 2001 01:56:05 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PKRI-0005Lu-00; Wed, 25 Jul 2001 09:54:44 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PKT2-000Jmw-00; Wed, 25 Jul 2001 09:56:32 +0100 Date: Wed, 25 Jul 2001 09:56:32 +0100 From: Paul Robinson To: Mark Newton Cc: alexus , Chuck Rock , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725095632.F83511@jake.akitanet.co.uk> References: <004a01c1148e$9e210440$1805010a@epconline.net> <002f01c11492$cc245b40$0d00a8c0@alexus> <20010725082430.A19609@internode.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010725082430.A19609@internode.com.au>; from newton@internode.com.au on Wed, Jul 25, 2001 at 08:24:30AM +0930 X-Scanner: exiscan *15PKRI-0005Lu-00*$AK$QBS.CpG61eRRGRSbzTR3..* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 24, Mark Newton wrote: > Radiator. http://www.open.com.au/radiator Indeed, a very capable RADIUS server. Unfortunately for a single server it costs $620, and for 2-7 servers it's $992. I didn't include this in the run-down I gave because I tend to concentrate on open-source solutions. The closest to this out of the list I gave is going to be either FreeRadius (which offers nearly all of this but is still beta) or XTRadius where you can call any external program you want for authentication or accounting, meaning that with an afternoon of Perl scripting you can do everything Radiator can, specific to your site. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 1:58:48 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id D922F37B406 for ; Wed, 25 Jul 2001 01:58:44 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PKT2-0005mi-00; Wed, 25 Jul 2001 09:56:32 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PKUm-000Jrl-00; Wed, 25 Jul 2001 09:58:20 +0100 Date: Wed, 25 Jul 2001 09:58:20 +0100 From: Paul Robinson To: Vincent Poy Cc: alexus , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725095820.G83511@jake.akitanet.co.uk> References: <20010724223708.E83511@jake.akitanet.co.uk> <20010724162706.B50475-100000@oahu.WURLDLINK.NET> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010724162706.B50475-100000@oahu.WURLDLINK.NET>; from vince@oahu.WURLDLINK.NET on Tue, Jul 24, 2001 at 04:27:23PM -1000 X-Scanner: exiscan *15PKT2-0005mi-00*$AK$.Zn1DBJsnAE9x5MCQWB7K1* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Vincent Poy wrote: > Any comments on Merit Radius? I spent 15 minutes with it one Tuesday morning and went back to Cistron. For what it's worth, I currently run ICRADIUS, but am planning to move to XTRadius in the near future, as it seems a little more mature. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 2:46:31 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id E7C8937B406 for ; Wed, 25 Jul 2001 02:46:21 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 61681 invoked from network); 25 Jul 2001 09:46:20 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 25 Jul 2001 09:46:20 -0000 Date: Wed, 25 Jul 2001 11:47:35 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <1241681557.20010725114735@buz.ch> To: Paul Robinson Cc: Enriko Groen , 'Tony Saign' , freebsd-isp@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <20010724154211.C34017@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Paul, Tuesday, July 24, 2001, 4:42:11 PM, you wrote: > The way I see it, I'm loathed to spend Ģ20k+ for a decent L4 load > balancing Not as much maybe. www.coyotepoint.com could help you out for about 5000$ (which is based on FreeBSD, BTW!). > and look at writing it. Polyserve offer a commercial solution and I > believe that a copy of their software is shipped with an eval > license if you buy FBSD CDs from Walnut Creek, but I've never > played with it. I have however seen it demo'ed at a trade show in > London, and to me it looked more suited for the primary/backup > configuration, that I also don't wish to use. ACK. Conventional fail over for clustering. > I have a huge workload on at the moment, but on the bottom of the > pile is to dedicate some time to playing with clustering stuff like > web, mail and mysql servers under FBSD, documenting up the > experience, and putting it up somewhere public. Until that point, > do any of you guys have any resources, or even better, whitepapers > or (gasp!) software for FreeBSD clustering? Actually, there is, sort of at least. Look into the ipfilter package (shipped with FreeBSD 4.3 or on http://coombs.anu.edu.au/ipfilter/) and especially its l4check tool. If that is not enough, we're currently implementing a monitoring system with many of the functionality found in netsaint (which unfortunately is crashing all the time on our machines and also a bit slow, OTOH, I can't yet say whether ours will be much faster) and NAT modifying features[1]. It isn't yet decided under what kind of license this thing will get released, but if someone's willing to play alpha tester, I could provide you surely with a free license so you could play with it. I also have an alpha version of a whitepaper on my disk but that one's in German (high class one, riddled with English fail over vocabulary), so I suspect it wouldn't help you very much. Basically, the load balancing part is easy enough (look ipfilter and natd, both do it). Harder but still doable with a reasonable amount of work is fail over (l4check might be good enough for your uses, for us it was too limited). What's really hard is to mirror the servers in near realtime (and here are WE searching for a solution). While databases bring their own replication features, filesystems do not (with the possible exception of coda but that beast did neither work on my systems nor does it look like it's being maintained). The Linux crowd got several solutions to achieve realtime mirroring on filesystem layer, most notably distributed RAID through the use of one network block device (which FreeBSD unfortunately misses, I once asked Greg Lehey whether it would be possible to integrate on or modify vinum to do distributed RAID with another approach, but he didn't even answer to my mail) on another machine. Another solution, which I could also agree on using it, would be to have http://people.freebsd.org/~abial (Spy) to log all writes to the filesystem and simply copy all the modified files over the LAN (using rsync, scp or even NFS). What definitely doesn't work on most webservers (not on shared ones, anyway), is offline replication like standard rsync or cpdup as those take about 1h to simply check and update the twin of a 5 GB server which is not what I consider to be realtime (basically, I could agree on using any solution that doesn't create more than a 10 to 15min lag, even on big mailservers with hundred of thousands of files and dirs). Best regards, Gabriel [1] Having spend serious time looking into all available load balancing and fail over systems, I found that only NAT is a practicable way for a whole server farm. If you just need to have fail over for two servers, some IP takeover method is fine (if you can implement it properly which isn't as easy as it looks in first place, BTW). If you don't really need redundancy, you could simply use round robin DNS.  -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO16Hq8Za2WpymlDxAQHtCwf+I/2P96LQxyRCyGYNIUKky/ndGenLBdFs 6fS7E1ahPF9tfjzvqmHPprEkfJgKNBpc2u7mxvZARA/PLyc7AdhnD8Cx1hltPqFV VJWuI+vDDO1fxB2ab6OnFadziDFm7O+eg7STMn0CfE5GAf5pijiHQAjzxZye5umx mBPNiYyF2CxOQwgd2pS/aQWdpOxHuBZqzzxjDp184Y+aNDFC4ATPUqbnzUJe6H0A MJ2p4hFePEi5ZKH1pH0RruBAjW1QGmcTmYvKgMm+w4azpGJQbvjvVHM4SfJ9wekc R5R++PTVgKB8e/yawcCIlTKngAhV6x5H/yWexzFi/WEMEgik/OFoXg== =BPWx -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 3:21:56 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id C9A8F37B403 for ; Wed, 25 Jul 2001 03:21:51 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PLmn-000BSy-00; Wed, 25 Jul 2001 11:21:01 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PLoY-000ObJ-00; Wed, 25 Jul 2001 11:22:50 +0100 Date: Wed, 25 Jul 2001 11:22:50 +0100 From: Paul Robinson To: Gabriel Ambuehl Cc: Enriko Groen , 'Tony Saign' , freebsd-isp@freebsd.org Subject: Re: Redundant setup on a budget?? Message-ID: <20010725112250.N83511@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1241681557.20010725114735@buz.ch>; from gabriel_ambuehl@buz.ch on Wed, Jul 25, 2001 at 11:47:35AM +0200 X-Scanner: exiscan *15PLmn-000BSy-00*$AK$aXNfYJWH/4p2GKFx5c0iv/* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Gabriel Ambuehl wrote: > Actually, there is, sort of at least. Look into the ipfilter package > (shipped with FreeBSD 4.3 or on http://coombs.anu.edu.au/ipfilter/) > and especially its l4check tool. I'll look into this. Thanks for the tip. We're evaluating ipfilter for another project, so I'm sure I would have stumbled over this eventually. > Basically, the load balancing part is easy enough (look ipfilter and > natd, both do it). Harder but still doable with a reasonable amount > of work is fail over (l4check might be good enough for your uses, for > us it was too limited). What's really hard is to mirror the servers > in near realtime (and here are WE searching for a solution). While > databases > bring their own replication features, filesystems do not (with the > possible exception of coda but that beast did neither work on my > systems nor does it look like it's being maintained). That's why I wanted to know when FBSD clients were going to be able to create NFS locks with rpc.lockd - this is now fixed in -current which means you can just wack your FS on one NFS system, and all the boxes you want can come off that one filesystem. Far easier to implement than mirroring, and providing the locking is in place (and I'm going to get around to pestering for this to be MFC'ed), you're not going to have problems with atomic transactions and the like at an FS level. No mirroring required - you are only using one FS. Of course, the flip-side to this is slightly slower performance, but then you can always look at multiple NICs and trying to get trunking working. ;-) > Another solution, which I could also agree on using it, would be to > have http://people.freebsd.org/~abial (Spy) to log all writes to the > filesystem and simply copy all the modified files over the LAN (using > rsync, scp or even NFS). What definitely doesn't work on most This is bad. There is no locking in place, so atomic actions get trashed. > webservers (not on shared ones, anyway), is offline replication like > standard rsync or cpdup as those take about 1h to simply check and > update the twin of a 5 GB server which is not what I consider to be > realtime (basically, I could agree on using any solution that doesn't > create more than a 10 to 15min lag, even on big mailservers with > hundred of thousands of files and dirs). It really depends on what you intend doing. By the sounds of it, you appear to be talking about a read-only environment with very little/occasional writing. I, however, am talking about getting MySQL servers to cluster, and maintain the new transactional support in there. > [1] Having spend serious time looking into all available load > balancing and fail over systems, I found that only NAT is a > practicable way for a whole server farm. If you just need to have > fail > over for two servers, some IP takeover method is fine (if you can > implement it properly which isn't as easy as it looks in first place, > BTW). If you don't really need redundancy, you could simply > use round robin DNS. Yeah, I had looked at NAT approaches. The free chapter of the new O'Reilley book on SLB is the one about NAT which I had a quick scour of, and it looks quite suitable for some of the things I'm planning. I really don't want to do primary/backup work for some of my projects - I'd much rather have half a dozen servers all working at the same time, and allow for one or two of the boxes to fail. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 3:39: 3 2001 Delivered-To: freebsd-isp@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id E38D237B403 for ; Wed, 25 Jul 2001 03:38:58 -0700 (PDT) (envelope-from sthaug@nethelp.no) Received: (qmail 59808 invoked by uid 1001); 25 Jul 2001 10:38:56 +0000 (GMT) To: paul@akita.co.uk Cc: newton@internode.com.au, ml@db.nexgen.com, carock@epconline.net, freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE From: sthaug@nethelp.no In-Reply-To: Your message of "Wed, 25 Jul 2001 09:56:32 +0100" References: <20010725095632.F83511@jake.akitanet.co.uk> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Wed, 25 Jul 2001 12:38:56 +0200 Message-ID: <59806.996057536@verdi.nethelp.no> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > On Jul 24, Mark Newton wrote: > > > Radiator. http://www.open.com.au/radiator > > Indeed, a very capable RADIUS server. Unfortunately for a single server it > costs $620, and for 2-7 servers it's $992. I didn't include this in the > run-down I gave because I tend to concentrate on open-source solutions. The > closest to this out of the list I gave is going to be either FreeRadius > (which offers nearly all of this but is still beta) or XTRadius where you > can call any external program you want for authentication or accounting, > meaning that with an afternoon of Perl scripting you can do everything > Radiator can, specific to your site. Some of us concluded differently. At our site we use Radiator, and are happy with it. We have used other Radius packages in the past, and we evaluated several of the freely available ones before choosing Radiator. If we were to choose again today, I'm pretty sure we would still choose Radiator. The cost may be significant - it depends on the size of your customer base and what your own work hours are worth. We have a customer base of around 100k customers, and the cost of Radiator is down in the noise. (We also use other commercial packages running on FreeBSD - for instance CommuniGate Pro, see www.stalker.com. This does not mean that we don't like open source software - it simply means that we have decided that for *our* organization and customer base, the total cost would be lower with a particular commercial package. In other parts of the organization we use Postfix, qmail, Apache and other open source software. For us the point is not to use open source software for everything, it is to use whatever software is available and gives us the lowest total cost. Often this will be open source software, but not always...) Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 4:13:33 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 179E737B403 for ; Wed, 25 Jul 2001 04:13:24 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 66254 invoked from network); 25 Jul 2001 11:13:22 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 25 Jul 2001 11:13:22 -0000 Date: Wed, 25 Jul 2001 13:14:37 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <1996903256.20010725131437@buz.ch> To: Paul Robinson Cc: Enriko Groen , 'Tony Saign' , freebsd-isp@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <20010725112250.N83511@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Paul, Wednesday, July 25, 2001, 12:22:50 PM, you wrote: >> and especially its l4check tool. > I'll look into this. Thanks for the tip. We're evaluating ipfilter > for another project, so I'm sure I would have stumbled over this > eventually. It's well hidden in there. Generally, I'd prefer ipfilter over ipfw any time, IMHO it's the much more sophisticated package but it sometimes suffers a bit of it's extrem multi platform approach, which means that you can't always use the newest release on your box. > That's why I wanted to know when FBSD clients were going to be able > to create NFS locks with rpc.lockd - this is now fixed in -current > which means you can just wack your FS on one NFS system, and all > the boxes you want can come off that one filesystem. IMNSHO, this is a flawed approach as this one filesystem which must reside on one box if you don't use distributed RAID, is THE single point of failure. > Far easier to implement than mirroring, That is true. > providing the locking is in place (and I'm going to get around to > pestering for this to be MFC'ed), > you're not going to have problems with atomic > transactions and the like at an FS level. No mirroring required - > you are only using one FS. Some problems with this: rpc.lockd isn't one of the fastest pieces of code I can think of (can't be, it's whole purpose doesn't allow it). Further, if you have one filesystem, then you also got the problem that if one machine is cracked, the cracker can fuck with all of your data. On a decent mirroring scheme, this shouldn't be the case (rather easy if you got different sets of data you can put into their own segments, a bit harder if the data must be available to each and every node of your cluster but this isn't the case for us, as we do webhosting which can very nicely be segmented). > Of course, the flip-side to this is slightly slower performance, > but then you can always look at multiple NICs and trying to get > trunking working. ;-) Trunking isn't supported at all by FreeBSD if I'm not totally mistaken. >> filesystem and simply copy all the modified files over the LAN >> (using rsync, scp or even NFS). What definitely doesn't work on >> most > This is bad. There is no locking in place, so atomic actions get > trashed. If you got atomic operations on the filesystem, you're doing something wrong, IMO. That's what databases are for. Further, for us, the load balancing aspect isn't as important as the fail over one, our current vision doesn't even do real load balancing on the FS level (simply because the crappy code that most CGI scripts got won't even support really support this on one filesystem). Our approach is to have twins of boxes, of which each serves for half of the domains the twin hosts, if one of them breaks, the other one also serves the half that just went down. If you need real load balancing, use a DBMS, that's what were made for. >> realtime (basically, I could agree on using any solution that >> doesn't create more than a 10 to 15min lag, even on big >> mailservers with hundred of thousands of files and dirs). > It really depends on what you intend doing. By the sounds of it, > you appear to be talking about a read-only environment with very > little/occasional writing. More or less ACK. Mostly FTP uploads by the users and some writes to the FS from some badly implemented scripts which I'm not going to babysit. If you > I, however, am talking about getting MySQL servers to cluster, and > maintain the new transactional support in there. Why do you need NFS locking, then? MySQL does everything that is needed to replicate the data. It gets hairy, though, if one DB server isn't enough to cope with the update/insert statements but then you should probably spend more money on the DB server. > quite suitable for some of the things I'm planning. I really don't > want to do primary/backup work for some of my projects - I'd much > rather have half a dozen servers all working at the same time, and > allow for one or two of the boxes to fail. First point to get clear about it is: does your project allow it to be run entirely out of a DB (perhaps with local, non critical FS caches which don't matter if the go down), if it can (and most DB based apps can, problems starts with flatfile based scripts), you're lucky, as you simply need to have some NAT gateway (two would be better, of course, so you haven't got a single point of failure there) and some backend DB servers which do their replication themselves anyway. Best regards, Gabriel Pa“7Ėŋ74 -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO16cEsZa2WpymlDxAQGKAgf/TaY6f0ntNnbRAd99qC9gB6+wBEor12Xu ttuvrnge3nrnq0jS8BK+QADGMp8AWOOE1jDbRq8o+pIFgahpxZ+vgrACXDBIfW6e IHHyeYtSwCJrshfi4Rl/cnVgU6UG71SPF7eUY0ZLmQD5I180krX9B6tO4hNeD7vb 39DdAwnC7Dr+Gdd0aRLZdcTanlXJAFBSQNQ3FXrhAst3JYBAdiE0zXWUozb5SHN4 kAbDLaS2YHWfGN40ocU3VF1ywdODXhD39sduD4cZkHq9VXCsbfxLsFeMmhJHvSBj W/9we3tIzTdhr+NpD8ZRtyHkoDEixFCMj2GWNY/3ACQ3KsjAi+ZkxQ== =5HkZ -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 4:23:30 2001 Delivered-To: freebsd-isp@freebsd.org Received: from web20102.mail.yahoo.com (web20102.mail.yahoo.com [216.136.226.39]) by hub.freebsd.org (Postfix) with SMTP id CA05237B408 for ; Wed, 25 Jul 2001 04:23:23 -0700 (PDT) (envelope-from freefabri@yahoo.it) Message-ID: <20010725112323.20541.qmail@web20102.mail.yahoo.com> Received: from [193.227.212.160] by web20102.mail.yahoo.com; Wed, 25 Jul 2001 13:23:23 CEST Date: Wed, 25 Jul 2001 13:23:23 +0200 (CEST) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: FreeBSD Mail Toaster CLUSTER To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello all,I have to realize a Mail Server (Pop3,Imap,WebMail) for about 4000 people. I decided to use FreeBSD 4.3 with Q-mail-Vpopmail-CourierIMAP-SQWebMail, but I have a problem. Is it possible with FreeBSD to make a "cluster" of two machines (ix86) that when one goes down for some fault the other takes care of the service so that Mail is still available? ______________________________________________________________________ Do You Yahoo!? Il tuo indirizzo gratis e per sempre @yahoo.it su http://mail.yahoo.it To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 4:44: 3 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 2864F37B401 for ; Wed, 25 Jul 2001 04:43:51 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PN3E-000H8L-00; Wed, 25 Jul 2001 12:42:04 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PN50-00034t-00; Wed, 25 Jul 2001 12:43:54 +0100 Date: Wed, 25 Jul 2001 12:43:54 +0100 From: Paul Robinson To: Gabriel Ambuehl Cc: Enriko Groen , 'Tony Saign' , freebsd-isp@freebsd.org Subject: Re: Redundant setup on a budget?? Message-ID: <20010725124353.A6548@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> <1996903256.20010725131437@buz.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1996903256.20010725131437@buz.ch>; from gabriel_ambuehl@buz.ch on Wed, Jul 25, 2001 at 01:14:37PM +0200 X-Scanner: exiscan *15PN3E-000H8L-00*$AK$ur3a.Om7nWOFKFtcPl//e.* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Gabriel Ambuehl wrote: > It's well hidden in there. Generally, I'd prefer ipfilter over ipfw > any time, IMHO it's the much more sophisticated package but it > sometimes suffers a bit of it's extrem multi platform approach, which > means that you can't always use the newest release on your box. I prefer ipfw simply because I have more experience with it. ipfilter is a little bit too Linuxy in it's approach. > IMNSHO, this is a flawed approach as this one filesystem which must > reside on one box if you don't use distributed RAID, is THE single > point of failure. And with distributed RAID you haven't addressed your problem of atomic transactions. It's all very well having no single point of failure, but I can guarantee in every scenario you will have multiple single points of failure. "You're using the same OS on every machine?", "You use the same power company and brand of UPS and generator for all your power?", etc. It can all come back to single points of failure. In my experience, I would rather have multiple RAID cards, in a beefy box, perhaps doing incremental backups once an hour to a hot standby, with hot-swap disks, etc. and know that my file writes are being locked properly than take a risk with several boxes informing each other of transactions and just hoping it works. The problem with your approach, is that it is likely to look as though it's working fine at first, but once you put load on, maybe 0.00001% of transactions will start suffering. Then 0.000015%, and so on as the load increases. It will just look like a weird bug somewhere down in the system that will be easy to pass over. The occasional screw-up. But as load increases, these problems will rise steadily. > Some problems with this: rpc.lockd isn't one of the fastest pieces of > code I can think of (can't be, it's whole purpose doesn't allow it). > Further, if you have one filesystem, then you also got the problem > that if one machine is cracked, the cracker can fuck with all of > your data. On a decent mirroring scheme, this shouldn't be the case > (rather easy if you got different sets of data you can put into their > own segments, a bit harder if the data must be available to each and > every node of your cluster but this isn't the case for us, as we do > webhosting which can very nicely be segmented). Well, I wasn't going to allow all machines access to all the data. If he gets into an SQL server, he gets to mess with SQL data. He gets into a web server, he gets access to web data. However, I've already had discussions about security in general on this and other lists, and I don't want to re-visit them now. Although rpc.lockd isn't fast, you have to ask the question as to whether speed is what is imporant to you in this environment. In a web-hosting environment, we're talking about a heavy-read setup. We're not going to be too worried. For SQL stuff, we might get concerned if we're doing a lot of INSERTs and UPDATEs. For a mail setup, we are definitely going to be concerned. However, can you take the risk with your customer's mail that because you haven't got locking sorted that mail is being written to a spool from one machine, but then gets trashed by mail from another machine? no? In that case you need locking. > Trunking isn't supported at all by FreeBSD if I'm not totally > mistaken. That's why I put a smiley after my statement. Trunking is hard. It'd be nice to have, but it's hard. So, off to see what Gigabit cards FBSD is supporting now. :-) > If you got atomic operations on the filesystem, you're doing > something > wrong, IMO. That's what databases are for. And if you have several MySQL servers acting as heads to the same database? You need file-level locking if your cluster is to have any write operations. To say file servers shouldn't have atomic locking raises the question as to why the hell qpopper puts locks in place. To me, it's obvious, that servers are EXACTLY where atomic actions should be taking place. > If you need real load balancing, use a DBMS, that's what were made > for. I didn't say I needed it. I just said I was going to build it. You can't see the advantage of being able to cluster free SQL servers together? You can't see how docs on how to get multiple SMTP/POP3/IMAP servers all working on the same spools on a big fat RAID is not useful? Fine, you don't want it. Others do. I'm planning on doing it because I work in a job where I get to do fun things, the way I want to. :-) > More or less ACK. Mostly FTP uploads by the users and some writes to > the FS from some badly implemented scripts which I'm not going to > babysit. If you Whereas we do full-on scripting/e-com/god knows what where we are doing read-write all the time. For your setup, what I'm suggesting is overkill. > Why do you need NFS locking, then? MySQL does everything that is > needed to replicate the data. It gets hairy, though, if one DB server > isn't enough to cope with the update/insert statements but then you > should probably spend more money on the DB server. I'd rather have 10 boxes costing my 500 quid each than 1 box costing me 20k. So would a lot of other companies. Plus, it's more scalable. Plus, I'm doing this because it's fun. :-) > First point to get clear about it is: does your project allow it to > be > run entirely out of a DB (perhaps with local, non critical FS caches > which don't matter if the go down), if it can (and most DB based apps > can, problems starts with flatfile based scripts), you're lucky, as > you simply need to have some NAT gateway (two would be better, of > course, so you haven't got a single point of failure there) and some > backend DB servers which do their replication themselves anyway. The problem with replication, is we get into trouble with atomic actions again. Anyway, it's still early days, and I'm still thinking of different approaches. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 5:22:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 5395A37B405 for ; Wed, 25 Jul 2001 05:22:01 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 70406 invoked from network); 25 Jul 2001 12:21:59 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 25 Jul 2001 12:21:59 -0000 Date: Wed, 25 Jul 2001 14:23:13 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <2411019395.20010725142313@buz.ch> To: Paul Robinson Cc: freebsd-isp@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <20010725124353.A6548@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> <1996903256.20010725131437@buz.ch> <20010725124353.A6548@jake.akitanet.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Paul, Wednesday, July 25, 2001, 1:43:54 PM, you wrote: >> sometimes suffers a bit of it's extrem multi platform approach, >> which means that you can't always use the newest release on your >> box. > I prefer ipfw simply because I have more experience with it. > ipfilter is a little bit too Linuxy in it's approach. Actually, it's more solarisy ;-). AFAIK, it works on *BSD, Solaris and HPUX and Linux 2.0.x. But the state stuff is really interesting. > And with distributed RAID you haven't addressed your problem of > atomic transactions. ACk. But as said, I don't care for them on FS level. FS isn't meant to be used as a DB, for that we got DBMS installed. > It's all very well having no single point of failure, but I > can guarantee in every scenario you will have multiple single > points of failure. Sure. But you should eliminate those you can. > "You're using the same OS on every machine?", Actually, this is a point I've been thinking about for quite some time, mostly because of security reasons. But it's simply unpractical to have two different servers OS doing the same job. And further, many of the holes in the daemons (the OS themselves normally haven't got remotely exploitable ones) are cross platform anyway. > "You use the same > power company and brand of UPS and generator for all your power?", > etc. It can all come back to single points of failure. Yeah sure. But this is were the finger pointing effect comes into the game. It's the colo facilities job to ensure my servers got power and that the LAN is up, it's mine to ensure the rest. > In my experience, I would rather have multiple RAID cards, in a > beefy box, perhaps doing incremental backups once an hour to a hot > standby, with hot-swap disks, etc. and know that my file writes are > being locked properly than take a risk with several boxes informing > each other of transactions and just hoping it works. The problem > with your approach, is that it is likely to look as though it's > working fine at first, but once you put load on, maybe 0.00001% of > transactions will start suffering. Then 0.000015%, and so on as the > load increases. It will just look like a weird bug somewhere down > in the system that will be easy to pass over. The occasional > screw-up. But as load increases, these problems will rise steadily. Not necessarily. I don't plan to share data among different systems with different systems writing to it. Data should be saved on two or more boxes, but only ONE boxes will have write access to it under normal operation. If that box goes down, it's twin gets the write rights and so on. >> every node of your cluster but this isn't the case for us, as we >> do webhosting which can very nicely be segmented). > Well, I wasn't going to allow all machines access to all the data. > If he gets into an SQL server, he gets to mess with SQL data. He > gets into a web server, he gets access to web data. However, I've > already had discussions about security in general on this and other > lists, and I don't want to re-visit them now. ACK. One can't do uch about it anyway. > Although rpc.lockd isn't fast, you have to ask the question as to > whether speed is what is imporant to you in this environment. In a > web-hosting environment, we're talking about a heavy-read setup. > We're not going to be too worried. Exactly. And this is why I don't care too much for atomicity of write operations as we simply won't guarantee it (further, most clients don't need to know we're running redundant setups) . We'll "guarantee" for DB consistency and for XX.YY% uptime of the webservers. > For SQL stuff, we might get concerned if we're doing a lot of > INSERTs and UPDATEs. For DBMS, the only solution I can think of is faster hardware. Shared DBMS is a big mess. > For a mail setup, we are definitely going to be > concerned. > However, can you take the risk with your customer's mail that > because you haven't got locking sorted that mail is being written > to a spool from one machine, but then gets trashed by mail from > another machine? no? In that case you need locking. Use the proper MTA. qmail is written to be NFS safe (and despite, it saves you to worry about the security of your mailservers since it hasn't been ONE hole in 1.03!). >> Trunking isn't supported at all by FreeBSD if I'm not totally >> mistaken. > That's why I put a smiley after my statement. Trunking is hard. > It'd be nice to have, but it's hard. So, off to see what Gigabit > cards FBSD is supporting now. :-) I'd rather want FreeBSD to support TCP/IP over firewire ;-) >> If you got atomic operations on the filesystem, you're doing >> something >> wrong, IMO. That's what databases are for. > And if you have several MySQL servers acting as heads to the same > database? Simply don't do it. With MySQL, this cries for trouble (not to mention the immense performance penalty). If the DB *server* isn't fast enough, use MySQL's realtime replication and redirect the selects to a slave, if this isn't enough, get better hardware. But I somehow doubt that a Athlon MP 1200 isn't fast enough for 95% of all people out there. The rest probably runs Sun or IBM anyway. > You need file-level locking if your cluster is to have any write > operations. Only if more than one machine is allowed to write to a segment of data at any given time. My setup doesn't require this. > To say file servers shouldn't have atomic locking raises the > question as to why the hell qpopper puts locks in place. Badly written daemon? > To me, it's obvious, that servers are EXACTLY where atomic actions > should be taking place. Sure. But one can go great way without even needing them. >> If you need real load balancing, use a DBMS, that's what were made >> for. > I didn't say I needed it. I just said I was going to build it. You > can't see the advantage of being able to cluster free SQL servers > together? If it works, I can see it. And actually, I'm running MySQL in replicated master/slave mode since the day the replication feature got stable enough for production. And I've got my doubts whether I would want to rely on a multiple master setup with MySQL 3.23. > You can't see how docs on how to get multiple SMTP/POP3/IMAP > servers all working on the same spools on a big fat RAID is not > useful? Sure I can. But I don't see why I should use locking there if my mailserver was designed to work with NFS without locking. > it. Others do. I'm planning on doing it because I work in a job > where I get to do fun things, the way I want to. :-) Oh that looks like 50% of my job description and actually that's the reason why I'm currently working on the fail over stuff as I currently consider it to be one of the most interesting fields of computing ;-). Well let's better not talk about the other 50% ;-.) >> More or less ACK. Mostly FTP uploads by the users and some writes >> to the FS from some badly implemented scripts which I'm not going >> to babysit. If you > Whereas we do full-on scripting/e-com/god knows what where we are > doing read-write all the time. For your setup, what I'm suggesting > is overkill. Oh I for myself do this kind of stuff as well. But since we don't offer load balanced servers with atomic FS operations and never will as I consider this to be the wrong approach to build dynamic websites and our techies got better things to than to listen to weenies who bitch about their crappy Perl script, I don't see any need to guarantee this. My personal opinion is that one should shoot people who are using flat file scripts for anything serious. You need to store records? Use a DBMS where, if needed, I'll go great lengths to ensure your data stays consistent. >> needed to replicate the data. It gets hairy, though, if one DB >> server isn't enough to cope with the update/insert statements but >> then you should probably spend more money on the DB server. > I'd rather have 10 boxes costing my 500 quid each than 1 box > costing me 20k. So would a lot of other companies. Plus, it's more > scalable. Plus, I'm doing this because it's fun. :-) Oh I see, you follow our business model (lots of cheap servers are much better for your reliability than one expensive one). I just feel it comes to an end when it comes to loaded DB servers as it's awfully hard to have two boxes working on the same table. If MySQL 4 takes a similar approach like MS SQL in the data center edition (once saw this beast in action and was surprised as it appears to be working pretty good), i.e. plug another server in the cluster and get automatically more power, I'm all ears for it. But until this stuff is ready, I either need to look that the load can be spread to different DB servers (it already IS possible to spread anything down to tables over different MySQL servers) or just buy more hardware. > The problem with replication, is we get into trouble with atomic > actions again. Exactly. And that's why I would go for a single master/multiple slave setup where atomicity is guaranteed. Direct all updates/inserts to the master which then propagates them to the slaves and do as many selects as you like on the slaves. A multiple master setup isn't something I'd want to use with current MySQL versions. Oh and last but not least, MySQL is probably not the right choice if you need bomb proof reliability anyway (IIRC, it still isn't ACID even with transaction support). Best regards, Gabriel elāæĨāæĨ -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO16sJ8Za2WpymlDxAQFURQgAurVC/i9MDz1Dp4BWoWkqMX+69tdWmSVw vwgIO9+p5Yu2SnEjIhQoAMfbA/sNVWB05Des+gGaEQiVNJEJpf2+V03dh0BDcM7U 4o3GtHsdDueIUF1LbNfv0Rvosl5eN6noHoODtbtpnthbMiFUVzkO82ZzHnxr4+h0 FYb82iw9Fng1SRDfmfybR+mBjmHCYwCA5Sfe6byHbF/MoxL4/l04/pqIwJU8f9NS 5kH+iD3uNiqses7OL0BjZTnz4IT2PzIA73SkhNTg+d10jifAyAKP9Zx1Bpk0A6Da puSKQNYDzO2WXfi0YTOam5VE2yzxTZWv45c6/Xx3gjipnOIH2REhbw== =nDzR -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 5:23:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132]) by hub.freebsd.org (Postfix) with ESMTP id CADAC37B401 for ; Wed, 25 Jul 2001 05:23:03 -0700 (PDT) (envelope-from Alexander@leidinger.net) Received: from [194.97.50.144] (helo=mx1.freenet.de) by mout1.freenet.de with esmtp (Exim 3.30 #3) id 15PNgr-0003Ww-00; Wed, 25 Jul 2001 14:23:01 +0200 Received: from b83ac.pppool.de ([213.7.131.172] helo=Magelan.Leidinger.net) by mx1.freenet.de with esmtp (Exim 3.30 #3) id 15PNgq-0007XX-00; Wed, 25 Jul 2001 14:23:01 +0200 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.4/8.11.4) with ESMTP id f6PB8pu10158; Wed, 25 Jul 2001 13:08:52 +0200 (CEST) (envelope-from netchild@Leidinger.net) Message-Id: <200107251108.f6PB8pu10158@Magelan.Leidinger.net> Date: Wed, 25 Jul 2001 13:08:50 +0200 (CEST) From: Alexander Leidinger Subject: Re: Redundant setup on a budget?? To: gabriel_ambuehl@buz.ch Cc: paul@akita.co.uk, enriko.groen@netivity.nl, tony@saignon.net, freebsd-isp@FreeBSD.ORG In-Reply-To: <1241681557.20010725114735@buz.ch> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=ISO-8859-1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 25 Jul, Gabriel Ambuehl wrote: > If that is not enough, we're currently implementing a monitoring > system with many of the functionality found in netsaint (which > unfortunately is crashing all the time on our machines and also a bit > slow, OTOH, I can't yet say whether ours will be much faster) and > NAT modifying features[1]. It isn't yet decided under what kind of > license this > thing will get released, but if someone's willing to play alpha > tester, I could provide you surely with a free license so you could > play with it. I also have an alpha version of a whitepaper > on my disk but that one's in German (high class one, riddled with > English fail over vocabulary), so I suspect it wouldn't help you > very much. But it's perhaps interesting for other people. Can you put it somewhwere to download? > Basically, the load balancing part is easy enough (look ipfilter and > natd, both do it). Harder but still doable with a reasonable amount > of work is fail over (l4check might be good enough for your uses, for > us it was too limited). What's really hard is to mirror the servers > in near realtime (and here are WE searching for a solution). While > databases > bring their own replication features, filesystems do not (with the > possible exception of coda but that beast did neither work on my > systems nor does it look like it's being maintained). [...] > What definitely doesn't work on most > webservers (not on shared ones, anyway), is offline replication like > standard rsync or cpdup as those take about 1h to simply check and > update the twin of a 5 GB server which is not what I consider to be > realtime (basically, I could agree on using any solution that doesn't > create more than a 10 to 15min lag, even on big mailservers with > hundred of thousands of files and dirs). Perhaps you want to implement it on your own too... For ufs: man 2 kqueue If you decide to implement it (there are interfaces to other languages - at least to python - in the ports), please make the program modular in a fashion it would be usable as a realtime tripwire replacement (e.g. let it call 3rd party apps with "path" and "type of change" as arguments... I already thought about this a little bit, but unfortunally I didn't have time to implement it myself, but you're perhaps interested in some ideas I have). Bye, Alexander. -- The computer revolution is over. The computers won. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 6:26:30 2001 Delivered-To: freebsd-isp@freebsd.org Received: from dell.nexicom.net (dell.nexicom.net [216.168.96.13]) by hub.freebsd.org (Postfix) with ESMTP id 07D7E37B406 for ; Wed, 25 Jul 2001 06:26:23 -0700 (PDT) (envelope-from pauls@nexicom.net) Received: (from root@localhost) by dell.nexicom.net (8.11.1/8.11.1) id f6PDLUq07248; Wed, 25 Jul 2001 09:21:30 -0400 Received: from mail.nexicom.net (mail.nexicom.net [216.168.96.10]) by dell.nexicom.net (8.11.3/8.11.1) with ESMTP id f6PDLRD07132; Wed, 25 Jul 2001 09:21:28 -0400 Received: from pauls (nexredback-216-168-107-198.nexicom.net [216.168.107.198] (may be forged)) by mail.nexicom.net (8.11.1/8.11.1) with SMTP id f6PDQCD16425; Wed, 25 Jul 2001 09:26:13 -0400 (EDT) From: Paul Stewart To: , Subject: RE: Web Caching Engine Date: Wed, 25 Jul 2001 09:23:56 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <004f01c114b7$19c89130$eaf62acb@smullerlaptop> Importance: Normal Nexicom: scanned by Inflex 1.0.6 - (http://pldaniels.com/inflex/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I guess this is dependant on whether or not you wish to administer an array of servers or spend a LOT of money on a "plug and play" solution. This is just my opinion.. Our Squid boxes this morning were hitting as high as 73% hit rate. This is unusually high I must admit but compared to our Cacheflow boxes, we never seen near that high of a rate. The pre-fetching in the Cacheflow boxes we found were killing bandwidth when not needed.... To qualify this information, the Cacheflow were older models. The newer ones may be much better, don't know..:) Paul -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Scott Muller Sent: July 24, 2001 11:09 PM To: freebsd-isp@FreeBSD.ORG Subject: RE: Web Caching Engine We use Cabletron/Enterasys SSR 2000's http://www.enterasys.com/products/items/SSR-2-B128/ (or whatever they're called this month!) and Cacheflow boxes with no problem at all. We sit at about 43% of data loaded from the local cacheflow, damn dynamic content :). Scott. > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Schlosser, Matt D. > Sent: Wednesday, July 25, 2001 6:58 AM > To: 'Jeremy Buckner'; 'freebsd-isp@FreeBSD.ORG' > Subject: RE: Web Caching Engine > > > We use CacheFlow products. http://www.cacheflow.com/ > > As much as home-made is nice, a system designed for it seems > to do best. > These are great. > > > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jeremy Buckner > Sent: Tuesday, July 24, 2001 10:38 AM > To: freebsd-isp@FreeBSD.ORG > Subject: Web Caching Engine > > > Has anyone ever used/configured FreeBSD as a web caching > engine. Can it be done or do I have to buy the $50,000 Cisco > product? Also it be seamless to my customers (no setting > proxy settings or anything like that). Any ideas? > > Thanks, > Jeremy Buckner > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 6:55:22 2001 Delivered-To: freebsd-isp@freebsd.org Received: from chaos.lelnet.com (unknown [216.162.169.147]) by hub.freebsd.org (Postfix) with ESMTP id 5313937B427 for ; Wed, 25 Jul 2001 06:54:34 -0700 (PDT) (envelope-from mbl@lelnet.com) Received: (from mbl@localhost) by chaos.lelnet.com (8.9.3/8.9.3) id OAA92031 for freebsd-isp@FreeBSD.ORG; Tue, 24 Jul 2001 14:02:47 -0400 (EDT) (envelope-from mbl) Date: Tue, 24 Jul 2001 14:02:47 -0400 From: Matthew Landry To: freebsd-isp@FreeBSD.ORG Subject: Re: Redundant setup on a budget?? Message-ID: <20010724140246.A89470@chaos.lelnet.com> References: <995980372.3b5d745405f48@Mail.SavvyWorld.Net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from andy@tecc.co.uk on Tue, Jul 24, 2001 at 02:57:59PM +0100 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > It's in the ports as of 4.3-RELEASE It's in /usr/ports/net/vrrp/. The original poster said .../vrrpd/. Which doesn't exist. :) And fixing the typo is easier than grabbing it from another source and porting it yourself. :) -- Matthew Landry mbl@lelnet.com O- LEL Network Services Anti-Stupid Talisman "You don't have to outrun the bear. Just outrun the slowest hiker." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:16:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 12AF237B631 for ; Wed, 25 Jul 2001 07:15:05 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6PE1Tt01846; Wed, 25 Jul 2001 04:01:30 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Wed, 25 Jul 2001 04:01:28 -1000 (HST) From: Vincent Poy To: Paul Robinson Cc: alexus , Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010725095820.G83511@jake.akitanet.co.uk> Message-ID: <20010725040046.D50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Paul Robinson wrote: > On Jul 25, Vincent Poy wrote: > > > Any comments on Merit Radius? > > I spent 15 minutes with it one Tuesday morning and went back to Cistron. For > what it's worth, I currently run ICRADIUS, but am planning to move to > XTRadius in the near future, as it seems a little more mature. A few years ago, we used cistron but it didn't do realms so we went with Merit. Does ICRADIUS do realms and is it easy to implement something like GRIC? Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:17:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtp.kka.com (smtp.kka.com [63.141.65.2]) by hub.freebsd.org (Postfix) with ESMTP id 9197937B41B for ; Wed, 25 Jul 2001 07:15:26 -0700 (PDT) (envelope-from Eric_Stanfield@kenokozie.com) Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE To: freebsd-isp@freebsd.org X-Mailer: Lotus Notes Release 5.0.2a November 23, 1999 Message-ID: From: Eric_Stanfield@kenokozie.com Date: Wed, 25 Jul 2001 09:13:54 -0500 X-MIMETrack: Serialize by Router on Notes1st/Keno(Release 5.0.4 |June 8, 2000) at 07/25/2001 09:13:55 AM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Where to begin. This was the first thing I tried when my radius server died and I couldn't get a new license key from Lucent for the existing ascend radius daemon I had here. So I went to ftp.ascend.com and grabbed the file referenced below. Now you would think an ascend radius daemon would pretty much work with a user and dictionary file brought over from another ascend radius daemon, right? Well, no. Cistron ended up being a good fit and it literally worked 'out-of-the-box' with all my existing data. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eric Stanfield, K2Access Keno Kozie Associates 222 N LaSalle #1500 Chicago, IL 60606 (312) 332-3000 "Chuck Rock" et> cc: Sent by: Subject: RE: RADIUS server on FreeBSD 4.x-RELEASE owner-freebsd-isp@F reeBSD.ORG 07/24/01 05:18 PM What's wrong with ... ascend-radius-980618 ? Chuck > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Paul Robinson > Sent: Tuesday, July 24, 2001 4:37 PM > To: alexus > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > > > On Jul 24, alexus wrote: > > > Hello > > > > I need to install RADIUS server on FreeBSD 4.2 and/or 4.3 (I > dont think it'd > > be whole a lot different) but anyway.. > > > > I went to http://www.livingston.com/ and i was confused due to they have > > version for linux for other os but not for FreeBSD.. > > > > anyone dealt with that? any suggestions? (besides using ports/packages) > > Suggestion number one: don't use Livingston RADIUS. The following have all > been played with by myself, and although they require a bit of work to get > up and running (all RADIUS software has a bit of a learning curve due to > lack of proper documentation), they have all worked well for me in a > production environment: > > Cistron - probably the most popular RADIUS server out there. Many of the > ones below here are cistron-derived > > FreeRadius - promising work, technically "not suitable for production > environments" but it seems quite stable to me > > ICRADIUS - specifically designed for users to exist in a MySQL > table, so you > get a web front-end to it. In addition, accounting goes to MySQL, > so you can > write code that produces nice stats quite quickly > > XTRadius - I have had very little experience with this, but this is by far > the most flexible version providing you have time to write code. I haven't > had a chance to benchmark it yet, but am planning to do soon to > see how the > external calls affect performance. > > -- > Paul Robinson ,--------------------------------------- > Technical Director @ Akita | A computer lets you make more mistakes > PO Box 604, Manchester, M60 3PR | than any other invention with the > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > | Tequila - Mitch Ratcliffe > `----- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:20:28 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id D0C4737B61F for ; Wed, 25 Jul 2001 07:16:32 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PPS4-0001m4-00; Wed, 25 Jul 2001 15:15:52 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PPTt-000BcV-00; Wed, 25 Jul 2001 15:17:45 +0100 Date: Wed, 25 Jul 2001 15:17:45 +0100 From: Paul Robinson To: Gabriel Ambuehl Cc: freebsd-isp@freebsd.org Subject: Re: Redundant setup on a budget?? Message-ID: <20010725151745.A36223@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> <1996903256.20010725131437@buz.ch> <20010725124353.A6548@jake.akitanet.co.uk> <2411019395.20010725142313@buz.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2411019395.20010725142313@buz.ch>; from gabriel_ambuehl@buz.ch on Wed, Jul 25, 2001 at 02:23:13PM +0200 X-Scanner: exiscan *15PPS4-0001m4-00*$AK$p/VP5SwLNT9k5UCTLc/ep0* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Gabriel Ambuehl wrote: > Actually, it's more solarisy ;-). AFAIK, it works on *BSD, Solaris > and HPUX and Linux 2.0.x. But the state stuff is really interesting. Solaris is even worse. Technically ipfw appears to have stateful extensions, but it does them through "dynamic rules" and so people don't think it's stateful. We had an argument here about this a few weeks back. :-) > ACk. But as said, I don't care for them on FS level. FS isn't meant > to > be used as a DB, for that we got DBMS installed. And what if you want multiple MySQL/Postgres servers, writing to the same DB? > Not necessarily. I don't plan to share data among different systems > with different systems writing to it. Data should be saved on two or > more boxes, but only ONE boxes will have write access to it under > normal operation. If that box goes down, it's twin gets the write > rights and so on. And you think NFS is flaky? That sounds pretty dodgy to me as you're describing it, but it's your neck. > > For SQL stuff, we might get concerned if we're doing a lot of > > INSERTs and UPDATEs. > > For DBMS, the only solution I can think of is faster > hardware. Shared DBMS is a big mess. Over lunch, this came up in conversation, and the only real problem anybody could see was detecting dead-locks. Apart from that, it shouldn't be too difficult. > Use the proper MTA. qmail is written to be NFS safe (and despite, it > saves you to worry about the security of your mailservers since it > hasn't been ONE hole in 1.03!). All MTAs are NFS safe these days provding you have locking implemented. On FBSD, that won't be possible unless you're tracking -current. Otherwise, I bet I can break a qmail box in a cluster. Anyway, every admin with any sense is running Exim. > > It'd be nice to have, but it's hard. So, off to see what Gigabit > > cards FBSD is supporting now. :-) > > I'd rather want FreeBSD to support TCP/IP over firewire ;-) Ummmmm.... yeah. that sounds *great*. :-) > Simply don't do it. With MySQL, this cries for trouble (not to Which is why I want to try and fix it. Like I say, I'm doing this because I want to. If it's possible to get working, I personally believe that would be a useful contribution to the community. > mention > the immense performance penalty). If the DB *server* > isn't fast enough, use MySQL's realtime replication and redirect the > selects to a slave, if this isn't enough, get better hardware. But I > somehow doubt that a Athlon MP 1200 isn't fast enough for 95% of all > people out there. The rest probably runs Sun or IBM anyway. We come back to where we started. Replication is not a safe way to deal with atomic transactions, and therefore is useless in anything that is important to your business. MySQL *should*not* be looking after this. Lower-layer transports and architectures should be supporting it. Or at least, that's the way I'm progressing. > > To say file servers shouldn't have atomic locking raises the > > question as to why the hell qpopper puts locks in place. > > Badly written daemon? Because you need to lock spools against multiple popper's being invoked of multiple machines at the same time. If your network is a bit cloggy, last thing you want is more than 1 qopper process trying to fiddle with a user's spool. Transactional support, and particularly atomic action support is critical to the majority of application. It's just transparent to most people (as it should be). At the moment, daemons have to implement it in their own code. My argument is why NFS can't help it in a clustered setup. > Sure. But one can go great way without even needing them. And on low-load systems, you never will. Which is where those tiny figures come from. On the majority of systems, you'll be able to deliver maybe 5,000 mails a day without ever needing locking. But the odd mail will occasionally go missing. Been there, didn't buy the t-shirt because it was a horrid place to be. :-) > If it works, I can see it. And actually, I'm running MySQL in > replicated master/slave mode since the day the replication feature > got > stable enough for production. And I've got my doubts whether I would > want to rely on a multiple master setup with MySQL 3.23. Well, the tech I'm talking about is at a level where MySQL is the most likely to break it, but because I'm talking about FS level, it should benefit mail clusters and suchlike as well. > Sure I can. But I don't see why I should use locking there if my > mailserver was designed to work with NFS without locking. I thought you said qpopper was a badly written daemon? How do you think qmail does it if isn't using big, fat, expensive lock files? I'm guessing here, perhaps it's cluster safe using a different technique I'm not aware of, but the point is that with NFS level locking your daemon (whether it's an MTA or a UberWidget 2001 MultiVibrationAlert or whatever), doesn't need to worry about it. > Oh I see, you follow our business model (lots of cheap servers are > much better for your reliability than one expensive one). I just feel Better for the wallet as well. :-) > it > comes to an end when it comes to loaded DB servers as it's awfully > hard to have two boxes working on the same table. THAT'S MY POINT! THAT is EXACTLY what I want to work on. I want to try and work out what it would take (patching software, whatever, if need be) to make this a relatively trivial exercise. I know we're on -isp here, but this is exactly the sort of conversation we should be having on -cluster and trying to make it happen. > Oh and last but not least, MySQL is probably not the right choice if > you need bomb proof reliability anyway (IIRC, it still isn't ACID > even > with transaction support). I think the current transaction support in the beta relies on Berkley DB transaction support. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:22:31 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ns.ag2000.it (unknown [151.17.226.34]) by hub.freebsd.org (Postfix) with SMTP id 5871837B69E for ; Wed, 25 Jul 2001 07:17:22 -0700 (PDT) (envelope-from giorgio@ag2000.it) Received: (qmail 79408 invoked from network); 18 Jul 2001 13:16:17 -0000 Received: from unknown (HELO joga) (151.17.226.40) by ns with SMTP; 18 Jul 2001 13:16:17 -0000 Message-ID: <011a01c10f8b$d7a6fb00$0200a8c0@ag2000.it> From: "Giorgio Bozio" To: "Tom Turrisi" , References: Subject: Re: FreeBSD 4.2 RELEASE and RealServer 8.01 Date: Wed, 18 Jul 2001 15:16:23 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2462.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Tom! just go to /stand/sysinstall choose Configuration then distributions then check compat3.x maybe you'll have to reinstall and realserver should work fine. hope this help Ciao, Giorgio ----- Original Message ----- From: "Tom Turrisi" To: Sent: mercoledė 18 luglio 2001 15.07 Subject: FreeBSD 4.2 RELEASE and RealServer 8.01 > Hi guys, > > During the next few months i will be creating a streaming media solution and > i have chosen to use RealServer 8.01 from www.realnetworks.com . > > The only problem with that is... RealServer is supported on FreeBSD 3 but > apparently not 4.2 > > I e-mailed tech support at realnetworks and was informed that although their > was no "out of the box" package for 4.2 , it is still possible to install it > on 4.2 . > > So i downloaded the evaluation, ran it a few times and fixed all the errors > it came up with (missing librarys which i found in > /usr/src/lib/compat/compat3x.i386/ ) and then managed to execute the setup > program. > > All was going well until whilst copying files i get a core dump. > The setup has produced no error log for this, the only thing i could find > was this line in /var/log/messages > > /kernel: pid 39237 (rs-8-01-freebsd-), uid 0: exited on signal 11 (core > dumped) > > > > Has anybody sucesfully installed RealServer 8 on a freebsd 4x box? or has > anybody come across this problem and not been able to get around it? > > I would really appreciate any help and advice > > Thanks > > Tom Turrisi > > _________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:25:37 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 712CB37B7C2 for ; Wed, 25 Jul 2001 07:21:45 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PPX2-0001pe-00; Wed, 25 Jul 2001 15:21:00 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PPYq-000Bv6-00; Wed, 25 Jul 2001 15:22:52 +0100 Date: Wed, 25 Jul 2001 15:22:52 +0100 From: Paul Robinson To: Vincent Poy Cc: alexus , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725152252.C36223@jake.akitanet.co.uk> References: <20010725095820.G83511@jake.akitanet.co.uk> <20010725040046.D50475-100000@oahu.WURLDLINK.NET> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010725040046.D50475-100000@oahu.WURLDLINK.NET>; from vince@oahu.WURLDLINK.NET on Wed, Jul 25, 2001 at 04:01:28AM -1000 X-Scanner: exiscan *15PPX2-0001pe-00*$AK$Pk41EhaAjiDFSGKBO1vw81* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Vincent Poy wrote: > A few years ago, we used cistron but it didn't do realms so we > went with Merit. Does ICRADIUS do realms and is it easy to implement > something like GRIC? Cistron does realms. Always has done AFAIK. ICRADIUS is derived from Cistron (as most free radius code is these days), and should all support realms. Which version of cistron was it you were using? -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 7:59: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from cerebro.superhero.org (unknown [216.201.173.186]) by hub.freebsd.org (Postfix) with SMTP id EC8EC37B708 for ; Wed, 25 Jul 2001 07:56:22 -0700 (PDT) (envelope-from needo@cerebro.superhero.org) Received: (qmail 61985 invoked by uid 1000); 25 Jul 2001 13:10:18 -0000 Date: Wed, 25 Jul 2001 08:10:18 -0500 From: Erich Zigler To: freebsd-isp@freebsd.org Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725081018.B61776@cerebro.superhero.org> References: <20010724223708.E83511@jake.akitanet.co.uk> <20010724162706.B50475-100000@oahu.WURLDLINK.NET> <20010725095820.G83511@jake.akitanet.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725095820.G83511@jake.akitanet.co.uk>; from paul@akita.co.uk on Wed, Jul 25, 2001 at 09:58:20AM +0100 X-Operating-System: FreeBSD 4.3-STABLE X-Eric-Conspiracy: There is no conspiracy. X-Jacob: Hi Jacob! X-Shane: Hi Shane! Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed 25 Jul 2001, Paul Robinson wrote: > what it's worth, I currently run ICRADIUS, but am planning to move to > XTRadius in the near future, as it seems a little more mature. I have had a lot of luck with XTRadius. I have been using it for quite awhile now. The authors are friendly, the documentation is well written, and the individuals on the support mailing list are prompt and helpful. The external programs available for download for authentication are well written and well documented. I currently use XTRadius+Radauth and I store all of my user's information in a MySQL database. I have written a PHP front-end to add/delete/modify users. I plan on releasing the web frontend soon, but time is limited on being able to work on it. -- Erich Zigler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 8: 1:12 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.online.ie (mail.online.ie [213.159.130.68]) by hub.freebsd.org (Postfix) with ESMTP id 5682037B78E for ; Wed, 25 Jul 2001 07:59:49 -0700 (PDT) (envelope-from bofh@online.ie) Received: from web2.www.online.ie (eth3.web2.www.online.ie [10.10.3.33]); by mail.online.ie with ESMTP id C163C701F; Wed, 25 Jul 2001 15:38:16 +0100 (IST) Received: (from nobody@localhost) by web2.www.online.ie with id PAA11300 Wed, 25 Jul 2001 15:38:16 +0100 To: Fabrizio Ravazzini Subject: Re: FreeBSD Mail Toaster CLUSTER Message-ID: <996071896.3b5ed9d8b73cd@mail.online.ie> Date: Wed, 25 Jul 2001 15:38:16 +0100 (IST) From: Sascha Lucky Luck Cc: freebsd-isp@freebsd.org References: <20010725112323.20541.qmail@web20102.mail.yahoo.com> In-Reply-To: <20010725112323.20541.qmail@web20102.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: online.ie WebMail program X-Originating-IP: 159.134.245.203 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Quoting Fabrizio Ravazzini : > Is it possible with FreeBSD to make a "cluster" of two > machines (ix86) that when one goes down for some fault > the other takes care of the service so that Mail is > still available? Fabrizio, set up 2 mail servers and CNAME to both servers in DNS. The 2 servers must access a file system (on a 3rd machine or a shared RAID system, or a Netapp filer) where the mails are stored. Be sure to use qmail with Maildir, otherwise you'll have file locking issues. DNS will assign a connection to to one or the other server using 'round robin'. If one server is down, an incoming connection will have a 50% chance of failure (the more servers, the more likely a successful connection becomes) but on retry it should connect. This setup has been successfully used with approx 100,000 users and 4 mail servers. Alternatively you can use a load balancer instead of DNS. It will notice a server down and reroute connections to the survivor. Good luck, s. ---------------------------------------------------- Get your free email account at http://www.online.ie/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 8: 7:23 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 403A837B636 for ; Wed, 25 Jul 2001 08:05:15 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6PF4xC03071; Wed, 25 Jul 2001 05:04:59 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Wed, 25 Jul 2001 05:04:58 -1000 (HST) From: Vincent Poy To: Paul Robinson Cc: alexus , Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010725152252.C36223@jake.akitanet.co.uk> Message-ID: <20010725050418.B50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Paul Robinson wrote: > On Jul 25, Vincent Poy wrote: > > > A few years ago, we used cistron but it didn't do realms so we > > went with Merit. Does ICRADIUS do realms and is it easy to implement > > something like GRIC? > > Cistron does realms. Always has done AFAIK. ICRADIUS is derived from Cistron > (as most free radius code is these days), and should all support realms. > Which version of cistron was it you were using? I don't remember but it was a FreeBSD port and this was back in Summer of 1998 and I remember I even asked the author and he said there was no realm support back then. Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 8:46:41 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 0EC8337B409 for ; Wed, 25 Jul 2001 08:46:31 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PQr4-0007wu-00; Wed, 25 Jul 2001 16:45:46 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PQsu-000Gd0-00; Wed, 25 Jul 2001 16:47:40 +0100 Date: Wed, 25 Jul 2001 16:47:40 +0100 From: Paul Robinson To: Vincent Poy Cc: alexus , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010725164739.A53308@jake.akitanet.co.uk> References: <20010725152252.C36223@jake.akitanet.co.uk> <20010725050418.B50475-100000@oahu.WURLDLINK.NET> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010725050418.B50475-100000@oahu.WURLDLINK.NET>; from vince@oahu.WURLDLINK.NET on Wed, Jul 25, 2001 at 05:04:58AM -1000 X-Scanner: exiscan *15PQr4-0007wu-00*$AK$6.iWZ8uibpvoJcPJIacoT1* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, Vincent Poy wrote: > I don't remember but it was a FreeBSD port and this was back in > Summer of 1998 and I remember I even asked the author and he said there > was no realm support back then. OK, I think there has been a misunderstanding here. When referring to realms I translated that into huntgroups, which I assumed to be the same thing. Now I've sat here and thought about it, depending on requirements, you can do it if you needed to, but it's not quite what I think you were referring to. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 9:13:40 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailer.pcsmo.com (unknown [209.248.211.188]) by hub.freebsd.org (Postfix) with ESMTP id C9FD137B41E for ; Wed, 25 Jul 2001 09:13:02 -0700 (PDT) (envelope-from Ryugen@palaver.org) Received: from cop.pcsmo.com ([209.248.211.187]) by mailer.pcsmo.com (Post.Office MTA v3.5.3 release 223 ID# 0-52399U2500L250S0V35) with SMTP id com for ; Tue, 24 Jul 2001 07:06:21 -0500 Received: from office.palaver.org (unverified [65.203.6.9]) by cop.pcsmo.com (EMWAC SMTPRS 0.83) with SMTP id ; Tue, 24 Jul 2001 07:06:21 -0500 Message-Id: <5.1.0.14.2.20010724070211.030ca008@mail.palaver.org> X-Sender: ryugen@mail.palaver.org X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 24 Jul 2001 07:06:13 -0500 To: freebsd-isp@FreeBSD.ORG From: Ryugen Fisher Subject: Strange Logs Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have been looking at these logs for years.. this is the first time I have seen the LINK entries marked LINK#4 LINK#5 LINK#6 LINK#7 LINK#8 LINK#9 and LINK#10 ... ppp was not set up on this box.... what is happening? TIA >Last dump(s) done (Dump '>' file systems): > >UUCP status: > >Network interface status: >Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll >ed0 1500 00:48:45:00:29:4d 1058539 7483 897892 599 97364 >ed0 1500 209.248.211.1 primo 740450 - 894602 - - >ed0 1500 fe80:1::248 fe80:1::248:45ff: 0 - 0 - - >lp0* 1500 0 0 0 0 0 >lo0 16384 45636 0 45636 0 0 >lo0 16384 fe80:3::1 fe80:3::1 0 - 0 - - >lo0 16384 ::1 ::1 0 - 0 - - >lo0 16384 127 localhost 45638 - 45638 - - >ppp0* 1500 0 0 0 0 0 >sl0* 552 0 0 0 0 0 >faith 1500 0 0 0 0 0 >gif0* 1280 0 0 0 0 0 >gif1* 1280 0 0 0 0 0 >gif2* 1280 0 0 0 0 0 >gif3* 1280 0 0 0 0 0 > >Local network system status: >primo up 17+04:20, 0 users, load 0.00, 0.00, 0.00 > >Mail in local queue: >/var/spool/mqueue is empty > >Security check: > (output mailed separately) > >Checking for rejected mail hosts: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 9:18:40 2001 Delivered-To: freebsd-isp@freebsd.org Received: from taka.swcp.com (taka.swcp.com [198.59.115.12]) by hub.freebsd.org (Postfix) with ESMTP id 374DE37B405 for ; Wed, 25 Jul 2001 09:18:26 -0700 (PDT) (envelope-from deichert@wrench.com) Received: from inago.swcp.com (inago.swcp.com [198.59.115.17]) by taka.swcp.com (8.10.0.Beta12/8.10.0.Beta12) with ESMTP id f6PGIgj68205; Wed, 25 Jul 2001 10:18:43 -0600 (MDT) Received: from localhost (deichert@localhost) by inago.swcp.com (8.8.7/8.8.7) with ESMTP id KAA23327; Wed, 25 Jul 2001 10:18:24 -0600 (MDT) X-Authentication-Warning: inago.swcp.com: deichert owned process doing -bs Date: Wed, 25 Jul 2001 10:18:23 -0600 (MDT) From: Diana Eichert X-Sender: deichert@inago.swcp.com To: Erich Zigler Cc: freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010725081018.B61776@cerebro.superhero.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Here's another vote for xtRadius. I liked the ease with which I could define the variable to pass to an external program/script. diana On Wed, 25 Jul 2001, Erich Zigler wrote: > On Wed 25 Jul 2001, Paul Robinson wrote: > > > what it's worth, I currently run ICRADIUS, but am planning to move to > > XTRadius in the near future, as it seems a little more mature. > > I have had a lot of luck with XTRadius. I have been using it for quite > awhile now. The authors are friendly, the documentation is well written, and > the individuals on the support mailing list are prompt and helpful. > > The external programs available for download for authentication are well > written and well documented. I currently use XTRadius+Radauth and I store > all of my user's information in a MySQL database. I have written a PHP > front-end to add/delete/modify users. > > I plan on releasing the web frontend soon, but time is limited on being able > to work on it. > > -- > Erich Zigler > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 9:47:18 2001 Delivered-To: freebsd-isp@freebsd.org Received: from orbital.mtl.posixnet.org (orbital.mtl.posixnet.org [66.38.182.19]) by hub.freebsd.org (Postfix) with ESMTP id 22F4F37B408 for ; Wed, 25 Jul 2001 09:47:11 -0700 (PDT) (envelope-from paul@colba.net) Received: from colba.net (nat.MTL.distributel.NET [66.38.181.24]) by orbital.mtl.posixnet.org (8.11.4/8.11.1) with ESMTP id f6PGome02496 for ; Wed, 25 Jul 2001 12:50:53 -0400 (EDT) (envelope-from paul@colba.net) Message-ID: <3B5F322E.60BD3BA2@colba.net> Date: Wed, 25 Jul 2001 16:55:10 -0400 From: Paul Khavkine X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: Backup MX with Sendmail Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi folks, it's been a while since i done that so memory is a bit shady. I have a custommer with domain.com that has his own mail server. Now if i want to back him up with a higher pref MX, it soesn't seem to work. When i dont have domain.com in sendmail.cw, i get relaying denied (obviously) When i add domain.com to sendmail.cw and when mail for domain.com gets to my mail server (when custommer's one is down) it tries to deliver it localy insted of queuing it. So i get user unknows since the username does not exist on my mail server. What am missing ? Thanx Paul -- ************************************************* Paul Khavkine Network Administrator Distributel Communications 740 Notre Dame West, Suite 1135 Montreal, Quebec, Canada, H3C 3X6 1-514-877-0064 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 9:54:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from buck.ncia.net (buck.ncia.net [207.140.8.3]) by hub.freebsd.org (Postfix) with ESMTP id 8AF8F37B408 for ; Wed, 25 Jul 2001 09:54:48 -0700 (PDT) (envelope-from rjtaylor@ncia.net) Received: from wolf.ncia.net (wolf.ncia.net [207.140.8.21]) by buck.ncia.net (8.11.3/8.11.3) with ESMTP id f6PGsbU37481; Wed, 25 Jul 2001 12:54:37 -0400 (EDT) (envelope-from rjtaylor@ncia.net) Received: from localhost (rjtaylor@localhost) by wolf.ncia.net (8.11.3/8.11.3) with ESMTP id f6PGsbn27419; Wed, 25 Jul 2001 12:54:37 -0400 Date: Wed, 25 Jul 2001 12:54:37 -0400 (EDT) From: Ryan Taylor To: Cc: Paul Khavkine Subject: Re: Backup MX with Sendmail In-Reply-To: <3B5F322E.60BD3BA2@colba.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Paul Khavkine wrote: > > Hi folks, it's been a while since i done that so memory is a bit shady. > > I have a custommer with domain.com that has his own mail server. > Now if i want to back him up with a higher pref MX, it soesn't seem to > work. > > When i dont have domain.com in sendmail.cw, i get relaying denied > (obviously) > > When i add domain.com to sendmail.cw and when mail for domain.com gets > to my mail server (when custommer's one is down) it tries to deliver it > localy > insted of queuing it. > > So i get user unknows since the username does not exist on my mail > server. > What am missing ? > > Thanx > Paul > > -- > ************************************************* > Paul Khavkine > Network Administrator > Distributel Communications > 740 Notre Dame West, Suite 1135 > Montreal, Quebec, Canada, H3C 3X6 > 1-514-877-0064 > Hi Paul, Add a line like: domain.com RELAY to your /etc/mail/access. Then run "make" from /etc/mail/. The sendmail.cw or "local-host-names", as it's called nowadays, is for domains you'd like to have delivered locally. So you actually _do not_ want to list domain.com in that file. RJ --------------------- Ryan J. Taylor Systems/Network Administrator NCIA rj@ncia.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 10:14:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from exchange.unimayab.edu.mx (unknown [148.230.75.37]) by hub.freebsd.org (Postfix) with ESMTP id F18F637B407 for ; Wed, 25 Jul 2001 10:14:50 -0700 (PDT) (envelope-from dperez@unimayab.edu.mx) Received: by EXCHANGE with Internet Mail Service (5.5.2653.19) id ; Wed, 25 Jul 2001 12:14:50 -0500 Message-ID: <81C8CA3C286FD511A959000102C9B2CE2B21@EXCHANGE> From: "A. David Perez Marfil" To: freebsd-isp@FreeBSD.ORG Subject: RE: Backup MX with Sendmail Date: Wed, 25 Jul 2001 12:14:50 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hi i just be a customer of some ISP, the ISP was our Mail Exchanger backup=20 with the same configuration,=20 but they give us a way to retrieve the email wend the main mail server back to up state with the follow=20 command finger ispserver@customerdomain how this is done? Regards David P=E9rez -----Mensaje original----- De: Ryan Taylor [mailto:rjtaylor@ncia.net] Enviado el: Mi=E9rcoles, 25 de Julio de 2001 11:55 a.m. Para: freebsd-isp@FreeBSD.ORG CC: Paul Khavkine Asunto: Re: Backup MX with Sendmail On Wed, 25 Jul 2001, Paul Khavkine wrote: > > Hi folks, it's been a while since i done that so memory is a bit = shady. > > I have a custommer with domain.com that has his own mail server. > Now if i want to back him up with a higher pref MX, it soesn't seem = to > work. > > When i dont have domain.com in sendmail.cw, i get relaying denied > (obviously) > > When i add domain.com to sendmail.cw and when mail for domain.com = gets > to my mail server (when custommer's one is down) it tries to deliver = it > localy > insted of queuing it. > > So i get user unknows since the username does not exist on my mail > server. > What am missing ? > > Thanx > Paul > > -- > ************************************************* > Paul Khavkine > Network Administrator > Distributel Communications > 740 Notre Dame West, Suite 1135 > Montreal, Quebec, Canada, H3C 3X6 > 1-514-877-0064 > Hi Paul, Add a line like: domain.com RELAY to your /etc/mail/access. Then run "make" from /etc/mail/. The sendmail.cw or "local-host-names", as it's called nowadays, is for = domains you'd like to have delivered locally. So you actually _do not_ want to list domain.com in that file. RJ --------------------- Ryan J. Taylor Systems/Network Administrator NCIA rj@ncia.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 10:35: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from jake.akitanet.co.uk (jake.akitanet.co.uk [212.1.130.131]) by hub.freebsd.org (Postfix) with ESMTP id BB78037B403 for ; Wed, 25 Jul 2001 10:35:01 -0700 (PDT) (envelope-from wiggy@wopr.akitanet.co.uk) Received: from dsl-212-135-208-201.dsl.easynet.co.uk ([212.135.208.201] helo=wopr.akitanet.co.uk) by jake.akitanet.co.uk with esmtp (Exim 3.13 #3) id 15PSYR-000F6Y-00; Wed, 25 Jul 2001 18:34:39 +0100 Received: from wiggy by wopr.akitanet.co.uk with local (Exim 3.21 #2) id 15PSaI-000MdL-00; Wed, 25 Jul 2001 18:36:34 +0100 Date: Wed, 25 Jul 2001 18:36:34 +0100 From: Paul Robinson To: "A. David Perez Marfil" Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Backup MX with Sendmail Message-ID: <20010725183634.A85165@jake.akitanet.co.uk> References: <81C8CA3C286FD511A959000102C9B2CE2B21@EXCHANGE> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <81C8CA3C286FD511A959000102C9B2CE2B21@EXCHANGE>; from dperez@unimayab.edu.mx on Wed, Jul 25, 2001 at 12:14:50PM -0500 X-Scanner: exiscan *15PSYR-000F6Y-00*$AK$HRD9y/bLztSAK2OlJAkS5/* Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Jul 25, "A. David Perez Marfil" wrote: > hi i just be a customer of some ISP, > the ISP was our Mail Exchanger backup > with the same configuration, > but they give us a way to retrieve the email > wend the main mail server back to up state with the follow > command > > finger ispserver@customerdomain > how this is done? You have a custom script on port 79 (?) that takes what is in front of the @ symbol that then spawns off another script to start the queue processing for the relevant domains. So take 'customerdomain' and basically pass it to sendmail with the -q flag. Oh yeah, and I suspect it would be customerdomain@ispserver rather than the way you have it. -- Paul Robinson ,--------------------------------------- Technical Director @ Akita | A computer lets you make more mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 10:38:53 2001 Delivered-To: freebsd-isp@freebsd.org Received: from exchange.unimayab.edu.mx (unknown [148.230.75.37]) by hub.freebsd.org (Postfix) with ESMTP id 3DF3A37B403 for ; Wed, 25 Jul 2001 10:38:49 -0700 (PDT) (envelope-from dperez@unimayab.edu.mx) Received: by EXCHANGE with Internet Mail Service (5.5.2653.19) id ; Wed, 25 Jul 2001 12:38:49 -0500 Message-ID: <81C8CA3C286FD511A959000102C9B2CE2B22@EXCHANGE> From: "A. David Perez Marfil" To: freebsd-isp@FreeBSD.ORG Subject: RE: Backup MX with Sendmail Date: Wed, 25 Jul 2001 12:38:48 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org sorry you have ritgth is customerdomain@ispserver thanks! -----Mensaje original----- De: Paul Robinson [mailto:paul@akita.co.uk] Enviado el: Mi=E9rcoles, 25 de Julio de 2001 12:37 p.m. Para: A. David Perez Marfil CC: freebsd-isp@FreeBSD.ORG Asunto: Re: Backup MX with Sendmail On Jul 25, "A. David Perez Marfil" wrote: > hi i just be a customer of some ISP, > the ISP was our Mail Exchanger backup=20 > with the same configuration,=20 > but they give us a way to retrieve the email > wend the main mail server back to up state with the follow=20 > command >=20 > finger ispserver@customerdomain > how this is done? You have a custom script on port 79 (?) that takes what is in front of = the @ symbol that then spawns off another script to start the queue = processing for the relevant domains. So take 'customerdomain' and basically pass it to sendmail with the -q flag. Oh yeah, and I suspect it would be customerdomain@ispserver rather than = the way you have it. --=20 Paul Robinson = ,--------------------------------------- Technical Director @ Akita | A computer lets you make more = mistakes PO Box 604, Manchester, M60 3PR | than any other invention with the=20 T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and | Tequila - Mitch Ratcliffe `----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 10:42:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 6AAB637B405 for ; Wed, 25 Jul 2001 10:42:08 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 83226 invoked from network); 25 Jul 2001 17:42:21 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 25 Jul 2001 17:42:21 -0000 Message-ID: <003b01c11531$1d653f80$0d00a8c0@alexus> From: "alexus" To: "Paul Robinson" , "Mark Newton" Cc: "Chuck Rock" , References: <004a01c1148e$9e210440$1805010a@epconline.net> <002f01c11492$cc245b40$0d00a8c0@alexus> <20010725082430.A19609@internode.com.au> <20010725095632.F83511@jake.akitanet.co.uk> Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Date: Wed, 25 Jul 2001 13:42:02 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org does radiator have sql backend or web gui for frontend? ----- Original Message ----- From: "Paul Robinson" To: "Mark Newton" Cc: "alexus" ; "Chuck Rock" ; Sent: Wednesday, July 25, 2001 4:56 AM Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE > On Jul 24, Mark Newton wrote: > > > Radiator. http://www.open.com.au/radiator > > Indeed, a very capable RADIUS server. Unfortunately for a single server it > costs $620, and for 2-7 servers it's $992. I didn't include this in the > run-down I gave because I tend to concentrate on open-source solutions. The > closest to this out of the list I gave is going to be either FreeRadius > (which offers nearly all of this but is still beta) or XTRadius where you > can call any external program you want for authentication or accounting, > meaning that with an afternoon of Perl scripting you can do everything > Radiator can, specific to your site. > > -- > Paul Robinson ,--------------------------------------- > Technical Director @ Akita | A computer lets you make more mistakes > PO Box 604, Manchester, M60 3PR | than any other invention with the > T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and > | Tequila - Mitch Ratcliffe > `----- > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 11: 4:49 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ns1.win.net (ns1.win.net [216.24.27.3]) by hub.freebsd.org (Postfix) with ESMTP id 5650A37B403 for ; Wed, 25 Jul 2001 11:04:46 -0700 (PDT) (envelope-from jfmays@launchpad.win.net) Received: from ENGINEERING01 (216-24-1-215.win.net [216.24.1.215]) by ns1.win.net (8.11.0/8.11.0) with SMTP id f6PI4jf82248 for ; Wed, 25 Jul 2001 14:04:45 -0400 (EDT) Message-ID: <011001c11534$490e6f50$d70118d8@ENGINEERING01> From: "Joe Mays" To: Subject: Unusual DOS attack Date: Wed, 25 Jul 2001 14:04:44 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Last week someone launched a DOS against a site on our system that exhibited some puzzling behaviors. I wanted to ask if anyone on here has seen anything similar. Since the DOS had nothing to do with FreeBSD in particular, I apologize if this is somewhat off-topic, but this seemed like a forum where the participants might be interested, anyway. The attack was a lot like a smurf attack, but with some puzzling differences. Someone was throwing a huge amount of ICMP traffic through one of our gateway routers. This was being broadcast out to every host on the inside LAN segment of the router (the switch on the LAN segment was a Baystack 350-24T). To that extent, it looked like a smurf attack, except -- there was no system on the LAN that was reflecting traffic back, and nothing had directed broadcast turned on; also, I went to some cisco routers on the inside lan segment and turned on icmp debugging, and they showed no icmp traffic coming in through the lan interface. We asked the provider to shut off ICMP on the incoming WAN interface, and that cleared things up, but I am still puzzled as to what was going on. I should point out that we didn't discover until after the fact that there was interface on the 350-24T switch that had not been updating in MRTG for a month or so, and it was possible that whatever was reflecting ICMP was on that port, so that we didn't see the trafffic bouncing back into the switch from there, but I scanned the subnet for ports with dcmp directed broadcast turned on and couldn't find any. It is possible to that the ICMP traffic was somehow being bounced out of the switch itself, I suppose, though I couldn't find any way to do that. I am more puzzled by the fact that the ICMP traffic was not showing up in icmp debugging on cisco routers on the lan segment, even though they showed the flood of traffic coming in through the ethernet interface. Normally, smurfing is extremely obvious in icmp debugging. -- Joe Mays - Engineering Manager (502) 815-7166 Win.Net Business Internet - http://www.win.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 11:15:34 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 8A58937B403 for ; Wed, 25 Jul 2001 11:15:29 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 88383 invoked from network); 25 Jul 2001 18:15:28 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 25 Jul 2001 18:15:28 -0000 Date: Wed, 25 Jul 2001 20:16:45 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <5632231526.20010725201645@buz.ch> To: Alexander Leidinger Cc: freebsd-isp@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <200107251108.f6PB8pu10158@Magelan.Leidinger.net> References: <200107251108.f6PB8pu10158@Magelan.Leidinger.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Alexander, Wednesday, July 25, 2001, 1:08:50 PM, you wrote: >> on my disk but that one's in German (high class one, riddled with >> English fail over vocabulary), so I suspect it wouldn't help you >> very much. > But it's perhaps interesting for other people. Can you put it > somewhwere to download? Mit Blick auf deinen Header und Namen, dürfte es interessant für dich sein. Mein Deutsch ist deutlich besser als mein Englisch ;-) It's just that it's a very early draft I'd be ashamed to put on the web in its current state. >> realtime (basically, I could agree on using any solution that >> doesn't create more than a 10 to 15min lag, even on big >> mailservers with hundred of thousands of files and dirs). > Perhaps you want to implement it on your own too... It's just that I just started coding C++ (after several years of Python, PHP and Perl) and never did any Kernel hacking so far. If somebody'd provide me with the filelist, I'd be all ears to do it. > For ufs: > man 2 kqueue Hmm. This is FreeBSD >4.0... Not exactly portable, but I suspect there's no such thing as a portable approach to something like this. On the first glance it looks pretty complex but... > If you decide to implement it (there are interfaces to other > languages - at least to python - in the ports), please make the > program modular in a fashion it would be usable as a realtime > tripwire replacement (e.g. let it call 3rd party apps with "path" > and "type of change" as arguments... I already thought about this a > little bit, but unfortunally I didn't have time to implement it > myself, but you're perhaps interested in some ideas I have). I currently prefer to work on my monitoring system until it at least is alpha quality (i.e. enough for inhouse use ;-) but after that I'm interested in this kind of stuff. Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO17/AcZa2WpymlDxAQHAcwf/ZXqqKMNrbeu4En7rXA+gYegIGqa+nCEU /npY++msyhJOEQHb1T9lPPNvdI9yJn4kN7TD0J2bZLp+tFYNfxNgah7rPdZPPkej 5bzt2F7IDMtAKa0SFGc2ClKVq74InSu0P/FvJQ1s4G8rba/egXfbGqQb0HA0cAMk VD+/Fg1Q5mT24O57XbGtApg1BuMcwo3Mp+qDie04W+LdEmmKFnRFrlYHC4mvbO+A 1EZEV0BzIP0g0PSK+QmLBtgvxSz87BHsnE4wBh4FTKeXaZ0PvF+LjEC6I0eb/02r S3nGGMxvWwg7j2ioTdSv4br26467+vqpsCEmr+vegZXA+goUYwNA8Q== =xFJi -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 12:16: 2 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 9F21137B405 for ; Wed, 25 Jul 2001 12:15:44 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 90882 invoked from network); 25 Jul 2001 19:15:42 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 25 Jul 2001 19:15:42 -0000 Date: Wed, 25 Jul 2001 21:16:59 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <6335845483.20010725211659@buz.ch> To: Paul Robinson Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <20010725151745.A36223@jake.akitanet.co.uk> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> <1996903256.20010725131437@buz.ch> <20010725124353.A6548@jake.akitanet.co.uk> <2411019395.20010725142313@buz.ch> <20010725151745.A36223@jake.akitanet.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Paul, Wednesday, July 25, 2001, 4:17:45 PM, you wrote: > On Jul 25, Gabriel Ambuehl wrote: >> Actually, it's more solarisy ;-). AFAIK, it works on *BSD, >> Solaris and HPUX and Linux 2.0.x. But the state stuff is really >> interesting. > Solaris is even worse. Slowlaris, as I tend to call it. > Technically ipfw appears to have stateful extensions, > but it does them through "dynamic rules" and so people don't think > it's stateful. Didn't work for my LAN firewall without some awfully stupid ruleset. ipf does just great. >> ACk. But as said, I don't care for them on FS level. FS isn't >> meant to be used as a DB, for that we got DBMS installed. > And what if you want multiple MySQL/Postgres servers, writing to > the same DB? As said: use one master with write perms and as many slaves as you like which are responsible for the selects. > And you think NFS is flaky? That sounds pretty dodgy to me as > you're describing it, but it's your neck. This is just some sort of realtime backup. Good for sleeping well, you know. >> For DBMS, the only solution I can think of is faster >> hardware. Shared DBMS is a big mess. > Over lunch, this came up in conversation, and the only real problem > anybody could see was detecting dead-locks. Apart from that, it > shouldn't be too difficult. Not too difficult? I mean I don't know hell a lot about DBMS implementation, but if I were to do one, I'd surely cache immense amounts of data INSIDE my app which I surely wouldn't rebuild from HD after an statement that could affect it. Instead, I'd do the statement against the cache and write back the changes made to the cache to the HD. Now how does your cluster know when it should rebuild its caches? > All MTAs are NFS safe these days provding you have locking > implemented. On FBSD, that won't be possible unless you're tracking > -current. Otherwise, I bet I can break a qmail box in a cluster. You could try to hack OpenSSH, ACK. > Anyway, every admin with any sense is running Exim. I always thought that is some LAN quality software not up to handling thousands of mails per day ;-). The only alternative to qmail I can think of is postfix. >> I'd rather want FreeBSD to support TCP/IP over firewire ;-) > Ummmmm.... yeah. that sounds *great*. :-) Cheap and cheerful 400mbit/s. Anyone? > Which is why I want to try and fix it. Like I say, I'm doing this > because I want to. If it's possible to get working, I personally > believe that would be a useful contribution to the community. Oh if it were to work like you want, I'd probably use it. It's only that I don't think it would. Or if it would, it would be SLOW. > We come back to where we started. Replication is not a safe way to > deal with atomic transactions, and therefore is useless in anything > that is important to your business. MySQL *should*not* be looking > after this. Lower-layer transports and architectures should be > supporting it. Or at least, that's the way I'm progressing. IMHO not. MySQL knows better than the FS what it's operation will cause to the data. The FS just does the container for the MySQL data, remember, many older DBMS used raw partitions! >> Badly written daemon? > Because you need to lock spools against multiple popper's being > invoked of multiple machines at the same time. WTF does pop3d need to do with my spool, anyway? I only allow SMTP messing with it. > people (as it should be). At the moment, daemons have to implement > it in their own code. My argument is why NFS can't help it in a > clustered setup. My opinion about NFS is that it's best to stay away from it anyway. Security is way too weak. This might get better with NFSv4 but I currently don't see anything like this for FBSD. > come from. On the majority of systems, you'll be able to deliver > maybe 5,000 mails a day without ever needing locking. But the odd > mail will occasionally go missing. Been there, didn't buy the > t-shirt because it was a horrid place to be. :-) qmail does NOT lose ANY mail. Never (unless some really braindead MTA which is too stupid to resend a message for which it didn't get an OK or your fsync() is broken). >> stable enough for production. And I've got my doubts whether I >> would want to rely on a multiple master setup with MySQL 3.23. > Well, the tech I'm talking about is at a level where MySQL is the > most likely to break it, but because I'm talking about FS level, it > should benefit mail clusters and suchlike as well. As said, I don't see any need for locking with regards to mail clusters. About the only place it is really required are flat file based CGI scripts but I don't think it's my job to take care of this kind of badly written code. Need a DB? Use the DBMS. > I thought you said qpopper was a badly written daemon? Considering securityfocus shows 7 vulnerabilities, I'd say so, yes. > How do you think qmail does it if isn't using big, fat, expensive > lock files? "Why should I use maildir? Two words: no locks. An MUA can read and delete messages while new mail is being delivered: each message is stored in a separate file with a unique name, so it isn't affected by operations on other messages. An MUA doesn't have to worry about partially delivered mail: each message is safely written to disk in the tmp subdirectory before it is moved to new. The maildir format is reliable even over NFS." - http://cr.yp.to/proto/maildir.html Nice, uh? > of, but the point is that with NFS level locking your daemon > (whether it's an MTA or a UberWidget 2001 MultiVibrationAlert or > whatever), doesn't need to worry about it. Instead, I got to worry about the locking performance. Great. >> Oh I see, you follow our business model (lots of cheap servers are >> much better for your reliability than one expensive one). I just >> feel > Better for the wallet as well. :-) For damn sure. And it leaves much more places to do creative work. > THAT'S MY POINT! THAT is EXACTLY what I want to work on. I want to > try and work out what it would take (patching software, whatever, > if need be) to make this a relatively trivial exercise. I know > we're on -isp here, but this is exactly the sort of conversation we > should be having on -cluster and trying to make it happen. I think the DBMS should take care of this. Best approach, IMHO, would be to have global row/table/whatever locking for the DBMS and then a reliable replication protocol. Still, I can think of situations where not even a single host DBMS can guarantee the consistency of your data. > I think the current transaction support in the beta relies on > Berkley DB transaction support. Uhm yes. There's some other DB format which allows it as well but it's still far from being ACID, AFAIK. Best regards, Gabriel  ! !č -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO18NIMZa2WpymlDxAQEQIAgAiJUQciA8VlOqoq7KzvNR1XRWj0VDjsTF u13yDsHhEDvlSyLjMUXIvrDPMIgCe9n40MJNVKNTSLs5j9Xx+dJ74pcAnW42+6OC Av8WWlTJ7n5nHhoar4a37kVu2nNyiBHLRct6RavCk9gGeTrfgfZKhSfn7r6IHU8f XhvMozCfxIpYsPMqp9CxkvUtUQfM1RK72WTaly8WLczv80typL2FbRIbgExZx4cs 5AAgBUdhhJ3ZjiGR/QyYrMg82UNZ1Aal+C3OCen4vdKezI0c8igKQ3lfO5dhcDoe HT4G5WtdeYe7Vpz/J3KT1jPYaLXZj7gRI1u8aeZUJdBJ97Dcs9vMTg== =Pp5/ -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 13:56:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from fw.mccons.net (adsl-65-64-105-41.dsl.kscymo.swbell.net [65.64.105.41]) by hub.freebsd.org (Postfix) with ESMTP id 3279537B431 for ; Wed, 25 Jul 2001 13:55:43 -0700 (PDT) (envelope-from root@mccons.maxbaud.net) Received: from localhost (root@localhost) by fw.mccons.net (8.11.3/8.11.4) with SMTP id f6PKtIx47247 for ; Wed, 25 Jul 2001 15:55:19 -0500 (CDT) (envelope-from root@mccons.maxbaud.net) Date: Wed, 25 Jul 2001 15:55:07 -0500 (CDT) From: Wm Brian McCane X-Sender: root@fw.mccons.net To: freebsd-isp@FreeBSD.ORG Subject: Possible spammers with a virus In-Reply-To: <6335845483.20010725211659@buz.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Okay, this might sound odd, but I just got a bunch of virusalerts from amavis-perl. None of the people that the messages are from have EVER sent me email that I know of, nor have I corresponded with them. Is it possible that these are spammers that got hit with SirCAM and sent to everyone in their mailing lists? - brian BTW> If you would like a copy of the list, I might be able to make it available :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:11: 0 2001 Delivered-To: freebsd-isp@freebsd.org Received: from heorot.1nova.com (heorot.1nova.com [63.105.24.23]) by hub.freebsd.org (Postfix) with ESMTP id 83A8237B413 for ; Wed, 25 Jul 2001 14:10:38 -0700 (PDT) (envelope-from hamellr@1nova.com) Received: by heorot.1nova.com (Postfix, from userid 1000) id 53C0D18E0; Wed, 25 Jul 2001 14:09:13 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by heorot.1nova.com (Postfix) with ESMTP id 4AFCE18DF; Wed, 25 Jul 2001 14:09:13 -0700 (PDT) Date: Wed, 25 Jul 2001 14:09:13 -0700 (PDT) From: Rick Hamell To: Wm Brian McCane Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Apparently... the virus is somehow picking up email addresses off of web pages... a friend is being hit hard with it and that's the only place we can figure it's coming from. Rick > Okay, this might sound odd, but I just got a bunch of virusalerts from > amavis-perl. None of the people that the messages are from have EVER sent > me email that I know of, nor have I corresponded with them. Is it > possible that these are spammers that got hit with SirCAM and sent to > everyone in their mailing lists? > > - brian > > BTW> If you would like a copy of the list, I might be able to make it > available :) > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:22:55 2001 Delivered-To: freebsd-isp@freebsd.org Received: from marius.org (cdm-208-219-120-coll.cox-internet.com [208.180.219.120]) by hub.freebsd.org (Postfix) with ESMTP id 8FA8037B401 for ; Wed, 25 Jul 2001 14:22:51 -0700 (PDT) (envelope-from marius@marius.org) Received: (from marius@localhost) by marius.org (8.11.0/8.11.0) id f6PLMQM05997; Wed, 25 Jul 2001 16:22:26 -0500 (CDT) Date: Wed, 25 Jul 2001 16:22:26 -0500 From: Marius Strom To: Rick Hamell Cc: Wm Brian McCane , freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus Message-ID: <20010725162226.A58293@marius.org> Mail-Followup-To: Rick Hamell , Wm Brian McCane , freebsd-isp@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from hamellr@heorot.1nova.com on Wed, Jul 25, 2001 at 02:09:13PM -0700 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org According to one of the reports I read, it not only hits the LookOut address book, but also scans the "Temporary Internet Files" directory for email addresses. A new, interesting, and all around not-fun twist on email viruses. On Wed, Jul 25, 2001 at 02:09:13PM -0700, Rick Hamell wrote: > > Apparently... the virus is somehow picking up email addresses off > of web pages... a friend is being hit hard with it and that's the only > place we can figure it's coming from. > > Rick > > > Okay, this might sound odd, but I just got a bunch of virusalerts from > > amavis-perl. None of the people that the messages are from have EVER sent > > me email that I know of, nor have I corresponded with them. Is it > > possible that these are spammers that got hit with SirCAM and sent to > > everyone in their mailing lists? > > > > - brian > > > > BTW> If you would like a copy of the list, I might be able to make it > > available :) > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > -- Marius Strom Professional Geek/Unix System Administrator URL: http://www.marius.org/ http://www.marius.org/marius.pgp 0xF5D89089 *updated 2001-02-26* It is a natural law. Physics tells us that for every action, there must be an equal and opposite reaction. They hate us, we hate them, they hate us back and so, here we are, victims of mathematics. -- Londo, "A Voice in the Wilderness I" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:24:20 2001 Delivered-To: freebsd-isp@freebsd.org Received: from bilver.wjv.com (dhcp-1-157.n01.orldfl01.us.ra.verio.net [157.238.210.157]) by hub.freebsd.org (Postfix) with ESMTP id 40E5737B403 for ; Wed, 25 Jul 2001 14:24:14 -0700 (PDT) (envelope-from bill@bilver.wjv.com) Received: (from bill@localhost) by bilver.wjv.com (8.11.1/8.11.1) id f6PLN3M32810; Wed, 25 Jul 2001 17:23:03 -0400 (EDT) (envelope-from bill) Date: Wed, 25 Jul 2001 17:22:49 -0400 From: Bill Vermillion To: Wm Brian McCane Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus Message-ID: <20010725172249.A32786@wjv.com> Reply-To: bv@wjv.com References: <6335845483.20010725211659@buz.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from root@mccons.maxbaud.net on Wed, Jul 25, 2001 at 03:55:07PM -0500 Organization: W.J.Vermillion / Orlando - Winter Park Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Jul 25, 2001 at 03:55:07PM -0500, Wm Brian McCane thus sprach: > Okay, this might sound odd, but I just got a bunch of virusalerts from > amavis-perl. None of the people that the messages are from have EVER sent > me email that I know of, nor have I corresponded with them. Is it > possible that these are spammers that got hit with SirCAM and sent to > everyone in their mailing lists? The way I understand SirCAM is that it picks random names and subject lines from an infected machine and then starts the whole process anew on the next machine. That's makes in unpredictable as to who will get, and there is no common subject line either. -- Bill Vermillion - bv @ wjv . com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:27:14 2001 Delivered-To: freebsd-isp@freebsd.org Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201]) by hub.freebsd.org (Postfix) with ESMTP id 3965137B401 for ; Wed, 25 Jul 2001 14:27:10 -0700 (PDT) (envelope-from jim@thehousleys.net) Received: (from root@localhost) by thehousleys.net (8.11.3/8.11.2) id f6PLR8m49043; Wed, 25 Jul 2001 17:27:08 -0400 (EDT) (envelope-from jim@Thehousleys.net) Received: from Thehousleys.net (baby.int.thehousleys.net [192.168.0.24]) (authenticated) by thehousleys.net (8.11.3/8.11.3) with ESMTP id f6PLR6s49032; Wed, 25 Jul 2001 17:27:06 -0400 (EDT) (envelope-from jim@Thehousleys.net) Message-ID: <3B5F39AA.95B7580B@Thehousleys.net> Date: Wed, 25 Jul 2001 17:27:06 -0400 From: James Housley X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Rick Hamell Cc: Wm Brian McCane , freebsd-isp@freebsd.org Subject: Re: Possible spammers with a virus References: Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------msDEFB40B1CC37695BBE3D9023" X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a cryptographically signed message in MIME format. --------------msDEFB40B1CC37695BBE3D9023 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Rick Hamell wrote: > > Apparently... the virus is somehow picking up email addresses off > of web pages... a friend is being hit hard with it and that's the only > place we can figure it's coming from. > >From (http://www.f-secure.com/v-descs/sircam.shtml) The worm uses Windows Address Book to collect e-mail addresses ('*.wab files). The worm also tries to look for e-mail addresses in \Temporary Internet Files\ folder ('sho*', 'get*', 'hot*', '*.html'). If a user has a working e-mail account the worm reads the its setting. Otherwise the '[username]@prodigy.mx.net' is used as the default sender's address and 'prodigy.net.mx' is used for the SMTP server name. The worm has its own SMTP engine and it sends out messages using this engine. Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. --------------msDEFB40B1CC37695BBE3D9023 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIIIBwYJKoZIhvcNAQcCoIIH+DCCB/QCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC BdgwggK8MIICJaADAgECAgMDTCIwDQYJKoZIhvcNAQEEBQAwgZQxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxFDASBgNVBAcTC0R1cmJhbnZpbGxlMQ8wDQYDVQQKEwZU aGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25h bCBGcmVlbWFpbCBSU0EgMTk5OS45LjE2MB4XDTAwMDkyMTE1NDAyOVoXDTAxMDkyMTE1NDAy OVowXjEQMA4GA1UEBBMHSG91c2xleTEOMAwGA1UEKhMFSmFtZXMxFjAUBgNVBAMTDUphbWVz IEhvdXNsZXkxIjAgBgkqhkiG9w0BCQEWE2ppbUB0aGVob3VzbGV5cy5uZXQwgZ8wDQYJKoZI hvcNAQEBBQADgY0AMIGJAoGBAMvwiLzwK732uOEUqWh2yKZpO/Vz5Yfq1xn0uOxi7CZbxZRH RoNbMOOpjOKR8k8jsK9q92SERm/BQ7bpc9Hc6+n0/TpYMKBJWnpt95cm2yyHnycgHd3LJ9QP vUzvI8umjXhBMKDa32OPPEIcrqTpnf3cQTyyIjNtDJOda+cgmo4NAgMBAAGjUTBPMB4GA1Ud EQQXMBWBE2ppbUB0aGVob3VzbGV5cy5uZXQwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSI q/Fgg2ZV9ORYx0YdwGG9I9fDjDANBgkqhkiG9w0BAQQFAAOBgQBVuNZlfOrMlcz0XsGClvQu M/EusYBvbiVqwXu5HC0Gt/6JMxnK8jeYlXYTB0TO9KFreF4GvtlvOWic9gFzSUpUVssVrvZq scrmY0f9LsFq34RAftDQhqVVnCEpyLdLRRwLuisQUUtm/H/Ux89ur8m1ocwalf9CI4rlup3B owRvGTCCAxQwggJ9oAMCAQICAQswDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhh d3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNp b24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJ ARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05OTA5MTYxNDAxNDBaFw0wMTA5 MTUxNDAxNDBaMIGUMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYD VQQHEwtEdXJiYW52aWxsZTEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0 ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNjCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs2lal9TQFgt6tcVd6SGcI3LNEkxL937Px/vK ciT0QlKsV5Xje2F6F4Tn/XI5OJS06u1lp5IGXr3gZfYZu5R5dkw+uWhwdYQc9BF0ALwFLE8J AxcxzPRB1HLGpl3iiESwiy7ETfHw1oU+bPOVlHiRfkDpnNGNFVeOwnPlMN5G9U8CAwEAAaM3 MDUwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRyScJzNMZV9At2coF+d/SH58ay DjANBgkqhkiG9w0BAQQFAAOBgQBrxlnpMfrptuyxA9jfcnL+kWBI6sZV3XvwZ47GYXDnbcKl N9idtxcoVgWL3Vx1b8aRkMZsZnET0BB8a5FvhuAhNi3B1+qyCa3PLW3Gg1Kb+7v+nIed/Lfp dJLkXJeu/H6syg1vcnpnLGtz9Yb5nfUAbvQdB86dnoJjKe+TCX5V3jGCAfcwggHzAgEBMIGc MIGUMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYDVQQHEwtEdXJi YW52aWxsZTEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNl czEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNgIDA0wiMAkGBSsO AwIaBQCggbEwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDEw NzI1MjEyNzA2WjAjBgkqhkiG9w0BCQQxFgQUuqEOzTCthlotQcl0vc8ZRF2U/bIwUgYJKoZI hvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZI hvcNAwICAUAwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYAEd3x17be7F4PxFqbj iBnHOTI1+ZyYvXcZCIdJWvDqbWrL2v4vowJRHxGozSa4XgPDQBsNMA3o9n5FZSXqMk8hei6K QCRQ8XQIkB89NrDiQn/gtCnAST4T1Ku2Dr1/KYU2LD4SBMqr5ry7lGI8IVU1LLTQ9opaZ/7F EHMYj+ypmA== --------------msDEFB40B1CC37695BBE3D9023-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:28:33 2001 Delivered-To: freebsd-isp@freebsd.org Received: from heorot.1nova.com (heorot.1nova.com [63.105.24.23]) by hub.freebsd.org (Postfix) with ESMTP id 15D4A37B401 for ; Wed, 25 Jul 2001 14:28:30 -0700 (PDT) (envelope-from hamellr@1nova.com) Received: by heorot.1nova.com (Postfix, from userid 1000) id DB31718E0; Wed, 25 Jul 2001 14:27:41 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by heorot.1nova.com (Postfix) with ESMTP id C9A5218DF; Wed, 25 Jul 2001 14:27:41 -0700 (PDT) Date: Wed, 25 Jul 2001 14:27:41 -0700 (PDT) From: Rick Hamell To: Marius Strom Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus In-Reply-To: <20010725162226.A58293@marius.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > According to one of the reports I read, it not only hits the LookOut > address book, but also scans the "Temporary Internet Files" directory > for email addresses. A new, interesting, and all around not-fun twist > on email viruses. Oh boy... Great! Rick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 14:37:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from fw.mccons.net (adsl-65-64-105-41.dsl.kscymo.swbell.net [65.64.105.41]) by hub.freebsd.org (Postfix) with ESMTP id 7C70E37B401 for ; Wed, 25 Jul 2001 14:37:39 -0700 (PDT) (envelope-from root@mccons.maxbaud.net) Received: from localhost (root@localhost) by fw.mccons.net (8.11.3/8.11.4) with SMTP id f6PLbcw47777 for ; Wed, 25 Jul 2001 16:37:38 -0500 (CDT) (envelope-from root@mccons.maxbaud.net) Date: Wed, 25 Jul 2001 16:37:38 -0500 (CDT) From: Wm Brian McCane X-Sender: root@fw.mccons.net To: freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Well, at least if it is using files from peoples IE cache, it at least proves that my site is popular (couple of hundred catches so far). - brian Always trying to see the bright side :) On Wed, 25 Jul 2001, Rick Hamell wrote: > > > According to one of the reports I read, it not only hits the LookOut > > address book, but also scans the "Temporary Internet Files" directory > > for email addresses. A new, interesting, and all around not-fun twist > > on email viruses. > > Oh boy... Great! > > Rick > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 15:14:21 2001 Delivered-To: freebsd-isp@freebsd.org Received: from pendragon.tacni.net (mail.tacni.net [216.178.136.165]) by hub.freebsd.org (Postfix) with SMTP id 519F537B403 for ; Wed, 25 Jul 2001 15:14:19 -0700 (PDT) (envelope-from tom.oneil@tacni.com) Received: (qmail 37628 invoked by alias); 25 Jul 2001 22:14:07 -0000 Received: from unknown (HELO tacni.com) (216.201.173.186) by pendragon.tacni.net with SMTP; 25 Jul 2001 22:14:07 -0000 Message-ID: <3B5F4480.8B9E39CD@tacni.com> Date: Wed, 25 Jul 2001 17:13:20 -0500 From: Tom ONeil Organization: Texas American Communications Network Inc. X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Possible spammers with a virus References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org From here it looks like the spammers are using it as an excuse to crank up the engines to full speed. Getting ready to just block .cn ............ Tom > -- Thomas J. ONeil tom.oneil@tacni.com http://www.tacni.net "National Power, Local Presence" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 18:13:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from nyc.rr.com (nycsmtp3fb.rdc-nyc.rr.com [24.29.99.80]) by hub.freebsd.org (Postfix) with ESMTP id 3A10537B406; Wed, 25 Jul 2001 18:13:53 -0700 (PDT) (envelope-from jslivko@blinx.net) Received: from equinox ([24.168.44.136]) by nyc.rr.com with Microsoft SMTPSVC(5.5.1877.357.35); Wed, 25 Jul 2001 21:13:51 -0400 Message-ID: <00e601c11570$44520170$6401a8c0@equinox> From: "Jonathan M. Slivko" To: , Subject: Virtual Server under FreeBSD Date: Wed, 25 Jul 2001 21:14:06 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2505.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2505.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I am trying to find a solution that will allow me to split up a machine into virtual machines, each with it's own "root" access point. Is there anything out there that's GPL that you guys know of? If not, does anyone know if FreeVSD is any good? -- Jonathan -- Jonathan M. Slivko Blinx Networks http://www.blinx.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 18:20:12 2001 Delivered-To: freebsd-isp@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 5DCB137B401; Wed, 25 Jul 2001 18:20:05 -0700 (PDT) (envelope-from cdf.lists@fxp.org) Received: by peitho.fxp.org (Postfix, from userid 1501) id 7E6091360E; Wed, 25 Jul 2001 21:19:59 -0400 (EDT) Date: Wed, 25 Jul 2001 21:19:59 -0400 From: Chris Faulhaber To: "Jonathan M. Slivko" Cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org Subject: Re: Virtual Server under FreeBSD Message-ID: <20010725211959.A98987@peitho.fxp.org> References: <00e601c11570$44520170$6401a8c0@equinox> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="Qxx1br4bt0+wmkIi" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <00e601c11570$44520170$6401a8c0@equinox>; from jslivko@blinx.net on Wed, Jul 25, 2001 at 09:14:06PM -0400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 25, 2001 at 09:14:06PM -0400, Jonathan M. Slivko wrote: > Hello, >=20 > I am trying to find a solution that will allow me to split up a machine i= nto > virtual machines, each with it's own "root" access point. Is there anythi= ng > out there that's GPL that you guys know of? If not, does anyone know if > FreeVSD is any good? -- Jonathan >=20 See jail(8) (sorry it's not GPL'd) --=20 Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: FreeBSD: The Power To Serve iEYEARECAAYFAjtfcD8ACgkQObaG4P6BelCWbgCgjOqPOjvYvbGIMC6MBAL6pbJ+ ZoUAoJMDs8r/gHRZSpcPqxRixFoukD/9 =WQ0a -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 18:42:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from EnContacto.Net (adsl-63-205-16-205.dsl.mtry01.pacbell.net [63.205.16.205]) by hub.freebsd.org (Postfix) with ESMTP id D779337B401; Wed, 25 Jul 2001 18:42:32 -0700 (PDT) (envelope-from eculp@EnContacto.Net) Received: (from root@localhost) by EnContacto.Net (8.11.4/8.11.4) id f6Q1gMO82130; Wed, 25 Jul 2001 18:42:22 -0700 (PDT) (envelope-from eculp@EnContacto.Net) From: Edwin Culp Received: from 63.205.16.204 ( [63.205.16.204]) as user eculp@encontacto.net by Mail.SavvyWorld.Net with HTTP; Wed, 25 Jul 2001 18:42:21 -0700 Message-ID: <996111741.3b5f757e02f80@Mail.SavvyWorld.Net> Date: Wed, 25 Jul 2001 18:42:22 -0700 To: "Jonathan M. Slivko" Cc: freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: Virtual Server under FreeBSD References: <00e601c11570$44520170$6401a8c0@equinox> In-Reply-To: <00e601c11570$44520170$6401a8c0@equinox> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs X-Originating-IP: 63.205.16.204 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org # man jail provecho, ed Quoting "Jonathan M. Slivko" : | Hello, | | I am trying to find a solution that will allow me to split up a machine | into | virtual machines, each with it's own "root" access point. Is there anything | out there that's GPL that you guys know of? If not, does anyone know if | FreeVSD is any good? -- Jonathan | | -- | Jonathan M. Slivko | Blinx Networks | http://www.blinx.net | | | To Unsubscribe: send mail to majordomo@FreeBSD.org | with "unsubscribe freebsd-isp" in the body of the message | ----------------------------------------------------------------------- The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn. --Alvin Toffler To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 19:18:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mta5.rcsntx.swbell.net (unknown [151.164.30.29]) by hub.freebsd.org (Postfix) with ESMTP id 22D8237B401 for ; Wed, 25 Jul 2001 19:18:55 -0700 (PDT) (envelope-from dnpowers@swbell.net) Disposition-notification-to: David Powers Received: from daveabit ([64.218.90.172]) by mta5.rcsntx.swbell.net (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with SMTP id <0GH200FM45U4CY@mta5.rcsntx.swbell.net> for freebsd-isp@FreeBSD.ORG; Wed, 25 Jul 2001 21:06:05 -0500 (CDT) Date: Wed, 25 Jul 2001 21:04:03 -0500 From: David Powers Subject: RE: Strange Logs In-reply-to: <5.1.0.14.2.20010724070211.030ca008@mail.palaver.org> To: 'Ryugen Fisher' , freebsd-isp@FreeBSD.ORG Message-id: <000201c11577$3edc48c0$0401a8c0@swbell.net> MIME-version: 1.0 X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset="iso-8859-1" Content-transfer-encoding: 7bit Importance: Normal X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Priority: 3 (Normal) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Did you rebuild your kernel? Those are devices that are in GENERIC, that's why you have 4 gif devices and a faith pseudo-device gif 4 # IPv6 and IPv4 tunneling pseudo-device faith 1 # IPv6-to-IPv4 relaying (translation) -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Ryugen Fisher Sent: Tuesday, July 24, 2001 7:06 AM To: freebsd-isp@FreeBSD.ORG Subject: Strange Logs I have been looking at these logs for years.. this is the first time I have seen the LINK entries marked LINK#4 LINK#5 LINK#6 LINK#7 LINK#8 LINK#9 and LINK#10 ... ppp was not set up on this box.... what is happening? TIA >Last dump(s) done (Dump '>' file systems): > >UUCP status: > >Network interface status: >Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll >ed0 1500 00:48:45:00:29:4d 1058539 7483 897892 599 97364 >ed0 1500 209.248.211.1 primo 740450 - 4602 - - >ed0 1500 fe80:1::248 fe80:1::248:45ff: 0 - 0 - - >lp0* 1500 0 0 0 0 0 >lo0 16384 45636 0 45636 0 0 >lo0 16384 fe80:3::1 fe80:3::1 0 - 0 - - >lo0 16384 ::1 ::1 0 - 0 - - >lo0 16384 127 localhost 45638 - 5638 - - >ppp0* 1500 0 0 0 0 0 >sl0* 552 0 0 0 0 0 >faith 1500 0 0 0 0 0 >gif0* 1280 0 0 0 0 0 >gif1* 1280 0 0 0 0 0 >gif2* 1280 0 0 0 0 0 >gif3* 1280 0 0 0 0 0 > >Local network system status: >primo up 17+04:20, 0 users, load 0.00, 0.00, 0.00 > >Mail in local queue: >/var/spool/mqueue is empty > >Security check: > (output mailed separately) > >Checking for rejected mail hosts: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 20: 0:40 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id 3B8DB37B403 for ; Wed, 25 Jul 2001 20:00:37 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from percible.alfred.cx (percible.alfred.cx [150.101.93.190]) by mail.plug.cx (Postfix) with ESMTP id 33FC92B7E4; Thu, 26 Jul 2001 22:21:20 +0930 (CST) Subject: Re: Web Caching Engine From: Andrew Reid To: Tom Samplonius Cc: Jeremy Buckner , freebsd-isp@FreeBSD.ORG In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.11 (Beta Release) Date: 26 Jul 2001 08:57:37 +0930 Message-Id: <996103658.7360.77.camel@percible.alfred.cx> Mime-Version: 1.0 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 24 Jul 2001 08:29:43 -0700, Tom Samplonius wrote: > Uhh... does Cisco make a cache? They make load balances, and content > aware switches, but their cache product certainly isn't well known if it > exists. If people are putting in dedicated caches, they go with NetApp > NetCaches, or CacheFlow. Indeed they do. I know an ISP that uses them. They're big, they're beefy and they piss all over SQUID :-) - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 20:24:46 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id A806B37B403 for ; Wed, 25 Jul 2001 20:24:43 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from percible.alfred.cx (percible.alfred.cx [150.101.93.190]) by mail.plug.cx (Postfix) with ESMTP id 5617F2B7E4; Thu, 26 Jul 2001 22:45:27 +0930 (CST) Subject: Re: FreeBSD Mail Toaster CLUSTER From: Andrew Reid To: Fabrizio Ravazzini Cc: freebsd-isp@freebsd.org In-Reply-To: <20010725112323.20541.qmail@web20102.mail.yahoo.com> References: <20010725112323.20541.qmail@web20102.mail.yahoo.com> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.11 (Beta Release) Date: 26 Jul 2001 09:21:44 +0930 Message-Id: <996105104.11859.83.camel@percible.alfred.cx> Mime-Version: 1.0 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 25 Jul 2001 13:23:23 +0200, Fabrizio Ravazzini wrote: [ ... ] > Is it possible with FreeBSD to make a "cluster" of two > machines (ix86) that when one goes down for some fault > the other takes care of the service so that Mail is > still available? You'll need some load-balancing software with failover mechanisms to make that work. I believe balance (http://balance.sourceforge.net) has the required capabilities, as do many commercial routers etc. I've not heard much in the way of phyical clustering with FreeBSD. - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 21:46:52 2001 Delivered-To: freebsd-isp@freebsd.org Received: from gizmo.internode.com.au (gizmo.internode.com.au [192.83.231.115]) by hub.freebsd.org (Postfix) with ESMTP id 987FE37B405 for ; Wed, 25 Jul 2001 21:46:48 -0700 (PDT) (envelope-from newton@gizmo.internode.com.au) Received: (from newton@localhost) by gizmo.internode.com.au (8.11.0/8.9.3) id f6Q4jPo26308; Thu, 26 Jul 2001 14:15:25 +0930 (CST) (envelope-from newton) Date: Thu, 26 Jul 2001 14:15:25 +0930 From: Mark Newton To: alexus Cc: Paul Robinson , Chuck Rock , freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010726141525.A26255@internode.com.au> References: <004a01c1148e$9e210440$1805010a@epconline.net> <002f01c11492$cc245b40$0d00a8c0@alexus> <20010725082430.A19609@internode.com.au> <20010725095632.F83511@jake.akitanet.co.uk> <003b01c11531$1d653f80$0d00a8c0@alexus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <003b01c11531$1d653f80$0d00a8c0@alexus> X-PGP-Key: http://www.on.net/~newton/pgpkey.txt Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Jul 25, 2001 at 01:42:02PM -0400, alexus wrote: > does radiator have sql backend or web gui for frontend? It'll happily talk to any database which is supported by DBI (including ORACLE, PostgreSQL, mysql, etc). The Radiator config file specifies the table structure, so you can use whatever existing tables your ISP billing system uses right now, without having to migrate your data into something else. I'm not sure what you mean by "web gui for frontend". The front end on most RADIUS servers is, surely, RADIUS :-) If you mean a GUI for changing passwords and what-not, that's perhaps missing the point a bit. Typical setups will have the RADIUS server's configuration database driven by a billing system, and the billing system will usually have a GUI of some description... - mark -- Mark Newton Email: newton@internode.com.au (W) Network Engineer Email: newton@atdot.dotat.org (H) Internode Systems Pty Ltd Desk: +61-8-82232999 "Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 23:51:33 2001 Delivered-To: freebsd-isp@freebsd.org Received: from web20102.mail.yahoo.com (web20102.mail.yahoo.com [216.136.226.39]) by hub.freebsd.org (Postfix) with SMTP id 2CE1837B408 for ; Wed, 25 Jul 2001 23:51:30 -0700 (PDT) (envelope-from freefabri@yahoo.it) Message-ID: <20010726065130.18656.qmail@web20102.mail.yahoo.com> Received: from [193.227.212.160] by web20102.mail.yahoo.com; Thu, 26 Jul 2001 08:51:30 CEST Date: Thu, 26 Jul 2001 08:51:30 +0200 (CEST) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: Re: FreeBSD Mail Toaster CLUSTER To: Sascha Lucky Luck Cc: Freebsd-isp@Freebsd.org In-Reply-To: <996071896.3b5ed9d8b73cd@mail.online.ie> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks a lot Sascha for the help, but how can I assign connections 'round robin' in the DNS, is there some documentation that can help me doing such thing? The DNS must be in my internal LAN? Sorry for stupid questions but is the first time I'm realizing a big mail server. Best regards Fabrizio --- Sascha Lucky Luck ha scritto: > Quoting Fabrizio Ravazzini : > > > Is it possible with FreeBSD to make a "cluster" of > two > > machines (ix86) that when one goes down for some > fault > > the other takes care of the service so that Mail > is > > still available? > > Fabrizio, > > set up 2 mail servers and CNAME to > both servers in DNS. > The 2 servers must access a file system (on a 3rd > machine or a shared > RAID system, or a Netapp filer) where the mails are > stored. > Be sure to use qmail with Maildir, otherwise you'll > have file locking > issues. > DNS will assign a connection to to > one or the other > server using 'round robin'. If one server is down, > an incoming > connection will have a 50% chance of failure (the > more servers, the > more likely a successful connection becomes) but on > retry it should > connect. > > This setup has been successfully used with approx > 100,000 users and 4 > mail servers. > > Alternatively you can use a load balancer instead of > DNS. It will > notice a server down and reroute connections to the > survivor. > > Good luck, > > s. > > ---------------------------------------------------- > Get your free email account at http://www.online.ie/ ______________________________________________________________________ Do You Yahoo!? Il tuo indirizzo gratis e per sempre @yahoo.it su http://mail.yahoo.it To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jul 25 23:53: 8 2001 Delivered-To: freebsd-isp@freebsd.org Received: from web20106.mail.yahoo.com (web20106.mail.yahoo.com [216.136.226.43]) by hub.freebsd.org (Postfix) with SMTP id CB5F837B403 for ; Wed, 25 Jul 2001 23:53:04 -0700 (PDT) (envelope-from freefabri@yahoo.it) Message-ID: <20010726065304.39908.qmail@web20106.mail.yahoo.com> Received: from [193.227.212.160] by web20106.mail.yahoo.com; Thu, 26 Jul 2001 08:53:04 CEST Date: Thu, 26 Jul 2001 08:53:04 +0200 (CEST) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: Re: FreeBSD Mail Toaster CLUSTER To: Sascha Lucky Luck Cc: freebsd-isp@freebsd.org In-Reply-To: <996071896.3b5ed9d8b73cd@mail.online.ie> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks a lot Sascha for the help, but how can I assign connections 'round robin' in the DNS, is there some documentation that can help me doing such thing? The DNS must be in my internal LAN? Sorry for stupid questions but is the first time I'm realizing a big mail server. Best regards Fabrizio --- Sascha Lucky Luck ha scritto: > Quoting Fabrizio Ravazzini : > > > Is it possible with FreeBSD to make a "cluster" of > two > > machines (ix86) that when one goes down for some > fault > > the other takes care of the service so that Mail > is > > still available? > > Fabrizio, > > set up 2 mail servers and CNAME to > both servers in DNS. > The 2 servers must access a file system (on a 3rd > machine or a shared > RAID system, or a Netapp filer) where the mails are > stored. > Be sure to use qmail with Maildir, otherwise you'll > have file locking > issues. > DNS will assign a connection to to > one or the other > server using 'round robin'. If one server is down, > an incoming > connection will have a 50% chance of failure (the > more servers, the > more likely a successful connection becomes) but on > retry it should > connect. > > This setup has been successfully used with approx > 100,000 users and 4 > mail servers. > > Alternatively you can use a load balancer instead of > DNS. It will > notice a server down and reroute connections to the > survivor. > > Good luck, > > s. > > ---------------------------------------------------- > Get your free email account at http://www.online.ie/ ______________________________________________________________________ Do You Yahoo!? Il tuo indirizzo gratis e per sempre @yahoo.it su http://mail.yahoo.it To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 2: 7:57 2001 Delivered-To: freebsd-isp@freebsd.org Received: from gekko.i-clue.de (server.ms-agentur.de [62.153.134.194]) by hub.freebsd.org (Postfix) with ESMTP id 49B0037B403 for ; Thu, 26 Jul 2001 02:07:53 -0700 (PDT) (envelope-from so@server.i-clue.de) Received: from i-clue.de (automatix.i-clue.de [192.168.0.112]) by gekko.i-clue.de (8.9.3/8.9.3/SuSE Linux 8.9.3-0.1) with ESMTP id LAA11759; Thu, 26 Jul 2001 11:15:55 +0200 Message-ID: <3B5FDE77.DC5FC3DB@i-clue.de> Date: Thu, 26 Jul 2001 11:10:15 +0200 From: Christoph Sold Reply-To: so@server.i-clue.de X-Mailer: Mozilla 4.78 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Fabrizio Ravazzini Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FreeBSD Mail Toaster CLUSTER References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Fabrizio Ravazzini wrote: > > Thanks a lot Sascha for the help, but how can I assign > connections 'round robin' in the DNS, is there some > documentation that can help me doing such thing? Read the bible: DNS & bind, Liu and Albitz, if memory servers right. Basically, adding several A records for one name will automatically do DNS round robin. > The DNS must be in my internal LAN? It must be the primary DNS for your load-balanced setup. > --- Sascha Lucky Luck ha scritto: > > Quoting Fabrizio Ravazzini : > > > > > Is it possible with FreeBSD to make a "cluster" of > > > two machines (ix86) that when one goes down for > > > some fault the other takes care of the service so > > > that Mail is still available? > > > > Fabrizio, > > > > set up 2 mail servers and CNAME to > > both servers in DNS. > > [snip] MX records have to be A records, CNAMES are invalid. As DNS & bind tells, just have two mail servers accept SMTP for your domain. Assign different names and A records, as well as set both as MX for your domain. If one goes down, the other will get the mail automatically. HTH -Christoph Sold To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 2:51:36 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 50FA437B405 for ; Thu, 26 Jul 2001 02:51:33 -0700 (PDT) (envelope-from LConrad@Go2France.com) Received: from mail.Go2France.com (ms1.meiway.com [212.73.210.73]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 90A7A16B3E for ; Thu, 26 Jul 2001 11:51:31 +0200 (CEST) Received: from IBM-HIRXKN66F0W.Go2France.com [195.115.185.184] by mail.Go2France.com with ESMTP (SMTPD32-6.06) id AA482BB8021A; Thu, 26 Jul 2001 12:00:40 +0200 Message-Id: <5.1.0.14.0.20010726113938.03518818@mail.Go2France.com> X-Sender: LConrad@Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 26 Jul 2001 11:52:23 +0200 To: freebsd-isp@freebsd.org From: Len Conrad Subject: Re: FreeBSD Mail Toaster CLUSTER In-Reply-To: <20010726065130.18656.qmail@web20102.mail.yahoo.com> References: <996071896.3b5ed9d8b73cd@mail.online.ie> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Thanks a lot Sascha for the help, but how can I assign >connections 'round robin' in the DNS all resource records with same owner, network class, and recordtype are called an RRset, an indivisible unit. Bind will always answer with the complete RRset. In named.conf, you can specify with RRset-order how named orders the records within an answer. the default is cyclic. ie, you donīt have to do anything. >, is there some >documentation that can help me doing such thing? http://www.isc.org/products/BIND/docs/config/ >The DNS must be in my internal LAN? no, Iīd say itīs better than your registered/delegated DNS be on a public ip in a DMZ. >Sorry for stupid questions but is the first time I'm >realizing a big mail server. DNS is the easy part :))) hot-mirroring of two mail servers with highly dynamic and vital contents (mail) is the hard part. :((( Since this is your first time, I suggest you K.I.S.S. Start with one box built with quality components and redundant, hot-swap disks and redundant, hot-swap pwr supplies and UPS. Youīll probably have an uptime of years. Donīt go crazy with a Quad Xeon at 1.5 GHz and 2 bg RAM. 4,000 mailboxes isnīt very many, even with webmail. neither is 10,000. Spend the money on redundancy, not power. Len http://MenAndMice.com/DNS-training http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 4:55: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mout0.freenet.de (mout0.freenet.de [194.97.50.131]) by hub.freebsd.org (Postfix) with ESMTP id 7816437B405 for ; Thu, 26 Jul 2001 04:55:02 -0700 (PDT) (envelope-from Alexander@leidinger.net) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout0.freenet.de with esmtp (Exim 3.30 #3) id 15PjjJ-0003dH-00; Thu, 26 Jul 2001 13:55:01 +0200 Received: from b83f9.pppool.de ([213.7.131.249] helo=Magelan.Leidinger.net) by mx0.freenet.de with esmtp (Exim 3.30 #3) id 15PjjI-0002C1-00; Thu, 26 Jul 2001 13:55:00 +0200 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.4/8.11.4) with ESMTP id f6QAh3v02375; Thu, 26 Jul 2001 12:43:04 +0200 (CEST) (envelope-from netchild@Leidinger.net) Message-Id: <200107261043.f6QAh3v02375@Magelan.Leidinger.net> Date: Thu, 26 Jul 2001 12:43:02 +0200 (CEST) From: Alexander Leidinger Subject: Re: Redundant setup on a budget?? To: gabriel_ambuehl@buz.ch Cc: freebsd-isp@freebsd.org In-Reply-To: <5632231526.20010725201645@buz.ch> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=ISO-8859-1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 25 Jul, Gabriel Ambuehl wrote: > >>> realtime (basically, I could agree on using any solution that >>> doesn't create more than a 10 to 15min lag, even on big >>> mailservers with hundred of thousands of files and dirs). >> Perhaps you want to implement it on your own too... > > It's just that I just started coding C++ (after several years of > Python, PHP and Perl) and never did any Kernel hacking so far. If > somebody'd provide me with the filelist, I'd be all ears to do it. > >> For ufs: >> man 2 kqueue > > Hmm. This is FreeBSD >4.0... Not exactly portable, but I suspect We are talking in FreeBSD-isp... and you didn't want to use 3.x because of the not fixable local root exploit (the fix is to upgrade to 4.x). So what? > there's no such thing as a portable approach to something like this. A portable solution would have to poll... and we didn't want to do that, right? > On the first glance it looks pretty complex but... It depends... >> If you decide to implement it (there are interfaces to other >> languages - at least to python - in the ports), please make the >> program modular in a fashion it would be usable as a realtime >> tripwire replacement (e.g. let it call 3rd party apps with "path" >> and "type of change" as arguments... I already thought about this a >> little bit, but unfortunally I didn't have time to implement it >> myself, but you're perhaps interested in some ideas I have). > > I currently prefer to work on my monitoring system until it at least > is alpha quality (i.e. enough for inhouse use ;-) but after that I'm > interested in this kind of stuff. Just call me back then. Bye, Alexander. -- Where do you think you're going today? http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 5:22:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id DD61337B401 for ; Thu, 26 Jul 2001 05:22:33 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 23483 invoked from network); 26 Jul 2001 12:22:32 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 26 Jul 2001 12:22:32 -0000 Date: Thu, 26 Jul 2001 14:23:52 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <19297458367.20010726142352@buz.ch> To: Alexander Leidinger Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <200107261043.f6QAh3v02375@Magelan.Leidinger.net> References: <200107261043.f6QAh3v02375@Magelan.Leidinger.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Alexander, Thursday, July 26, 2001, 12:43:02 PM, you wrote: >> Hmm. This is FreeBSD >4.0... Not exactly portable, but I suspect > We are talking in FreeBSD-isp... and you didn't want to use 3.x > because of the not fixable local root exploit (the fix is to > upgrade to 4.x). So what? Duuh. I sure as hell won't consider using 3.X but I was referring to the whole Linux crowd with the portability. OTOH, they already got enough solutions to solve the realtime replication mess anyway. BTW: Greg Lehey just contacted me about the nbd stuff and while he hasn't got the time to do it, he referred to some other company but those didn't yet even show up with a preliminary quote (but I suspect this is going to be very expensive). >> there's no such thing as a portable approach to something like >> this. > A portable solution would have to poll... and we didn't want to do > that, right? Exactly. Polling is way to slow. >> On the first glance it looks pretty complex but... > It depends... Read through it a bit more concentrated today and found it probably doesn't help anyway: EVFILT_VNODE Takes a file descriptor as the identifier and the events to watch for in fflags, and returns when one or more of the requested events occurs on the descriptor. The events to monitor are: I interpret this like it's good for monitoring single vnodes, but not entire filesystem. If somebody could get 5 CURRENT to build again (judging by current.freebsd.org, it didn't do so since the 18.6.01), I probably could work with http://people.freebsd.org/~abial/spy. The developer didn't answer my mail regarding a backport to 4.3 so far... >> I currently prefer to work on my monitoring system until it at >> least is alpha quality (i.e. enough for inhouse use ;-) but after >> that I'm interested in this kind of stuff. > Just call me back then. I probably forget about it but I'll try to remember ;-) Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO1/9zMZa2WpymlDxAQHujAf+OkfSB3lLccpZc0EpfvE3qXFcP1ufScKo yo4Do50ESzjLmpCVQ58oqxkEDoTf8Al2U8PVNwxmVgv1GUEJs+aTxBX9pCCm+Cqp NUbV2KADTJeJvWILQVQpH9CBXyfpOPj06IWdRIPCvgZ5M9oucfRJSkOm8H+UPOyq G2nX395zviqMK8/2cF1yIM5byzVm+RlVh3Yff4owB+zEl/DE7uiF6+RxcIdW9BAs UCBrNAF8TaH6fcy4KnfOnblT3OuTUzDUmMAsVYjQyOmLt/zpttUex2rfyLVQI0zt QLJHuYGGZ4WJ2gDonMsM4JeJAE3a4IIM9p8t2C9bSyMadKmpP4FeYA== =C8kk -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 5:26:11 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 62CF237B401 for ; Thu, 26 Jul 2001 05:26:05 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 23684 invoked from network); 26 Jul 2001 12:26:04 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 26 Jul 2001 12:26:04 -0000 Date: Thu, 26 Jul 2001 14:27:24 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <13897670673.20010726142724@buz.ch> To: "Andy" Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Andy, Tuesday, July 24, 2001, 3:57:59 PM, you wrote: > It's in the ports as of 4.3-RELEASE Uuh? I'm running 4.3 STABLE: root@local 14:23:52 /usr/src $ locate vrrpd root@local 14:23:56 /usr/src $ but to make things more strange, pkg_add -r vrrpd will install something... Will do some testing, that is sure. Best regards, Gabriel  -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO1/+oMZa2WpymlDxAQEb1wgArSKD0puaex6Tic0EXCYBKAxa6kDIv+Sh w2G5KI8PZhnm/CXjjAsLSUJ4dkxNO4c94pWhY0mtBeHaYFSA/RaFgvwBWxLPAtqg q+nucDeMU4TyGy3yx8YaHd7LQZ+UCktIcydwzLXTWX6Rf9ngdPjrPY8grHTOof0o yS0dRlpZdrfns1R8qz7zmD94qGDcb8fR2jDkczUOpx4+KRUEuJsSEoolxPZ30vQS 3uaCJt4+zBqBtQK0edP4hXVLXKl9L+yHeBeyYe4fTADuq5+as7j4HCCbHoct+f5y HGqm/wk2kfq+3uH+rIGcdgflOJWluVgCumb86xz20AjZx5fwYrjQhw== =1jcR -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 5:27:36 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id C10AB37B401 for ; Thu, 26 Jul 2001 05:27:29 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 23752 invoked from network); 26 Jul 2001 12:27:13 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 26 Jul 2001 12:27:13 -0000 Date: Thu, 26 Jul 2001 14:28:34 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <7097739872.20010726142834@buz.ch> To: Matthew Landry Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org Subject: Re[2]: Redundant setup on a budget?? In-Reply-To: <20010724140246.A89470@chaos.lelnet.com> References: <995980372.3b5d745405f48@Mail.SavvyWorld.Net> <20010724140246.A89470@chaos.lelnet.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Matthew, Tuesday, July 24, 2001, 8:02:47 PM, you wrote: >> It's in the ports as of 4.3-RELEASE > It's in /usr/ports/net/vrrp/. The original poster said > .../vrrpd/. Which doesn't exist. :) And fixing the typo is easier > than grabbing it from another source and porting it yourself. :) Oh well that explains it... But why does pkg_add -r vrrpd help, then? Best regards, Gabriel  -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO1/+5cZa2WpymlDxAQHuEgf9FaQzRs7MnQVG1JlSZYqgW023KQ6eUsok mLBosEkOq3V6eK6enag9c4wwvCH4csZED6WkAE42oS0l/VqHf9V3KJKo0sT7exZt FuWJ+zNu8ey5Gs2h+3yRD9Iy1wBbr/ifygxyIXeYHnv6gcoHEvoztz7y7buSK2KM aDM8OkXhQtuau3XbriHY8cBmvBjiLoY5M07gV9fASXukvcg3XMxXkWLfFV1xBBYH lELfTX2M4ojZfz0O1Pa7ckVdSWYXIBmG4Xs7ZhjETcEZJnUih4yA4eKcovfkiVcv Rl/oiadAJbSjX4jmlr9v2uA55cbnrcJo7w1Q8caqnVb0xorTGCJOmg== =1OUv -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 8:50:15 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 476DC37B407 for ; Thu, 26 Jul 2001 08:50:12 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6QFnmi27074; Thu, 26 Jul 2001 05:49:51 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Thu, 26 Jul 2001 05:49:47 -1000 (HST) From: Vincent Poy To: Paul Robinson Cc: alexus , Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010725164739.A53308@jake.akitanet.co.uk> Message-ID: <20010726054901.P50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Paul Robinson wrote: > On Jul 25, Vincent Poy wrote: > > > I don't remember but it was a FreeBSD port and this was back in > > Summer of 1998 and I remember I even asked the author and he said there > > was no realm support back then. > > OK, I think there has been a misunderstanding here. When referring to realms > I translated that into huntgroups, which I assumed to be the same thing. Now > I've sat here and thought about it, depending on requirements, you can do it > if you needed to, but it's not quite what I think you were referring to. Nope, huntgroups are different. Realms are like email addresses so like joeuser@1.net would forward to another radius server, etc. Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 9:37:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from virtual-voodoo.com (virtual-voodoo.com [204.120.165.254]) by hub.freebsd.org (Postfix) with ESMTP id E7FA037B403 for ; Thu, 26 Jul 2001 09:37:38 -0700 (PDT) (envelope-from steve@virtual-voodoo.com) Received: (from steve@localhost) by virtual-voodoo.com (8.11.4/8.11.4) id f6QGbbS74797 for freebsd-isp@freebsd.org; Thu, 26 Jul 2001 11:37:37 -0500 (EST) (envelope-from steve) Date: Thu, 26 Jul 2001 11:37:37 -0500 (EST) From: Steve Ames Message-Id: <200107261637.f6QGbbS74797@virtual-voodoo.com> To: freebsd-isp@freebsd.org Subject: errors using mod_auth_pam? Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Has anyone gotten this to work that would mind sharing a few pointers? OS: FBSD 4.3-STABLE (7/25/01) Apache: 1.3.19 mod_auth_pam: 1.0a .htaccess ------------------------- AuthType Basic AuthName "secure area" require valid-user ERRORS ------------------------------- Jul 26 10:47:02 voodoo httpd: unable to dlopen(/usr/lib/pam_unix.so) Jul 26 10:47:02 voodoo /kernel: Jul 26 10:47:02 voodoo httpd: unable to dlopen(/usr/lib/pam_unix.so) Jul 26 10:47:02 voodoo httpd: [dlerror: /usr/lib/pam_unix.so: Undefined symbol "pam_get_item"] Jul 26 10:47:02 voodoo /kernel: Jul 26 10:47:02 voodoo httpd: [dlerror: /usr/lib/pam_unix.so: Undefined symbol "pam_get_item"] Jul 26 10:47:02 voodoo httpd: adding faulty module: /usr/lib/pam_unix.so Jul 26 10:47:02 voodoo /kernel: Jul 26 10:47:02 voodoo httpd: adding faulty module: /usr/lib/pam_unix.so /usr/lib/pam_unix.so exists and has 111 for permissions. -r--r--r-- 1 root wheel 4756 Jul 25 13:04 /usr/lib/pam_unix.so Apache runs as user 'nobody'. Anyone have any thoughts on this? -Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 9:42:20 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ti-cats.the-eleven.com (lions.the-eleven.com [207.244.92.49]) by hub.freebsd.org (Postfix) with ESMTP id 464EF37B405 for ; Thu, 26 Jul 2001 09:42:16 -0700 (PDT) (envelope-from tjlegg@the-eleven.com) Received: from eskimos.the-eleven.com (eskimos.the-eleven.com [207.244.92.51]) by ti-cats.the-eleven.com (8.11.4/8.11.3) with ESMTP id f6QGdXx01399; Thu, 26 Jul 2001 12:39:34 -0400 (EDT) (envelope-from tjlegg@the-eleven.com) Date: Thu, 26 Jul 2001 12:41:28 -0400 From: Tom Legg To: Vincent Poy Cc: freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <1004681.996151287@eskimos.the-eleven.com> In-Reply-To: <20010726054901.P50475-100000@oahu.WURLDLINK.NET> References: <20010726054901.P50475-100000@oahu.WURLDLINK.NET> X-Mailer: Mulberry/2.1.0b2 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Well I know that the latest versions of cistron handle this nicely. It's even a tested solution. --On Thursday, July 26, 2001 5:49 AM -1000 Vincent Poy wrote: > On Wed, 25 Jul 2001, Paul Robinson wrote: > >> On Jul 25, Vincent Poy wrote: >> >> > I don't remember but it was a FreeBSD port and this was back in >> > Summer of 1998 and I remember I even asked the author and he said there >> > was no realm support back then. >> >> OK, I think there has been a misunderstanding here. When referring to >> realms I translated that into huntgroups, which I assumed to be the same >> thing. Now I've sat here and thought about it, depending on >> requirements, you can do it if you needed to, but it's not quite what I >> think you were referring to. > > Nope, huntgroups are different. Realms are like email addresses > so like joeuser@1.net would forward to another radius server, etc. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 9:42:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from exchange.unimayab.edu.mx (unknown [148.230.75.37]) by hub.freebsd.org (Postfix) with ESMTP id 8D39937B405 for ; Thu, 26 Jul 2001 09:42:39 -0700 (PDT) (envelope-from dperez@unimayab.edu.mx) Received: by EXCHANGE with Internet Mail Service (5.5.2653.19) id ; Thu, 26 Jul 2001 11:42:34 -0500 Message-ID: <81C8CA3C286FD511A959000102C9B2CE2B3C@EXCHANGE> From: "A. David Perez Marfil" To: freebsd-isp@FreeBSD.ORG Subject: sendmail + virtualhosting + pop secure access + No spam Date: Thu, 26 Jul 2001 11:42:33 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, it=B4s possible to do something like this: 1.- sendmail with virtual domain ok 2.- pop access to the email accounts ok 3.- how to let the users relay email for their domian in secure way ? 4.- aviod spammers ? i try with ... #R $ #R $ #R$* $ but this let all the spammers do anything. any idea to do this? Regards David Perez To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 9:46:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from virtual-voodoo.com (virtual-voodoo.com [204.120.165.254]) by hub.freebsd.org (Postfix) with ESMTP id 34FE237B405 for ; Thu, 26 Jul 2001 09:46:40 -0700 (PDT) (envelope-from steve@virtual-voodoo.com) Received: from inlafrec (bdsl.66.12.217.40.gte.net [66.12.217.40]) (authenticated) by virtual-voodoo.com (8.11.4/8.11.4) with ESMTP id f6QGjom09010; Thu, 26 Jul 2001 11:45:50 -0500 (EST) (envelope-from steve@virtual-voodoo.com) Message-ID: <009701c115f2$0a1805e0$28d90c42@eservoffice.com> From: "Steven Ames" To: "Tom Legg" , "Vincent Poy" Cc: References: <20010726054901.P50475-100000@oahu.WURLDLINK.NET> <1004681.996151287@eskimos.the-eleven.com> Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Date: Thu, 26 Jul 2001 11:42:58 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org freeradius and merit will also handle realms correctly. As do most commercial varients of RADIUS. > Well I know that the latest versions of cistron handle this nicely. It's > even a tested solution. > > --On Thursday, July 26, 2001 5:49 AM -1000 Vincent Poy > wrote: > > > On Wed, 25 Jul 2001, Paul Robinson wrote: > > > >> On Jul 25, Vincent Poy wrote: > >> > >> > I don't remember but it was a FreeBSD port and this was back in > >> > Summer of 1998 and I remember I even asked the author and he said there > >> > was no realm support back then. > >> > >> OK, I think there has been a misunderstanding here. When referring to > >> realms I translated that into huntgroups, which I assumed to be the same > >> thing. Now I've sat here and thought about it, depending on > >> requirements, you can do it if you needed to, but it's not quite what I > >> think you were referring to. > > > > Nope, huntgroups are different. Realms are like email addresses > > so like joeuser@1.net would forward to another radius server, etc. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 10:45:29 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132]) by hub.freebsd.org (Postfix) with ESMTP id 121AE37B406; Thu, 26 Jul 2001 10:45:23 -0700 (PDT) (envelope-from Alexander@leidinger.net) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout1.freenet.de with esmtp (Exim 3.30 #3) id 15PpCM-00066w-00; Thu, 26 Jul 2001 19:45:22 +0200 Received: from b8040.pppool.de ([213.7.128.64] helo=Magelan.Leidinger.net) by mx0.freenet.de with esmtp (Exim 3.30 #3) id 15PpCK-0003zN-00; Thu, 26 Jul 2001 19:45:22 +0200 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.4/8.11.4) with ESMTP id f6QHgXv06426; Thu, 26 Jul 2001 19:42:34 +0200 (CEST) (envelope-from netchild@Leidinger.net) Message-Id: <200107261742.f6QHgXv06426@Magelan.Leidinger.net> Date: Thu, 26 Jul 2001 19:42:32 +0200 (CEST) From: Alexander Leidinger Subject: Monitoring a FS with kevent (was: Re: Redundant setup on a budget??) To: gabriel_ambuehl@buz.ch Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org, jlemon@FreeBSD.org In-Reply-To: <19297458367.20010726142352@buz.ch> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 26 Jul, Gabriel Ambuehl wrote: >>> On the first glance it looks pretty complex but... >> It depends... > > Read through it a bit more concentrated today and found it probably > doesn't help anyway: > > EVFILT_VNODE Takes a file descriptor as the identifier and the > events > to watch for in fflags, and returns when one or > more of > the requested events occurs on the descriptor. > The events > to monitor are: > > I interpret this like it's good for monitoring single vnodes, but not > entire filesystem. Yes, you have to walk through the entire FS and request a notification for every file or directory. But perhaps the developer (CCed) is able to add the "monitor the entire FS for me" functionality in the kernel... Jonathan, we are talking about soft-realtime mirroring of an entire FS (or doing something like realtime-tripwire). Bye, Alexander. -- The computer revolution is over. The computers won. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 10:59: 0 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id F3E8237B405 for ; Thu, 26 Jul 2001 10:58:52 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 42327 invoked from network); 26 Jul 2001 17:58:24 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 26 Jul 2001 17:58:24 -0000 Date: Thu, 26 Jul 2001 19:59:42 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <72117607730.20010726195942@buz.ch> To: Alexander Leidinger Cc: freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org, jlemon@FreeBSD.org Subject: Re: Monitoring a FS with kevent (was: Re: Redundant setup on a budget??) In-Reply-To: <200107261742.f6QHgXv06426@Magelan.Leidinger.net> References: <200107261742.f6QHgXv06426@Magelan.Leidinger.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Alexander, Thursday, July 26, 2001, 7:42:32 PM, you wrote: >> I interpret this like it's good for monitoring single vnodes, but >> not entire filesystem. > Yes, you have to walk through the entire FS and request a > notification for every file or directory. But perhaps the developer > (CCed) is able to add the "monitor the entire FS for me" > functionality in the kernel... Jonathan, we are talking about > soft-realtime mirroring of an entire FS (or doing something like > realtime-tripwire). I'd very much like to see such a feature. Even better would it be, if it were possible to also capture permission changes in the same go. I've been thinking about whether it would make sense to just patch libc to log this kind of stuff? Or are there other interfaces that speak to the system calls directly so that it would be needed to patch those instead? Anyway, this is nothing I'd be greedy to do as it can result in big amounts of really serious troubles (especially as my C knowledge is virtually zero). Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO2BMhcZa2WpymlDxAQG0SggAoVOZPv9kq8QqvzTzMF1y+FRjMeAmMvRY pYEM55cAXdPigUc2/ngvKR7E7KZTKQOFsm2Q7B1hDhezFwajfHUEBQQYdrbwvKnt CMu0ZrwMRdH6yzudkfqJC6gF0WNvctlrlgqKLQ0xSV1xbXkOeB+Ti/DTGjiwXwnY 27xOSiWI+IiI0gM0IaGJpoRzLySjRCWN0XXEzQRb1N2Za1aaJAKqQVZFWYJmqox+ xUyAPKJjeWSlhPgxRGwV+1SIRiQQF4mWzo2QB6uOHfl9zc79Ve7Iyybc6CIHhT09 KZ3fGGbg7naU4+v8FlBu/s0iTLOMx6DaMx0r5ozAj1UoN6/9U042BA== =YuWB -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 11:17:40 2001 Delivered-To: freebsd-isp@freebsd.org Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9]) by hub.freebsd.org (Postfix) with ESMTP id B930237B409; Thu, 26 Jul 2001 11:17:21 -0700 (PDT) (envelope-from jlemon@flugsvamp.com) Received: (from jlemon@localhost) by prism.flugsvamp.com (8.11.0/8.11.0) id f6QIGAB27185; Thu, 26 Jul 2001 13:16:10 -0500 (CDT) (envelope-from jlemon) Date: Thu, 26 Jul 2001 13:16:09 -0500 From: Jonathan Lemon To: Alexander Leidinger Cc: gabriel_ambuehl@buz.ch, freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org, jlemon@freebsd.org Subject: Re: Monitoring a FS with kevent (was: Re: Redundant setup on a budget??) Message-ID: <20010726131609.K7716@prism.flugsvamp.com> References: <19297458367.20010726142352@buz.ch> <200107261742.f6QHgXv06426@Magelan.Leidinger.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i In-Reply-To: <200107261742.f6QHgXv06426@Magelan.Leidinger.net> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 26, 2001 at 07:42:32PM +0200, Alexander Leidinger wrote: > On 26 Jul, Gabriel Ambuehl wrote: > > >>> On the first glance it looks pretty complex but... > >> It depends... > > > > Read through it a bit more concentrated today and found it probably > > doesn't help anyway: > > > > EVFILT_VNODE Takes a file descriptor as the identifier and the > > events > > to watch for in fflags, and returns when one or > > more of > > the requested events occurs on the descriptor. > > The events > > to monitor are: > > > > I interpret this like it's good for monitoring single vnodes, but not > > entire filesystem. > > Yes, you have to walk through the entire FS and request a notification > for every file or directory. But perhaps the developer (CCed) is able to > add the "monitor the entire FS for me" functionality in the kernel... > > Jonathan, we are talking about soft-realtime mirroring of an entire FS > (or doing something like realtime-tripwire). That functionality would be nice to have (e.g.: for something like cvsupd), but currently isn't handled by kqueue(). As described above, EVFILT_VNODE monitors files (or directories) so you'd have to open each directory you wanted to monitor. This isn't ideal; suggestions on how things *should* work would be appreciated. One of the main problems is that when the actual event happens (at the vnode level), you only have the inode to identify things by, the pathname used is long gone. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 12: 8:39 2001 Delivered-To: freebsd-isp@freebsd.org Received: from beta.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 3011D37B405 for ; Thu, 26 Jul 2001 12:08:32 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 45213 invoked from network); 26 Jul 2001 19:08:29 -0000 Received: from dclient62-2-106-29.hispeed.ch (HELO athlon550) (62.2.106.29) by beta.root-servers.ch with SMTP; 26 Jul 2001 19:08:29 -0000 Date: Thu, 26 Jul 2001 21:09:50 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <34121816613.20010726210950@buz.ch> To: Jonathan Lemon Cc: Alexander Leidinger , freebsd-isp@freebsd.org, freebsd-cluster@freebsd.org, Subject: Re[2]: Monitoring a FS with kevent (was: Re: Redundant setup on a budget??) In-Reply-To: <20010726131609.K7716@prism.flugsvamp.com> References: <19297458367.20010726142352@buz.ch> <200107261742.f6QHgXv06426@Magelan.Leidinger.net> <20010726131609.K7716@prism.flugsvamp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Jonathan, Thursday, July 26, 2001, 8:16:09 PM, you wrote: >> Jonathan, we are talking about soft-realtime mirroring of an >> entire FS (or doing something like realtime-tripwire). > That functionality would be nice to have (e.g.: for something like > cvsupd), but currently isn't handled by kqueue(). As described > above, EVFILT_VNODE monitors files (or directories) so you'd have > to > open each directory you wanted to monitor. Clearly a non starter... > This isn't ideal; suggestions on how things *should* work would be > appreciated. One of the main problems is that when the actual > event happens (at the vnode level), you only have the inode to > identify > things by, the pathname used is long gone. Well, I don't know (as I couldn't get it to build on 4.3 and 5.0 doesn't want to build...) whether this might help, but spy on http://people.freebsd.org/~abial takes an interesting approach: Generally, it seems to provide a facility to monitor arbitrary system calls, many of them including arguments. Now if someone monitors all open() call including arguments, it should be reasonably easy to write a log with changes to files for simple programs that open(), write(), close(). However, this obviously comes to the limits with daemons that normally keep their files open their whole "life" and might be writing times and times to them, so it probably would need to have some monitoring of the write() call too. How expensive is it to get the path of a file descriptor (not sure whether this can even be done with the current facilities, might need some array containing the descriptor numbers and the pathnames which could be maintained by messing around with open()/close())? As already said, I've been playing with the idea of letting libc do the logging as it knows the exact arguments to the open() calls (if mode != r, a modification is probable...) but here, the identical problem with daemons arises. A radically different approach would be to cache the entire directory structure in RAM which should allow dramatically faster polling at the cost of MB's of RAM but I think this isn't the optimal approach... Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO2Bc8sZa2WpymlDxAQHtaQgAzK4oYumnv0nL0xcGT6EZnvaO3Nsavgse krwSbLngw6wMYK7gKVqiXoAu7PmXMLoPfxU8dFbWREmDSn+27knNWYeoDt+Jh6Nd kjwh0iJR4fGkCaWPUWv4S/cU8Pn2xelMsqZxu1CTscF0Xe7ZjV1xtaGEyeAvAJPf XWM/c3uxf/dXoBjB9teF+7VWSYvZfUzcLezZAI6fVMi9XpfhVOJrW7r6hOus3xEG gjzzu4puUQQpB0C4/s7PL4SQkMh2aTheOcbJz2PHOuzPdJCEfetlaW1kGePTeZbr eqVUAVKMUMp+o/q2g+4twC/7MIBsRiDRrVAPjRMj4I4E6jXkDegPvg== =Vl9P -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 13: 5: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from unity.copyleft.no (unity.copyleft.no [212.71.72.23]) by hub.freebsd.org (Postfix) with ESMTP id 408B837B401 for ; Thu, 26 Jul 2001 13:05:01 -0700 (PDT) (envelope-from martin@unity.copyleft.no) Received: from martin by unity.copyleft.no with local (Exim 3.12 #1) id 15PrNP-0002cq-00; Thu, 26 Jul 2001 22:04:55 +0200 Date: Thu, 26 Jul 2001 22:04:55 +0200 From: Martin Eggen To: Gabriel Ambuehl Cc: freebsd-isp@freebsd.org Subject: Re: Redundant setup on a budget?? Message-ID: <20010726220455.A9431@unity.copyleft.no> References: <510EAC2065C0D311929200A0247252622F7A7B@NETIVITY-FS> <20010724154211.C34017@jake.akitanet.co.uk> <1241681557.20010725114735@buz.ch> <20010725112250.N83511@jake.akitanet.co.uk> <1996903256.20010725131437@buz.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <1996903256.20010725131437@buz.ch>; from gabriel_ambuehl@buz.ch on Wed, Jul 25, 2001 at 01:14:37PM +0200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [Gabriel Ambuehl] > > Trunking isn't supported at all by FreeBSD if I'm not totally > mistaken. Aggregating interfaces has been implemented as a netgraph module, using Cisco's fast etherchannel mechanism. http://people.freebsd.org/~wpaul/FEC/4.x/fec.tar.gz -- Martin Eggen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 13:22: 4 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 5AC7637B405 for ; Thu, 26 Jul 2001 13:22:01 -0700 (PDT) (envelope-from ml@db.nexgen.com) Received: (qmail 1605 invoked from network); 26 Jul 2001 20:21:33 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 26 Jul 2001 20:21:33 -0000 Message-ID: <008601c11610$9f2b7e00$0d00a8c0@alexus> From: "alexus" To: Subject: FAILOVER system Date: Thu, 26 Jul 2001 16:21:58 -0400 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2499.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2499.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org did someone implement failover somehow in fbsd? i want somehow insure that if one machine going go down other machine will take over.. is it possible at all? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 15: 2:14 2001 Delivered-To: freebsd-isp@freebsd.org Received: from elm.phenome.org (elm.phenome.org [194.153.169.3]) by hub.freebsd.org (Postfix) with ESMTP id BD6BB37B406; Thu, 26 Jul 2001 15:02:07 -0700 (PDT) (envelope-from joshua@roughtrade.net) Received: from localhost (joshua@localhost [127.0.0.1]) by localhost (8.12.0.Beta7/8.12.0.Beta7/Debian 8.12.0.Beta7-1) with ESMTP id f6QM26CC010975; Thu, 26 Jul 2001 23:02:06 +0100 Date: Thu, 26 Jul 2001 23:02:06 +0100 (BST) From: Joshua Goodall X-X-Sender: To: Alexander Leidinger Cc: , , , Subject: Re: Monitoring a FS with kevent (was: Re: Redundant setup on a budget??) In-Reply-To: <200107261742.f6QHgXv06426@Magelan.Leidinger.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001, Alexander Leidinger wrote: > Yes, you have to walk through the entire FS and request a notification > for every file or directory. But perhaps the developer (CCed) is able to > add the "monitor the entire FS for me" functionality in the kernel... The snapshot support in -current does just this for its own purposes. That is very much Kirk McKusicks' domain right now. Whether it could be leveraged into a remote replication facility, I don't know. Start at http://www.mckusick.com/softdep/index.html J To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 15:15:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from yesglobal.co.kr (unknown [211.224.128.115]) by hub.freebsd.org (Postfix) with ESMTP id 70E1A37B403 for ; Thu, 26 Jul 2001 15:15:51 -0700 (PDT) (envelope-from ben75218@excite.com) Received: from boty4yr.excite.ccom (wla-ca5c-238.rasserver.net [207.220.37.238]) by yesglobal.co.kr (8.9.3/8.9.3) with SMTP id GAA12408; Fri, 27 Jul 2001 06:22:54 +0900 From: bill32462@operamail.com To: sale_price@kgoerkkthl.chattown.com X-Mailer: Microsoft Outlook Express 5.00.2919.6600 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: 8BIT Subject: Re: Detective Program Message-Id: Date: Thu, 26 Jul 2001 15:13:20 -0800 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org

Find out how to get your hands on unquestionably any information:


please click here for more info















To be removed from our mailing list, please click here To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 15:43:16 2001 Delivered-To: freebsd-isp@freebsd.org Received: from cx175057-a.ocnsd1.sdca.home.com (cx175057-a.ocnsd1.sdca.home.com [24.13.23.40]) by hub.freebsd.org (Postfix) with ESMTP id 6BB0E37B405 for ; Thu, 26 Jul 2001 15:43:14 -0700 (PDT) (envelope-from bri@sonicboom.org) Received: from localhost (bri@localhost) by cx175057-a.ocnsd1.sdca.home.com (8.11.1/8.11.1) with ESMTP id f6QMhBv06781; Thu, 26 Jul 2001 15:43:12 -0700 (PDT) (envelope-from bri@sonicboom.org) Date: Thu, 26 Jul 2001 15:43:11 -0700 (PDT) From: Brian X-X-Sender: To: alexus Cc: Subject: Re: FAILOVER system In-Reply-To: <008601c11610$9f2b7e00$0d00a8c0@alexus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Multiple bsd servers behind an alteon or other 1 public many private switch.. Brian "Sonic" Whalen Success = Preparation + Opportunity On Thu, 26 Jul 2001, alexus wrote: > did someone implement failover somehow in fbsd? > > i want somehow insure that if one machine going go down other machine will > take over.. is it possible at all? > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 17:25:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 1E57937B406 for ; Thu, 26 Jul 2001 17:25:14 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6R0OqT36916; Thu, 26 Jul 2001 14:24:52 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Thu, 26 Jul 2001 14:24:50 -1000 (HST) From: Vincent Poy To: Tom Legg Cc: Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <1004681.996151287@eskimos.the-eleven.com> Message-ID: <20010726142339.Q50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yeah, but that was added way later. Back in summer 1998, it wasn't there and Merit Radius had it. And since it works, there was no point in switching as our customers would flood us with complaints even if it was down for just 1 minute. Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin On Thu, 26 Jul 2001, Tom Legg wrote: > Well I know that the latest versions of cistron handle this nicely. It's > even a tested solution. > > --On Thursday, July 26, 2001 5:49 AM -1000 Vincent Poy > wrote: > > > On Wed, 25 Jul 2001, Paul Robinson wrote: > > > >> On Jul 25, Vincent Poy wrote: > >> > >> > I don't remember but it was a FreeBSD port and this was back in > >> > Summer of 1998 and I remember I even asked the author and he said there > >> > was no realm support back then. > >> > >> OK, I think there has been a misunderstanding here. When referring to > >> realms I translated that into huntgroups, which I assumed to be the same > >> thing. Now I've sat here and thought about it, depending on > >> requirements, you can do it if you needed to, but it's not quite what I > >> think you were referring to. > > > > Nope, huntgroups are different. Realms are like email addresses > > so like joeuser@1.net would forward to another radius server, etc. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jul 26 17:26:39 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id A831C37B405 for ; Thu, 26 Jul 2001 17:26:35 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6R0QDn36960; Thu, 26 Jul 2001 14:26:13 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Thu, 26 Jul 2001 14:26:09 -1000 (HST) From: Vincent Poy To: Steven Ames Cc: Tom Legg , Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <009701c115f2$0a1805e0$28d90c42@eservoffice.com> Message-ID: <20010726142510.J50475-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Never tried freeradius but we are using merit for the past 3 years. Anyone here know how GRIC's roaming works with merit radius or the other ones? Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin On Thu, 26 Jul 2001, Steven Ames wrote: > freeradius and merit will also handle realms correctly. As do most > commercial > varients of RADIUS. > > > Well I know that the latest versions of cistron handle this nicely. It's > > even a tested solution. > > > > --On Thursday, July 26, 2001 5:49 AM -1000 Vincent Poy > > wrote: > > > > > On Wed, 25 Jul 2001, Paul Robinson wrote: > > > > > >> On Jul 25, Vincent Poy wrote: > > >> > > >> > I don't remember but it was a FreeBSD port and this was back in > > >> > Summer of 1998 and I remember I even asked the author and he said > there > > >> > was no realm support back then. > > >> > > >> OK, I think there has been a misunderstanding here. When referring to > > >> realms I translated that into huntgroups, which I assumed to be the > same > > >> thing. Now I've sat here and thought about it, depending on > > >> requirements, you can do it if you needed to, but it's not quite what I > > >> think you were referring to. > > > > > > Nope, huntgroups are different. Realms are like email addresses > > > so like joeuser@1.net would forward to another radius server, etc. > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 4:19:21 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id 8503337B401 for ; Fri, 27 Jul 2001 04:19:19 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from [210.11.50.146] (unknown [210.11.50.146]) by mail.plug.cx (Postfix) with ESMTP id 6F8082B7EC; Sat, 28 Jul 2001 06:41:02 +0930 (CST) Subject: Re: sendmail + virtualhosting + pop secure access + No spam From: Andrew Reid To: "A. David Perez Marfil" Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <81C8CA3C286FD511A959000102C9B2CE2B3C@EXCHANGE> References: <81C8CA3C286FD511A959000102C9B2CE2B3C@EXCHANGE> Content-Type: text/plain Content-Transfer-Encoding: 7bit Message-Id: <996206973.1355.3.camel@percible.alfred.cx> Mime-Version: 1.0 X-Mailer: Evolution/0.11 (Beta Release) Date: 27 Jul 2001 17:16:17 +0930 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 26 Jul 2001 11:42:33 -0500, A. David Perez Marfil wrote: > 1.- sendmail with virtual domain ok > 2.- pop access to the email accounts ok > 3.- how to let the users relay email for their domian in secure way ? > 4.- aviod spammers ? You may want to have a think about POP-3 authentication before allowing mail relay. That way, users have to identify themselves before Sendmail will relay for them. - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 4:19:32 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id 67CDB37B406 for ; Fri, 27 Jul 2001 04:19:25 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from [210.11.50.146] (unknown [210.11.50.146]) by mail.plug.cx (Postfix) with ESMTP id 9BBC92B7ED; Sat, 28 Jul 2001 06:41:06 +0930 (CST) Subject: Re: FreeBSD Mail Toaster CLUSTER From: Andrew Reid To: so@server.i-clue.de Cc: Fabrizio Ravazzini , freebsd-isp@FreeBSD.ORG In-Reply-To: <3B5FDE77.DC5FC3DB@i-clue.de> References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> <3B5FDE77.DC5FC3DB@i-clue.de> Content-Type: text/plain Content-Transfer-Encoding: 7bit Message-Id: <996207686.1405.14.camel@percible.alfred.cx> Mime-Version: 1.0 X-Mailer: Evolution/0.11 (Beta Release) Date: 27 Jul 2001 17:16:21 +0930 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 26 Jul 2001 11:10:15 +0200, Christoph Sold wrote: > As DNS & bind tells, just have two mail servers accept SMTP for your > domain. Assign different names and A records, as well as set both as MX > for your domain. > > If one goes down, the other will get the mail automatically. I've been thinking about putting in another mailserver for redundancy. The notion of setting up a secondary MX host is easy enough, but it doesn't seem to be enough for what I'd like to do. For example: +-----------------------+ +---------+ | |---------------->| MX1 | | Load Balancing Device | +---------+ | | +---------+ | |---------------->| MX2 | +-----------------------+ +---------+ If the Load Balancing Device ("LBD") is sharing out connections for ports 25 and 110 between MX1 and MX2, I want to be sure that if one of the two machines goes down, everyone can still get their mail. I've looked at some methods of doing this where, when accounts are created, they are equally dispersed amongst your MX farm, but that means that all users on the dead MX will have no mail access. How are people going about delivering distributed, redundant, load-balanced mail? I was thinking that some form of parallel delivery could be implemented, but that would result in the load of MX1 and MX2 being pretty similar (one would think). You don't want to have all your eggs in one basket, but at the same time, you do. You want to be able to get to your mail -all- the time, not just when the appropriate server is up. If accounts "joe", "thelma" and "louise" are on MX1, they still need to be able to get to their mail, even when the server is down. Hmm! Suggestions? - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 5:20:23 2001 Delivered-To: freebsd-isp@freebsd.org Received: from fw.nextra.de (unknown [212.169.185.140]) by hub.freebsd.org (Postfix) with ESMTP id A9AEA37B403 for ; Fri, 27 Jul 2001 05:20:18 -0700 (PDT) (envelope-from O.Blasnik@nextra.de) Received: by fw.nextra.de; id OAA13228; Fri, 27 Jul 2001 14:20:31 +0200 (MET DST) Received: from unknown(10.49.96.2) by smtp1.fw.nextra.de via smap (V5.5) id xma013215; Fri, 27 Jul 01 14:20:24 +0200 Received: from omnilinkw63 ([10.49.96.101]) by f-ex-01.intern.nextra.de with Microsoft SMTPSVC(5.0.2195.1600); Fri, 27 Jul 2001 14:18:45 +0100 Message-ID: <00a501c11695$d2a3e8a0$6560310a@intern.nextra.de> From: "Oliver Blasnik" To: "Barry Irwin" , "Dave VanAuken" Cc: References: <20010722161118.C44952@devco.net> Subject: Re: Gigabyte GS-SR101 and GS-SR102 1U rackmount... Date: Fri, 27 Jul 2001 14:15:28 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 X-OriginalArrivalTime: 27 Jul 2001 13:18:45.0297 (UTC) FILETIME=[A9D3FA10:01C1169E] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi there, (late but...) Barry and Dave talking about GSSR10x 1U: > On Fri 2001-07-20 (14:08), Dave VanAuken wrote: > > Any experience using either of these in a FreeBSD 4.3 stable environment? Sure, got the 101 and it works really good. Equipped with 2 PIII/650, 512MB RAM, a ZNYX Quad Ethernet in FastEtherChannel Mode and with 2 ATA-100 disk drives (striped) it's running without any flaws - as an internal Fileserver (lets say, for multimedia purposes... *g*). I checked out the features of the 102, but decided not to get this one, instead waiting for the 103 sample (which is going to be delivered to us in about one month). Features are like the 102, but with 10/100/1000 Intel NIC interface, Adaptec SCSI320 onboard and IPMI support. Barry said: > Hardware construction is pretty solid, nice looking cases, cable guides, > and rounded edges on the caseing. Agree, construction is really good, and enough fans to keep that hardware cooled. Btw, I can _not_ recommend the 101 as far as the IDE-Raid is a software-only solution and the FreeBSD-Drivers still don't support this correctly (ex: if one drive fails in a two-mirrored- driveset, the system is going to hang). > I've been wanting to get these in to have a > look with but still waiting for the local supplier. Got to have a close > look at them about 2 months ago at the Gigabyte product launch. 2 Months ago? Hu? I have the 101 since.. Hmm... End of November, the 102 was available as an engineering sample in 03/2001. > Barry HTH, Oliver -- -- http://www.nextra.de - INTERNET@WORK ----- oliver.blasnik@nextra.de -- Nextra Deutschland | Oliver Blasnik Senior System Administrator GmbH & Co KG | Lyoner Strasse 26 D-60528 Frankfurt Engineering TA&S | tel +49-69-66441-0 fax +49-69-66441-199 ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 5:28:39 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.online.ie (mail.online.ie [213.159.130.68]) by hub.freebsd.org (Postfix) with ESMTP id 23F2537B405 for ; Fri, 27 Jul 2001 05:28:36 -0700 (PDT) (envelope-from bofh@online.ie) Received: from web1.www.online.ie (eth4.web1.www.online.ie [10.10.4.32]); by mail.online.ie with ESMTP id 09DF07028; Fri, 27 Jul 2001 13:28:35 +0100 (IST) Received: (from nobody@localhost) by web1.www.online.ie with id NAA17861 Fri, 27 Jul 2001 13:28:35 +0100 To: Andrew Reid Subject: Re: FreeBSD Mail Toaster CLUSTER Message-ID: <996236914.3b615e72f3c96@mail.online.ie> Date: Fri, 27 Jul 2001 13:28:34 +0100 (IST) From: Sascha Lucky Luck Cc: freebsd-isp@FreeBSD.ORG References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> <3B5FDE77.DC5FC3DB@i-clue.de> <996207686.1405.14.camel@percible.alfred.cx> In-Reply-To: <996207686.1405.14.camel@percible.alfred.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: online.ie WebMail program X-Originating-IP: 159.134.219.133 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Quoting Andrew Reid : > The notion of setting up a secondary MX host is easy enough, > but it > doesn't seem to be enough for what I'd like to do. > > For example: > > +-----------------------+ +---------+ > | |---------------->| MX1 | > | Load Balancing Device | +---------+ > | | +---------+ > | |---------------->| MX2 | > +-----------------------+ +---------+ > > If the Load Balancing Device ("LBD") is sharing out > connections for > ports 25 and 110 between MX1 and MX2, I want to be sure that > if one of > the two machines goes down, everyone can still get their > mail. > > I've looked at some methods of doing this where, when accounts > are > created, they are equally dispersed amongst your MX farm, but > that means > that all users on the dead MX will have no mail access. > > How are people going about delivering distributed, > redundant, > load-balanced mail? I was thinking that some form of parallel > delivery > could be implemented, but that would result in the load of MX1 > and MX2 > being pretty similar (one would think). > > You don't want to have all your eggs in one basket, but at the > same > time, you do. You want to be able to get to your mail -all- > the time, > not just when the appropriate server is up. If accounts "joe", > "thelma" > and "louise" are on MX1, they still need to be able to get to > their > mail, even when the server is down. > > Hmm! Suggestions? The file system where the user accounts live must then be shared between the different mail servers. We mounted that from a Network Appliance Filer cluster, so that was pretty safe to begin with. User account information needs to either reside on the shared FS or must be duplicated (eg. rdist) between the machines. If you are connected to the server that failed you'll have to reconnect. Otherwise the user will never notice a server failure. > - andrew HTH, s. ---------------------------------------------------- Get your free email account at http://www.online.ie/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 5:34: 2 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id A241B37B407 for ; Fri, 27 Jul 2001 05:33:58 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from [210.11.50.146] (unknown [210.11.50.146]) by mail.plug.cx (Postfix) with ESMTP id 04C102B7E4; Sat, 28 Jul 2001 07:55:43 +0930 (CST) Subject: Re: FreeBSD Mail Toaster CLUSTER From: Andrew Reid To: Sascha Lucky Luck Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <996236914.3b615e72f3c96@mail.online.ie> References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> <3B5FDE77.DC5FC3DB@i-clue.de> <996207686.1405.14.camel@percible.alfred.cx> <996236914.3b615e72f3c96@mail.online.ie> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.11 (Beta Release) Date: 27 Jul 2001 22:03:27 +0930 Message-Id: <996237209.4218.1.camel@percible.alfred.cx> Mime-Version: 1.0 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 27 Jul 2001 13:28:34 +0100, Sascha Lucky Luck wrote: > The file system where the user accounts live must then be shared > between the different mail servers. We mounted that from a Network > Appliance Filer cluster, so that was pretty safe to begin with. Is there any way to do this with FreeBSD and a supporting crew? > User account information needs to either reside on the shared FS or > must be duplicated (eg. rdist) between the machines. Or LDAP :-) > If you are connected to the server that failed you'll have to > reconnect. Otherwise the user will never notice a server failure. The ultimate aim :-) - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 5:37:16 2001 Delivered-To: freebsd-isp@freebsd.org Received: from taunus-biker.de (taunus-biker.de [212.255.4.205]) by hub.freebsd.org (Postfix) with ESMTP id 43B7537B403 for ; Fri, 27 Jul 2001 05:37:11 -0700 (PDT) (envelope-from r0m@taunus-biker.de) Received: from omnilinkw63 ([212.169.184.9]) by taunus-biker.de (8.9.3+3.2W/8.9.3) with SMTP id OAA00243; Fri, 27 Jul 2001 14:37:08 +0200 (CEST) Message-ID: <01f601c11698$467cf940$6560310a@intern.nextra.de> From: "Oliver Blasnik" To: "Andrew Reid" , "Sascha Lucky Luck" Cc: References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> <3B5FDE77.DC5FC3DB@i-clue.de> <996207686.1405.14.camel@percible.alfred.cx> <996236914.3b615e72f3c96@mail.online.ie> Subject: Re: FreeBSD Mail Toaster CLUSTER Date: Fri, 27 Jul 2001 14:33:01 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi there, [Load-Balancing a Mailcluster, how to deliver Mail?!] > The file system where the user accounts live must then be shared > between the different mail servers. We mounted that from a Network > Appliance Filer cluster, so that was pretty safe to begin with. If you use an NAS for such things, check out that the IMAP and delivery-Software is able to work with it... Afaik there was the talk of Cyrus, which storage is not NFS-aware. Maildir seems to be the only solution, so Courier should be the choice. > User account information needs to either reside on the shared FS or > must be duplicated (eg. rdist) between the machines. We are using a replicated MySQL DB on every mailserver in the cluster, which is more in-time as rdist (imho). > If you are connected to the server that failed you'll have to > reconnect. Otherwise the user will never notice a server failure. If there's a professional solution at the Loadbalancer-Level, you will never connect to a failed server. > > - andrew > HTH, > s. Just the same ;) Oliver -- -- http://www.nextra.de - INTERNET@WORK ----- oliver.blasnik@nextra.de -- Nextra Deutschland | Oliver Blasnik Senior System Administrator GmbH & Co KG | Lyoner Strasse 26 D-60528 Frankfurt Engineering TA&S | tel +49-69-66441-0 fax +49-69-66441-199 ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 5:40:52 2001 Delivered-To: freebsd-isp@freebsd.org Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by hub.freebsd.org (Postfix) with ESMTP id 96ED337B403 for ; Fri, 27 Jul 2001 05:40:50 -0700 (PDT) (envelope-from web@merit.edu) Received: from web1.merit.edu (web1.merit.edu [198.108.62.192]) by segue.merit.edu (Postfix) with ESMTP id 38EB05DD9E; Fri, 27 Jul 2001 08:42:14 -0400 (EDT) Received: (from web@localhost) by web1.merit.edu (8.9.3/8.9.1) id IAA02563; Fri, 27 Jul 2001 08:40:56 -0400 (EDT) Date: Fri, 27 Jul 2001 08:40:56 -0400 From: William Bulley To: Vincent Poy Cc: freebsd-isp@FreeBSD.ORG Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE Message-ID: <20010727084056.F2410@web1.merit.edu> Mail-Followup-To: Vincent Poy , freebsd-isp@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1us Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org According to Vincent Poy : > > Yeah, but that was added way later. Back in summer 1998, it > wasn't there and Merit Radius had it. And since it works, there was no > point in switching as our customers would flood us with complaints even if > it was down for just 1 minute. Just FYI: the realm concept was added to the Merit AAA Server (RADIUS) prior to my arrival (as a member of the engineering group charged with the development and deployment of the server) in the Spring of 1994. Regards, web... -- William Bulley Manager of Software Engineering Merit Network, Inc. Email: web@merit.edu Building One, Suite 2000 Phone: (734) 764-9430 4251 Plymouth Road Fax: (734) 647-3185 Ann Arbor, Michigan 48105-2785 "We're not C++ programmers. There is one program written in C++ in OpenBSD, out of 300 megabytes of source code." - Theo deRaadt, father and principal archtitect of the OpenBSD operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 6:47: 4 2001 Delivered-To: freebsd-isp@freebsd.org Received: from fw.nextra.de (unknown [212.169.185.140]) by hub.freebsd.org (Postfix) with ESMTP id 4763A37B401 for ; Fri, 27 Jul 2001 06:47:00 -0700 (PDT) (envelope-from O.Blasnik@nextra.de) Received: by fw.nextra.de; id PAA17306; Fri, 27 Jul 2001 15:47:08 +0200 (MET DST) Received: from unknown(10.49.96.2) by smtp1.fw.nextra.de via smap (V5.5) id xma017263; Fri, 27 Jul 01 15:47:00 +0200 Received: from omnilinkw63 ([10.49.96.101]) by f-ex-01.intern.nextra.de with Microsoft SMTPSVC(5.0.2195.1600); Fri, 27 Jul 2001 15:45:21 +0100 Message-ID: <02e201c116a1$ec09de60$6560310a@intern.nextra.de> From: "Oliver Blasnik" To: "Dave" , "Barry Irwin" Cc: References: Subject: Re: Gigabyte GS-SR101 and GS-SR102 1U rackmount... Date: Fri, 27 Jul 2001 15:42:04 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 X-OriginalArrivalTime: 27 Jul 2001 14:45:21.0748 (UTC) FILETIME=[C3277940:01C116AA] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi again, Dave with some questions ;) > >hardware cooled. Btw, I can _not_ recommend the 101 as far as the > >IDE-Raid is a software-only solution and the FreeBSD-Drivers still > >don't support this correctly (ex: if one drive fails in a two-mirrored- > >driveset, the system is going to hang). > > So the IDE raid is useless for RAID 1(mirror) applications, but performs RAID > 0(striping) adequately? This is correct. > Any idea on when/if the IDE raid for FreeBSD 4.x will be resolved to avoid this > lockup problem? (really another thread) I asked for it (check the archive for that *g*), and the reply was sth like "use hardware for that". I think this features won't be available in near future. > Assume that the onboard SCSI320 interface in the 103 can/will support RAID 1 in > FBSD4.x configuration? No. Just a "simple" Adaptec SCSI-Controller. But I have in mind that Katrina (from Gigabyte) told about an addon-Module from Adaptec to perform HW-Raid. Not sure about. The mainboard-specs are still changing from one week to the next. > Dial question about construction... assuming we can pick these up > barebones and insert our own CPU/Mem/HDD into the barebones solution > without much problem? Any pitfalls with that? This is a way to go. This is the way I got the system up, as far as the engineering samples are "empty" barebones, without cpu, ram, hdd. > Thanks for the feedback, and would love to hear your impression of the 103 > performance when you do get ahold of it. It hopefully will perform as I dream of *g*. If there's no Raid-Plugin available, I'll check it with a Raid Adapter - 3 Hotswap SCSI HDD's have to be used this way ;) > Dave Cu, Oliver -- -- http://www.nextra.de - INTERNET@WORK ----- oliver.blasnik@nextra.de -- Nextra Deutschland | Oliver Blasnik Senior System Administrator GmbH & Co KG | Lyoner Strasse 26 D-60528 Frankfurt Engineering TA&S | tel +49-69-66441-0 fax +49-69-66441-199 ------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 6:56:26 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailman.thenap.com (mailman.thenap.com [209.190.0.10]) by hub.freebsd.org (Postfix) with ESMTP id 5B7B937B406 for ; Fri, 27 Jul 2001 06:56:10 -0700 (PDT) (envelope-from drew.weaver@thenap.com) Received: by mailman.thenap.com with Internet Mail Service (5.5.2653.19) id ; Fri, 27 Jul 2001 09:58:04 -0400 Message-ID: From: "Drew J. Weaver" To: 'Sascha Lucky Luck' , Andrew Reid Cc: freebsd-isp@FreeBSD.ORG Subject: RE: FreeBSD Mail Toaster CLUSTER Date: Fri, 27 Jul 2001 09:58:04 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C116A4.27CEDAC0" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C116A4.27CEDAC0 Content-Type: text/plain; charset="iso-8859-1" You could have it authenticate through LDAP and have the mail store on one server and mount shares to the mail store on the two servers. Mail server 1--------------------------[Samba or other network share > LDAP Server for auth ] Mail Store Mail server 2--------------------------[Samba (or other network share -Drew -----Original Message----- From: Sascha Lucky Luck [mailto:bofh@online.ie] Sent: Friday, July 27, 2001 8:29 AM To: Andrew Reid Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FreeBSD Mail Toaster CLUSTER Quoting Andrew Reid : > The notion of setting up a secondary MX host is easy enough, > but it > doesn't seem to be enough for what I'd like to do. > > For example: > > +-----------------------+ +---------+ > | |---------------->| MX1 | > | Load Balancing Device | +---------+ > | | +---------+ > | |---------------->| MX2 | > +-----------------------+ +---------+ > > If the Load Balancing Device ("LBD") is sharing out > connections for > ports 25 and 110 between MX1 and MX2, I want to be sure that > if one of > the two machines goes down, everyone can still get their > mail. > > I've looked at some methods of doing this where, when accounts > are > created, they are equally dispersed amongst your MX farm, but > that means > that all users on the dead MX will have no mail access. > > How are people going about delivering distributed, > redundant, > load-balanced mail? I was thinking that some form of parallel > delivery > could be implemented, but that would result in the load of MX1 > and MX2 > being pretty similar (one would think). > > You don't want to have all your eggs in one basket, but at the > same > time, you do. You want to be able to get to your mail -all- > the time, > not just when the appropriate server is up. If accounts "joe", > "thelma" > and "louise" are on MX1, they still need to be able to get to > their > mail, even when the server is down. > > Hmm! Suggestions? The file system where the user accounts live must then be shared between the different mail servers. We mounted that from a Network Appliance Filer cluster, so that was pretty safe to begin with. User account information needs to either reside on the shared FS or must be duplicated (eg. rdist) between the machines. If you are connected to the server that failed you'll have to reconnect. Otherwise the user will never notice a server failure. > - andrew HTH, s. ---------------------------------------------------- Get your free email account at http://www.online.ie/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message ------_=_NextPart_001_01C116A4.27CEDAC0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: FreeBSD Mail Toaster CLUSTER

You could have it authenticate through LDAP and have = the mail store on one server and mount shares to the mail store on the = two servers.

Mail server 1--------------------------[Samba or = other network share
          &nb= sp; >  LDAP Server for auth ]   Mail Store
Mail server 2--------------------------[Samba (or = other network share

-Drew


-----Original Message-----
From: Sascha Lucky Luck [mailto:bofh@online.ie]
Sent: Friday, July 27, 2001 8:29 AM
To: Andrew Reid
Cc: freebsd-isp@FreeBSD.ORG
Subject: Re: FreeBSD Mail Toaster CLUSTER


Quoting Andrew Reid = <andrew.reid@plug.cx>:

> The notion of setting up a secondary MX host is = easy enough,
> but it
> doesn't seem to be enough for what I'd like to = do.
>
> For example:
>
> = +-----------------------+        = ;         +---------+
> = |            = ;           = |---------------->|   MX1   |
> | Load Balancing Device = |            = ;     +---------+
> = |            = ;           = |            = ;     +---------+
> = |            = ;           = |---------------->|   MX2   |
> = +-----------------------+        = ;         +---------+
>
> If the Load Balancing Device ("LBD") = is sharing out
> connections for
> ports 25 and 110 between MX1 and MX2, I want to = be sure that
> if one of
> the two machines goes down, everyone can still = get their
> mail.
>
> I've looked at some methods of doing this = where, when accounts
> are
> created, they are equally dispersed amongst = your MX farm, but
> that means
> that all users on the dead MX will have no mail = access.
>
> How are people going about delivering = distributed,
> redundant,
> load-balanced mail? I was thinking that some = form of parallel
> delivery
> could be implemented, but that would result in = the load of MX1
> and MX2
> being pretty similar (one would think).
>
> You don't want to have all your eggs in one = basket, but at the
> same
> time, you do. You want to be able to get to = your mail -all-
> the time,
> not just when the appropriate server is up. If = accounts "joe",
> "thelma"
> and "louise" are on MX1, they still = need to be able to get to
> their
> mail, even when the server is down.
>
> Hmm! Suggestions?

The file system where the user accounts live must = then be shared
between the different mail servers. We mounted that = from a Network
Appliance Filer cluster, so that was pretty safe to = begin with.
User account information needs to either reside on = the shared FS or
must be duplicated (eg. rdist) between the = machines.
If you are connected to the server that failed = you'll have to
reconnect. Otherwise the user will never notice a = server failure.

>    - andrew

HTH,
s.

----------------------------------------------------
Get your free email account at http://www.online.ie/

To Unsubscribe: send mail to = majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body = of the message

------_=_NextPart_001_01C116A4.27CEDAC0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 8:12: 7 2001 Delivered-To: freebsd-isp@freebsd.org Received: from otto.oss.uswest.net (otto.oss.uswest.net [204.147.85.81]) by hub.freebsd.org (Postfix) with ESMTP id 9C31637B403 for ; Fri, 27 Jul 2001 08:12:03 -0700 (PDT) (envelope-from pmckenna@otto.oss.uswest.net) Received: (from pmckenna@localhost) by otto.oss.uswest.net (8.11.3/8.11.1) id f6RF7AT62689; Fri, 27 Jul 2001 10:07:10 -0500 (CDT) (envelope-from pmckenna) Date: Fri, 27 Jul 2001 10:07:10 -0500 From: Pete McKenna To: Andrew Reid Cc: Sascha Lucky Luck , freebsd-isp@FreeBSD.ORG Subject: Re: FreeBSD Mail Toaster CLUSTER Message-ID: <20010727100710.D54270@otto.oss.qwest.net> References: <20010726065304.39908.qmail@web20106.mail.yahoo.com> <3B5FDE77.DC5FC3DB@i-clue.de> <996207686.1405.14.camel@percible.alfred.cx> <996236914.3b615e72f3c96@mail.online.ie> <996237209.4218.1.camel@percible.alfred.cx> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <996237209.4218.1.camel@percible.alfred.cx>; from andrew.reid@plug.cx on Fri, Jul 27, 2001 at 10:03:27PM +0930 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Jul 27, 2001 at 10:03:27PM +0930, Andrew Reid wrote: > On 27 Jul 2001 13:28:34 +0100, Sascha Lucky Luck wrote: > > > The file system where the user accounts live must then be shared > > between the different mail servers. We mounted that from a Network > > Appliance Filer cluster, so that was pretty safe to begin with. > > Is there any way to do this with FreeBSD and a supporting crew? Yes, we had a nice talk from BSDCon with info on this but after the site was discovered by the slashdot crowd management asked that it be removed. FreeBSD was not the issue it was some statements about network / backbone topology. Anyway, we use a single mail-storage box on a beefy RAID with redundant power RAID controllers etc. Then we proxy POP and IMAP from front-end servers, it's very similar to the Net App solution but avoids NFS. We use this in some of our larger remote sites. ( We are so distributed it's sick, this also caused great confusion with the slides, the reason is FCC regulations ) We have used Net Apps in the past both remotely and in our NOC and have plans to do so in the future for some mail storage. Pete > > > User account information needs to either reside on the shared FS or > > must be duplicated (eg. rdist) between the machines. > > Or LDAP :-) > > > If you are connected to the server that failed you'll have to > > reconnect. Otherwise the user will never notice a server failure. > > The ultimate aim :-) > > - andrew > > -- > void signature () { > cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; > cout << "Cell: +61 401 946 813" << endl; > cout << "Quidquid latine dictum sit, altum viditur" << endl; > } > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Peter McKenna Qwest Internet Solutions pmckenna@qwest.net Main 612-664-4000 FAX 612-664-4770 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 9:44:57 2001 Delivered-To: freebsd-isp@freebsd.org Received: from home.cg.nu (home.cg.nu [213.196.2.115]) by hub.freebsd.org (Postfix) with ESMTP id B861437B403 for ; Fri, 27 Jul 2001 09:44:54 -0700 (PDT) (envelope-from henk@home.cg.nu) Received: from kpnlep (netfreak.xs4all.nl [213.84.69.96]) by home.cg.nu (Postfix) with SMTP id 2FFE8158FB2 for ; Fri, 27 Jul 2001 18:44:46 +0200 (CEST) From: "Henk Wevers" To: "freebsd-isp@FreeBSD. ORG" Subject: pam_ldap Date: Fri, 27 Jul 2001 18:44:45 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I am trying to get pam_ldap work with FreeBSD. It is not that easy as on linux. Does somewhone have a working /etc/pam.conf or /etc/pam.d/ Unfortianly google did not have every answer :( Please if somebody have some examples to make pam_ldap to work please. Henk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 14:24:18 2001 Delivered-To: freebsd-isp@freebsd.org Received: from 216-24-1-70.win.net (216-24-1-70.win.net [216.24.1.70]) by hub.freebsd.org (Postfix) with ESMTP id 4D4E837B401 for ; Fri, 27 Jul 2001 14:24:15 -0700 (PDT) (envelope-from root@216-24-1-70.win.net) Received: from localhost (root@localhost) by 216-24-1-70.win.net (8.11.3/8.11.3) with ESMTP id f6RLPh268542 for ; Fri, 27 Jul 2001 17:25:43 -0400 (EDT) (envelope-from root@216-24-1-70.win.net) Date: Fri, 27 Jul 2001 17:25:43 -0400 (EDT) From: Charlie ROOT To: "freebsd-isp@FreeBSD. ORG" Subject: Re: pam_ldap In-Reply-To: Message-ID: <20010727172141.V66681-100000@216-24-1-70.win.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yea, it works. It's not too bad either. I think the last time I looked it didn't do any cacheing of lookups, so they are 1 for 1 on calls. Make sure you LDAP indexing is proper. Slow lookups are bad for authentication. "cd /usr/ports/security/pam_ldap && make install" Kyle Stone Admin and LDAP geek kstone@win.net On Fri, 27 Jul 2001, Henk Wevers wrote: > Hi, > > I am trying to get pam_ldap work with FreeBSD. > It is not that easy as on linux. > > Does somewhone have a working /etc/pam.conf or /etc/pam.d/ > > Unfortianly google did not have every answer :( > > Please if somebody have some examples to make pam_ldap to work please. > > Henk > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 14:41:49 2001 Delivered-To: freebsd-isp@freebsd.org Received: from home.cg.nu (home.cg.nu [213.196.2.115]) by hub.freebsd.org (Postfix) with ESMTP id 4FD0637B406 for ; Fri, 27 Jul 2001 14:41:46 -0700 (PDT) (envelope-from henk@home.cg.nu) Received: from kpnlep (netfreak.xs4all.nl [213.84.69.96]) by home.cg.nu (Postfix) with SMTP id 8AF12158FB2; Fri, 27 Jul 2001 23:41:44 +0200 (CEST) From: "Henk Wevers" To: "Charlie ROOT" , "freebsd-isp@FreeBSD. ORG" Subject: RE: pam_ldap Date: Fri, 27 Jul 2001 23:41:44 +0200 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006 Importance: Normal In-Reply-To: <20010727172141.V66681-100000@216-24-1-70.win.net> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Do you have an example off your pam.conf? Henk -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Charlie ROOT Sent: vrijdag 27 juli 2001 23:26 To: freebsd-isp@FreeBSD. ORG Subject: Re: pam_ldap Yea, it works. It's not too bad either. I think the last time I looked it didn't do any cacheing of lookups, so they are 1 for 1 on calls. Make sure you LDAP indexing is proper. Slow lookups are bad for authentication. "cd /usr/ports/security/pam_ldap && make install" Kyle Stone Admin and LDAP geek kstone@win.net On Fri, 27 Jul 2001, Henk Wevers wrote: > Hi, > > I am trying to get pam_ldap work with FreeBSD. > It is not that easy as on linux. > > Does somewhone have a working /etc/pam.conf or /etc/pam.d/ > > Unfortianly google did not have every answer :( > > Please if somebody have some examples to make pam_ldap to work please. > > Henk > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 16:20:13 2001 Delivered-To: freebsd-isp@freebsd.org Received: from virtual-voodoo.com (virtual-voodoo.com [204.120.165.254]) by hub.freebsd.org (Postfix) with ESMTP id 116DD37B405 for ; Fri, 27 Jul 2001 16:20:10 -0700 (PDT) (envelope-from steve@virtual-voodoo.com) Received: (from steve@localhost) by virtual-voodoo.com (8.11.4/8.11.4) id f6RNK9p38957 for freebsd-isp@freebsd.org; Fri, 27 Jul 2001 18:20:09 -0500 (EST) (envelope-from steve) Date: Fri, 27 Jul 2001 18:20:09 -0500 From: Steve Ames To: freebsd-isp@freebsd.org Subject: Apache mod_auth_pam Message-ID: <20010727182009.A33792@virtual-voodoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anyone get this working? I get errors when attempting to use it: Jul 27 15:35:02 voodoo httpd: unable to dlopen(/usr/lib/pam_unix.so) Jul 27 15:35:02 voodoo httpd: [dlerror: /usr/lib/pam_unix.so: Undefined symbol "pam_get_item"] Jul 27 15:35:02 voodoo httpd: adding faulty module: /usr/lib/pam_unix.so Any thoughts? On 4.3-STABLE from 7/25 using the latest mod_auth_pam from ports on Apache 1.3.19. -Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 17:53:28 2001 Delivered-To: freebsd-isp@freebsd.org Received: from moat.teksupport.net.au (moat.teksupport.net.au [203.17.1.98]) by hub.freebsd.org (Postfix) with ESMTP id A1B4637B401 for ; Fri, 27 Jul 2001 17:53:24 -0700 (PDT) (envelope-from robseco@teksupport.net.au) Received: from rob.secombe (robseco.secombe [192.168.1.2]) by moat.teksupport.net.au (8.11.0/8.11.0) with SMTP id f6S0rKW40761 for ; Sat, 28 Jul 2001 10:53:22 +1000 (EST) (envelope-from robseco@teksupport.net.au) Message-Id: <3.0.5.32.20010728105319.03799910@secombe> X-Sender: robseco@secombe X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Sat, 28 Jul 2001 10:53:19 +1000 To: freebsd-isp@freebsd.org From: Rob Secombe Subject: Further to Virus checking mail server Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I read with interest the recent thread on real time virus checking mailservers. Although I don't believe it to be a panacea, checking on the fly would certainly help to combat the problem. It appears that most of the solutions offered, such as Amavis, provide an interface to commercial virus checking software, which seems like a pretty logical thing to do. However, a cursory look around the contenders reveals that most of the licensing of these products for email servers seem to be based on the number of mailboxes to protect. In our case the cost would be prohibitive. Is anyone aware of a FreeBSD compatible product that is either 'server based' or has special licensing for ISPs? Cheers Rob Secombe Teksupport Pty Ltd Melbourne Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 18:48:13 2001 Delivered-To: freebsd-isp@freebsd.org Received: from ruminary.org (unknown [207.44.246.153]) by hub.freebsd.org (Postfix) with ESMTP id 8F7E937B401 for ; Fri, 27 Jul 2001 18:48:10 -0700 (PDT) (envelope-from clark@ruminary.org) Received: by ruminary.org (Postfix, from userid 1000) id D5B6C1529E; Fri, 27 Jul 2001 18:48:09 -0700 (PDT) Date: Fri, 27 Jul 2001 18:48:09 -0700 From: clark shishido To: Rob Secombe Cc: freebsd-isp@freebsd.org Subject: Re: Further to Virus checking mail server Message-ID: <20010727184809.A20352@ruminary.org> References: <3.0.5.32.20010728105319.03799910@secombe> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3.0.5.32.20010728105319.03799910@secombe>; from robseco@teksupport.net.au on Sat, Jul 28, 2001 at 10:53:19AM +1000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Jul 28, 2001 at 10:53:19AM +1000, Rob Secombe wrote: > > In our case the cost would be prohibitive. Is anyone > aware of a FreeBSD compatible product that is either 'server based' or has > special licensing for ISPs? > if you want no cost you can try http://www.impsec.org/email-tools/procmail-security.html or http://mailtools.anomy.net/ it may be free, but it'll put a load on your servers as each message will be filtered for MIME and HTML content. I've haven't installed either in a ISP environment with high volume, but I have been able to protect small and medium sized networks. Also, neither is a virus scanner per se, but rather a file attachment checker and HTML defanger. --clark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 20:58:24 2001 Delivered-To: freebsd-isp@freebsd.org Received: from oahu.WURLDLINK.NET (oahu.WURLDLINK.NET [216.235.52.1]) by hub.freebsd.org (Postfix) with ESMTP id 3F0F037B406 for ; Fri, 27 Jul 2001 20:58:22 -0700 (PDT) (envelope-from vince@oahu.WURLDLINK.NET) Received: from localhost (vince@localhost) by oahu.WURLDLINK.NET (8.11.3/8.11.3) with ESMTP id f6S3wFm09690; Fri, 27 Jul 2001 17:58:16 -1000 (HST) (envelope-from vince@oahu.WURLDLINK.NET) Date: Fri, 27 Jul 2001 17:58:15 -1000 (HST) From: Vincent Poy To: William Bulley Cc: Subject: Re: RADIUS server on FreeBSD 4.x-RELEASE In-Reply-To: <20010727084056.F2410@web1.merit.edu> Message-ID: <20010727175748.G7031-100000@oahu.WURLDLINK.NET> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 27 Jul 2001, William Bulley wrote: > According to Vincent Poy : > > > > Yeah, but that was added way later. Back in summer 1998, it > > wasn't there and Merit Radius had it. And since it works, there was no > > point in switching as our customers would flood us with complaints even if > > it was down for just 1 minute. > > Just FYI: the realm concept was added to the Merit AAA Server (RADIUS) > prior to my arrival (as a member of the engineering group charged with > the development and deployment of the server) in the Spring of 1994. Pretty interesting. Is there a way to limit one login per user with Merit AAA? Cheers, Vince - vince@WURLDLINK.NET - Vice President ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] WurldLink Corporation / / / / | / | __] ] San Francisco - Honolulu - Hong Kong / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____] Almighty1@IRC - oahu.DAL.NET Hawaii's DALnet IRC Network Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jul 27 22: 8:19 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.plug.cx (kypo.alfred.cx [150.101.93.134]) by hub.freebsd.org (Postfix) with ESMTP id E505937B405 for ; Fri, 27 Jul 2001 22:08:16 -0700 (PDT) (envelope-from andrew.reid@plug.cx) Received: from [210.11.40.230] (unknown [210.11.40.230]) by mail.plug.cx (Postfix) with ESMTP id 9E8F02B7E4; Sun, 29 Jul 2001 00:30:28 +0930 (CST) Subject: Re: autolock on users acc if he/she didnt login for last 30 days From: Andrew Reid To: alexus Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <000901c10fc1$f98d0d00$0d00a8c0@alexus> References: <000901c10fc1$f98d0d00$0d00a8c0@alexus> Content-Type: text/plain Content-Transfer-Encoding: 7bit Message-Id: <996240684.4218.16.camel@percible.alfred.cx> Mime-Version: 1.0 X-Mailer: Evolution/0.11 (Beta Release) Date: 28 Jul 2001 14:37:39 +0930 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 18 Jul 2001 15:43:52 -0400, alexus wrote: > is there a way to do if user didn't login on shell for past lets say > 30 days his account automaticly gonig lock? or change shell to > /noshell ? Seeing as I'm not in front of a FreeBSD box at the moment, this is somewhat off the top of my head... 'lastlog' should have something worthwhile. A simple script called nightly from CRON would be sufficient. For example, when I run 'lastlog -u andrew' on my laptop, it tells me the time and date I last logged into the system (funnily enough). [andrew@percible log]$ lastlog -u andrew Username Port From Latest andrew :0 Fri Jul 27 13:12:20 +0930 2001 Now, all you have to do is: i ) Make sure the time, date and timezone is correctly set ii ) Write a bit of [Pp][ython|erl] split and analyze the output from 'lastlog -u %s' (where %s is the username) The script may also wish to check if %s is in whichever group all users are a member of. This prevents toying with system accounts that display '**Never logged in**' (you still want to be able to disable normal users that have not logged in, you see). - andrew -- void signature () { cout << "Andrew Reid -- andrew.reid@plug.cx" << endl ; cout << "Cell: +61 401 946 813" << endl; cout << "Quidquid latine dictum sit, altum viditur" << endl; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jul 28 4:24:42 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mydomain.com (t3o102p2.telia.com [194.255.255.2]) by hub.freebsd.org (Postfix) with ESMTP id B714D37B40E; Sat, 28 Jul 2001 04:24:31 -0700 (PDT) (envelope-from world1web@www.com) Date: Sat, 28 Jul 2001 13:24:28 +0100 From: WORLD1-WEB To: WORLD1-WEB@FreeBSD.ORG Subject: INCREDIBLE .. WORLDS NO.1 !! Message-Id: <20010728112431.B714D37B40E@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ladies & Gentlemen, Are you ready to the experience of a lifetime ? As affiliates of the CIL group, we offer you to PLUGIN to the largest SEX-SERVER on the WEB, in order to get more than 3000 MegaBytes of the best and most sensational SEX on the entire Web! Why on earth do you think that thousands of people from 13 countries daily choose to visit 2 particular WebSites ? Very EASY answer! - The largest and most incredible content of LIVE SEX is offered! - State-of-the-art LIVE SHOWS with the wildest and most horny amateurs and pornstars in the world! - Hardcore LIVE SEX that hasnīt crossed your imagination! - Incredible & amazing themes from soft sex to the most bizarre sex! - Beautiful Girls & wild studs from almost every country, allowing you to watch, see & chat with awsome amateurs & pornstars who are blond, who are black, who are Scandinavian, who are Asian, who have BIG tits, who are shaved, who are pregnant who are .... you just name it ! - The best ever made SPY-CAMS, WATCH-CAMS, POOL-CAMS, SHOWER-CAMS, AMATEUR-CAMS ... etc! - Several high quality Interactive Cams & LIVE SEX Chat, where you are in controle ! - Much much more ... too much to mention ! EVERYTHING is offered 100% ANONOMOUSLY & you donīt need to sign-up or have a creditcard ... How simple is that ? PLUGIN now to our MEGA SEX-SERVER through any of the 2 AwardWinning Sites listed below, and get instantly access to more than 3000 MegaBytes of State-of-the-art WebSex! RIGHT HERE AT: http://siam.to/sexywebtv (This Site just has EVERYTHING you can imagine) ... If this Site does not open properly ... please try http://cyberu.to/hotweb Or this one, if you just love true LESBIAN SEX, CHAT and MORE from Sunny Ibiza in Spain: http://siam.to/sexybabestv ... If this Site does not open properly ... please try http://cyberu.to/hotbabes Enjoy your trip to paradise! VERY IMPORTANT HINT: To get DIRECT ACCESS to the webpages in the future, ALLWAYS keep the DIALER on your desktop or elsewhere on your PC ... Its easy, small and 100% harmless. Yours sincerely, WORLD1-WEB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jul 28 5:44: 5 2001 Delivered-To: freebsd-isp@freebsd.org Received: from pandora.worldonline.nl (pandora.worldonline.nl [195.241.48.140]) by hub.freebsd.org (Postfix) with ESMTP id D41C537B405 for ; Sat, 28 Jul 2001 05:44:01 -0700 (PDT) (envelope-from eric@monkey-online.net) Received: from monkey-online.net (unknown [195.241.113.9]) by pandora.worldonline.nl (Postfix) with ESMTP id E9A4A36BF9 for ; Sat, 28 Jul 2001 14:43:58 +0200 (MET DST) Message-ID: <3B62B4D9.63B1967C@monkey-online.net> Date: Sat, 28 Jul 2001 14:49:29 +0200 From: Eric Veraart X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: 2U 19" SVEC case and Adaptec SCSI controllers Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I want to use 2 different server hardware configurations; one with an Adaptec 2400A IDE RAID controller, and one with a Adaptec 3200S SCSI RAID controller. I want to use this in a 19" 2U SVEC case and a riser card with 2 PCI and 1 AGP riser card. Judging by the pictures Case: http://210.65.182.77/Products/FD7132EDS2.htm IDE controller: http://www.adaptec.com/worldwide/support/popupimage.html?imageGif=board_AAR-2400A.jpg&imageHeight=302&imageWidth=640 SCSI controller: http://www.adaptec.com/worldwide/support/popupimage.html?imageGif=board_ASR-3200S.jpg&imageHeight=420&imageWidth=640 this will fit, but I'm not sure. Does anyone have any experience with this hardware? Does anyone also know if the riser card will work on a Tyan S2390 Trinity KT? Greetings, Eric Veraart To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jul 28 9:43:10 2001 Delivered-To: freebsd-isp@freebsd.org Received: from cerebro.superhero.org (unknown [216.201.173.186]) by hub.freebsd.org (Postfix) with SMTP id 9EB2237B401 for ; Sat, 28 Jul 2001 09:43:08 -0700 (PDT) (envelope-from needo@cerebro.superhero.org) Received: (qmail 70039 invoked by uid 1000); 28 Jul 2001 16:43:57 -0000 Date: Sat, 28 Jul 2001 11:43:57 -0500 From: Erich Zigler To: freebsd-isp@freebsd.org Subject: XtRadius Administrator Message-ID: <20010728114357.A70012@cerebro.superhero.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.3-STABLE X-Eric-Conspiracy: There is no conspiracy. X-Jacob: Hi Jacob! X-Shane: Hi Shane! Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org For the past couple weeks I have been working off and on in my limited free time on a web based frontend for adding, modifying, deleting and tracking dialup users. XtRadius being my radius server of choice is the one I have been testing it and writing it for. For more information, or if you would like to help, please go to http://xtadmin.sourceforge.net Thank you. -- Erich Zigler I've found my niche. If you're wondering why I'm not there, there was this little hole in the bottom ... -- John Croll To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message