=== otubo[AFK] is now known as otubo [00:42] New bug: #312345 in mysql-dfsg-5.0 (universe) "mysql versions prior to 5.0.74 have trouble export/import with leap seconds" [Undecided,Fix released] https://launchpad.net/bugs/312345 [01:07] anybody use vlan? [01:08] im wondering if its possible to bridge kvm guests to a vlan interface [01:08] sure [01:08] make configure libvirt to use the vlan [01:09] im talking vlan as in the vlan created by the vlan_1.9 package on ubuntu [01:09] one way to do that is to setup a bridge interface that has the vlan as a member and configure that bridge as the bridge to connect to in /etc/libvirt... [01:09] duuuuude...you and i need to powwow [01:10] thats exactly what i want to do...is it crazy that kvm does not support some sort of vlan that doenst much with your iptables rules or what!! [01:10] i mean DUUUUUDE! [01:11] and i ment muck not much [01:11] so basically your confirming my question...doctor? [01:12] this is dooable right? [01:12] yes, as far as I know. I have done similar, but not to a vlan. [01:13] bummer [01:13] ok sooo you did that with....what? [01:14] an aliased nic? [01:14] cause that didnt seem to work two well for m [01:14] e === otubo is now known as otubo[AFK] [01:14] no, you definitely need a bridge [01:14] the default one that libvirt uses is virbr0 [01:14] you can just configure that one manually if you want [01:15] OK, so offtopic question. In lucid gnome you have a "floppy" icon separate from the normal file:/// unix directory tree, and clicking on it makes it mount the floppy. [01:15] Is there a gnome vfs URL that refers to that icon directly? [01:16] in media i think [01:16] If I patch oo.org's XML to save to file:///media/disk, that's seperate from the floppy icon. [01:16] usually it mounts to /media/floppy0 [01:17] The issue isn't where it mounts it [01:17] what command do i run, to see who all is a member of a particular group (samba) [01:17] The issue is how to tell gvfs I mean "the floppy" as opposed to the mountpoint [01:26] Apparently just guessing floppy:// didn't work === otubo[AFK] is now known as otubo === otubo is now known as otubo[AFK] === otubo[AFK] is now known as otubo === otubo is now known as otubo[AFK] [03:32] New bug: #377265 in etckeeper (main) "etckeeper fails on commit, if "hostname -f" returns error ("hostname: Unknown host")" [Low,Fix released] https://launchpad.net/bugs/377265 [03:42] New bug: #824291 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/824291 [03:46] stgraber: lp:~serge-hallyn/ubuntu/oneiric/lxc/ephemeral has the changes I was hoping you would roll into tomorrow's push. [03:46] smoser: ^ that has *some* fixes for your problems, not 100% [03:47] smoser: a new upstart job is symlinking /dev/ptmx to /dev/pts/ptmx, but some pecker is STILL removing that after the fact. [03:52] New bug: #493503 in cheetah (main) "Newer versions available, v2.0.1 is over 2yrs old with a number of fixes/enhancements" [Undecided,Fix released] https://launchpad.net/bugs/493503 === Ursinha is now known as Ursinha-afk === Ursinha-afk is now known as Ursinha [04:51] On hardy, squid isn't starting. It complains: WARNING: database_acl #2 (FD 13) exited [...] Too few database_acl processes are running The database_acl helpers are crashing too rapidly, need help! [04:51] How do I find out WHY the database_acl processes are dying? [04:51] Hmm, come to think of it, ACL will be the horrible shit wrote to fake it a hookup to unkerberized LDAP. [04:52] Oh, brilliant, squid is one of those stupid daemons that does its own non-syslog(3) logging [04:54] OK, ignore me, problem found. [04:55] anyone on here currently supporting diskless workstations? [04:59] Demosthenes: yes [04:59] What is your REAL question? [05:00] howdy - i want to change a users uid.guid to match their uid.guid on another server -- will they still be able to access their files or will there be probs ? [05:01] pukeko: vipw, vigr, vipw -s, vigr -s, then something like "chown -R fred: /home/fred" and look for anything else with "find / -xdev '(' -nouser -o -nogroup ')' -ls" [05:01] pukeko: may also need to reboot to clear out any UID-based files in /tmp and friends [05:01] diskless as in cloud computing? [05:01] pukeko: obviously you can solve this permanently by using some form of centralized authentication, e.g. krb, ldap, nis, [05:01] twb: cool - was wondering if i would have to doa chown.. [05:02] pukeko: files remember a uid not a user name, so you will [05:02] twb:sweet [05:10] twb: really jsut if anyone had it working ;] [05:10] twb: i know i'm close. i have created a /disklessroot using natty via debootstrap, updated it in chroot, created kernel/initrd/pxe image, and my clients boot successfully, but hang at the end of the initfs scripts [05:11] Demosthenes: just use casper [05:11] Or if you can switch to debian, use live-initramfs, which is actively maintained and MUCH nicer to work with [05:13] i was aiming for xubuntu clients. [05:13] casper eh [05:14] casper can be made to work, it's just that it's really only there for the live CDs, and not intended for use by us end users making netboot farms. [05:15] just a handful, my kids school machines. ;] [05:41] twb: live-boot and friends are in aptitude, can't just isntall them? [05:41] Maybe [05:42] Last time I looked nobody was trying to support them [05:42] New bug: #256052 in tomcat6 (main) "Build the complete tomcat6 stack" [Wishlist,Fix released] https://launchpad.net/bugs/256052 [06:16] Suppose I create an ext filesystem with 5% reserved for root [06:16] *THEN* I resize it from 2G to 256G. Is the reserved space increased to stay 5%, or does it stay at n blocks and become much less than 5% [06:17] no idea. [06:23] twb: fixed my issue [06:24] i was booting, and it'd freeze. turns out network maanger was trying to restart the eth0 interface. [06:24] i had to set that to manual in /etc/network/interfaces, and they boot fine now [06:24] Demosthenes: NM is the biggest cause of network issues IME [06:24] sucks eh [06:52] New bug: #296605 in libxml-simple-ruby (universe) "libxml-simple-ruby path workaround causes double loading with rails" [Undecided,Fix released] https://launchpad.net/bugs/296605 [07:13] hi! I have added new user and set password to it. then I restrict this user to SFTP with the following comands: `usermod -s /usr/lib/sftp-server username && echo '/usr/lib/stfp-server' >> /etc/shells`. As result I couldn't `su username` to it. what am I ddoing wrong? [07:46] solved [07:53] New bug: #254262 in nis (universe) "Still uses multiuser argument to update-rc.d" [Low,Fix released] https://launchpad.net/bugs/254262 [08:36] New bug: #709187 in nova "AjaxTerm refer to a unexistant folder "tools" with the Ubuntu packaging" [Medium,Confirmed] https://launchpad.net/bugs/709187 [08:51] New bug: #820047 in glance "Installs top-level tests module" [High,Fix committed] https://launchpad.net/bugs/820047 [09:02] New bug: #793602 in swift "Fix 1.4.0 packaging to include swift-container-stats-logger" [Low,Invalid] https://launchpad.net/bugs/793602 [09:58] hi guys. how do you bind a host alias to a domain name? [09:59] progre55: huh? what are you trying to do? [10:00] I'm using amazon ec2, and have an elastic ip, but cannot address the direct IP address, as I dont want to get charged for inter-server communications. So I need to connect to a domain name smth like ec2-49-21-76-234.eu-west-1.compute.amazonaws.com, but I'd like to have an alias for it [10:01] in my /etc/hosts I could bind my alias to an IP address, but how do I bind it to this long domain name? [10:02] you're still going to be addressing the direct IP [10:02] New bug: #824413 in mysql-5.1 (main) "Problem during mysql-server-core-5.1 uninstallation" [Undecided,New] https://launchpad.net/bugs/824413 [10:03] using /etc/hosts and dns just gives you an easier name to use instead of the ip address [10:03] New bug: #305642 in etckeeper (main) "etckeeper (with git) deletes empty directories on apt-get upgrade" [Medium,Fix released] https://launchpad.net/bugs/305642 [10:06] greppy: it's just, when you query that domain from within amazon, it resolves to a private IP address, but from outside amazon, it resovles to a public IP, and when you connect to the private IP from within amazon, you dont pay for traffic, but if I bind it to the public IP address, then they charge for every connection. [10:06] and the private IP might change when you restart a server, but the public IP doesnt [10:06] ah [10:07] so you should check your ip on every restart and use that in hosts [10:07] or use dns and setup a CNAME to point to the dns name that amazon supplies. [10:08] yeah, that might work, greppy, thanks [10:08] I anyways use amazon route 53 [10:38] i need to install windows to many eeePC clients. what program would you recommend for such a situation? [12:32] What do i need to do with lucid server to enable .php extensions to be recognised by default? I tried the steps noted in https://help.ubuntu.com/community/ApacheMySQLPHP and it's all fine. libapache2-mod-php5 is installed, a2enmod php5 reports it is enabled, apache2 restarted, yet when i try to access http://server.example.com/~myuser/test.php, it downloads it (as a PDF document!) rather than displaying the page. Where to n [12:33] New bug: #292587 in kvm (main) "Reboot fails with virtio disks" [Undecided,Fix released] https://launchpad.net/bugs/292587 [12:33] BTW, i've also checked that the file is readable by www-data. [12:39] blahdeblah, have you bothered to read the comments in /etc/apache2/mods-enabled/php5.conf [12:39] php is disabled in userdir's per default [12:39] OK [12:39] http://wimp.com/manchesterriots/ [12:41] thanks, patdk-wk [12:41] hello [12:41] there is a problem with ubuntu server 11.04 hardware detection ? [12:42] it can not detect my network card and my disk [12:42] what networkcard and disk controller are you using? [12:42] and is this during install? or after install? [12:43] not detecting the disk _after_ install? ;) [12:44] royk, I have seen issues where the install works fine, but not when booting the system :) [12:44] normally driver left out of initrd [12:45] patdk-wk: it does not detect it during install [12:45] i have an Broadcom NetXtreme II BCM5708 1000Base-SX linux module bnx2 [12:46] and LSI pci express card with an ibm card === otubo[AFK] is now known as otubo [12:46] linux module working on centos 5 is mptsas [12:47] sorry ibm drive there not card [12:47] hmm odd [12:47] I haven't had an issue with mptsas here on 11.04 [12:48] you shouldn't with bnx2 also, but I haven't tested that here, only with 10.04 [12:48] i executed the shell and modprobe bnx2 and modprobe mptsas still nothing [12:49] might be megaraid_sas name instead [12:49] i tried that too without look [12:49] luck [12:51] what model lsi card? [12:53] LSI Logic / Symbios Logic SAS1064ET PCI-Express Fusion-MPT SAS [12:54] also see this for the network card http://imageshack.us/photo/my-images/33/unledab.jpg/ after the modprobe bnx2 [13:11] hmm, firmware not running issue [13:11] I know I had to change the firmware on my bnx2's when I installed linux on them [13:15] I wonder if it's cause of the firmware split, of non-free [13:16] i put know 10.04 and it works fine on hardware detection [13:16] *now [13:16] guess i will stick with 10.04 for now as i need it only for mono software testing [13:17] probably if you install 11.04 [13:17] and manually install non-free firmware from apt first [13:17] it would work [13:24] well that will take more time as the network card is not working [13:24] anyone here tried using centrify express to add an ubuntu 10.10 server to active directory? [13:27] nope, I just do it using kerberos [13:29] i'm trying to make my squid proxy use windows credentials for authentication. i'm goal is to get login names from SARG reports instead of ip [13:32] tcsadmin: check out https://help.ubuntu.com/community/DirectControl [13:32] smoser: so I think I'm going to change the lxc ephemeral tree, to not put pts/0 into securetty, *and* to not start console.conf for libvirt [13:32] smoser: have you had any more insight into wtf is going on with ptmx? === smb` is now known as smb [13:34] hey dudes i have a server on a home network(with a private IP), it connects to my home router which has a public IP [13:34] can i SSH into the server from outside my network [13:34] i can do it from inside all right.. [13:34] Dori922: You'll need to forward port 22 from your router to your server. [13:35] hallyn, no, not really looked at it todoay [13:35] kim0 - got it. i had to use the -u switch to specify a domain admin account! it worked! :) [13:35] and if it can't, configure the dmz option instead, but make sure the firewall on the server is good [13:35] tcsadmin: woohoo :) [13:35] Pici: how do i do that? i have port 22 authorized on the server and the PC im trying to SSH with [13:35] the router i have is a bog standard belkins one [13:36] kim0 - now i have to do some digging on how to setup ad stuff for students/staff and internet control. tks [13:36] cool [13:37] Dori922: This website might be able to help you forward that port: http://portforward.com [13:39] Pici: ty <3 [14:05] patdk-wk thanks for your help have a good day [14:11] hallyn: ok, got your branch. [14:23] smoser: i'm going to try and figure out what's doin ghtat with the help of inotify [14:23] once i'm re-bootstrapped [14:24] hallyn, i'm now seeing issues with libvirt [14:24] it doesn't seem to think cgroups is mounted [14:24] error: internal error The 'cpuacct', 'devices' & 'memory' cgroups controllers must be mounted [14:25] hallyn, ^ [14:26] smoser: then fix your broken system [14:27] your code set up my broken system [14:27] hallyn: same happened to my broken system too [14:27] s/set up/broke/ [14:27] which code? [14:27] cgconfig i think [14:29] besides not being my code, afaik that hasn't changed recnetly has it? [14:29] description "cgconfig" [14:29] author "Serge E. Hallyn " [14:29] smoser: that name looks pretty close to hallyn [14:29] heh, that's the upstart job. [14:30] anyway, i can't seem to debootstrap to give me a clean ifconfig right now [14:31] smoser: can you give me /proc/mounts contents? I'm really not seeing what could've broken since ysterday [14:32] http://paste.ubuntu.com/663441/ [14:33] i think the difference is that i had not installed cgroups... maybe.. [14:33] not really sure [14:34] lxc depends on it, so if you had that installed it should've pulled cgroup-bin [14:34] the cgroup mounts are there... so is it now working for you? [14:35] maybe. maybe i didn't have lxc installed... i dont knwo. but one way or another, libvirt is not working for me. [14:35] it is not working [14:36] just for kicks, try 'mv /etc/mtab /etc/mtab.no; ln -s /proc/mounts /etc/mtab' [14:37] no dice [14:40] just tried restarting libvirt-bin. no help there. [14:40] cat /proc/`which libvirtd`/cgroups [14:40] ubuntu@ec2-174-129-59-115.compute-1.amazonaws.com if you're interested [14:41] you probably meant pidof ? [14:42] yeah that one [14:42] http://paste.ubuntu.com/663451/ [14:43] Daviey: adam_g howdy!! so what's your status? [14:44] RoAkSoAx: makin coffee. you? [14:45] * genii-around sips [14:46] smb: im in the midle of pushing a new xen to the archive fyi [14:46] zul, Cool, thanks. Will look at it when it gets through [14:48] RoAkSoAx: otp atm [14:58] adam_g: about to do the same [14:59] adam_g Daviey what's your progress on deploying using oirchestra? [14:59] RoAkSoAx: have been busy with other things, working on getting the devenv going now to work on it locally. don't have time/patience to wait for real servers to power cycle/install ATM [15:02] adam_g: lol ok [15:13] zul, error: internal error The 'cpuacct', 'devices' & 'memory' cgroups controllers must be mounted [15:14] smoser: dunno, i did 'stop libvirt-bin; start libvirt-bin' and now it works [15:15] hallyn, verified here. [15:15] restart seems not to restart [15:16] hallyn: hi, would you know of a way to determine if a kvm machine is dead from the hosts command line? the system reacts to ping, but ssh is impossible. kvm on UEC 11.04 is that [15:18] tetet sounds like a memory/ulimit issue [15:18] system is still running, but can't spawn a thread to run a new program anymore === otubo is now known as otubo[AFK] [15:22] patdk-wk: any way to check that from the host? [15:23] I don't do kvm [15:23] ok, thanks [15:23] but since it's a real vm [15:23] all you can do is look at the console [15:23] New bug: #286872 in kvm (main) "Fails to install correctly if /etc/group contains any line matching "kvm"" [Medium,Fix released] https://launchpad.net/bugs/286872 [15:23] maybe attempt to read the log files if you can access the kvm guest disk [15:24] but attempting to login to it won't work, till the problem is fixed [15:24] normally I just wait 15-30min for it to fix itself, or reboot it [15:26] hallyn, i'm opening a bug on libvirtd-bin [15:31] TeTeT: sorry, no, depending on what you mean by 'dead' i don't... [15:32] smoser: any ideas? http://paste.ubuntu.com/663477/ [15:32] TeTeT: id' say open up a console... restart kvm with -serial tcp::2222,server if you have to [15:32] smoser: ok. this started today? i'm wondering whether the update for libnl3 did it [15:33] haven't reproduced it though [15:34] smoser: if possible please lay out inthe bug precisely how you bootstrapped the system... ie what order you installed packages in [15:41] lborda: ^^ [15:42] hallyn: not sure if that's possible, as it's a UEC instance that's lost it's IP. but if we don't terminate it with euca-terminate-instances, then we can probably still inspect the image file that way? [15:54] TeTeT: yeah [15:54] (qemu-nbd or whatever) [16:37] New bug: #817270 in pep8 (main) "Update to current release of pep8 0.6.1." [Wishlist,Fix released] https://launchpad.net/bugs/817270 [16:38] hi guys.. we have multiple labs running in different ip ranges, we would like all of them to access internet from the same gateway ... we tried putting vlan on gateway, but it seems to "block" all non-google sites.. is it possible to assign mulitple ips in different ranges to a single gateway without VLAN> [16:40] anyone ? [16:44] RoAkSoAx: http://paste.ubuntu.com/663536/ [16:45] jits1998, sure, with or without vlans [16:45] it doesn't really matter [16:45] but the vlan issue isn't causing your problem [16:47] patdk-wk: thanks.. i am not able to figure out what else can .. i feel that vlan tag is leaking out and only google sites respond to vlan tagged ip requests .. [16:47] vlan stuff can't *leak* [16:47] cause if it did, it would be an invalid packet [16:49] patdk-wk: ok.. any idea how this can be degugged ? [16:49] tcpdump :) [16:49] patdk-wk: don't see any error in iptables log .. [16:50] tcpdump: no suitable device found :: :-/ [16:50] you have to actually know how to use the debugging tools, in order to debug [16:51] patdk-wk: yeah ... :-| .. though i have another similar setup for backup connection .. which uses another ISP .. and proxy works fine.. [16:51] this one i tried with proxy as well .. but doesn't work :-( [16:51] proxy = squid [16:51] is there any guide/tutorial to help me debug this ? .. its been 3 weeks we are struggling with this issue .. [16:55] Do you have book recommendations for using ubuntu or ubuntu server? Most comprehensive possible. [16:55] jits1998 - have you tried #networking? [16:55] tcsadmin: i thoguht this is related to ubuntu server which is our gateway .. will try there if its more relevant there .. [16:56] jits1998 - sound more related to networking and it won't hurt either [16:57] Olotila - you need to be more specific. e.g. i'm looking for a web server or a gui desktop [16:57] tcsadmin: trying ... [16:58] jits1998 - what are you trying to accomplish? [17:02] hi guys.. we have multiple labs running in different ip ranges, we would like all of them to access internet from the same gateway ... we tried putting vlan on gateway, but it seems to "block" all non-google sites.. is it possible to assign mulitple ips in different ranges to a single gateway without VLAN> [17:03] i feel that vlan tag is leaking out and only google sites respond to vlan tagged ip requests .. [17:03] well, if there is a book that contains both aspects, that would be nice [17:03] tcsadmin: that was a repost for you .. thanks. [17:05] jits1998 - np. just make sure you leave your IRC client on 24x7 as folks are global [17:06] tcsadmin: yeah .. will keep reposting as much as i can .. :-) [17:07] jits1998 - repost every couple hours === otubo[AFK] is now known as otubo [17:08] heh, I would say much more info is needed [17:08] cause everything you said so far isn't the issue [17:08] vlans, squid, ... are not the problem [17:09] do you have a vlan enabled switch? [17:10] patdk-wk: yes we have a smart switch that does the vlan-ing for us .. [17:10] ok [17:10] and the *test* lab computers, you assigned their default vlan as vlan x, on the switch, and told it to pass vlan x as untagged [17:10] per port per test machine? [17:10] everything else we wanted is working fine.. e.g. single dhcp server scoped out on vlan [17:11] yes .. per port per room .. [17:11] ok, and gateway has all the vlans set to tagged mode? [17:13] yes .. dhcp system is the gateway .. [17:13] actually let me explain the network fully .. [17:14] we have n+1 vlans.. n for rooms, 1 for faculty .. we have 3 connections .. 1 for labs, 1 for faculty and 1 backup for trainer systems in labs ... [17:16] want to pastebin your /etc/network/interfaces and a iptables dump? [17:16] everyone gets the ip from the same dhcp server (scoped on vlan) .. for rooms the gateway is the dhcp machine (no direct internet, only via proxy) ... for trainer the net is via a router in the same vlan without tagging (works fine) [17:17] iptables -L ? [17:18] at a min, iptables -nv -L, iptables -t nat -nv -L [17:19] http://paste.ubuntu.com/663560/ [17:20] http://paste.ubuntu.com/663562/ [17:20] this server is added as tagged in all vlans .. [17:20] there are some services like teamviewer/skype work perfectly :-) [17:21] that is a very strange iptables for a gateway [17:21] oh wait, ACCEPT [17:21] it's a wide open relay [17:22] missing iptables -t nat -L -nv [17:23] http://paste.ubuntu.com/663563/ [17:24] its all screwed up right now.. we need only 22 open technically .. [17:24] that is the same thing again [17:24] missing iptables -t nat -L -nv [17:24] oh sorry . [17:25] jits, no, you have 5 ports open on the gateway [17:25] but WORLD is open for forwarded connections [17:25] http://paste.ubuntu.com/663565/ [17:25] so if I ping 10.1.21.100, I could get to that box directly [17:25] atleast if I was your isp, or close enough [17:26] patdk-wk: :-o .. is it ? [17:26] FORWARD (default ACCEPT) [17:26] same things if you care, vlan to vlan can talk to each other, unrestricted [17:26] yeah .. drop is there as commented out for now.. [17:27] patdk-wk: no problem with talking to each other. idea was to keep the network smaller for each lab .. [17:28] track anti-virus updates, proxy (in future) etc .. [17:29] I would change that masq rule to [17:29] hell [17:29] what is the internet facing interface? [17:29] hell :-| [17:30] oh eth1 [17:30] add an -o eth1 do it's line [17:30] it was eth0 .. but trying around with having eth1 as untagged in the gateway's mini-vlan .. [17:30] and you might need to exclude 10.1.0.x from it [17:31] maybe before it add an -s 10.1.0.0/24 -j ACCEPT [17:31] can you give me full line .. [17:31] nope [17:31] this would probably be better [17:32] iptables-save | pastebinit [17:32] not used to working on iptables configs with <1000 lines [17:33] http://paste.ubuntu.com/663572/ === EvilPhoenix is now known as TheEvilPhoenix [17:34] less than 1000 lines :-P .. never gone past 100 lines.. (on three systems put together) :-P [17:34] my home system, doing 4 vlans is 1145 lines [17:34] work one is around 3k [17:35] whoops .. *bow* [17:35] na, I don't use iptables directly to make it, that would be impossible [17:36] tried some tools .. could not "control" them .. like doing things by hand :-) [17:36] I use shorewall [17:36] too many options for me in that :-P [17:37] I use pfsense >.> [17:39] i don't know if firewall has anything to do with it.. [17:40] it = blocking/slowing down non-google sites .. some other sites partially load .. [17:41] do all your switchs say they support vlans and handle mtu of 1504? [17:41] normally they do [17:42] MTU 1500 or 1504 is the ethernet basis [17:42] anything supports that [17:45] well, some switchs wont do 1504 [17:45] we have only 2 main switches where vlans are configured .. both connected via a fibre .. problem is same on both sides .. [17:45] and so won't pass vlans [17:45] but if the switch does vlans, shouldn't be the issue [17:46] well, to fix the masq rule, use iptables -A POSTROUTING -o eth1 -j MASQUERADE [17:46] but I don't see anything else to cause an issue [17:46] are you on dsl? [17:46] vlans are okay .. dhcps are distributed fine, the gateway sees the ips all fine... [17:47] dhcp would never send a packet >1500 bytes :) [17:47] the problematic one is a leased line.. [17:47] what mtu is on it? [17:47] no idea.. how do i check ? [17:47] ifconfig [17:47] and after that, probably a tracepath [17:48] right now its configured on the router.. .. [17:48] probably 1500 unless it's changed [17:48] well, if it's dhcp configured :) [17:48] if it's static, ya 1500 will be default [17:48] 1514 is the ethernet default with headers and all [17:48] set to 1500 .. can change it if needed.. [17:49] do a, tracepath 66.36.239.66 [17:49] just kill it when it says no replay [17:49] reply [17:49] tracepath work fine from all systems .. :-) [17:49] yes, but what mtu does it say? [17:50] http://paste.ubuntu.com/663583/ [17:50] its a field in router config.. set to 1500 currently.. [17:50] hmm [17:51] dunno, doesn't seem to be a network or firewall issue [17:51] dns server? [17:52] everything is looked up fine.. browser keeps "waiting for xxx.com..." .. [17:52] funny thing .. once i installed proxy it worked fine.. then again went down .. :-| [17:52] can you load patdk.us? [17:52] i don't have access to any problematic system right now.. [17:53] going be hard to find the issue then === otubo` is now known as otubo [17:53] another thing that might help .. if i have a system in 10.1.0.x range.. where vlan is not used.. this gateway works like a charm .. that makes me think its the vlan that is the issue .. [17:54] 90% of my systems use vlans, never had an issue [17:54] I have had a vlan switch that would leak broadcast traffic across vlans though, causing issues [17:54] firmware upgrade fixed it though [17:55] there are three gateways on the same vlan.. two work fine. this one cries all over :-| .. could the problem be with a particular port on switch ? [17:55] only if the vlan config is set wrong on it [17:56] the dhcp and this one are completely same config all over . except dhcp server doesn't act as internet gateway .. just default gateway and passes on the traffic to proxy server .. [17:57] that line makes no sense to me [17:59] all classrooms get the dhcp server ip (in their range) as default gateway .. .. the access to internet is via a squid proxy set on 10.1.0.x system .. [18:00] only difference in this problematic system which Acts as gateway configured manually on selected systems is that this has router instead of proxy acting as gateway .. [18:03] in my setups, I normally do isp -> server (with vlans, dhcp, dns) -> vlans for each user group [18:03] where I have a public vlan, secure vlan, and maybe a few dmz vlans [18:04] now I will say, dhcp acts funny on vlans, but seems to work ok though [18:04] but otherwise everything works like it should [18:05] dhcp sees dups cause it sees the vlan tagged packet and the untagged packet both, so it responds to both the raw interface and the vlan interface [18:05] doesn't cause a problem in real usage though [18:05] patdk-wk: dhcp works fine for me .. these problematic systems have static ips as their gateway is going to be different from the others [18:05] a different gateway wouldn't cause issues [18:06] and we can't even begin to guess what is going on without a problem workstation to test with [18:06] so far everything looks fine [18:07] where are you located ? i can get access to a system in about 10 hours from now . . [18:08] then i can share the access to any system you need .. [18:09] right now i can only access servers.. which all work fine.. :-| [18:09] heh, 10hours from now is 12am for me :) [18:10] I might be around [18:10] okay .. found one :-) [18:11] can you access via team-viewer ? [18:11] what is team-viewer? [18:11] its a windows system [18:11]