Tuesday, December 11, 2018

Re: rtable, rdomain for ppp0 with DHCP assigned IP

On 12/10/2018 12:56 PM, Stuart Henderson wrote:
> On 2018-12-09, Denis <deniza@mindall.org> wrote:
>> Stuck when running cvsync in rdomain 1. It seems cvsync does not using
>> second routing table because of pf.conf misconfiguration or something.
>>
>> em0 as a main ISP channel, ppp0 works as reserved wireless ISP channel.
>> Some system services like cvsync, git, ntp should use second routing
>> table (rtable 1) assigned to ppp0.
>>
>> # route -T1 exec cvsync -c /etc/cvsync.conf
>> Connecting to cvsync_server_remote_IP port 7777
>> host cvsync_server_remote_IP port 7777: Can't assing requested address
>> service is not available at cvsync_server_remote_IP port 7777
>>
>> --- configs
>> # cat /etc/hostname.em0
>> rdomain 0
>> dhcp
>>
>> # cat /etc/hostname.ppp0
>> rdomain 1
>> dhcp
>
> DHCP doesn't run on PPP.

My mistake, the actual content of hostname.ppp0 is:

rdomain 1
inet 10.0.99.1 255.255.255.0 10.0.99.255

>
>> # pppd call ISP
>>
>> # ifconfig ppp0
>> ppp0: flags=8051<UP,POINTTOPOINT,RUNNING,MULTICAST> rdomain 1 mtu 1500
>> index 7 priority 0 llprio 3
>> grups: ppp
>> inet ISP_ppp0_gateway --> local_ppp0_IP netmask 0xffffffc0

inet 10.161.49.16 --> 10.0.99.1 netmast 0xffffffc0

>>
>> # route -T1 show
>> local_ppp0_IP ISP_ppp0_gateway_IP UH Prio 8 ppp0
>> ISP_ppp0_gateway_IP ISP_ppp0_gateway_IP UHl Prio 1 ppp0

# route -T1 show
10.0.99.1 10.161.49.16 UH Prio 8 ppp0
10.161.49.16 10.161.49.16 UHl Prio 1 ppp0

>
> No default route. Perhaps you need to run pppd in rdomain 1?

By running pppd in rdomain 1:

# route -T1 exec pppd call ISP

I have the same routing table as above. No default route as before.

dmesg shows some kernel messages every second:

ppp0: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 0
ppp0: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 0

>
>> # cat /etc/pf.conf
>> ...
>> match out on rdomain 0 from lo0 to any nat-to (em0) port 1024:65535 rtable 0
>> match out on rdomain 1 from lo0 to any nat-to (ppp0) port 1024:65535
>> rtable 1
>> ...
>> pass out quick on ppp0 inet proto tcp from (ppp0) to any port 7777 flags
>> S/SA modulate state queue cvs
>> ...
>
> As an aside, I would recommend using rsync rather than cvsync - many
> of the repo mirrors offer this, it's noted on cvsync.html. cvsync is
> fragile and frequently breaks.
>

Stuart, thank you for advice. First of all I would like to fix rdomain,
next stop will be migrate from cvsync to rsync, although I have no any
sensible issues with cvsync before.

By the way, can rsync be encrypted? Do repo mirrors accept encryption
overlap for it?

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)