1263340974 Q * geb Ping timeout: 480 seconds
1263341103 M * Bertl wrong baselayout (or whatever that is called nowadays?)
1263341186 M * ^Willie^ NOC|YEP: where dit you get the image from and what commandline did you run to create the guest ?
1263341191 M * ^Willie^ dit=did
1263341224 M * NOC|YEP i create with openvcp :(
1263341238 M * ^Willie^ hmmzz dunno that jet 
1263341290 M * ^Willie^ tomorrow first task on my list swap modems and hope the line will work directly with the new modem from my isp 
1263341315 M * ^Willie^ ebuilds here are done so i can focus on documentation and more testing
1263341426 M * ^Willie^ NOC|YEP: but you get that message for missing the init-vserver.sh file
1263341518 M * ^Willie^ NOC|YEP: equery b init-vserver.sh
1263341527 M * ^Willie^ sys-cluster/util-vserver-0.30.215-r3 (/usr/lib/util-vserver/distributions/gentoo/init-vserver.sh)
1263341538 M * NOC|YEP wait
1263341542 M * ^Willie^ what version util-vserver do you have installed ?
1263341570 M * NOC|YEP 0.30.216-
1263341588 M * NOC|YEP Kernel: 	2.6.26-2-vserver-amd64
1263341649 M * ^Willie^ ehh
1263341650 M * ^Willie^ try this 
1263341660 M * ^Willie^ ls /usr/lib/util-vserver/distributions/gentoo/
1263341667 M * ^Willie^ somehow i do have that file 
1263341786 M * daniel_hozac it's part of util-vserver
1263341793 M * daniel_hozac that error message means it is missing from the guest though.
1263341800 M * ^Willie^ http://pastebin.ca/1749016
1263341802 M * ^Willie^ indeed
1263341804 M * daniel_hozac you want to make sure the gentoo post install script has been run for that guest.
1263341814 M * ^Willie^ looks like his system is messedup somehow
1263341821 M * ^Willie^ daniel_hozac: huh ?
1263341833 M * ^Willie^ no util-vserver package don't belong to the guests 
1263341850 M * ^Willie^ that script maby yes but the host have to copy it to the guest during build 
1263341864 M * NOC|YEP oO i understand :( to fast
1263341882 M * daniel_hozac yes, that is what i am saying.
1263341889 M * daniel_hozac that is the purpose of the post install script.
1263341962 M * NOC|YEP ls /usr/lib/util-vserver/distributions/gentoo/
1263341962 M * NOC|YEP initpost  initpre  init-vserver.sh  net.vserver  reboot.sh  shutdown.sh
1263342005 M * ^Willie^ thats on the host or gentoo guest ?
1263342009 M * NOC|YEP host
1263342034 M * ^Willie^ and in the guest ?
1263342037 M * NOC|YEP wait
1263342054 J * Piet ~Piet__@04ZAAAAMX.tor-irc.dnsbl.oftc.net
1263342082 M * ^Willie^ i don't have it in my guests but do have it at my host 
1263342120 Q * dowdle Remote host closed the connection
1263342166 M * daniel_hozac you have it in your guest.
1263342200 M * ^Willie^ daniel_hozac: where ?
1263342232 M * ^Willie^ only place i have it is my host not in my guests util-vserver is a package that belongs to the vserver kernel patches 
1263342242 M * ^Willie^ vserver-stat and vserver command etc etc 
1263342249 M * NOC|YEP ls /usr/lib/util-vserver/distributions/gentoo/
1263342249 M * NOC|YEP ls: Zugriff auf /usr/lib/util-vserver/distributions/gentoo/ nicht möglich: Datei oder Verzeichnis nicht gefunden
1263342278 M * ^Willie^ NOC|YEP: did the guest ever run ?
1263342279 M * daniel_hozac it's at /lib/rc/sh/init-vserver.sh in the guest.
1263342298 M * ^Willie^ gentoo has an other init style but i'll search again
1263342340 M * NOC|YEP wait wait wait..
1263342343 M * NOC|YEP I have a gentoo guest
1263342347 M * NOC|YEP this is running
1263342353 M * NOC|YEP - i will boot in my debian rescue 
1263342355 M * NOC|YEP Fail
1263342382 M * Bertl so you built a debian guest and that fails with the given error?
1263342389 M * NOC|YEP my paste
1263342389 M * NOC|YEP http://pastebin.ca/1749023
1263342410 A * ^Willie^ never used the rescue option
1263342461 M * Bertl if so, you'll probably want to change the init style from gentoo to sysv :)
1263342489 M * ^Willie^ indeed
1263342507 A * ^Willie^ continue fabric his tosties
1263342510 M * ^Willie^ brb
1263342514 M * NOC|YEP brb
1263342546 M * NOC|YEP my head.. :X
1263342564 M * NOC|YEP explosion
1263343047 M * NOC|YEP what is my next step`??
1263343801 M * Bertl my suggestion would be to explain a) what you did, and b) what happened :)
1263345579 Q * yarihm Quit: This computer has gone to sleep
1263348004 Q * Piet Remote host closed the connection
1263348144 J * Piet ~Piet__@04ZAAAAO1.tor-irc.dnsbl.oftc.net
1263349352 J * derjohn_foo ~aj@f054165157.adsl.alicedsl.de
1263349783 Q * derjohn_mob Ping timeout: 480 seconds
1263354125 Q * Piet Remote host closed the connection
1263355256 J * saulus_ ~saulus@c193144.adsl.hansenet.de
1263355534 J * jrklein ~jrklein@2001:0:53aa:64c:0:4d61:b4d8:690
1263355536 Q * jrklein 
1263355668 Q * SauLus Ping timeout: 480 seconds
1263355679 N * saulus_ SauLus
1263355740 J * orzel ~orzel@sylphide-consulting.com
1263355757 Q * orzel Remote host closed the connection
1263355779 J * orzel ~orzel@berlioz.ethernet.freehackers.org
1263355854 M * orzel hello. I've switched from 2.6.28.2-vs2.3.0.3 to 2.6.32.3-vs2.3.0.3, and the host now has the name (as in 'hostname') of my last guest. 
1263355886 M * orzel I suppose this is because some init script in the guess called 'hostname xxx'..... but previously it would not change anything on the host. Is that known ? 
1263355894 M * orzel should i just remove the script from guests ?
1263355933 Q * shedi Ping timeout: 480 seconds
1263356288 J * Piet ~Piet__@04ZAAAAQ4.tor-irc.dnsbl.oftc.net
1263356671 M * Bertl orzel: no, you need to update util-vserver to a more recent version :)
1263356734 M * Bertl i.e. it is known that older util-vserver doesn't get the isolation right on recent kernels (where ancient and recent util-vserver does :)
1263356752 M * orzel ancient is more old than 'older' ? 
1263356780 M * orzel i use util-vserver-0.30.215
1263356800 M * Bertl yep, something like 0.30.212 will work, but the two years old 0.30.215 will not
1263356818 M * orzel i'm in the bad 'window' then
1263356820 M * Bertl of course, you actually want to go for a more recent release instead
1263356838 M * orzel does util-vserver-0.30.216_pre2855 sound good ? 
1263356846 M * Bertl sounds good, yes
1263356848 M * orzel great ;)
1263356866 M * Bertl don't forget to restart the guest, to fix the isolation issue
1263356874 M * Bertl (or guests :)
1263356877 M * orzel of course
1263356884 M * orzel i'll reboot the whole stuff anyway, for tests
1263357428 M * orzel ok, great, it seems to work perfectly now
1263357458 M * orzel ipv6 has been fixed ! i once could not update because ipv6 (on the host, i dont care for guests)
1263357468 M * orzel because of
1263357593 J * aj__ ~aj@f048162128.adsl.alicedsl.de
1263357644 Q * derjohn_foo Ping timeout: 480 seconds
1263358560 M * Bertl off to bed now  .. have a good one everyone!
1263358567 N * Bertl Bertl_zZ
1263359024 J * geb ~geb@earth.gebura.eu.org
1263359507 J * jrklein ~jrklein@2001:0:53aa:64c:0:7aed:b4d8:690
1263359512 Q * jrklein 
1263360287 Q * cuba33ci_ Read error: Connection reset by peer
1263360460 J * cuba33ci ~cuba33ci@118-160-170-198.dynamic.hinet.net
1263360821 J * yarihm ~yarihm@77-58-27-17.dclient.hispeed.ch
1263360968 Q * manana Ping timeout: 480 seconds
1263361094 Q * aj__ Ping timeout: 480 seconds
1263361497 J * manana mayday_404@84.17.25.144
1263362202 J * kir ~kir@swsoft-msk-nat.sw.ru
1263362450 J * derjohn_mob ~aj@f048162128.adsl.alicedsl.de
1263362678 Q * yarihm Quit: This computer has gone to sleep
1263362929 Q * thierryp Quit: ciao folks
1263362942 Q * niki Quit: Leaving
1263366023 J * sharkjaw ~gab@90.149.121.45
1263366216 J * davidkarban ~david@80.250.18.198
1263366734 Q * derjohn_mob Ping timeout: 480 seconds
1263366893 J * harobed ~sklein@pda57-1-82-231-115-1.fbx.proxad.net
1263367979 J * scientes ~scientes@pool-71-117-13-58.sttlwa.dsl-w.verizon.net
1263368553 J * thierryp ~thierry@zankai.inria.fr
1263368723 J * derjohn_mob ~aj@139.12.1.252
1263369370 Q * balbir Ping timeout: 480 seconds
1263370082 Q * Piet Ping timeout: 480 seconds
1263370155 J * niki ~niki@cpe.fe4-0-120.0x50a6de52.kdnxd4.customer.tele.dk
1263370756 J * pht ~pht@147.32.84.251
1263370759 J * Piet ~Piet__@04ZAAAAYY.tor-irc.dnsbl.oftc.net
1263370804 M * pht hi i got a couple of questions about networking in vserver (before i try it out)
1263370833 M * pht does each virtual guest get its own interface?
1263370847 M * Mr_Smoke No
1263370857 M * pht on which it can for example run tcpdump and see only its own packets
1263370864 M * Mr_Smoke Hell no :)
1263370869 M * geb no, it get its own ip address
1263370883 M * pht how does it work then?
1263370898 M * geb if you have a few guests you can play with tun/tap for having an interface per guest
1263370920 M * geb networks is isolated, one guest will only packets coming to/from its own ip
1263370926 M * geb network*
1263370946 M * pht tun/tap? maybe you meant dummy?
1263371004 M * pht so lets say i have 2 guests, they all see the same eth0 as the host, but when they run tcpdump on their own eth0 they only see their own packets?
1263371027 M * Mr_Smoke They cannot run tcpdump as a default, IIRC
1263371043 M * cehteh instead dummy you can also use bridges
1263371045 M * pht so they can't open raw sockets?
1263371076 M * cehteh you need CAP_SYS_NET to open raw sockets
1263371088 M * cehteh normally this capability is refused for vservers for security reasons
1263371104 M * pht what security reasons?
1263371104 M * geb it can't tcpdumo, i am not sure but the protection may came from a caps ( NET_RAW  ?)
1263371125 M * cehteh err maybe CAP_NET_RAW .. dunno :)
1263371144 M * cehteh but thats the reason .. i have a vserver running ntop without problems :)
1263371147 M * geb http://linux-vserver.org/Paper#Additional_Modifications && http://linux-vserver.org/Capabilities_and_Flags
1263371192 M * pht well, what i'm trying to build is 3 virtual servers, with topology such as 1-2-3, ie. packets from 1 to 3 go through 2, where people will have chance to wireshark and so on... i thought i might use something lighter than a full virtualization
1263371195 M * geb oups, first link is wrong , http://linux-vserver.org/Paper#Capability_Overview is better
1263371233 J * yarihm ~yarihm@77-58-27-17.dclient.hispeed.ch
1263371236 M * Mr_Smoke pht: why do you need #2 to sniff #1 <-> #3 ?
1263371256 M * Mr_Smoke Testing MITM ?
1263371261 M * pht yes
1263371288 M * pht ...teaching
1263371339 M * Mr_Smoke So you want to simulate a switch then ?
1263371365 M * pht yes, #2 would probably use bridge, or just plain routing
1263371409 M * geb i am not sure that vserver is a good solution to simulate networking stuffs
1263371410 M * Mr_Smoke More to the point, do you intend to teach arp spoofing as well ?
1263371411 M * pht i don't know, is such a setup possible with vserver? (or any jail like solution)?
1263371415 M * Mr_Smoke Cuz I'm not sure vserver can cope with that
1263371425 M * geb maybe uml+vde should be better
1263371436 M * geb http://wiki.virtualsquare.org/
1263371556 M * pht UML was a choice too
1263371584 M * pht but UML runs its own kernel, while vserver does not, right?
1263371589 M * geb vde is a virtual switch, that allows for example to do bridging, vlan etc, it is easy to plug with uml
1263371635 M * geb yeah right, uml run a kernel in userland (the host see it as a classic userland process)
1263371696 M * geb however, you may be able to plug vserver with vde (with the help of a tun/tap interface) but i never tryed
1263371733 M * pht hmm
1263371949 M * pht it looks like in UML you're getting a eth0 in the guest, which translates to a tun/tap interface on the host. so i dont really need VDE, i just need to bridge two tap's on the host.
1263372132 M * pht thanks guys
1263372180 Q * pht Quit: leaving
1263373685 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1263373999 J * barismetin ~barismeti@zanzibar.inria.fr
1263374807 Q * yarihm Quit: This computer has gone to sleep
1263375265 Q * davidkarban Quit: Ex-Chat
1263375652 Q * ghislain Quit: Leaving.
1263375664 J * yarihm ~yarihm@84-72-135-146.dclient.hispeed.ch
1263375899 J * davidkarban ~david@80.250.18.198
1263375944 Q * davidkarban 
1263376184 Q * yarihm Ping timeout: 480 seconds
1263376529 J * davidkarban ~david@80.250.18.198
1263376538 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1263376588 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1263376588 Q * davidkarban 
1263376615 Q * sharkjaw Remote host closed the connection
1263376628 Q * scientes Ping timeout: 480 seconds
1263376835 J * sharkjaw ~gab@90.149.121.45
1263377341 J * davidkarban ~david@80.250.18.198
1263377418 J * martyn ~martyn@202-61-3-148.cable5.acsdata.co.nz
1263377430 M * martyn Is anyone here using the Ubuntu Karmic PPA kernel ?
1263377432 N * martyn Ned
1263377444 M * Ned I can't seem to make it play nice :-(
1263377471 M * Ned normally I'm able to give a vserver an address on dummy0, and then SNAT packets out the host's primary interface, but this isn't working
1263377486 M * Ned tcpdump says the packets are hitting the host's primary interface, but they're just not getting out :-(
1263377496 M * Ned if I configure the vserver with an address _on_ the primary interface, then it works
1263377505 M * Ned anyone have any ideas ?
1263377567 Q * davidkarban 
1263377635 M * Mr_Smoke Ned: ip_forward ?
1263377641 M * Ned Mr_Smoke: enabled
1263377652 M * Mr_Smoke iptables ?
1263377662 M * Ned it's all empty with ACCEPT policies
1263377675 M * Ned packets aren't even hitting the forward chain though
1263377676 M * Ned :-(
1263377677 M * Ned which seems weird
1263377681 Q * Piet Remote host closed the connection
1263377688 M * Ned they're hitting the output chain
1263377696 M * Mr_Smoke Hm, are you using RFC1918 addresses on dummy0 ?
1263377696 M * Ned Hmmm ...
1263377705 M * Ned Mr_Smoke: lets say I am ;-)
1263377726 M * Ned do I need to edit the routing table inside the vserver ?
1263377730 M * Ned it looks like that might be my issue ?
1263377757 M * Mr_Smoke Well what's the current route like ?
1263377767 M * Mr_Smoke And how did you snat exactly ?
1263377782 M * Ned I'm using -J MASQUERADE
1263377795 M * Ned all the config is just like my lenny host (which is working)
1263377801 M * Ned the routing table _does_ look like crap
1263377804 M * Ned I might try fiddling it
1263377817 M * Ned oh ...
1263377820 M * Ned it looks the same on lenny :-(
1263377849 M * Ned actually, can you even alter the routing table inside a vserver ?
1263377855 M * Mr_Smoke Ned: more important than MASQ ... are the interfaces set properly ?
1263377860 M * Mr_Smoke Hm dunno
1263377864 M * Ned nope :-(
1263377864 M * Mr_Smoke What kernel is this ?
1263377868 M * mnemoc MASQUERADE is to be used when your output address is dynamic...
1263377880 M * Ned Linux glow 2.6.31-18-vserver #55~ppa2-Ubuntu SMP Sun Jan 10 16:27:42 UTC 2010 x86_64 GNU/Linux
1263377886 M * Mr_Smoke mnemoc: it works exactly the same if the ip is static though
1263377891 M * Ned indeed
1263377911 M * Mr_Smoke ok vserver 2.3 then
1263377916 M * Ned MASQUERADE is useful when I dhcp for my primary IP
1263377917 M * Mr_Smoke I think I've got a similar setup
1263377938 M * Ned 192.168.5.0/24 dev if4  proto kernel  scope link  src 192.168.5.128 
1263377945 M * Ned that's the route to my primary LAN
1263377948 M * Ned what is if4 ?
1263377955 M * Ned on my lenny setup, it's dev eth0
1263377959 M * Ned here I would expect dev wlan0
1263377960 M * Mr_Smoke THe name of your interface
1263377974 M * Ned yes, but why ip4 ?
1263377977 M * Ned err, if4
1263377978 M * Ned ?
1263377985 M * Ned that seems ... weird
1263377993 M * Mr_Smoke Don't know :) that's for you to figure out
1263378010 M * Ned heh
1263378026 M * Mr_Smoke What I do know is that S/DNAT is possible
1263378031 M * Mr_Smoke I've used it before
1263378041 M * Mr_Smoke (before getting more public ipv4 space that is)
1263378058 M * Ned yes, I know
1263378058 J * pajamian ~pajamian@60-234-254-5.bitstream.orcon.net.nz
1263378064 M * Ned as I say, I have a lenny host configured like this
1263378066 M * Ned and it's working :-(
1263378069 J * davidkarban ~david@80.250.18.198
1263378085 M * Mr_Smoke Better start looking for differences then :)
1263378088 M * Ned Mr_Smoke: in your guests, is the default route got the same name as it does on the host ?
1263378094 M * Ned Mr_Smoke: well, this is a difference
1263378099 M * Ned that if4 thing
1263378100 M * Ned :-(
1263378104 M * Mr_Smoke I don't have it anymore, so I can't tell
1263378107 M * Ned oh ...
1263378108 M * Ned :-(
1263378116 M * Mr_Smoke I think I had set aliases
1263378127 M * Mr_Smoke Ned: from within the guest, what's if4 ?
1263378141 M * Ned Mr_Smoke: what do you mean what is it ?
1263378153 M * Ned it's the interface that _I_ think should be wlan0
1263378162 M * Ned it's got all of wlan0's routes from the host 
1263378166 M * Mr_Smoke what's its status ? can you see it in ifconfig etc
1263378168 M * Ned it's just called if4 in the vserver
1263378171 A * Ned will look
1263378193 M * Ned err, there _is_ no if4
1263378194 M * Ned in ifconfig
1263378201 M * Mr_Smoke Ouch.
1263378208 M * Ned even ifconfig -a
1263378209 M * Mr_Smoke So your default route is definitely fscked up
1263378217 M * Ned nor in ip link
1263378220 M * Ned indeed
1263378247 M * Mr_Smoke At least we've got that established :)
1263378275 M * Ned :-)
1263378316 M * Mr_Smoke And I don't believe you can mess with the guest's routing tables
1263378318 M * Ned oh wait
1263378320 M * Mr_Smoke Not with the default capabilities
1263378322 M * Ned hang on
1263378326 M * Mr_Smoke Ok
1263378327 M * Ned my lenny machine has "if2" on it
1263378334 M * Ned so the guest _is_ looking the same in lenny
1263378336 M * Ned (and working)
1263378338 M * Mr_Smoke Hm
1263378344 M * Ned :-(
1263378348 M * Ned back to square one
1263378351 M * Mr_Smoke Never seen that before. Maybe it's something new though
1263378365 M * Mr_Smoke Ned: the working setup has if2 as default route ?
1263378379 M * Ned yup
1263378385 M * Ned and it's working fine
1263378394 M * Ned even though ip link says there's no such device
1263378406 M * Mr_Smoke Nice :/
1263378416 M * Mr_Smoke Is that a wireless NICE ?
1263378417 M * Mr_Smoke NIC*
1263378430 M * Ned yeah
1263378437 M * Ned the wlan0
1263378455 M * pajamian Hi everyone, I'm trying to set up a new Centos5 guest but am having problems with running the vserver.  When I set up the vserver it seemed to go fine but there were a few errors at the end of the setup, then when I try to run it it looks like it starts, but with one error, but status shows it isn't running.  More details about error messages, etc at http://pastebin.com/m41a9d50 can someone help me figure out why it isn't running?
1263378467 M * Mr_Smoke That might be it then ... I'm guessing vserver creates a virtual if* that emulates ethernet
1263378480 M * pajamian errr, by vserver I mean guest there.
1263378483 M * Mr_Smoke But that's just my guess
1263378487 M * Ned Mr_Smoke: right
1263378494 M * Ned so I should try this all plugged into ethernet
1263378518 M * Mr_Smoke Try pinging all the IPs you have in there so that you know where the gap is
1263378530 M * Ned yeah, I did that
1263378535 M * Mr_Smoke oh ok
1263378536 M * Ned so I can ping the IP of the guest itself
1263378542 M * Mr_Smoke nothing beyond ?
1263378545 M * Ned yes
1263378557 M * Ned I can ping the IP that the host has on the dummy0 interface
1263378566 M * Mr_Smoke That's good.
1263378584 M * Ned interesting
1263378588 M * Mr_Smoke So what does your masquerade line look like ?
1263378590 Q * davidkarban Remote host closed the connection
1263378596 M * Ned I can ping the host's IP on the wlan0 interface too
1263378638 M * Ned iptables -t nat -A POSTROUTING -s 172.16.17.0/24 -o wlan0 -j MASQUERADE
1263378648 M * Mr_Smoke pajamian: do you have any services/daemons running in that guest ?
1263378679 M * Mr_Smoke Ned: and the host has dummy0 do communicate with the guests, and wlan0 to go to the WAN ?
1263378693 M * pajamian Mr_Smoke: not yet, well the guest itself isn't even running so no.  And I have not been able to log into it yet to customize it.
1263378707 M * Ned Mr_Smoke: okay, this gets even _more_ weird
1263378707 M * Mr_Smoke pajamian: a guest cannot exist without a process inside it
1263378720 M * Mr_Smoke You have to set something up
1263378722 M * Ned Mr_Smoke: _sometimes_ when I ping from inside the guest, a single packet gets through
1263378724 M * Mr_Smoke syslog, smtpd, whatever
1263378726 M * Ned and I get a single reply
1263378729 M * Ned but then it fails again
1263378734 M * pajamian Mr_Smoke: ok, so how do I do that if I can't enter the guest?
1263378737 M * Ned only 1 ping reply, and only sometimes :-(
1263378740 M * Mr_Smoke pajamian: config files
1263378750 M * pajamian jsut manually tweak the rc links?
1263378776 M * pajamian ...so that it fires something up, I mean
1263378789 M * Mr_Smoke pajamian: dunno about centos, but I assupe there are symlinks in the form Sxxdaemon in /etc/rcY.d or similar
1263378817 M * Ned Mr_Smoke: the host can ping 172.16.16.{1,2}
1263378817 M * pajamian Mr_Smoke: yeah, that's right, ok, so I basically just have to get some daemon to fire up.
1263378817 M * Mr_Smoke But yeah, the idea is to get something going
1263378820 M * Ned which is the host/guest IP
1263378832 M * Mr_Smoke Ned: consistently ?
1263378839 M * pajamian Mr_Smoke: ok, thanks
1263378848 M * Ned Mr_Smoke: yes
1263378856 M * Ned but that single-reply thing is very weird
1263378861 M * Mr_Smoke Indeed
1263378870 J * Piet ~Piet__@04ZAAAA5E.tor-irc.dnsbl.oftc.net
1263378870 M * Ned it's like, it works for a single packet, perhaps 5% of the time when I start a ping
1263378873 M * Ned :-(
1263378880 M * Mr_Smoke That's weird indeed
1263378886 M * Ned I wonder if you're right
1263378890 M * Mr_Smoke And that's when you try to ping what address ?
1263378891 M * Ned and the ethernet thing would work
1263378896 M * Ned 192.168.5.202
1263378901 M * Ned (i.e. a machine on the LAN)
1263378906 M * Ned that isn't the host machine 
1263378908 M * Mr_Smoke ok so over the WLAN then
1263378911 M * Ned yes
1263378934 M * Ned I wonder if you're right
1263378937 M * Mr_Smoke And do you see the echo replies coming back ?
1263378942 M * Mr_Smoke at the host level i mean
1263378943 M * Ned Mr_Smoke: well, I see the 1
1263378951 M * Ned but no others
1263378961 M * Ned and on the .202 machine, I can't even see _requests_ beyond that 1
1263378966 M * Mr_Smoke Ok
1263378986 M * Ned but on the host I see the packets leaving
1263378997 M * Ned (leaving the wlan0 if)
1263378999 M * Mr_Smoke The +1 requests ?
1263379002 M * Ned yes
1263379004 M * Ned all the requests
1263379004 M * pajamian Mr_Smoke: the chkconfig errors at the end of the setup ... chkconfig is the program that centos uses to tweak the rc.d links so that something will fire up, so it's safe to assume that's why nothing is firing up, because for some reason chkconfig wasn't installed during the setup.
1263379006 M * Mr_Smoke Whoa
1263379009 M * Mr_Smoke Thats fun.
1263379010 A * Ned double checks
1263379015 M * Mr_Smoke Ok got to go, lunchtime. BBL.
1263379025 M * Ned 23:37:00.517770 IP 192.168.5.128 > 192.168.5.42: ICMP echo request, id 51839, seq 4, length 64
1263379028 M * Ned yeah :-(
1263379034 M * Ned this makes me a sad panda 
1263379035 M * Ned :-(
1263379044 M * Ned Mr_Smoke: okay, thanks for your help thus far :-)
1263379144 M * pajamian Mr_Smoke: for when you get back, thanks, I tweaked it to start rsyslog and now it fires up fine.
1263379279 M * Ned Mr_Smoke: I plugged into ethernet, and magically everything started working
1263379449 M * Ned Mr_Smoke: so when you get back, if you have any awesome ideas on how to make it work with wireless ... :-(
1263379717 J * davidkarban ~david@80.250.18.198
1263379911 Q * davidkarban Remote host closed the connection
1263379981 J * davidkarban ~david@80.250.18.198
1263380245 J * docelic ~docelic@78-2-120-209.adsl.net.t-com.hr
1263381170 J * yarihm ~yarihm@217.150.254.84
1263382159 Q * sharkjaw Remote host closed the connection
1263383126 M * Mr_Smoke pajamian: yay :)
1263383134 M * Mr_Smoke Ned: hm not so much
1263383155 M * Mr_Smoke I'm guessing it's something to do with the fact that vserver is only about ip isolation, but that's it
1263383639 M * pajamian Mr_Smoke: any idea how to get rpm installed (so I can install yum) on the guest?  seems to be a chicken and egg problem and so I need to bootstrap it somehow.
1263383641 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1263383660 M * BenG hi all
1263383676 M * Mr_Smoke pajamian: well yeah, usually the guest needs some kind of staged install with essential binaries already in place
1263383703 M * Mr_Smoke pajamian: how did you set up the guest in the first place ?
1263383732 M * pajamian Mr_Smoke: #
1263383732 M * pajamian sudo vserver david build -m yum --context 42 --hostname david.actionpact.net --interface eth0:120.138.17.236/28 -- -d centos5
1263383780 M * Mr_Smoke So that yum method does not install the necessary binaries to run a centos guest properly ?
1263383824 M * pajamian Mr_Smoke: no, apparently not, it doesn't install yum or rpm
1263383833 M * pajamian if it even had rpm I could get yum onto there.
1263383847 M * Mr_Smoke That's odd
1263383851 M * pajamian yeah
1263383860 M * Mr_Smoke You can probably get a tarball from someplace else, I hope
1263383870 M * pajamian That was according to this page: http://linux-vserver.org/Building_Guest_Systems#Building_guests_using_the_yum_build_method
1263383892 M * pajamian oh, hang on
1263383896 M * pajamian I didn't read down far enough
1263383936 M * Mr_Smoke Ah :) 
1263383948 M * Mr_Smoke It seemed strange that you would be left with no package management :p
1263383966 M * pajamian yeah, heh
1263384633 N * Bertl_zZ Bertl
1263384637 M * Bertl morning folks!
1263384679 M * Mr_Smoke moin
1263385011 M * BenG quick check, will the vs2.3.0.36.28 patch work with 2.6.31.11 or should I stick with 2.6.31.9
1263385014 M * BenG ?
1263385067 M * Bertl will probably work, but let me see what changed
1263385079 M * BenG cheers
1263385124 M * Mr_Smoke Bertl: Ned here had a question as to why his S/DNAT stuff was working when the outgoing interface of the host was eth, but much less when it used wlan ... 
1263385297 M * Bertl most likely because the 'default' route still used the wired interface, but I'd need more details what failed (and what was configured)
1263385331 M * Bertl there should be no difference between wired and wireless nowadays, at least not at this layer
1263385378 M * Mr_Smoke Well the odd thing is that "if2" in his default route
1263385382 M * Mr_Smoke I had never seen that before
1263385425 M * Bertl just means that the interface is not visible
1263385438 M * Mr_Smoke Oh ok
1263385444 M * Bertl which kind of supports my theory
1263385445 M * Mr_Smoke My gut feeling was right :)
1263385458 M * Mr_Smoke But yeah, that still doesn't explain his failure
1263385691 Q * ghislain Quit: Leaving.
1263386142 M * NOC|YEP configure: error: python-config is required
1263386145 J * balbir ~balbir@122.172.59.43
1263386275 M * Bertl NOC|YEP: rebuilding util-vserver? if so, you need that for the python package/part, but it is not required, IIRC
1263386309 M * NOC|YEP i have thx ;)
1263386317 M * NOC|YEP apt-get install python-dev
1263386356 M * Bertl yep, should do the trick
1263386377 M * Bertl also note: you might want to configure the pathes (at ./configure) to match your system/setup
1263386553 Q * BenG Quit: I Leave
1263386721 M * pajamian how do you change the IP address assigned to a guest?
1263386750 M * Mr_Smoke naddress I think
1263386757 M * Mr_Smoke If you want to do it "online"
1263386771 M * Mr_Smoke Otherwise, the usual /etc/vservers/<xid>/interfaces stuff
1263386784 M * pajamian ok, thanks
1263386809 M * Bertl pajamian: the simplest way is to shut down the guest, change it in the config (interfaces) and restart it
1263386843 M * Bertl pajamian: of course, with naddress you can change it at runtime, but you also have to configure it on the host (and probably take down the other one)
1263386871 M * pajamian yeah, well I have it shut down anyways, I shut it down just as soon as I realized I had assigned a conflicting IP
1263386891 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1263387134 M * Bertl good, then update the IP in /etc/vservers/<name>/interfaces/* and simply start it up again
1263387163 M * pajamian yep, that worked, thanks
1263387221 M * Bertl you're welcome!
1263388428 M * Bertl BenG: uploaded an updated patch for 2.6.31.11
1263388491 M * Bertl (wiki will take a little to update, but it's already on vserver.13thfloor.at)
1263388510 M * Mr_Smoke Well done :)
1263388529 M * Mr_Smoke Gotta take some time and try upgrading my old setup
1263388549 M * Mr_Smoke  2.6.22.18-vs2.3.0.32 is getting old
1263388968 J * jrklein ~jrklein@2001:0:53aa:64c:0:5349:b4d8:690
1263389463 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1263390403 Q * docelic Quit: http://www.spinlocksolutions.com/
1263390444 M * BenG "<Bertl> BenG: uploaded an updated patch for 2.6.31.11" cheers Bertl 
1263390792 J * kolorafa ~kolorafa@irc.kolorafa.dlk.pl
1263390986 P * kolorafa 
1263390996 J * kolorafa ~kolorafa@irc.kolorafa.dlk.pl
1263391237 M * kolorafa to run cpu sched i need just to add sched_hard flag (and if i want to modyfiky cpu fill/int) or i foregot about something? (i am asking because i its not working .. hmm)
1263391291 M * BenG I'm doing the basic scheduling here kolorafa, no hard scheduling though
1263391299 M * BenG is basic scheduling working for you?
1263391315 M * kolorafa basic? what do you mean?
1263391347 M * BenG hard sched is for when you want to give absolutely no processor time beyond a certain limit to a guest
1263391389 M * BenG soft is when you want to share out the cycles fairly (or at a given ratio). Works a treat, though I need a number of pointers from daniel_hozac to get it working
1263391403 M * kolorafa my first goal is just to assign a specific cpu to vserver, but i dont have knowlage to do this now
1263391545 M * BenG ah, right, it's easy when you know how
1263391554 M * BenG with a newer kernel anyhow
1263391564 M * BenG what kernel/vserver-utils are you on?
1263391576 M * kolorafa 2.6.32.2-vs2.3.0.36.28
1263391577 M * kolorafa debian
1263391616 M * BenG and vserver-utils?
1263391625 M * BenG Which version of Debian?
1263391632 M * kolorafa lenny
1263391672 M * BenG are you using the stock version of vserver-utils that comes with Lenny?
1263391696 M * BenG sorry, I should be saying util-vserver
1263391742 M * kolorafa util-vserver 0.30.216-pre2772
1263391813 M * BenG so the stock lenny one
1263391827 M * BenG that will work, but it doesn't bind the cgroups properly
1263391888 M * BenG so you need to add a line
1263391933 M * kolorafa i'am listening, (thx for help)
1263391946 M * BenG cool, just finding the line for you to add
1263391982 M * daniel_hozac to bind to a specific CPU, assuming you have cpusets in your kernel, you can either use the cpuset or cgroup support in util-vserver.
1263391996 M * daniel_hozac the latter being the way forward.
1263392100 M * BenG kolorafa, to get the Lenny util-vserver working you need to add the following line to /usr/lib/util-vserver/vserver.suexec
1263392109 M * BenG attachToCgroup   "$VSERVER_DIR"
1263392124 M * BenG add it after addtoCPUSET      "$VSERVER_DIR"
1263392283 M * BenG then kolorafa, you need to have a cgroups file system mounted on /dev/cgroups
1263392301 M * kolorafa i mounted 60s ago xD
1263392549 M * BenG so then you need a /etc/vserver/<guest_name>/cgroup/cpu.shares file with a number in it
1263392574 J * SubZero ~SubZero@chello089076140236.chello.pl
1263392931 M * BenG kolorafa, ah, you need to specify the cpu you want to use for that vserver in cpuset.cpus
1263392964 M * BenG so for example if you want it to only run on cpus 1,2 and 3, put 1-3 in that file
1263392982 M * kolorafa cpuset.cpus dosnt exists is it ok? (and i cant create it)
1263393007 M * BenG the files doesn't exist in  /etc/vserver/<guest_name>/cgroup/ ?
1263393022 M * kolorafa in /dev/cgroup/...
1263393027 M * BenG ah, right
1263393118 M * BenG how does mount look, you should have something like this
1263393122 M * BenG vserver on /dev/cgroup type cgroup (rw,all)
1263393142 M * BenG as a result of the mount command
1263393162 M * BenG (well, one of the lines anyway)
1263393193 M * BenG have you got a line like that?
1263394059 Q * pajamian Remote host closed the connection
1263394259 Q * BenG Quit: I Leave
1263394895 Q * Piet Remote host closed the connection
1263395304 Q * niki Quit: Leaving
1263397563 Q * yarihm Ping timeout: 480 seconds
1263398409 J * ktwilight_ ~keliew@55.179-247-81.adsl-dyn.isp.belgacom.be
1263398688 Q * ktwilight Ping timeout: 480 seconds
1263399645 J * yarihm ~yarihm@77.109.189.6
1263399685 P * gnuk NoFeature
1263399739 Q * jrklein Ping timeout: 480 seconds
1263399815 J * dowdle ~dowdle@scott.coe.montana.edu
1263400112 Q * davidkarban Quit: Ex-Chat
1263401115 M * Bertl off for now ... bbl
1263401119 N * Bertl Bertl_oO
1263401301 Q * yarihm Quit: This computer has gone to sleep
1263401760 J * jrklein ~jrklein@2001:0:53aa:64c:0:6d10:b4d8:690
1263402070 M * pinochle quotaon: using //quota.group on /dev/hdv1 [/]: Invalid argu
1263402127 M * geb you have to use a vroot device
1263402138 M * geb it must be documented in the faq
1263402193 M * pinochle mount shows i am
1263402207 M * pinochle whiskey:/# mount
1263402207 M * pinochle /dev/hdv1 on / type ufs (rw,usrquota,grpquota)
1263402222 M * pinochle i followed http://linux-vserver.org/Quotas#Setting_Up_Vservers_For_Quota
1263402264 M * daniel_hozac was the filesystem itself mounted with those arguments too?
1263402269 M * daniel_hozac i.e. does /proc/mounts show them?
1263402311 M * pinochle hm
1263402344 M * pinochle no it doesnt
1263402345 M * pinochle /dev/md4 / ext3 rw,errors=remount-ro,data=ordered 0 0
1263402360 M * pinochle do i have to remount the filesystem on th Host?
1263402427 M * fLoo daniel_hozac may i pm u ?
1263402516 M * pinochle daniel_hozac: are you talking about the FS on the HN?
1263402637 Q * barismetin Quit: Leaving...
1263402665 M * daniel_hozac pinochle: yes, the actual filesystem has to be mounted with usrquota,grpquota as well.
1263402773 M * daniel_hozac fLoo: what about?
1263402793 M * pinochle and do I add that to mtab or fstab?
1263402829 M * daniel_hozac fstab
1263402835 Q * harobed Ping timeout: 480 seconds
1263402836 M * daniel_hozac mtab has no actual influence over anything.
1263402902 M * fLoo daniel_hozac : something interal
1263402904 M * fLoo *internal
1263402957 M * daniel_hozac i guess
1263403070 M * pinochle another question for you daniel_hozac- any reason not to use XID tagging on root fs like the guide says?
1263403124 M * daniel_hozac the host's root fs shouldn't be tagged.
1263403124 Q * jrklein Ping timeout: 480 seconds
1263403189 M * pinochle daniel_hozac: right, any reason why?
1263403224 M * pinochle I'll have to repartition the whole box because my vservers are on the root FS
1263403330 M * daniel_hozac because the host's root filesystem is critical for boot.
1263403354 Q * thierryp Ping timeout: 480 seconds
1263403483 M * pinochle daniel_hozac: and XID tagging can corrupt the fs?
1263403561 M * daniel_hozac it can make files inaccessible if you don't use it correctly.
1263403629 Q * derjohn_mob Ping timeout: 480 seconds
1263403660 M * pinochle :\
1263403700 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1263403728 J * hparker ~hparker@linux.homershut.net
1263403917 Q * kir Quit: Leaving.
1263404354 M * Ned Bertl_oO: ?
1263404699 J * hijacker_ ~hijacker@87-126-142-51.btc-net.bg
1263404883 Q * SubZero 
1263405195 J * imcsk8 ~ichavero@148.229.1.11
1263406790 Q * hparker Quit: Read error: 104 (Peer reset by connection)
1263406797 J * hparker ~hparker@2001:470:1f0f:32c:290:96ff:fe50:40fa
1263408552 J * Ned_ ~martyn@115.189.244.45
1263408630 Q * Ned Read error: No route to host
1263408929 J * Ned ~martyn@202-61-3-148.cable5.acsdata.co.nz
1263409021 J * thierryp ~thierry@home.parmentelat.net
1263409044 Q * Ned_ Ping timeout: 480 seconds
1263409919 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1263411178 J * Piet ~Piet__@04ZAAABTU.tor-irc.dnsbl.oftc.net
1263411617 Q * ghislain Quit: Leaving.
1263411635 Q * orzel Remote host closed the connection
1263411915 J * orzel ~orzel@berlioz.ethernet.freehackers.org
1263412028 Q * Ned Quit: leaving
1263412422 N * Bertl_oO Bertl
1263414851 J * yarihm ~yarihm@77-58-27-17.dclient.hispeed.ch
1263415077 Q * FireEgl Quit: Leaving...
1263415667 J * derjohn_mob ~aj@tmo-100-178.customers.d1-online.com
1263415683 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com
1263415905 Q * thierryp Quit: ciao folks
1263418209 Q * FireEgl Quit: Leaving...
1263418851 Q * hijacker_ Quit: Leaving
1263419535 Q * tam Ping timeout: 480 seconds
1263419800 J * jrklein ~jrklein@2001:0:53aa:64c:0:3a81:304d:9a90
1263419937 Q * bonbons Quit: Leaving
1263420389 J * FireEgl FireEgl@173-16-9-10.client.mchsi.com
1263420429 J * jrklein_ ~jrklein@2001:0:53aa:64c:0:3995:304d:9a90
1263420764 Q * jrklein Ping timeout: 480 seconds
1263420765 N * jrklein_ jrklein
1263421441 M * _are__ today I tried running a host with 2 VServers on 2 different networks. I added alternate routing tables and used fwmark to select the right table based on the VServer address. unfortunately the packets don't care about my tables when I e.g. ping one VServer from the other one. I want it to go via the gateway, but it doesn't.
1263421571 M * _are__ someone posted something similar on the mailinglist yesterday and today, btw
1263421687 M * _are__ it helps writing down the questions. got the solution. using fwmark as ip-rule is bad, using the src is the right way
1263421891 N * _are__ _are_
1263422320 J * niki ~niki@0x5553169c.adsl.cybercity.dk
1263422328 M * Bertl _are_: first, ping is below the IP layer, so, it isn't even remotely Linux-VServer related
1263422364 M * Bertl second, it is really hard to 'convince' Linux that a _local_ IP should be treated as remote
1263422400 M * Bertl (not saying that it isn't possible, but it's rather tricky and complicated)
1263422406 M * _are_ Bertl: without VServers I have little use for attaching 2 networks to the same host and preventing something from accessing hosts on one of the networks difectly
1263422427 M * _are_ I think I found a solution that works at leats for me, currently creating a page on the wiki about it
1263422431 M * Bertl finally, why do you _want_ icmp to go to the gateway?
1263422450 M * _are_ in this case: different DMZs, 1/VServer
1263422461 M * Bertl so?
1263422513 M * _are_ I don't want anything to go between the VServers via the host-network routes, I want all traffic to pass the firewall
1263422521 M * mugwump you need to use containers or xen for that sort of thing
1263422554 M * Bertl you mean kvm or xen :)
1263422560 M * mugwump containers can do it
1263422566 M * _are_ well, seems to me like alternate routing table and ip rule add src <IP> .. works for my case
1263422572 M * mugwump perhaps I mean containers or kvm :)
1263422577 M * Bertl containers as in?
1263422581 M * mugwump lxc
1263422595 M * Bertl well, then can Linux-VServer do it as well with network namespaces
1263422615 M * Bertl just that last time I checked it didn't work with network namespaces
1263422643 M * mugwump oh, I thought you had private routing tables in a netns
1263422674 M * mugwump given that it's bridged networking
1263422686 M * mugwump I don't really know though
1263422691 M * Bertl make a test setup, let us know how it goes ...
1263422717 M * Bertl if you get it working properly, you can do the same with Linux-VServer 
1263422906 M * _are_ well, with no net namespaces, just ip rule and ip route + extra tables it seems to work here
1263423063 M * mugwump Bertl said really hard, not impossible :)
1263423440 M * _are_ http://linux-vserver.org/Limit_Networking_on_Multihomed_hosts is what I did and *think* is correct. at leats tcpdump claims the packets run the right routes
1263423534 M * Bertl correct, but only works on the IP layer
1263423563 M * _are_ it works with ping according to tcpdump
1263423597 M * Bertl that I doubt, but maybe the network stack was improved recently
1263423630 M * _are_ i will set up more VServers there and test a bit further, so far it looks like it works
1263423686 M * Bertl when you do a 'ping -I guesta-ip guestb-ip on the host, where do you tcpdump the packet?
1263423752 M * Bertl (note, the host has guesta-ip and guestb-ip)
1263423851 M * _are_ there the packet goes straight, not like intended, but if i ping from hosta some ip on netb it works like intended
1263423875 M * _are_ have to think a bit if I like it this way
1263423882 M * Bertl of course, but that isn't surprising Ö:)
1263423895 M * _are_ oh, I find many things surprising
1263423921 M * Bertl the main problem in Linux networking is that certain IPs are treated special
1263423938 M * Bertl e.g. local IPs or loopback addresses
1263423998 M * _are_ does this have to do with the routing tables 'local', 'main' and 'default'?
1263424006 M * Bertl otherwise it would work for all cases, but usually it is fine that 'local' traffic is handled local (i.e. via local iptables rules, etc)
1263424050 M * Bertl okay, off to bed now ... have a good one everyone!
1263424059 N * Bertl Bertl_zZ
1263424061 M * _are_ nn
1263424065 M * fback Bertl: have a good one!
1263424279 P * orzel Konversation terminated!
1263424699 Q * jrklein Quit: jrklein
1263425509 Q * BenG Quit: I Leave
1263426254 Q * Piet autokilled: Mail support@oftc.net if you have any questions. (2010-01-13 23:45:12)