«

....in future, do not use a Gentoo system as a critical central router in my
office.

I had the USB ADSL modem working off it, it was my Internet router, and also
a DHCP server for my other machines. It had been running happily without
interruption for some months. Then this evening there was a power failure
for ten minutes, and when power came back on, I couldn't start up my ADSL
any more.

Looks like, in amongst all the software upgrades I had been doing over that
time, I had managed to install a version of PPP without PPP-over-ATM
support. The previous version I was running kept on running without a
hiccup, but of course when it went to start up again, the ATM support
module had gone. I wanted to look for a PPP-over-ATM module to install ...
except of course I had no Internet connection that I could use to download
the software to install.

Yes, I could have resurrected the old D-Link which I had been using for my
ADSL before, but there was one other option to try first.

I moved the USB ADSL modem to my older Shuttle, which had a relatively safe,
unexciting SuSE 10.2 installation on it. It got recognized and connected
fine, and it took only a little massaging of the PPP configuration to get
that running. So that machine, at least, was back on the Internet.

Next step was to enable it as a router for the rest of my office. I checked
some iptables settings--what's this? No NAT function available?

OK, I'll admit it wasn't a completely vanilla SuSE installation. I'd
replaced the kernel with a custom one, because the standard SuSE kernel has
problems driving a Digium TDM400P telephony card. In configuring my kernel,
I had neglected to select the necessary netfilter functionality--which of
course I hadn't needed before. Recheck my kernel config--no option to
select NAT? Checking the various Kconfig files, turns out you need to
enable the netfilter connection-tracking option first, and _then_ that
makes the NAT option available for selection.

OK, reconfigure the kernel source, and rebuild the kernel (takes about 20
minutes). Install it, reboot--and it can't find my hard drive. Couldn't
load the driver module. Of course I'd forgotten to do a "make clean" to get
rid of the outdated object files from before the configuration change. OK,
do the make clean, build the kernel again, install it again.

Now I have NAT. Execute the same script I used to set up the
routing/firewall rules on the newer Shuttle--hit an error saying something
like unable to match state/target combination. What now? Forgot to enable
another netfilter kernel config option. Do that, do yet another kernel
build. Install, reboot. Success! It can now do routing for my other
machines.

So I'm back on the air again. There's still the problem of that TDM400P
card--I've rebuilt the zaptel driver against my new kernel, but it still
won't load properly. I'll deal with that tomorrow--it's time for bed.

And a good-night to all.

Lawrence D'Oliveiro wrote:
> ...in future, do not use a Gentoo system as a critical central router in my
> office.
>
> I had the USB ADSL modem working off it, it was my Internet router, and also
> a DHCP server for my other machines. It had been running happily without
> interruption for some months. Then this evening there was a power failure
> for ten minutes, and when power came back on, I couldn't start up my ADSL
> any more.
>
> Looks like, in amongst all the software upgrades I had been doing over that
> time, I had managed to install a version of PPP without PPP-over-ATM
> support. The previous version I was running kept on running without a
> hiccup, but of course when it went to start up again, the ATM support
> module had gone. I wanted to look for a PPP-over-ATM module to install ...
> except of course I had no Internet connection that I could use to download
> the software to install.

In future TEST ALL UPGRADES/PATCHES BEFORE APPLYING THEM TO A CRITICAL
SYSTEM. Don't blame Gentoo/Ubuntu/Suse/Windows/whatever, the problem is
totally human in nature.

In article <>, EMB did write:

> In future TEST ALL UPGRADES/PATCHES ...

On what?

Lawrence D'Oliveiro wrote:
> In article <>, EMB did write:
>
>> In future TEST ALL UPGRADES/PATCHES ...
>
> On what?

A test system.

In article <4848d8cd$>, EMB did write:

> Lawrence D'Oliveiro wrote:
>
>> In article <>, EMB did write:
>>
>>> In future TEST ALL UPGRADES/PATCHES ...
>>
>> On what?
>
> A test system.

That's a circular statement.

Lawrence D'Oliveiro wrote:
> In article <4848d8cd$>, EMB did write:
>
>> Lawrence D'Oliveiro wrote:
>>
>>> In article <>, EMB did write:
>>>
>>>> In future TEST ALL UPGRADES/PATCHES ...
>>> On what?
>> A test system.
>
> That's a circular statement.

How so?

We have a development system in which we build apps.

We then use a test system to check them for errors in a "production"
environment by restoring a current backup of the live production system
and then installing the new software and/or OS patches obnto that system.

The test system then undergoes quite extensive functional and
integration tests before being signed off as suitable for installation
and use in the live system that runs the enterprise.

Any migration of the changes to the live system are scheduled for a time
when any unexpected outcomes (ie someone/something ****s up) will have
minimal business impact, and a full team of technical staff are on call
to ensure any problems can be rectified quickly.

In article <g28pme$b0j$>, Lawrence D'Oliveiro did write:

> Looks like, in amongst all the software upgrades I had been doing over
> that time, I had managed to install a version of PPP without PPP-over-ATM
> support.

I think I've figured out what happened. The Gentoo build for the "ppp"
package by default does not include ATM support. I must have done a
one-time override of the USE flags to include this (which the Gentoo folks
recomment you _not_ do), and then forgotten I'd done so. So when the next
version became available, and I upgraded, naturally it reverted back to no
ATM support.

It's OK, I've added an entry to my /etc/portage/package.use to make this a
permanent setting. Though I still don't think I'll be moving the ADSL modem
back to the Gentoo machine.