[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

To: Debian Edu team

Greeting.

This is another report of gateway installation using GUI mode.

First, I made mistake for my gateway hardware spec.

* Shuttle Inc. bareborn, "DS77U"
NG: Intel I219V and I210 dual NIC
 -> Intel I219-LM and I211 dual NIC (and a Wi-Fi module which I removed)

Note that the machine can boot up as headless; no display, no kbd.

Second: Clean install by GUI Debian Edu installer as "gateway"
        ISO image: Debian Edu netinst 2019-05-13

Conditions
==========

* Only primary NIC connected to the Internet side (DHCP by my router.)

  router-eth0:gateway:eth1(not connected)

* Using my TV and another keyboard for installation and initial setups.

Steps
=====

0. boot as GUI: go
1. NIC detection: both go
2. Profiles: "Minimal" only
3. Automatic partition: yes (entire disk)
4. Force EFI: no
5. Guided partition: go
6. Base install: go
7. Software updates: go
8. Installation finish: go
9. First boot and login as root: go

   Since installed as Japanese env, tty shows some corrupted characters.
   "fbterm" works and solve it, but it soon become blank with few
   charactors on screen. I "ls /etc" to keep it up.

10. ifconfig: eth0 detected and DHCP setup fine.
11. Did gataway setup script in the manual by hand.
12. service networking stop: go
13. service networking start: took time and failed
    maybe it's due to a lack on eth1 side.
14. Connect eth1 side to the L2 switch, too;

    Before: router-eth0:gateway:eth1 (not connected)
    Now:    router-eth0:gateway:eth1-L2 (no host up)

15. service networking start, again: NG

   journalctl -xe shows many "avahi-autoipid[eth0]: Killing child."
   after systemd: networking.service: Failed with result 'exit-code'.
         systemd: Faid to start Raise network interfaces.
   avahi-daemon: Withdrawing address record for 169.254.7.203
   avahi-daemon: Leaving mDNS multicast group on interface eth0.IPv4
                 with address 169.254.7.203.
   avahi-daemon: Interface eth0.IPv4 no longer relevant for mDNS.

16. I ignore that, confirm /etc/network/interfaces,
    and setup /etc/default/enable-nat, then reboot.

17. bootup took 1:30 for anacron jobs, then rebooted automatically.

18. boot again, login as root: go

19. ifconfig shows both eth0 and eth1 up; dhcp and 10.0.0.1

20. systemctl shows

    LDAP services: failed
    networking.service: failed
    enable-nat.service: active

    I thought it's okay because both eth0 and eth1 up, with enable-nat.

21. Shutdown it, placed the "gateway" in the test env position.

22. boot: eth1 side L2 switch LED shows it's up.

23. Boot "main machine" to check "gateway".

    router -> eth0:gateway:eth1 -> L2 -> 10.0.0.0/8 - "main server"

    * sudo ping 10.0.0.1 shows 100% packet loss.
    * ip route shows,
      default via 10.0.0.1 dev eth 0 onlink
      10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.2.2.
    * No Internet connection available.

24. Reboot the gateway. L2 LED shows it's down and then up.
25. Wait and tried again; same result. I guess networking.service down.

    workaround by: GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet"
                   GRUB_CMDLINE_LINUX_DEFAULT="quiet"

    and new NIC names for /etc/network/interfaces

    update-grub && reboot

26. service networking start: NG

    several service fails;
    automount: bind_ldap_simple...Can't connect LDAP server.
    systemd: Failed to start LSB:
             Fetch LDAP SSL public key from the server
    etc.

27. first@main$ sudo ping 10.0.0.1
    pings okay now. No packet loss.

    root@gateway# systemctl status enable-nat
    shows "active"

27. External host lookups: NG

Summay and my observation
=========================

* net.ifnames=0 failes on networking service, even with plain "Minimal"
  gateway installation with GUI mode; LDAP related failures.

* new NIC names makes 10.0.0.1 pingable from main server,
  but NAT seems not working, though enable-nat.service seems okay.

* networking.service failed both in old and new NIC name schemes.

* I think "systemctl disable <some-unnecessay.services>" may
  solve the situation, I have no idea which I should disable.

Some more reports about "main server" side
------------------------------------------

* "main server" sceen auto-blank cannot be resumed by hitting keys.
  I turned off screen blank setting on Xfce.

Thank you for reading long messy reports.

Regards.
Reply to: