Re: More diald problems.
Thanks very much for you help, Philippe.
As requested, I've included my configuration files throughout the message
below. I hope this helps in figuring out what my problem is. (I've
stripped out my username & passwords from the files....)
TIA,
Kevin
> > However, NO MATTER WHAT I DO across the connection, diald kills it
after
> > only about 30 seconds of uptime. In other words, even if I start a
telnet
> > or ftp session, I hardly manage to get connected to the remote site and
> > diald drops the connection and my session "hangs". Of course, with
these
> > connection-oriented utilities, I've got to start over again when I get
> > reconnected. However, if I run a connection-less utility like ping,
it'll
> > ping merrily along for 30 seconds until diald kills the connection and
then
> > wait until diald again re-establishes it again.
>
> Do you know why diald terminates the connection ? If you've got
> `debug 31', diald should output a shitload of messages (in
> /var/log/messages). Would you give us an excerpt ?
Here you go. This is just a piece of it. The only thing I can see why the
connection is terminated is at line 9:58:50 below. But it doesn't explain
why....
This section is from running "/etc/init.d/diald start":
Jan 9 09:56:58 sally diald[3243]: Using fifo /var/lib/diald/diald.fifo
Jan 9 09:56:58 sally diald[3243]: Starting diald version 0.14
Jan 9 09:56:59 sally diald[3243]: Proxy device established on interface
sl0
Jan 9 09:57:07 sally diald[3243]: Setting pointopoint route for sl0
Jan 9 09:57:07 sally diald[3243]: Establishing routes for sl0
Jan 9 09:57:07 sally diald[3243]: Cannot determine ethernet address for
proxy ARP
Jan 9 09:57:07 sally diald[3243]: Changed snoop device to sl0
Jan 9 09:57:07 sally diald[3243]: Diald initial setup completed.
Note 3 lines up the message I get if I try to enable "proxyarp"? I've no
idea why this happens....
Below is a diald session started when I ran "ping www.microsoft.com". The
first line is a call to my nameserver to resolve the IP address for
Microsoft.
Jan 9 09:57:18 sally diald[3243]: filter accepted rule 24 proto 17 len 68
packet 127.0.0.2,1140 => 204.244.210.2,53
Jan 9 09:57:19 sally diald[3243]: Running connect (pid = 3431).
Jan 9 09:57:20 sally pppd[3431]: pppd 2.2.0 started by root, uid 0
Jan 9 09:57:20 sally chat[3433]: timeout set to 3 seconds
Jan 9 09:57:20 sally chat[3433]: abort on (\nBUSY\r)
Jan 9 09:57:20 sally chat[3433]: abort on (\nNO ANSWER\r)
Jan 9 09:57:20 sally chat[3433]: abort on (\nRINGING\r\n\r\nRINGING\r)
Jan 9 09:57:20 sally chat[3433]: send (rAT^M)
Jan 9 09:57:20 sally chat[3433]: expect (OK)
Jan 9 09:57:20 sally chat[3433]: rAT^M^M
Jan 9 09:57:20 sally chat[3433]: OK -- got it
Jan 9 09:57:20 sally chat[3433]: send (ATH0^M)
Jan 9 09:57:21 sally chat[3433]: timeout set to 30 seconds
Jan 9 09:57:21 sally chat[3433]: expect (OK)
Jan 9 09:57:21 sally chat[3433]: ^M
Jan 9 09:57:21 sally chat[3433]: ATH0^M^M
Jan 9 09:57:21 sally chat[3433]: OK -- got it
Jan 9 09:57:21 sally chat[3433]: send (ATDT795-2970^M)
Jan 9 09:57:21 sally chat[3433]: expect (CONNECT)
Jan 9 09:57:21 sally chat[3433]: ^M
Jan 9 09:57:23 sally diald[3243]: filter accepted rule 24 proto 17 len 68
packet 127.0.0.2,1141 => 204.244.210.2,53
Jan 9 09:57:38 sally chat[3433]: ATDT795-2970^M^M
Jan 9 09:57:38 sally chat[3433]: CONNECT -- got it
Jan 9 09:57:38 sally chat[3433]: send (^M)
Jan 9 09:57:38 sally chat[3433]: expect (ogin:)
Jan 9 09:57:38 sally chat[3433]: 28800/ARQ/V34/LAPM/V42BIS^M
Jan 9 09:57:48 sally chat[3433]: Uniserve PRI access server (Chilliwack)^M
Jan 9 09:57:48 sally chat[3433]: ^M
Jan 9 09:57:48 sally chat[3433]: ^M
Jan 9 09:57:48 sally chat[3433]: Login: -- got it
Jan 9 09:57:48 sally chat[3433]: send (MYUSERNAME^M)
Jan 9 09:57:48 sally chat[3433]: expect (ssword:)
Jan 9 09:57:49 sally chat[3433]: MYUSERNAME^M
Jan 9 09:57:49 sally chat[3433]: Password: -- got it
Jan 9 09:57:49 sally chat[3433]: send (MYPASSWORD^M)
Jan 9 09:57:49 sally pppd[3431]: Serial connection established.
Jan 9 09:57:50 sally pppd[3431]: Using interface ppp0
Jan 9 09:57:50 sally pppd[3431]: Connect: ppp0 <--> /dev/ttyS0
Jan 9 09:57:51 sally diald[3243]: filter accepted rule 24 proto 17 len 63
packet 127.0.0.2,1142 => 204.244.210.2,53
Jan 9 09:57:53 sally pppd[3431]: local IP address 204.244.143.139
Jan 9 09:57:53 sally pppd[3431]: remote IP address 204.244.143.6
At this point, my ping is merely going along sending pings and receiving
responses from www.microsoft.com. Then, 57 seconds later (I originally
estimated this to be 30 seconds), I get the following. One thing I find
interesting about it is that no "filter accepted rule"s appear at this time
- only after the connection is terminated. Then, I get more "accepted"
packets and the connection is re-established....
Jan 9 09:58:50 sally diald[3243]: Connect script timed out. Killing
script.
Jan 9 09:58:50 sally diald[3243]: Sending SIGINT to (dis)connect process
3431
Jan 9 09:58:50 sally pppd[3431]: Terminating on signal 2.
Jan 9 09:58:50 sally diald[3243]: filter accepted rule 32 proto 1 len 84
packet 127.0.0.2,0 => 207.68.156.51,0
Jan 9 09:58:55 sally last message repeated 5 times
Jan 9 09:58:56 sally pppd[3431]: Connection terminated.
Jan 9 09:58:56 sally pppd[3431]: Exit.
Jan 9 09:58:56 sally diald[3243]: Closing modem line.
Jan 9 09:58:57 sally diald[3243]: Delaying 2 seconds before clear to dial.
Jan 9 09:58:57 sally diald[3243]: filter accepted rule 32 proto 1 len 84
packet 127.0.0.2,0 => 207.68.156.51,0
Jan 9 09:58:58 sally last message repeated 2 times
Jan 9 09:59:00 sally diald[3243]: Running connect (pid = 3442).
Jan 9 09:59:00 sally diald[3243]: filter accepted rule 32 proto 1 len 84
packet 127.0.0.2,0 => 207.68.156.51,0
Jan 9 09:59:00 sally diald[3243]: filter accepted rule 32 proto 1 len 84
packet 127.0.0.2,0 => 207.68.156.51,0
Jan 9 09:59:00 sally pppd[3442]: pppd 2.2.0 started by root, uid 0
Jan 9 09:59:00 sally chat[3444]: timeout set to 3 seconds
Jan 9 09:59:00 sally chat[3444]: abort on (\nBUSY\r)
Jan 9 09:59:00 sally chat[3444]: abort on (\nNO ANSWER\r)
Jan 9 09:59:00 sally chat[3444]: abort on (\nRINGING\r\n\r\nRINGING\r)
Jan 9 09:59:00 sally chat[3444]: send (rAT^M)
Jan 9 09:59:00 sally chat[3444]: expect (OK)
Jan 9 09:59:01 sally chat[3444]: rAT^M^M
Jan 9 09:59:01 sally chat[3444]: OK -- got it
<snip>
> Basically, every packet that goes through the link causes a message,
> satsting what rule was applied and the timeout before the closing.
>
> BTW, are you able to get anything done during the 30 seconds delay ?I
> mean, if you telnet somewhere, do you get the login prompt ?
Yes. While the connection is up, I've telnet'ed somewhere, logged in, and
even looked around a bit before getting disconnected. The same goes for
ftp. I can get connected, change directories, and even initiate a transfer
before being disconnected....
> > Oh, and to restate. I haven't changed (or really even looked at) the
> > diald.conf file where timeouts and filtering information is kept.
That's
> > all exactly as it came in the 0.14-8 distribution.
>
> I don't know if the stock diald.conf is correct, I've rolled my own
> one using an old one from an old diald version.
> I'm thinking of something: try to a `up' keyword to diald.options
> (meaning to keep the connection running all the time) to see if the
> problem comes from diald filtering or from something else...
If I remember, I tried that a few days ago, but all that did was bring up
the connection immediately without being requested specifically (as
expected); however, then it went right back into its usual behaviour of
cycling through continuous connects and disconnects....
> > > Do you have a `defaultroute' command in your diald.options file ? Are
the
> > > addresses of both sides of the link correct in this file too (`local'
and
> > > `remote') ?
> >
> > Yep! Even though it's there, it doesn't seem to establish the default
> > route to the ISP's interface. As for the addresses, I've got the
following
> > lines in my diald.options file:
>
> [snip]
> Could you send your diald.options file ? That would be easier. Include
diald.defs and diald.conf if you've changed them too... And maybe a trimmed
(without comments) ppp.options.
> This will make things easier...
Here's diald.options as requested: (As requested, I've stripped out all
comment and blank lines from all files. This message is definitely long
enough as it is....<grin>...)
accounting-log /var/log/diald.log
fifo /var/lib/diald/diald.fifo
local 127.0.0.2
remote 127.0.0.3
netmask 255.255.255.0
dynamic
# I've disabled proxyarp for the moment because it's just
# giving errors anyway. From the docs, this isn't required
# until I get my other problems figured out....
#proxyarp
defaultroute
connect "/etc/ppp/scripts/ppp-up"
mode ppp
modem
crtscts
lock
two-way
reroute
debug 31
connect-timeout 90
redial-timeout 2
dial-fail-limit 2
died-retry-count 1
And my diald.conf: (Again, note, that I haven't changed anything here....)
accept tcp 15 tcp.syn
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
accept tcp 5 ip.tot_len=40,tcp.syn
ignore tcp ip.tot_len=40,tcp.live
accept tcp 120 tcp.dest=tcp.www
accept tcp 120 tcp.source=tcp.www
keepup tcp 5 !tcp.live
ignore tcp !tcp.live
accept tcp 120 tcp.dest=tcp.ftp
accept tcp 120 tcp.source=tcp.ftp
accept tcp 120 tcp.dest=tcp.ftp-data
accept tcp 120 tcp.source=tcp.ftp-data
accept tcp 600 any
ignore udp udp.dest=udp.who
ignore udp udp.source=udp.who
ignore udp udp.dest=udp.route
ignore udp udp.source=udp.route
ignore udp udp.dest=udp.ntp
ignore udp udp.source=udp.ntp
ignore udp udp.dest=udp.timed
ignore udp udp.source=udp.timed
ignore udp udp.dest=udp.domain,udp.source=udp.domain
accept udp 30 udp.dest=udp.domain
accept udp 30 udp.source=udp.domain
ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns
accept udp 30 udp.dest=udp.netbios-ns
accept udp 30 udp.source=udp.netbios-ns
ignore udp tcp.dest=udp.route
ignore udp tcp.source=udp.route
accept udp 120 any
accept any 30 any
And my diald.defs file: (Same goes here - I haven't made any changes)
prule tcp tcp 9:12:13:14:15:16:17:18:19:+0:+1:+2:+3:9:9:9
prule udp udp 9:12:13:14:15:16:17:18:19:+0:+1:+2:+3:9:9:9
prule icmp icmp 9:12:13:14:15:16:17:18:19:9:9:9:9:9:9:9
prule any any 9:12:13:14:15:16:17:18:19:9:9:9:9:9:9:9
var ip.ihl 0(24)&0xf
var ip.version 0(28)&0xf
var ip.tos 1(24)&0xff
var ip.tot_len 2(16)&0xffff
var ip.id 4(16)&0xffff
var ip.frag_off 6(16)&0x3fff
var ip.ttl 8(24)&0xff
var ip.protocol 9(24)&0xff
var ip.check 10(16)&0xffff
var ip.saddr 12
var ip.daddr 16
var tcp.source +0(16)&0xffff
var tcp.dest +2(16)&0xffff
var tcp.seq +4
var tcp.ack_seq +8
var tcp.doff +12(28)&0xf
var tcp.fin +13(24)&0x1
var tcp.syn +13(25)&0x1
var tcp.rst +13(26)&0x1
var tcp.psh +13(27)&0x1
var tcp.ack +13(28)&0x1
var tcp.urg +13(29)&0x1
var tcp.live +127
var udp.source +0(16)&0xffff
var udp.dest +2(16)&0xffff
var udp.len +4(16)&0xffff
var udp.check +6(16)&0xffff
var icmp.type +0(24)&0xff
var icmp.code +1(24)&0xff
var icmp.checksum +2(16)&0xffff
var icmp.echo.id +4(16)&0xffff
var icmp.echo.sequence +6(16)&0xffff
var icmp.gateway +4
Finally, listed below are my ppp configuration and script files.
Here's /etc/ppp/options: (pretty lean-and-mean)
asyncmap 0
lcp-echo-interval 30
lcp-echo-failure 4
And here's my script to crank up the connection: /etc/ppp/scripts/ppp-up
TELEPHONE=795-2970
ACCOUNT=MYUSERNAME
PASSWORD=MYPASSWORD
LOCAL_IP=0.0.0.0
REMOTE_IP=0.0.0.0
NETMASK=255.255.255.0
export TELEPHONE ACCOUNT PASSWORD
DIALER_SCRIPT=/etc/ppp/scripts/ppp-up-dialer
exec /usr/sbin/pppd debug /dev/ttyS0 38400 \
$LOCAL_IP:$REMOTE_IP \
connect $DIALER_SCRIPT
Here's /etc/ppp/scripts/ppp-up-dialer:
chat -v \
TIMEOUT 3 \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' \rAT \
'OK-+++\c-OK' ATH0 \
TIMEOUT 30 \
OK ATDT$TELEPHONE \
CONNECT '' \
ogin:--ogin: $ACCOUNT \
ssword: $PASSWORD
Finally, here's "/etc/ppp/ip-up" which gets run automatically by pppd once
the connection comes up. I've set it up so that my default gateway is
configured here because diald doesn't seem to be doing it for me even
though I have "defaultroute" specified in /etc/diald/diald.options:
PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
export PATH
route add default gw $5
So, any help you can give me on this would be greatly appreciated. I've
gone over this many, many times along with the docs, etc. and can't seem to
find what is wrong. I'm sure hoping you can.
TIA for taking the time to go over this.
Kevin Traas
Systems Analyst
Edmondson Roper
Chilliwack, BC, Canada
http://users.uniserve.com/~erca
System Administrator
ValleyNet (a CN operated by the Fraser
Valley Community Information Society)
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: