[report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

[report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
To: Debian Edu team

Greeting.

Now, I finished network harnessing
and started Edu test env installation.

In my env will be network isolated (except gateway) three amd64 PCs,

1. gateway
2. main server
3. workstation

This is an installation report about "gateway"

0. Hardware
===========
* Intel 7th gen. CPU aka Kaby Lake Celeron 3865U
* Shuttle Inc. bareborn, "DS77U"
* DDR4 4GB two SO-DIMMs, 8GB DRAM (would be reduced in the future)
* SanDisk 2.5 inch SATA SSD
* Intel I219V and I210 dual NIC
* REMOVED WiFi MODULE (M.2 PCI)

Installation media: netinst edu testing image 2019-05-13

Modify BIOS boot priority on demand.

1. Installation
===============

0. Connected eth0: Internet side, DHCP via primary router.
1. Connected eth1: Debian Edu internal network side,
                    connected to a L2 switch (without any other host.)
2. Started installation by "expert mode" in English
3. Almost default setting except locale/timezone/keymap.
4. Network detect: go
5. Configure network (Internet side): go (DHCP)
6. Profile "Minimal"
7. automatic partitioning
8. root user only; no normal user on this "gateway"
9. Detect disk: go
10. partition disk: go
11. Install base system: go
12. Kernel: "linux-image-amd64", targeted (only needed modules)
13. apt: n.p. only security updates
14. Select and install software: n.p.
15. Use "Automatic security update"
16. Software selection: "standard system utilities" only.
17. Build LTSP chroot: SKIP
18. Install GRUB: MBR, w/o EFI removable media path forcing.
19. Install Debian Edu Profile: LTSP chroot SKIPPED,
20. Finish installation: go

2. Configuration as a gateway, using the manual
===============================================

0. Initial boot: go
1. Network status: NG, both eth0 and eth1 is not up.

    /sys/class/net shows new style NIC names.

    workaround by: GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet"

2. reboot: took VERY LONG boot splash screen, but anyway booted.
3. eth0 up by DHCP.
4. apt update && apt upgrade : NG

    my APT config for personal APT catcher-NG seems not work,
    due to: "-9 - Address family for hostname not supported)

    workaround: disabled APT conf: Acquire::http::Proxy; DIRECT now.

5. retry apt update: NG

    mirror server name resolving error.

    workaround: manually edit /etc/resolv.conf, with nameserver MYROUTER
                -> STILL NG

    Now, /sys/class/net has eth0 and eth1 only (because of net.ifnames=0)

    Reverted the GRUB old name forcing; new NIC name, again.

6. reboot; this time normal speed (fast)

    manually edit /etc/network/interfaces by NEW STYLE NAMEs,
    aka "alternative is to switch to the new network interfaces naming"

    Then modified interfaces file by hand, just like
    by the manual instruction "dhcp:gateway:static setting"
    as much as possible (See my post and the script, please)

7. service networking stop && start: NG

    syslog says, eth0 not found; ignored and proceeded

8. reboot

9. Both dhcp and static NIC are up as new style names.

10. apt update && upgrade: go

11. systemctl status: degraded; ignored

     Keep the setting procedure as "gateway"

     (syslog showed dhclient errors related with old NIC names; ignored)

12. hostname -b gateway && hostname > /etc/hostname && reboot

13. service enable-nat start: go

14. apt install chkrootkit && chkrootkit # no rootkit shown

     This is just for testing WAN side.

Summary
=======

* Forcing old style NIC names on gateway has problem.

* Editing /etc/network/interfaces by new style NIC names works.

* Debian Edu LAN (10.0.0.1) side (NAT) is not tested yet.

Regards.

Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

Wolfgang Schweer-3
Hi hoxp18,

a big thank you for the installation report.

On Wed, May 15, 2019 at 08:44:11AM +0900, hoxp18 wrote:

> Installation media: netinst edu testing image 2019-05-13
>
> Modify BIOS boot priority on demand.
>
> 1. Installation
> ===============
>
> 0. Connected eth0: Internet side, DHCP via primary router.
> 1. Connected eth1: Debian Edu internal network side,
>                    connected to a L2 switch (without any other host.)
> 2. Started installation by "expert mode" in English
This is supposed to be a pitfall; you need to know quite a lot about the
Debian installer tasksel modification done by Debian Edu.

> 3. Almost default setting except locale/timezone/keymap.
> 4. Network detect: go
> 5. Configure network (Internet side): go (DHCP)
> 6. Profile "Minimal"
> 7. automatic partitioning
> 8. root user only; no normal user on this "gateway"
> 9. Detect disk: go
> 10. partition disk: go
> 11. Install base system: go
> 12. Kernel: "linux-image-amd64", targeted (only needed modules)
> 13. apt: n.p. only security updates
> 14. Select and install software: n.p.
> 15. Use "Automatic security update"
> 16. Software selection: "standard system utilities" only.
This actually *is* the pitfall. You need to select 'Debian Edu
common packages for networked systems' in addition.
This item will be preselected if you install in 'debian-edu-expert' mode
(kernel parameter), see
https://wiki.debian.org/DebianEdu/Documentation/Buster/Installation#Installing_Debian_Edu
but will be missing if you use the vanilla Debian 'expert' mode.

> 17. Build LTSP chroot: SKIP
> 18. Install GRUB: MBR, w/o EFI removable media path forcing.
> 19. Install Debian Edu Profile: LTSP chroot SKIPPED,
> 20. Finish installation: go
>
> 2. Configuration as a gateway, using the manual
> ===============================================
>
> 0. Initial boot: go
> 1. Network status: NG, both eth0 and eth1 is not up.
I was able to reproduce this failure with 'standard system utilities'
as only selection, i.e. decided to keep sitting in the pit.

> Summary
> =======
>
> * Forcing old style NIC names on gateway has problem.

-> pitfall; should not happen if vanilla Debian Edu installation
   methods are used (tested again).
 
> * Editing /etc/network/interfaces by new style NIC names works.

Sure, you have a vanilla Debian installation
 
Thanks again for your very detailed report, much appreciated.

Maybe some caveat should be added to the manual concerning the pitfall?

Wolfgang

signature.asc (981 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
Dear Wolfgang Schweer,

On 5/15/19 6:43 PM, Wolfgang Schweer wrote:

> Hi hoxp18,
>
> a big thank you for the installation report.
>
> On Wed, May 15, 2019 at 08:44:11AM +0900, hoxp18 wrote:
>> Installation media: netinst edu testing image 2019-05-13
>>
>> Modify BIOS boot priority on demand.
>>
>> 1. Installation
>> ===============
>>
>> 0. Connected eth0: Internet side, DHCP via primary router.
>> 1. Connected eth1: Debian Edu internal network side,
>>                     connected to a L2 switch (without any other host.)
>> 2. Started installation by "expert mode" in English
>
> This is supposed to be a pitfall; you need to know quite a lot about the
> Debian installer tasksel modification done by Debian Edu.

It is, yes.

After I attempted some,
I noticed /etc/network/interfaces be overwritten by some program.

After some reboots, it become ethN and enpX mixture
which does not make sense.

>> 3. Almost default setting except locale/timezone/keymap.
>> 4. Network detect: go
>> 5. Configure network (Internet side): go (DHCP)
>> 6. Profile "Minimal"
>> 7. automatic partitioning
>> 8. root user only; no normal user on this "gateway"
>> 9. Detect disk: go
>> 10. partition disk: go
>> 11. Install base system: go
>> 12. Kernel: "linux-image-amd64", targeted (only needed modules)
>> 13. apt: n.p. only security updates
>> 14. Select and install software: n.p.
>> 15. Use "Automatic security update"
>> 16. Software selection: "standard system utilities" only.
>
> This actually *is* the pitfall. You need to select 'Debian Edu
> common packages for networked systems' in addition.
> This item will be preselected if you install in 'debian-edu-expert' mode
> (kernel parameter), see
> https://wiki.debian.org/DebianEdu/Documentation/Buster/Installation#Installing_Debian_Edu
> but will be missing if you use the vanilla Debian 'expert' mode.

Again, yes, it IS a pitfall, now I see.
I'll avoid "standard system utilities only".

>> 17. Build LTSP chroot: SKIP
>> 18. Install GRUB: MBR, w/o EFI removable media path forcing.
>> 19. Install Debian Edu Profile: LTSP chroot SKIPPED,
>> 20. Finish installation: go
>>
>> 2. Configuration as a gateway, using the manual
>> ===============================================
>>
>> 0. Initial boot: go
>> 1. Network status: NG, both eth0 and eth1 is not up.
>
> I was able to reproduce this failure with 'standard system utilities'
> as only selection, i.e. decided to keep sitting in the pit.

I also did the same "too simple selection", and falling into the pit.

>> Summary
>> =======
>>
>> * Forcing old style NIC names on gateway has problem.
>
> -> pitfall; should not happen if vanilla Debian Edu installation
>     methods are used (tested again).
>  
>> * Editing /etc/network/interfaces by new style NIC names works.
>
> Sure, you have a vanilla Debian installation
>  
> Thanks again for your very detailed report, much appreciated.
>
> Maybe some caveat should be added to the manual concerning the pitfall?
>
> Wolfgang

That would be nice to add about it to the manual,
since I misunderstood that gateway installation does not require
Debian Edu specific ones => made it too simplified => now in the pit.

And I also felt boot up is so slow. That might have common root.
(missing part may made some program confused at boot up time, I guess.)

So, "For gateway, we can use Debian Edu "Minimal profile",
but cannot and/or should-not reduce anything from the profile
and/or settings".

Thank you for telling me a lot.
I'll try vanilla Debian Edu "Minimal" profile install for it.

Regards.

Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

Holger Levsen-2
Dear hoxp18,

*many* thanks for your detailed installation reports! Very nice to see.
Also many thanks to Wolfgang, for his extensive replies!

I'll just comment on one tiny aspect:

On Wed, May 15, 2019 at 07:39:31PM +0900, hoxp18 wrote:
> And I also felt boot up is so slow. That might have common root.
 
this could be related to
https://daniel-lange.com/archives/152-Openssh-taking-minutes-to-become-available,-booting-takes-half-an-hour-...-because-your-server-waits-for-a-few-bytes-of-randomness.html

to quote from there:

The typical issue is:
[    4.428797] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: data=ordered
[ 130.970863] random: crng init done


can you run "sudo dmesg" and see if this is the cause of the problem?


--
tschau,
        Holger

-------------------------------------------------------------------------------
               holger@(debian|reproducible-builds|layer-acht).org
       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
Dear Holger Levsen,

On 5/15/19 8:18 PM, Holger Levsen wrote:
> *many* thanks for your detailed installation reports! Very nice to see.
> Also many thanks to Wolfgang, for his extensive replies!

Great thank from me, too!

> I'll just comment on one tiny aspect:
>
> On Wed, May 15, 2019 at 07:39:31PM +0900, hoxp18 wrote:
>> And I also felt boot up is so slow. That might have common root.
>  
> this could be related to
> https://daniel-lange.com/archives/152-Openssh-taking-minutes-to-become-available,-booting-takes-half-an-hour-...-because-your-server-waits-for-a-few-bytes-of-randomness.html

Thank you for telling me very interesting article.

It never occurred to me.

My "main server" tends to take 20~30 sec after the message,

[  OK  ] Started Login Service.

FYI:
firstuser$ sudo journalctl | grep -E "(rng|random)"
53:06 kernel: random: get_random_bytes_called from
                 start_kernel+0x93/0x531 with crng_init=0
53:06 kernel: random: drng done (trusting CPU's manufacture)
53:27 named[PID]: built with '... --with-pkcs11=/usr/lib/softhsm2.so
             --with-randomdev=/dev/random
53:27 kadmind: Seeding random number generator

Perhaps it has something random related, as you pointed.

In addition to that, though it may be simple my mistakes,
sometimes "first user" login refused, saying "wrong password."

> to quote from there:
>
> The typical issue is:
> [    4.428797] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: data=ordered
> [ 130.970863] random: crng init done
>
>
> can you run "sudo dmesg" and see if this is the cause of the problem?

firstuser$ sudo dmesg | grep EXT4-fs
EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)
(dm-0): re-mounted. Opts: (null)
(dm-0): re-mounted. Opts: errors=remount-ro
(nvme0n1p1): mounted filesystem with ordered data mode. Opts: (null)

and since I add data=writeback for some mount points,

(dm-6): mounted filesystem with writeback data mode. Opts:data=writaback
...

Those logs are in almost same timestamp.

After those, around nslcd, there are many "Can't contact LDAP server",

  ldap_start_tls_s() failed
  failed tp bind to LDAP server ldap://ldap.intern: Can't contact ...
  no available LDAP server found, sleeping 1 seconds

These starts at 20:38:58, finished at 20:39:47, with

  nslcd: <passwd(all)> connected to LDAP server ldap://ldap.intern

Apology for shortend (non-RAW) logs.

Regards.

Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
To: Debian Edu team

Greeting.

This is another report of gateway installation using GUI mode.

First, I made mistake for my gateway hardware spec.

* Shuttle Inc. bareborn, "DS77U"
NG: Intel I219V and I210 dual NIC
  -> Intel I219-LM and I211 dual NIC (and a Wi-Fi module which I removed)

Note that the machine can boot up as headless; no display, no kbd.

Second: Clean install by GUI Debian Edu installer as "gateway"
         ISO image: Debian Edu netinst 2019-05-13

Conditions
==========

* Only primary NIC connected to the Internet side (DHCP by my router.)

   router-eth0:gateway:eth1(not connected)

* Using my TV and another keyboard for installation and initial setups.

Steps
=====

0. boot as GUI: go
1. NIC detection: both go
2. Profiles: "Minimal" only
3. Automatic partition: yes (entire disk)
4. Force EFI: no
5. Guided partition: go
6. Base install: go
7. Software updates: go
8. Installation finish: go
9. First boot and login as root: go

    Since installed as Japanese env, tty shows some corrupted characters.
    "fbterm" works and solve it, but it soon become blank with few
    charactors on screen. I "ls /etc" to keep it up.

10. ifconfig: eth0 detected and DHCP setup fine.
11. Did gataway setup script in the manual by hand.
12. service networking stop: go
13. service networking start: took time and failed
     maybe it's due to a lack on eth1 side.
14. Connect eth1 side to the L2 switch, too;

     Before: router-eth0:gateway:eth1 (not connected)
     Now:    router-eth0:gateway:eth1-L2 (no host up)

15. service networking start, again: NG

    journalctl -xe shows many "avahi-autoipid[eth0]: Killing child."
    after systemd: networking.service: Failed with result 'exit-code'.
          systemd: Faid to start Raise network interfaces.
    avahi-daemon: Withdrawing address record for 169.254.7.203
    avahi-daemon: Leaving mDNS multicast group on interface eth0.IPv4
                  with address 169.254.7.203.
    avahi-daemon: Interface eth0.IPv4 no longer relevant for mDNS.

16. I ignore that, confirm /etc/network/interfaces,
     and setup /etc/default/enable-nat, then reboot.

17. bootup took 1:30 for anacron jobs, then rebooted automatically.

18. boot again, login as root: go

19. ifconfig shows both eth0 and eth1 up; dhcp and 10.0.0.1

20. systemctl shows

     LDAP services: failed
     networking.service: failed
     enable-nat.service: active

     I thought it's okay because both eth0 and eth1 up, with enable-nat.

21. Shutdown it, placed the "gateway" in the test env position.

22. boot: eth1 side L2 switch LED shows it's up.

23. Boot "main machine" to check "gateway".

     router -> eth0:gateway:eth1 -> L2 -> 10.0.0.0/8 - "main server"

     * sudo ping 10.0.0.1 shows 100% packet loss.
     * ip route shows,
       default via 10.0.0.1 dev eth 0 onlink
       10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.2.2.
     * No Internet connection available.

24. Reboot the gateway. L2 LED shows it's down and then up.
25. Wait and tried again; same result. I guess networking.service down.

     workaround by: GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 quiet"
                    GRUB_CMDLINE_LINUX_DEFAULT="quiet"

     and new NIC names for /etc/network/interfaces

     update-grub && reboot

26. service networking start: NG

     several service fails;
     automount: bind_ldap_simple...Can't connect LDAP server.
     systemd: Failed to start LSB:
              Fetch LDAP SSL public key from the server
     etc.

27. first@main$ sudo ping 10.0.0.1
     pings okay now. No packet loss.

     root@gateway# systemctl status enable-nat
     shows "active"

27. External host lookups: NG

Summay and my observation
=========================

* net.ifnames=0 failes on networking service, even with plain "Minimal"
   gateway installation with GUI mode; LDAP related failures.

* new NIC names makes 10.0.0.1 pingable from main server,
   but NAT seems not working, though enable-nat.service seems okay.

* networking.service failed both in old and new NIC name schemes.

* I think "systemctl disable <some-unnecessay.services>" may
   solve the situation, I have no idea which I should disable.

Some more reports about "main server" side
------------------------------------------

* "main server" sceen auto-blank cannot be resumed by hitting keys.
   I turned off screen blank setting on Xfce.

Thank you for reading long messy reports.

Regards.

Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

Wolfgang Schweer-3
Hi hoxp18,

thanks a lot for your report.

On Thu, May 16, 2019 at 06:26:15PM +0900, hoxp18 wrote:
> NG: Intel I219V and I210 dual NIC
>  -> Intel I219-LM and I211 dual NIC (and a Wi-Fi module which I removed)
 
> 19. ifconfig shows both eth0 and eth1 up; dhcp and 10.0.0.1

Good.
 

> 21. Shutdown it, placed the "gateway" in the test env position.
>
> 22. boot: eth1 side L2 switch LED shows it's up.
>
> 23. Boot "main machine" to check "gateway".
>
>     router -> eth0:gateway:eth1 -> L2 -> 10.0.0.0/8 - "main server"
>
>     * sudo ping 10.0.0.1 shows 100% packet loss.
>     * ip route shows,
>       default via 10.0.0.1 dev eth 0 onlink
>       10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.2.2.
>     * No Internet connection available.
After rebooting the machine, the eth0 and eth1 order might have switched
due to some different onboard chip activation order. This has sometimes
been an issue with those legacy interface names in the past.

The new naming scheme makes the interface order persistent between
reboots. If you use those names, you also have to adjust enable-nat
(default is: OUTSIDE_IF=eth0).

(Due to a lack of hardware I'm unable to do tests in the real world, but
I followed the gateway installation recipe once again on a virtual
network and can confirm that it actually works: an existing main server
connects to the Internet via the new gateway.)

Wolfgang

signature.asc (981 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
Dear Wolfgang Schweer and Debian Edu team,

On 5/16/19 8:42 PM, Wolfgang Schweer wrote:

>> 23. Boot "main machine" to check "gateway".
>>
>>      router -> eth0:gateway:eth1 -> L2 -> 10.0.0.0/8 - "main server"
>>
>>      * sudo ping 10.0.0.1 shows 100% packet loss.
>>      * ip route shows,
>>        default via 10.0.0.1 dev eth 0 onlink
>>        10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.2.2.
>>      * No Internet connection available.
>
> After rebooting the machine, the eth0 and eth1 order might have switched
> due to some different onboard chip activation order. This has sometimes
> been an issue with those legacy interface names in the past.
>
> The new naming scheme makes the interface order persistent between
> reboots. If you use those names, you also have to adjust enable-nat
> (default is: OUTSIDE_IF=eth0).

PRECISE!

That's all I need. Now "gateway" works.

And sorry about ethN style descriptions. I'm just confused.

To Summarize
============

1. Installed Debian Edu Buster "Minimal" in Japanese GUI as "gateway"
    and "main server" with "workstation" profile; 2 amd64 hosts.

2. After all, using new style NIC names for,

   /etc/network/interfaces: auto and iface
   /etc/default/enable-nat: OUTSIDE_IF=enp0s31f6

Even networking.service is still "failed" in "gateway",
I confirmed the gateway NAT functionality by

  first@main$ sudo apt update

using my local Apt-Cacher NG server.

And of course I can browse http://www.debian.org from "main server" now.

Thanks a lot.

Review: DS77U as a "gateway" hardware
=====================================

BTW, now I confirmed the "Shuttle DS77U" can boot headless.

No display, no keyboard, only two ethernet cables (and a power cable).

I shutdown it, then booted again. It works as "gateway".

I did a simple benchmark on it, too.

  first@tjener$ dd if=/dev/random of=junk bs=1K count=100K
  104857600 bytes (105 MB, 100 MiB) copied, 37.2854 s, 2.8 MB/s
  first@tjener$ scp junk user@my_local_proxy:~/
  junk                                          100% 100MB 56.8MB/s 00:01

56MB/sec seems not so bad, since I use a cheap gigabit L2 switch
with cheap CAT6 UTP cables.

Network Topology:

  Internet - router - L2 - "gateway" - L2 - "tjener"
                      |
                      + Apt-Cacher and Squid (my_local_proxy above)
                        (and other machines)

I think this tiny solid box is useful as a Linux router, as a "gateway".

Some notes
==========

* I removed "xserver-xorg-video-intel" and Firefox in "tjener"
   can smoothly play videos, both in window and full screen.
   (since I use Kaby Lake.)

* lm-sensors seems fine; after sensors-detect, it reads CPU temps.
   My "tjener" M/B has onboard temp display, so I think I confirmed
   the values are correct.

Perhaps those kind of reports be sent as installation-reports,
including "gateway" (after I create some reportbug user account on it.)

Japanese env comments
======================

It seems Japanese input method editors are available in
both uim-anthy and mozc. They work.

For UI fonts, Xfce uses VLGothic, a fine and "cute-style" Japanese font.
As an educational purpose, it is a nice choice, I think.

Apps such like Firefox, LibreOffice, and even Scratch has Japanese
translations. Some others edu related has almost translated.

GOsa2 has no Japanese translation; but it might be nice not to,
since it's about admin tasks with special technical terms.

* To be honest, I have no idea about translations
   for those important terms in GOsa2, such like "base".

* I'm not familiar with LDAP and Kerberos, too.

If you feel I'm saying something wrong, please tell me.

After this
==========

I'll continue using/testing Edu itself, verifying the Japanese manual.

Thank you a lot.

Finally I got my isolated physical Edu test env. Now I'm very happy.

Any suggestions, any kind of test requests are welcome, of course.

Limitations:
* Currently, "tjener" has only one NIC and no LTSP profile.
* I'm using another amd64 testing machine for another purpose.
* I have a printer but its not available in my test env.
* My Windows hosts are not available for testing.

It is possible to build another amd64 node.
I'll clean install "tjener" with new ISOs in the future.

Since I have working "gateway", sending "real" logs are now possible
and easy, provided I create a normal user on it.

(I manually typed those report's logs...)

Regards.

Reply | Threaded
Open this post in threaded view
|

Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

Wolfgang Schweer-3
Hi hoxp18,

thanks for your impressive report.

On Fri, May 17, 2019 at 12:33:01AM +0900, hoxp18 wrote:
> Even networking.service is still "failed" in "gateway",

Just ignore the message. This is due to /etc/network/if-up.d/hostname
not working in this setup (other DHCP server).
 

> Review: DS77U as a "gateway" hardware
> =====================================
>
> BTW, now I confirmed the "Shuttle DS77U" can boot headless.
>
> No display, no keyboard, only two ethernet cables (and a power cable).
>
> I shutdown it, then booted again. It works as "gateway".
>
> I did a simple benchmark on it, too.
>
>  first@tjener$ dd if=/dev/random of=junk bs=1K count=100K
>  104857600 bytes (105 MB, 100 MiB) copied, 37.2854 s, 2.8 MB/s
>  first@tjener$ scp junk user@my_local_proxy:~/
>  junk                                          100% 100MB 56.8MB/s 00:01
>
> 56MB/sec seems not so bad, since I use a cheap gigabit L2 switch
> with cheap CAT6 UTP cables.
>
> Network Topology:
>
>  Internet - router - L2 - "gateway" - L2 - "tjener"
>                      |
>                      + Apt-Cacher and Squid (my_local_proxy above)
>                        (and other machines)
>
> I think this tiny solid box is useful as a Linux router, as a "gateway".
Interesting!
 

> Some notes
> ==========
>
> * I removed "xserver-xorg-video-intel" and Firefox in "tjener"
>   can smoothly play videos, both in window and full screen.
>   (since I use Kaby Lake.)
>
> * lm-sensors seems fine; after sensors-detect, it reads CPU temps.
>   My "tjener" M/B has onboard temp display, so I think I confirmed
>   the values are correct.
>
> Perhaps those kind of reports be sent as installation-reports,
> including "gateway" (after I create some reportbug user account on it.)
Yes.
 

> Japanese env comments
> ======================
>
> It seems Japanese input method editors are available in
> both uim-anthy and mozc. They work.
>
> For UI fonts, Xfce uses VLGothic, a fine and "cute-style" Japanese font.
> As an educational purpose, it is a nice choice, I think.
>
> Apps such like Firefox, LibreOffice, and even Scratch has Japanese
> translations. Some others edu related has almost translated.
Good to have this feedback.
 
> GOsa2 has no Japanese translation; but it might be nice not to,
> since it's about admin tasks with special technical terms.
>
> * To be honest, I have no idea about translations
>   for those important terms in GOsa2, such like "base".
>
> * I'm not familiar with LDAP and Kerberos, too.

Maybe in both cases you'll get a better impression if you try to
customize things along with reading the manual.
 
> Finally I got my isolated physical Edu test env. Now I'm very happy.

:)

Wolfgang

signature.asc (981 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Re: [report] "gateway" installation for amd64 dual NIC machine using 2019-05-13 image.

hoxp18
To: Debian Edu team

Greeting.

Now I need some meesy stuff. Apology for delay.

> Hi hoxp18,
>
> thanks for your impressive report.
>
> On Fri, May 17, 2019 at 12:33:01AM +0900, hoxp18 wrote:
> > Even networking.service is still "failed" in "gateway",
>
> Just ignore the message. This is due to /etc/network/if-up.d/hostname
> not working in this setup (other DHCP server).

Got it.

> > GOsa2 has no Japanese translation; but it might be nice not to,
> > since it's about admin tasks with special technical terms.
> >
> > * To be honest, I have no idea about translations
> >   for those important terms in GOsa2, such like "base".
> >
> > * I'm not familiar with LDAP and Kerberos, too.
>
> Maybe in both cases you'll get a better impression if you try to
> customize things along with reading the manual.

True. I'll do that after I finish some recovery.

Notice that I some weird message be post in this ML
or somebody else's address, It's probable something went wrong
in my env; and it now seems so. I'm fixing.

Regards.