From pavlin@icir.org Thu Nov 4 10:58:18 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Thu, 04 Nov 2004 02:58:18 -0800 Subject: [Xorp-users] xorp and uml In-Reply-To: Message from Pavlin Radoslavov of "Fri, 29 Oct 2004 17:43:06 PDT." <200410300043.i9U0h6wK009781@possum.icir.org> Message-ID: <200411041058.iA4AwIwK018354@possum.icir.org> > > On Friday 29 October 2004 05:13, Dario VIEIRA wrote: > > > Hi, > > > > > > I am trying to set up a topology using a single machine in XORP and > > > using "user mode linux". We'd like to set up something like: > > > http://www.lathspell.de/linux/uml/. > > > > > > However, when we run rtrmgr, it starts and dies very fast without > > > any error message :-(! > > > > > > Do I need to do something special in order to get xorp running > > > into uml? > > > > > > Hi Dario, > > > > this might not be a direct answer to your question, but you may wish to > > take a look at IMUNES (http://tel.fer.hr/imunes/). This thing offers a > > handy GUI tool which completely automates all the tasks starting from > > the specification of the network topology, IP address assignment etc. > > up to the creation of router configuration files and instantiation of > > virtual nodes and links. XORP runs unmodified on top of IMUNES, in > > fact you can grab a bootable CD which includes everything you need to > > start creating virtual network topologies using XORP (and/or quagga) > > routers. Besides, from both scalability and performance points of > > view, UML and IMUNES can hardly be compared... > > Dario, > > I would also strongly recommend trying Marko's IMUNES. I have seen a > demo, and it is really cool and easy to use. > > Nevertheless, the fact that XORP dies without an error within UML is > odd. We will install UML and will look into that. Dario, I installed UML, and was able to successfully start XORP. What I did was the following: 1. I used a RedHat-7.3 machine with Linux-2.4.20-28.7smp kernel as the host to install UML. 2. Downloaded and installed the following RPM: user_mode_linux-2.4.19.5um-0.i386.rpm 3. Downloaded and uncompressed the following root FS: root_fs.rh-7.2-full.pristine.20020312.bz2 4. Loaded the tun module (though this may not be needed): insmod /lib/modules/2.4.20-28.7smp/kernel/drivers/net/tun.o 5. Followed some of the instructions from the following URL to preconfigure the tap device: http://user-mode-linux.sourceforge.net/networking.html The commands were: tunctl -u 0 ifconfig tap0 192.168.0.254 up 6. Ran the following script as a root (I ran it as a root to short-cut some permission related extra setup): #!/bin/sh linux \ umid=uml1 \ ubd0=root_fs.rh-7.2-full.pristine.20020312 \ mem=128M \ con0=fd:0,fd:1 con=xterm \ eth0=tuntap,tap0 7. Verified that I can ping and ssh to UML 8. Compiled the lastest XORP code (from the CVS repository) on the base host. 9. Prepared an installation tarball: gmake install cd /usr/local # Strip all binaries find . -name "*" -exec strip {} \; # Copy all XORP installation to the UML host: scp -pr xorp 192.168.0.144:/usr/local 10. Prepare the configuration file: interfaces { interface eth0 { description: "control interface" default-system-config } } 11. Copy the above config file to /usr/local/xorp/config.boot 12. Login to UML, and try to run xorp cd /usr/local/xorp/bin ./xorp_rtrmgr -b /usr/local/xorp/config.boot 13. After the rtrmgr started, I was able to login again, and then run xorpsh from /usr/local/xorp/bin I didn't encounter any XORP-related problems, but I haven't tried to test many things. Indeed, one of the few messages I noticed on startup was regarding missing UNIX group "xorp", but that group can easily by added: [ 2004/11/04 04:00:06 ERROR xorp_rtrmgr:743 RTRMGR +116 userdb.cc add_user ] Group "xorp" does not exist on this system. Regards, Pavlin From paul@treehouse.napa.ca.us Fri Nov 5 01:04:45 2004 From: paul@treehouse.napa.ca.us (G. Paul Ziemba) Date: Thu, 4 Nov 2004 17:04:45 -0800 Subject: [Xorp-users] xorp + network simulator? In-Reply-To: <200410281739.30862.zec@icir.org> References: <200410281739.30862.zec@icir.org> Message-ID: <20041105010445.GA84853@hairball.treehouse.napa.ca.us> On Thu, Oct 28, 2004 at 05:39:30PM -0700, Marko Zec wrote: > There's nothing special that needs to be done, no patching, no special > compile-time options, anything - you can just run XORP unmodified on > top of IMUNES right now. At the moment the functionality is limited to > IPv4 unicast routing, though, with IPv4 multicast in the works. > > >From the IMUNES downloads page (http://tel.fer.hr/imunes/dl) you can > grab a bootable CD that also includes preinstalled XORP binaries. The Marko, thank you very much for this information - I'm trying it out now. ~!paul -- G. Paul Ziemba FreeBSD unix: 5:01PM up 162 days, 8:36, 18 users, load averages: 0.03, 0.10, 0.09 From doesnotcount@hotmail.com Mon Nov 15 22:49:21 2004 From: doesnotcount@hotmail.com (Nathan K) Date: Mon, 15 Nov 2004 17:49:21 -0500 Subject: [Xorp-users] Sending update packets Message-ID: I'm attempting to build and send an update packet to xorp peer using the UpdatePacket class and the Peer::send_update_message method. When I send update packets with nlri information and various path attributes, there are no problems. However, when I send an update packet with a single withdrawn route, it doesn't seem to get sent out. The packet is built like so: UpdatePacket packet; IPv4 ip(); IPv4Net ipnet(ip, prefLength); BGPUpdateAttrib attrib(ipnet); packet.add_withdrawn(attrib); And sent like this: send_update_message(packet); My problem is typically send_message_complete usually gets called with a DATA event, but in the above case, I only get a FLUSH event and tcpdump reveals that no data was sent out. Dumping the string representation of the packet before it is sent gives this: Update Packet - Withdrawn 10.1.1.1/32 Which should be fine. Any ideas what I'm doing wrong here? Thanks. -Nathan. _________________________________________________________________ Designer Mail isn't just fun to send, it's fun to receive. Use special stationery, fonts and colors. http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines Start enjoying all the benefits of MSNŽ Premium right now and get the first two months FREE*. From atanu@ICSI.Berkeley.EDU Wed Nov 17 02:21:36 2004 From: atanu@ICSI.Berkeley.EDU (Atanu Ghosh) Date: Tue, 16 Nov 2004 18:21:36 -0800 Subject: [Xorp-users] Sending update packets In-Reply-To: Message from "Nathan K" of "Mon, 15 Nov 2004 17:49:21 EST." Message-ID: <99202.1100658096@tigger.icir.org> >>>>> "Nathan" == Nathan K writes: Nathan> I'm attempting to build and send an update packet to xorp Nathan> peer using the UpdatePacket class and the Nathan> Peer::send_update_message method. When I send update packets Nathan> with nlri information and various path attributes, there are Nathan> no problems. However, when I send an update packet with a Nathan> single withdrawn route, it doesn't seem to get sent out. Nathan> The packet is built like so: Nathan> UpdatePacket packet; IPv4 ip(); Nathan> IPv4Net ipnet(ip, prefLength); BGPUpdateAttrib Nathan> attrib(ipnet); packet.add_withdrawn(attrib); Nathan> And sent like this: send_update_message(packet); Nathan> My problem is typically send_message_complete usually gets Nathan> called with a DATA event, but in the above case, I only get Nathan> a FLUSH event and tcpdump reveals that no data was sent Nathan> out. Dumping the string representation of the packet before Nathan> it is sent gives this: Nathan> Update Packet - Withdrawn 10.1.1.1/32 Nathan> Which should be fine. Nathan> Any ideas what I'm doing wrong here? Thanks. It looks like what you are doing should work. There are two issues to note: 1) The XORP bgp process will not propagate a withdraw if it does not have a record of the original route. 2) If you are receiving a FLUSH not a DATA event then something has gone wrong. The most likely problem is the TCP connection has been closed. Atanu. From otavil@gmx.net Tue Nov 23 15:35:06 2004 From: otavil@gmx.net (Onur Taviloglu) Date: Tue, 23 Nov 2004 16:35:06 +0100 (MET) Subject: [Xorp-users] A Simple Testbed Message-ID: <25400.1101224106@www23.gmx.net> We are developing a web interface for Xorp at Kocaeli University. As we have very limited Xorp machines, what could be the simplest testbed configuration in order to visualize our web interface? (The problem here is an Xorp router should have enough data/info providing for different possible outcomes so that we could visualize and organize the web interface). I appreciate any help very much. Onur Taviloglu, Junior Student Kocaeli University, Turkey -- Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD ++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++ From atanu@ICSI.Berkeley.EDU Wed Nov 24 10:40:21 2004 From: atanu@ICSI.Berkeley.EDU (Atanu Ghosh) Date: Wed, 24 Nov 2004 02:40:21 -0800 Subject: [Xorp-users] A Simple Testbed In-Reply-To: Message from "Onur Taviloglu" of "Tue, 23 Nov 2004 16:35:06 +0100." <25400.1101224106@www23.gmx.net> Message-ID: <2094.1101292821@tigger.icir.org> Hi, I don't think there is an ideal testbed configuration. I would start with a single PC and enable all the routing protocols. The sample configuration file in the router manager (rtrmgr) directory should be a good starting point. Then add as many PCs as you have available to form "peerings" for the protocols. For our testing we typically use about seven PCs. Atanu. >>>>> "Onur" == Onur Taviloglu writes: Onur> We are developing a web interface for Xorp at Kocaeli Onur> University. As we have very limited Xorp machines, what could Onur> be the simplest testbed configuration in order to visualize Onur> our web interface? (The problem here is an Xorp router should Onur> have enough data/info providing for different possible Onur> outcomes so that we could visualize and organize the web Onur> interface). I appreciate any help very much. Onur> Onur Taviloglu, Junior Student Kocaeli University, Turkey Onur> -- Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD Onur> ++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++ Onur> _______________________________________________ Xorp-users Onur> mailing list Xorp-users@xorp.org Onur> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users From james@towardex.com Wed Nov 24 19:03:37 2004 From: james@towardex.com (James) Date: Wed, 24 Nov 2004 14:03:37 -0500 Subject: [Xorp-users] xorpsh/resolver issue Message-ID: <20041124190337.GA35861@scylla.towardex.com> Hello, I seem to having a problem on a XORP installation. This is on a FreeBSD 4.9 system for the time being (soon 5.3). [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm dError 102 Command failed Xrl target is not enabled. [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm dError 102 Command failed Xrl target is not enabled. [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm dError 102 Command failed Xrl target is not enabled. [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm dError 102 Command failed Xrl target is not enabled. The above messages are happening during 'make check' And above messages also happen after xorp_rtrmgr is running, whenever I try to type 'configure' in xorpsh from 'xorp' group-membered user account. Any thoughts & information would be appreciated! Thanks! -J -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From pavlin@icir.org Wed Nov 24 20:25:26 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Wed, 24 Nov 2004 12:25:26 -0800 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: Message from James of "Wed, 24 Nov 2004 14:03:37 EST." <20041124190337.GA35861@scylla.towardex.com> Message-ID: <200411242025.iAOKPQMk055697@possum.icir.org> James, Which XORP version are you using? Are you using XORP-1.0 or the lastest code from the CVS repository? Thanks, Pavlin > Hello, > > I seem to having a problem on a XORP installation. This is on a FreeBSD 4.9 > system for the time being (soon 5.3). > > [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm > dError 102 Command failed Xrl target is not enabled. > [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm > dError 102 Command failed Xrl target is not enabled. > [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm > dError 102 Command failed Xrl target is not enabled. > [ 2004/11/23 23:32:18 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCm > dError 102 Command failed Xrl target is not enabled. > > The above messages are happening during 'make check' > > And above messages also happen after xorp_rtrmgr is running, whenever I try to > type 'configure' in xorpsh from 'xorp' group-membered user account. > > Any thoughts & information would be appreciated! > > Thanks! > -J > > -- > James Jun TowardEX Technologies, Inc. > Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and > james@towardex.com Network design/consulting & configuration services > cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net > _______________________________________________ > Xorp-users mailing list > Xorp-users@xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users From james@towardex.com Wed Nov 24 20:27:22 2004 From: james@towardex.com (James) Date: Wed, 24 Nov 2004 15:27:22 -0500 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: <200411242025.iAOKPQMk055697@possum.icir.org> References: <20041124190337.GA35861@scylla.towardex.com> <200411242025.iAOKPQMk055697@possum.icir.org> Message-ID: <20041124202722.GA94360@scylla.towardex.com> On Wed, Nov 24, 2004 at 12:25:26PM -0800, Pavlin Radoslavov wrote: > James, > > Which XORP version are you using? Are you using XORP-1.0 or the > lastest code from the CVS repository? Hi Pavlin, Thank you for getting back to me. I am using XORP-1.0 release download. Best regards, -J -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From pavlin@icir.org Wed Nov 24 22:04:03 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Wed, 24 Nov 2004 14:04:03 -0800 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: Message from James of "Wed, 24 Nov 2004 15:27:22 EST." <20041124202722.GA94360@scylla.towardex.com> Message-ID: <200411242204.iAOM43w9056222@possum.icir.org> > On Wed, Nov 24, 2004 at 12:25:26PM -0800, Pavlin Radoslavov wrote: > > James, > > > > Which XORP version are you using? Are you using XORP-1.0 or the > > lastest code from the CVS repository? > > Hi Pavlin, > > Thank you for getting back to me. I am using XORP-1.0 release download. I don't remember we have seen this error message in XORP-1.0, but there have been a number of bugs that have been fixed in the CVS repository. Hence, could you get the lastest code from the anon. CVS and see if you still have the same problem. Thanks, Pavlin From james@towardex.com Fri Nov 26 00:44:58 2004 From: james@towardex.com (James) Date: Thu, 25 Nov 2004 19:44:58 -0500 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: <200411242204.iAOM43w9056222@possum.icir.org> References: <20041124202722.GA94360@scylla.towardex.com> <200411242204.iAOM43w9056222@possum.icir.org> Message-ID: <20041126004458.GA83830@scylla.towardex.com> On Wed, Nov 24, 2004 at 02:04:03PM -0800, Pavlin Radoslavov wrote: > > On Wed, Nov 24, 2004 at 12:25:26PM -0800, Pavlin Radoslavov wrote: > > > James, > > > > > > Which XORP version are you using? Are you using XORP-1.0 or the > > > lastest code from the CVS repository? > > > > Hi Pavlin, > > > > Thank you for getting back to me. I am using XORP-1.0 release download. > > I don't remember we have seen this error message in XORP-1.0, but > there have been a number of bugs that have been fixed in the CVS > repository. Hence, could you get the lastest code from the anon. CVS > and see if you still have the same problem. Hi Pavlin, It still appears I am getting these errors during make check in the CVS repository code. I have also upgraded default gcc 2.9.x to 3.3 via ports to see if it was due to a compiler bug. [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. [ 2004/11/25 16:40:32 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. What does "Xrl target is not enabled" mean? I am willing to go further and gather as much information and investigations as I can. Thank you for your time, -J > > Thanks, > Pavlin > _______________________________________________ > Xorp-users mailing list > Xorp-users@xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From avinash_aithal@infosys.com Thu Nov 25 09:08:13 2004 From: avinash_aithal@infosys.com (Avinash Aithal) Date: Thu, 25 Nov 2004 14:38:13 +0530 Subject: [Xorp-users] user group problem to run xorpsh Message-ID: <1101373693.32510.65.camel@quapaw> Hi All, I'm a newbie to this group. I just installed Xorp on a Linux machine and could start the xorp_rtrmgr without problems. But I'm not able to enter the 'configure mode' using xorpsh. I've logged in as a user who belongs to group 'xorp'. Here are the relevant details: Xorp> configure ERROR: You do not have permission for this operation.. Xorp> quit [xorpuser@multicast rtrmgr]$ whoami xorpuser [xorpuser@multicast rtrmgr]$ id uid=511(xorpuser) gid=511(xorp) groups=511(xorp) [xorpuser@multicast rtrmgr]$ Xorpsh user guide just mandates that the user belong to group 'xorp'. Even GID is not important. Could someone please point whats wrong? TIA, Avinash From james@towardex.com Fri Nov 26 06:36:52 2004 From: james@towardex.com (James) Date: Fri, 26 Nov 2004 01:36:52 -0500 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <1101373693.32510.65.camel@quapaw> References: <1101373693.32510.65.camel@quapaw> Message-ID: <20041126063652.GA24447@scylla.towardex.com> On Thu, Nov 25, 2004 at 02:38:13PM +0530, Avinash Aithal wrote: > Hi All, > > I'm a newbie to this group. I just installed Xorp on a Linux machine and > could start the xorp_rtrmgr without problems. But I'm not able to enter > the 'configure mode' using xorpsh. I've logged in as a user who belongs > to group 'xorp'. On the terminal that is running xorp_rtrmgr, what do you see when you type 'configure' in xorpsh? I am having the same problem except that my Finder's XRL resolver is down, which I'll need to figure out why... Thanks, -J > > Here are the relevant details: > > Xorp> configure > ERROR: You do not have permission for this operation.. > Xorp> quit > [xorpuser@multicast rtrmgr]$ whoami > xorpuser > [xorpuser@multicast rtrmgr]$ id > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) > [xorpuser@multicast rtrmgr]$ > > > Xorpsh user guide just mandates that the user belong to group 'xorp'. > Even GID is not important. Could someone please point whats wrong? > > TIA, > Avinash > _______________________________________________ > Xorp-users mailing list > Xorp-users@xorp.org > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From james@towardex.com Fri Nov 26 08:21:40 2004 From: james@towardex.com (James) Date: Fri, 26 Nov 2004 03:21:40 -0500 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <1101455909.9014.9.camel@quapaw> References: <1101373693.32510.65.camel@quapaw> <20041126063652.GA24447@scylla.towardex.com> <1101455909.9014.9.camel@quapaw> Message-ID: <20041126082140.GA36852@scylla.towardex.com> On Fri, Nov 26, 2004 at 01:28:29PM +0530, Avinash Aithal wrote: > On Fri, 2004-11-26 at 12:06, James wrote: [ snip ] > On the terminal running xorp_rtrmgr, I'm getting the following message > when I type 'configure' on the xorpsh. > > > [ 2004/11/26 14:51:55 WARNING xorp_rtrmgr:1322 XrlRtrmgrTarget +335 > rtrmgr_base.cc handle_rtrmgr_0_1_enter_config_mode ] Handling method for > rtrmgr/0.1/enter_config_mode failed: XrlCmdError 102 Command failed You > do not have permission for this operation. Yes. This is the same exact behaviour I'm experiencing, in both xorp-1.0 and xorp-cvs snapshot from last night. -J > > > Regards, > Avinash. -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From M.Handley@cs.ucl.ac.uk Fri Nov 26 08:23:51 2004 From: M.Handley@cs.ucl.ac.uk (Mark Handley) Date: Fri, 26 Nov 2004 08:23:51 +0000 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Your message of "Fri, 26 Nov 2004 01:36:52 EST." <20041126063652.GA24447@scylla.towardex.com> Message-ID: <44776.1101457431@vulture.xorp.org> >On Thu, Nov 25, 2004 at 02:38:13PM +0530, Avinash Aithal wrote: >> Hi All, >> >> I'm a newbie to this group. I just installed Xorp on a Linux machine and >> could start the xorp_rtrmgr without problems. But I'm not able to enter >> the 'configure mode' using xorpsh. I've logged in as a user who belongs >> to group 'xorp'. > >On the terminal that is running xorp_rtrmgr, what do you see when you type >'configure' in xorpsh? > >I am having the same problem except that my Finder's XRL resolver is down, whi >ch >I'll need to figure out why... One idea: if you have a machine that doesn't have a configured loopback interface, the communication with the finder might fail to be set up correctly. I vaguely remember seeing this problem a couple or years back, so I don't know is this is still an issue or not. - Mark From james@towardex.com Fri Nov 26 08:26:23 2004 From: james@towardex.com (James) Date: Fri, 26 Nov 2004 03:26:23 -0500 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <44776.1101457431@vulture.xorp.org> References: <20041126063652.GA24447@scylla.towardex.com> <44776.1101457431@vulture.xorp.org> Message-ID: <20041126082623.GB36852@scylla.towardex.com> On Fri, Nov 26, 2004 at 08:23:51AM +0000, Mark Handley wrote: > > >On Thu, Nov 25, 2004 at 02:38:13PM +0530, Avinash Aithal wrote: > >> Hi All, > >> > >> I'm a newbie to this group. I just installed Xorp on a Linux machine and > >> could start the xorp_rtrmgr without problems. But I'm not able to enter > >> the 'configure mode' using xorpsh. I've logged in as a user who belongs > >> to group 'xorp'. > > > >On the terminal that is running xorp_rtrmgr, what do you see when you type > >'configure' in xorpsh? > > > >I am having the same problem except that my Finder's XRL resolver is down, whi > >ch > >I'll need to figure out why... > > One idea: if you have a machine that doesn't have a configured > loopback interface, the communication with the finder might fail to be > set up correctly. I vaguely remember seeing this problem a couple or > years back, so I don't know is this is still an issue or not. Hi Mark, Thanks for your reply. I do have the loopback interface configured online and running (127.0.0.1, ::1, the usuals) -- are there any special check or security measures xorp performs on lo0 interface other than just communicating tcp/ip over it? Thanks, -J > > - Mark -- James Jun TowardEX Technologies, Inc. Technical Lead Boston IPv4/IPv6 Web Hosting, Colocation and james@towardex.com Network design/consulting & configuration services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net From bms@spc.org Fri Nov 26 18:32:15 2004 From: bms@spc.org (Bruce M Simpson) Date: Fri, 26 Nov 2004 10:32:15 -0800 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: <20041126004458.GA83830@scylla.towardex.com> References: <20041124202722.GA94360@scylla.towardex.com> <200411242204.iAOM43w9056222@possum.icir.org> <20041126004458.GA83830@scylla.towardex.com> Message-ID: <20041126183215.GH61236@empiric.icir.org> On Thu, Nov 25, 2004 at 07:44:58PM -0500, James wrote: > [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. I get this when running the libxipc regression tests. It appears to be perfectly harmless. Unless the test_lemming test is failing in your case, if so, can you post full details of the failure here (i.e. the error messages which test_lemming is returning) ? If you see: PASS: test_lemming then I believe all should be fine. Regards, BMS From avinash_aithal@infosys.com Fri Nov 26 07:58:29 2004 From: avinash_aithal@infosys.com (Avinash Aithal) Date: Fri, 26 Nov 2004 13:28:29 +0530 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <20041126063652.GA24447@scylla.towardex.com> References: <1101373693.32510.65.camel@quapaw> <20041126063652.GA24447@scylla.towardex.com> Message-ID: <1101455909.9014.9.camel@quapaw> On Fri, 2004-11-26 at 12:06, James wrote: > > I'm a newbie to this group. I just installed Xorp on a Linux machine and > > could start the xorp_rtrmgr without problems. But I'm not able to enter > > the 'configure mode' using xorpsh. I've logged in as a user who belongs > > to group 'xorp'. > > On the terminal that is running xorp_rtrmgr, what do you see when you type > 'configure' in xorpsh? > > I am having the same problem except that my Finder's XRL resolver is down, which > I'll need to figure out why... Hi, On the terminal running xorp_rtrmgr, I'm getting the following message when I type 'configure' on the xorpsh. [ 2004/11/26 14:51:55 WARNING xorp_rtrmgr:1322 XrlRtrmgrTarget +335 rtrmgr_base.cc handle_rtrmgr_0_1_enter_config_mode ] Handling method for rtrmgr/0.1/enter_config_mode failed: XrlCmdError 102 Command failed You do not have permission for this operation. Regards, Avinash. From pavlin@icir.org Sat Nov 27 20:39:24 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Sat, 27 Nov 2004 12:39:24 -0800 Subject: [Xorp-users] xorpsh/resolver issue In-Reply-To: Message from James of "Thu, 25 Nov 2004 19:44:58 EST." <20041126004458.GA83830@scylla.towardex.com> Message-ID: <200411272039.iARKdO9M038213@possum.icir.org> > It still appears I am getting these errors during make check in the > CVS repository code. I have also upgraded default gcc 2.9.x to > 3.3 via ports to see if it was due to a compiler bug. > > [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. > [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. > [ 2004/11/25 16:40:31 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. > [ 2004/11/25 16:40:32 WARNING test_lemming XrlFinderTarget ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. > > What does "Xrl target is not enabled" mean? I am willing to go further > and gather as much information and investigations as I can. James, As Bruce mentioned in his email, sometimes those messages are harmless. E.g., in case of running libxipc/test_lemming I think they are part of the test so if the return value from the test is 0 then the test has succeeded. Further, you may see similar messages during startup of the rtrmgr. After the rtrmgr starts a XORP process, the rtrmgr uses periodic XRLs to verify the status of the process. If the process hasn't started yet, the first 1-2 XRLs may trigger the "Xrl target is not enabled" warning message. For example, I used the following simple configuration file on Fedora Core2: interfaces { interface eth0 { default-system-config } } When I start the rtrmgr, I see the following messages, which are normal: root@fedora[2] ./xorp_rtrmgr -b ~/xorp/rtrmgr/foo3.boot [ 2004/11/27 10:24:35 INFO xorp_rtrmgr:11288 RTRMGR +134 /home/vmware/pavlin/xorp/rtrmgr/master_conf_tree.cc execute ] Changed modules: interfaces [ 2004/11/27 10:24:35 INFO xorp_rtrmgr:11288 RTRMGR +404 /home/vmware/pavlin/xorp/rtrmgr/module_manager.cc run ] Running module: interfaces (/home/vmware/pavlin/work/xorp/build/fedora/fea/xorp_fea) [ 2004/11/27 10:24:37 WARNING xorp_rtrmgr:11288 XrlFinderTarget +406 /home/vmware/pavlin/xorp/libxipc/finder_base.cc handle_finder_0_2_resolve_xrl ] Handling method for finder/0.2/resolve_xrl failed: XrlCmdError 102 Command failed Xrl target is not enabled. [ 2004/11/27 10:24:39 INFO xorp_rtrmgr:11288 RTRMGR +1372 /home/vmware/pavlin/xorp/rtrmgr/task.cc run_task ] No more tasks to run Also, FYI, I didn't have problem with using configure mode in xorpsh: pavlin@fedora[14] ./xorpsh Welcome to XORP on fedora Xorp> configure Entering configuration mode. There are no other users in configuration mode. [edit] XORP> I tried same test on FreeBSD-4.10 and RedHat-7.3, and the results were similar. Could you try a similar test on your machine (don't forget to change eth0 in the config file to the name of one of the configured interfaces) and then send the rtrmgr log message. The "configure" problem is probably unrelated and should be tracked independently. Thanks, Pavlin From pavlin@icir.org Sat Nov 27 21:04:18 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Sat, 27 Nov 2004 13:04:18 -0800 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Message from Avinash Aithal of "Thu, 25 Nov 2004 14:38:13 +0530." <1101373693.32510.65.camel@quapaw> Message-ID: <200411272104.iARL4IhC038858@possum.icir.org> Avinash, > I'm a newbie to this group. I just installed Xorp on a Linux machine and > could start the xorp_rtrmgr without problems. But I'm not able to enter > the 'configure mode' using xorpsh. I've logged in as a user who belongs > to group 'xorp'. > > Here are the relevant details: > > Xorp> configure > ERROR: You do not have permission for this operation.. > Xorp> quit > [xorpuser@multicast rtrmgr]$ whoami > xorpuser > [xorpuser@multicast rtrmgr]$ id > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) > [xorpuser@multicast rtrmgr]$ > > > Xorpsh user guide just mandates that the user belong to group 'xorp'. > Even GID is not important. Could someone please point whats wrong? You have done the correct thing, so there is no obvious reason why you are getting the above error. To track the problem, could you apply the following simple patch to rtrmgr/xrl_rtrmgr_interface.cc: Index: xrl_rtrmgr_interface.cc =================================================================== RCS file: /usr/local/share/doc/apache/cvs/xorp/rtrmgr/xrl_rtrmgr_interface.cc,v retrieving revision 1.24 diff -c -u -r1.24 xrl_rtrmgr_interface.cc --- xrl_rtrmgr_interface.cc 19 Aug 2004 00:44:08 -0000 1.24 +++ xrl_rtrmgr_interface.cc 27 Nov 2004 20:54:10 -0000 @@ -240,6 +240,7 @@ return XrlCmdError::COMMAND_FAILED(response); } uint32_t user_id = get_user_id_from_token(token); + printf("FOO1: user_id = %u token = %s\n", user_id, token.c_str()); if (_userdb.has_capability(user_id, "config") == false) { response = "You do not have permission for this operation."; return XrlCmdError::COMMAND_FAILED(response); Then, run again the rtrmgr, and try to enable configuration via xorpsh, and send the printf() message that starts with the FOO1 marker. Also, please run "id xorpuser" from the terminal window you used to start the rtrmgr and include the output in your email. Thanks, Pavlin From pavlin@icir.org Sat Nov 27 21:08:38 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Sat, 27 Nov 2004 13:08:38 -0800 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Message from Pavlin Radoslavov of "Sat, 27 Nov 2004 13:04:18 PST." <200411272104.iARL4IhC038858@possum.icir.org> Message-ID: <200411272108.iARL8c2L038912@possum.icir.org> > Avinash, > > > I'm a newbie to this group. I just installed Xorp on a Linux machine and > > could start the xorp_rtrmgr without problems. But I'm not able to enter > > the 'configure mode' using xorpsh. I've logged in as a user who belongs > > to group 'xorp'. > > > > Here are the relevant details: > > > > Xorp> configure > > ERROR: You do not have permission for this operation.. > > Xorp> quit > > [xorpuser@multicast rtrmgr]$ whoami > > xorpuser > > [xorpuser@multicast rtrmgr]$ id > > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) > > [xorpuser@multicast rtrmgr]$ > > > > > > Xorpsh user guide just mandates that the user belong to group 'xorp'. > > Even GID is not important. Could someone please point whats wrong? > > You have done the correct thing, so there is no obvious reason why > you are getting the above error. To track the problem, could you > apply the following simple patch to rtrmgr/xrl_rtrmgr_interface.cc: > > Index: xrl_rtrmgr_interface.cc > =================================================================== > RCS file: /usr/local/share/doc/apache/cvs/xorp/rtrmgr/xrl_rtrmgr_interface.cc,v > retrieving revision 1.24 > diff -c -u -r1.24 xrl_rtrmgr_interface.cc > --- xrl_rtrmgr_interface.cc 19 Aug 2004 00:44:08 -0000 1.24 > +++ xrl_rtrmgr_interface.cc 27 Nov 2004 20:54:10 -0000 > @@ -240,6 +240,7 @@ > return XrlCmdError::COMMAND_FAILED(response); > } > uint32_t user_id = get_user_id_from_token(token); > + printf("FOO1: user_id = %u token = %s\n", user_id, token.c_str()); > if (_userdb.has_capability(user_id, "config") == false) { > response = "You do not have permission for this operation."; > return XrlCmdError::COMMAND_FAILED(response); P.S. Forgot to mention that the above patch is against the lastest version of the file from the CVS repository (rev 1.24). If you use an older version of that file, just make sure that the printf() line is right after the get_user_id_from_token() call. Pavlin From pavlin@icir.org Mon Nov 29 21:34:33 2004 From: pavlin@icir.org (Pavlin Radoslavov) Date: Mon, 29 Nov 2004 13:34:33 -0800 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Message from Avinash Aithal of "Mon, 29 Nov 2004 09:10:38 +0530." <1101699638.13156.23.camel@quapaw> Message-ID: <200411292134.iATLYXbC086518@possum.icir.org> > Following message was found on the terminal where rtrmgr was started > when 'configure' command was executed from the xorpsh. > > FOO1: user_id = 511 token = > 511xorpsh-25610-multicast******************58 29cd18a6e1fe27bb453aac7d9 > 249 > [ 2004/11/29 10:31:59 WARNING xorp_rtrmgr:25406 XrlRtrmgrTarget +335 > rtrmgr_base.cc handle_rtrmgr_0_1_enter_config_mode ] Handling method for > rtrmgr/0.1/enter_config_mode failed: XrlCmdError 102 Command failed You > do not have permission for this operation. > > 'id xorpuser' output is as follows: > > [root@multicast rtrmgr]# id xorpuser > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) > [root@multicast rtrmgr]# OK, the above output seems fine. Then, I guess the problem is with building the UserDB from the system password and group files/databases. To trace the problem further, could you apply the following patch to rtrmgr/userdb.cc (the patch below is against the lastest userdb.cc: rev 1.7): Index: userdb.cc =================================================================== RCS file: /usr/local/share/doc/apache/cvs/xorp/rtrmgr/userdb.cc,v retrieving revision 1.7 diff -c -u -r1.7 userdb.cc --- userdb.cc 10 Jun 2004 22:41:55 -0000 1.7 +++ userdb.cc 29 Nov 2004 21:08:26 -0000 @@ -98,15 +98,22 @@ User* UserDB::add_user(uint32_t user_id, const string& username) { + printf("FOO3: UserDB::add_user(): user_id = %u, username = %s\n", + user_id, username.c_str()); if (_users.find(user_id) == _users.end()) { User* newuser = new User(user_id, username); struct group* grp = getgrnam("xorp"); + if (grp == NULL) + printf("FOO4: Group xorp not found\n"); if (grp != NULL) { debug_msg("group xorp exists, id=%d\n", grp->gr_gid); char **gr_mem = grp->gr_mem; while (*gr_mem != NULL) { + printf("FOO5: found user %s in group xorp\n", *gr_mem); debug_msg("found user %s in group xorp\n", *gr_mem); if (*gr_mem == username) { + printf("FOO6: add config capability for user %s\n", + username.c_str()); newuser->add_acl_capability("config"); break; } @@ -149,7 +156,9 @@ { const User* user = find_user_by_user_id(user_id); - if (user == NULL) + if (user == NULL) { + printf("FOO2: user_id = %u user = NULL\n", user_id); return false; + } return (user->has_acl_capability(capability)); } When you run the rtrmgr, on startup you should see output like: FOO3: UserDB::add_user(): user_id = 511, username = xorpuser FOO5: found user xorpuser in group xorp FOO5: found user <...> in group xorp FOO5: found user <...> in group xorp FOO6: add config capability for user xorpuser If you don't see the FOO3 line for user xorpuser, then getpwent(3) somehow doesn't find a password file entry for user xorpuser. For example, could be that inside your /etc/passwd you don't have entry for xorpuser (e.g., if you use NIS, etc). If you don't see the FOO5 line for user xorpuser, then the result returned by getgrnam(3) for group "xorp" somehow didn't contain entry for user xorpuser. In that case, could you verify that your /etc/group file contains a line for group "xorp", and that line lists "xorpuser". Here is a guess about the problem: because your xorpuser belongs to only one group ("xorp"), this has been recorded in the /etc/passwd file so "id xorpuser" shows that xorpuser belongs to group xorp. However, inside /etc/group there is no entry like xorp:x:511:xorpuser Apparently, the UserDB::add_user() implementation uses only getgrnam() to load the user->group mapping (when it should consider the /etc/passwd database as well). To verify that, could you use "vigr" and add "xorpuser" to the xorp group/line. E.g.: "xorp:x:511:xorpuser" Please let me know the result. Thanks! Pavlin From avinash_aithal@infosys.com Mon Nov 29 03:40:38 2004 From: avinash_aithal@infosys.com (Avinash Aithal) Date: Mon, 29 Nov 2004 09:10:38 +0530 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <200411272104.iARL4IhC038858@possum.icir.org> References: <200411272104.iARL4IhC038858@possum.icir.org> Message-ID: <1101699638.13156.23.camel@quapaw> On Sun, 2004-11-28 at 02:34, Pavlin Radoslavov wrote: Hi, > > I'm a newbie to this group. I just installed Xorp on a Linux machine and > > could start the xorp_rtrmgr without problems. But I'm not able to enter > > the 'configure mode' using xorpsh. I've logged in as a user who belongs > > to group 'xorp'. > > > > Here are the relevant details: > > > > Xorp> configure > > ERROR: You do not have permission for this operation.. > > Xorp> quit > > [xorpuser@multicast rtrmgr]$ whoami > > xorpuser > > [xorpuser@multicast rtrmgr]$ id > > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) > > [xorpuser@multicast rtrmgr]$ > > > > > You have done the correct thing, so there is no obvious reason why > you are getting the above error. To track the problem, could you > apply the following simple patch to rtrmgr/xrl_rtrmgr_interface.cc: > > Index: xrl_rtrmgr_interface.cc > =================================================================== > RCS file: /usr/local/share/doc/apache/cvs/xorp/rtrmgr/xrl_rtrmgr_interface.cc,v > retrieving revision 1.24 > diff -c -u -r1.24 xrl_rtrmgr_interface.cc > --- xrl_rtrmgr_interface.cc 19 Aug 2004 00:44:08 -0000 1.24 > +++ xrl_rtrmgr_interface.cc 27 Nov 2004 20:54:10 -0000 > @@ -240,6 +240,7 @@ > return XrlCmdError::COMMAND_FAILED(response); > } > uint32_t user_id = get_user_id_from_token(token); > + printf("FOO1: user_id = %u token = %s\n", user_id, token.c_str()); > if (_userdb.has_capability(user_id, "config") == false) { > response = "You do not have permission for this operation."; > return XrlCmdError::COMMAND_FAILED(response); > > > Then, run again the rtrmgr, and try to enable configuration > via xorpsh, and send the printf() message that starts with the > FOO1 marker. Also, please run "id xorpuser" from the terminal window > you used to start the rtrmgr and include the output in your email. > Following message was found on the terminal where rtrmgr was started when 'configure' command was executed from the xorpsh. FOO1: user_id = 511 token = 511xorpsh-25610-multicast******************58 29cd18a6e1fe27bb453aac7d9 249 [ 2004/11/29 10:31:59 WARNING xorp_rtrmgr:25406 XrlRtrmgrTarget +335 rtrmgr_base.cc handle_rtrmgr_0_1_enter_config_mode ] Handling method for rtrmgr/0.1/enter_config_mode failed: XrlCmdError 102 Command failed You do not have permission for this operation. 'id xorpuser' output is as follows: [root@multicast rtrmgr]# id xorpuser uid=511(xorpuser) gid=511(xorp) groups=511(xorp) [root@multicast rtrmgr]# Regards, Avinash. From M.Handley@cs.ucl.ac.uk Tue Nov 30 11:16:56 2004 From: M.Handley@cs.ucl.ac.uk (Mark Handley) Date: Tue, 30 Nov 2004 11:16:56 +0000 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Your message of "Mon, 29 Nov 2004 09:10:38 +0530." <1101699638.13156.23.camel@quapaw> Message-ID: <64365.1101813416@aardvark.cs.ucl.ac.uk> >> > I'm a newbie to this group. I just installed Xorp on a Linux machine and >> > could start the xorp_rtrmgr without problems. But I'm not able to enter >> > the 'configure mode' using xorpsh. I've logged in as a user who belongs >> > to group 'xorp'. >> > >> > Here are the relevant details: >> > >> > Xorp> configure >> > ERROR: You do not have permission for this operation.. >> > Xorp> quit >> > [xorpuser@multicast rtrmgr]$ whoami >> > xorpuser >> > [xorpuser@multicast rtrmgr]$ id >> > uid=511(xorpuser) gid=511(xorp) groups=511(xorp) >> > [xorpuser@multicast rtrmgr]$ I did some testing, and it appears that Linux has an interesting quirk when it comes to groups. If you list the user as being in a group by listing them in /etc/group, then getgrnam will say the user is in a group. If you set the group as the user's default group in /etc/passwd, then getgrnam will not list the user as being in the group. And we currently use getgrnam to find out who is in the xorp group. So the simple workaround is to explicitly add xorpuser to the xorp group in /etc/group The correct solution is for us to handle this more gracefully, and I'll submit a patch for this shortly. - Mark From M.Handley@cs.ucl.ac.uk Tue Nov 30 15:37:35 2004 From: M.Handley@cs.ucl.ac.uk (Mark Handley) Date: Tue, 30 Nov 2004 15:37:35 +0000 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: Your message of "Tue, 30 Nov 2004 11:16:56 GMT." <64365.1101813416@aardvark.cs.ucl.ac.uk> Message-ID: <74601.1101829055@aardvark.cs.ucl.ac.uk> >>> > I'm a newbie to this group. I just installed Xorp on a Linux machine and >>> > could start the xorp_rtrmgr without problems. But I'm not able to enter >>> > the 'configure mode' using xorpsh. I've logged in as a user who belongs >>> > to group 'xorp'. ... >The correct solution is for us to handle this more gracefully, and >I'll submit a patch for this shortly. I've now committed a fix for this problem into CVS. - Mark From justin@mac.com Tue Nov 30 16:51:27 2004 From: justin@mac.com (Justin Walker) Date: Tue, 30 Nov 2004 08:51:27 -0800 Subject: [Xorp-users] user group problem to run xorpsh In-Reply-To: <64365.1101813416@aardvark.cs.ucl.ac.uk> References: <64365.1101813416@aardvark.cs.ucl.ac.uk> Message-ID: <13FF403F-42F0-11D9-A747-00306544D642@mac.com> On Nov 30, 2004, at 3:16, Mark Handley wrote: [snip] > I did some testing, and it appears that Linux has an interesting > quirk when it comes to groups. If you list the user as being in a > group by listing them in /etc/group, then getgrnam will say the user > is in a group. If you set the group as the user's default group in > /etc/passwd, then getgrnam will not list the user as being in the > group. And we currently use getgrnam to find out who is in the xorp > group. > > So the simple workaround is to explicitly add xorpuser to the xorp > group in /etc/group FWIW, I believe that It Has Always Been Thus. The man page for getgrnam() and friends specifically sez (at least on Mac OS X/Darwin) that the routines deal with /etc/group. Poking around in the ashes of the long ago, I believe that even back to version 5, it was assumed that /etc/passwd was "in sync" with /etc/group (i.e., passwd listed a single group id, and /etc/group listed the group id's, together with each id's list of users [as names]). Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------*