[Server-devel] @all at ...?

John Watlington wad at laptop.org
Thu Mar 5 23:01:21 EST 2009 

OK, now we are communicating.

One meta question is: what is currently your school's networking  
gateway ?

If you are packing serious iron, such as a Cisco router, keep using  
it and use
the following directions.

If you are using a Linksys/Netgear/D-Link box, replace it with a dual- 
NIC XS.

On Mar 5, 2009, at 10:08 PM, Gerald Ardito wrote:

> Sure.
> I have been working with eth0 and none of the others (now I am not  
> sure if that is a mistake).

None of the others implies more than one interface.   If you have  
more than one interface, I
suggest somehow disabling it for the configuration you are describing  
(where the XS is NOT a gateway).

> The schoolserver is connected to the school's LAN.

Here is the problem.   If you only have a single network interface,  
the school server uses it as
the WAN (upstream) interface.   This is usually connected somehow to  
the public Internet, and
for that reason packets coming through it are viewed with great  
suspicion.    (Somewhat overly
paranoid, IMO, but I cede to Martin for now.)

You need to connect the schoolserver's LAN port to your school  
network.   Since you (now) only have
one NIC, you use xs-swapnic to tell the XS configuration that you  
want the single networking interface
to be the LAN interface.   This is the interface where most services  
(like collaboration, and registration)
are provided.

At the same time, you should disable certain services which the XS  
software provides by default
on the LAN port, since you are already providing them through  
existing network servers:

chkconfig dhcpd --levels 345 off
chkconfig dns --levels 345 off
chkconfig squid --levels 345 off

And you will have to configure how the schoolserver obtains its IP  
address and DNS.  Currently
for the LAN port, the IP address is static.

This is where I get kind of vague, since I haven't been playing with  
the school server network config
in several major releases...

Read /usr/share/doc/xs-config*/README for the introduction on how to  
proceed.
DNS is easy, you should edit /etc/resolv.conf.in
I believe you might try changing /etc/sysconfig/xs_network_config,  
and try not to run
network_config afterwards...

> There are wireless access points throughout the building to which  
> the XOs and other laptops connect.

You already have APs installed. Great!

> I have also tried to add an Access Point which has the school  
> server as the default gateway and DNS server. I configured  
> resolv.conf to do this.

You either need to commit to using the XS as your school gateway, or  
use it to provide XS services other than networking.   A hybrid is not
going to work well due to the suspicion of outside packets currently  
integrated into the XS software.

> I can ping the XOs from the server.
> I can ping the server from the XOs.
> I can login to the ejabbered web interface using the IP address  
> (and not the hostname).
> When I indicate the schoolserver as the Mesh Network in the Control  
> Panel, I can see the users in the ejabberd admin interface. But,  
> they appear as MAC or serial numbers, not as usernames.

The problem in this hybrid situation is that DNS names are being  
resolved to the external interface, and are thus running into the  
firewall.
Make the above changes and stick with your existing AP installation.

I think you should have a working configuration now.
Please keep the list informed.   We want to know when
installations work, as well as when they fail!

Cheers,
wad

> On Thu, Mar 5, 2009 at 9:51 PM, John Watlington <wad at laptop.org>  
> wrote:
>
> Please, please, please, tell us more about your installation.
>
> For example, how many network interfaces does your school server
> have ?   What is each interface connected to ?
>
> wad
>
>
> On Mar 5, 2009, at 9:50 PM, Gerald Ardito wrote:
>
> Thanks.
> What the the swapping actually accomplish?
> Isn't my network still on the school LAN?
>
> Gerald
>
> On Thu, Mar 5, 2009 at 9:40 PM, John Watlington <wad at laptop.org>  
> wrote:
>
> http://lists.laptop.org/pipermail/server-devel/2008-November/ 
> 002542.html
>
>
> On Mar 5, 2009, at 7:20 PM, Gerald Ardito wrote:
>
> Wad,
>
> What does this script do?

More information about the Server-devel mailing list