As a lot of folks know, I've been running an XS out of my house since early 2008. I have a static IP from my ISP and a FQDN associated to that IP. Let's call it <a href="http://random.net">random.net</a> and let's say my public static IP is 67.195.160.76 (those are obviously fake). Of course, that's not my real domain or real IP, but I'd rather keep that out of a public email list. If you're curious, contact me personally for the real IP and domain if you want to ping, connect to the Jabber server, or even ssh in.<br>
<br>My users are all over the North American continent: NY and NJ, Virginia, Florida, California, and Canada. Folks are on XOs (Sugar and Gnome), various Linux distros (Ubuntu, Debian, Fedora) on various hardware platforms (Desktops, notebooks, and netbooks), Android tablets, Macs, and at least one Nokia 600. Clients include Sugar Chat, Pidgin, Gajim, Finch, Adium, and goodness knows what else. We're a diverse group! I'm mentioning this due to the "top of the hour" presence issue on XS 0.6 impacting all my users. Everyone can connect just fine with <a href="http://schoolserver.random.net">schoolserver.random.net</a> port 5223 but at the top of the hour, every hour, the presence service resets if the XS is not in the DMZ.<br>
<br>After a couple of recent power outages and some disappointed users, I tried out the "XS on an XO" again, which I'll call XSXO from now on. My regular XS running XS 0.5.2 (a big old Dell) has a UPS, but that only lasts about 1/2 an hour until the battery runs down. To keep the LAN up during a blackout, I hook up an AC inverter to an old car battery, which keeps the DSL modem/router up for many, many hours. That would also keep an XSXO up for many, many hours during a power outage. With a shiny new USB ethernet adapter from the OLPC-SF summit, it seemed a fine time to get this going. Besides, I'd like to redo that big old Dell: backing up stuff, vacuuming out the cat hair, and installing XS 0.6.<br>
<br>Per the instructions on the wiki, I put OLPC-School-Server-0.6-i386.img on an 8 GB class 6 SD card and it booted up just fine. I ran yum update, rebooted, then did:<br><br>/etc/sysconfig/olpc-scripts/domain_config <a href="http://random.net">random.net</a><br>
<br>Initially, I set this up for /etc/sysconfig/network-scripts/ifcfg-eth0-local<br><br>IPADDR=192.168.1.200<br>NETMASK=255.255.255.0<br>NETWORK=192.168.1.0<br>BROADCAST=192.168.1.255<br>GATEWAY=192.168.1.254<br><br>Then I edited /etc/httpd/conf/httpd-xs.conf for "Listen 80"<br>
<br>Rebooted again.<br><br>In my router, I opened up ports 5222, 5223, and 80 to 192.168.1.200 and my users got on Jabber at <a href="http://schoolserver.random.net">schoolserver.random.net</a>. Apache resolved at <a href="http://random.net">random.net</a> just fine. All was going well, except that the ejabberd presence service kept resetting at the top of the hour, every hour. I tried opening ports 22, 443, 8080. I tried shutting down the following services, one at a time, waiting to see what would happen at the top of the hour:<br>
<br>dhcpd<br>moodle<br>pgsql-xs<br>xsactivation<br>idmgr<br>xs-rysncd<br><br>Eventually, after many hours of troubleshooting, I put the XSXO into the DMZ in my router and the presence service quit resetting us every hour.<br>
<br>Of course, I deleted /etc/sysconfig/network-scripts/ifcfg-eth0-local once I set XSXO in the DMZ.<br><br>I edited /etc/hosts for:<br><br>67.195.160.76 <a href="http://schoolserver.random.net">schoolserver.random.net</a> <a href="http://random.net">random.net</a><br>
<br>I put the OpenDNS IPs in <a href="http://named-xs.conf.in">named-xs.conf.in</a> and then make -f xs-config.make named-xs.conf<br>I actually use OpenDNS DNS IPs in my router instead of my ISP's DNS IPs.<br><br>Here's /var/named-xs/school.external.zone.db<br>
<br>@ in soa localhost. root 1 3H 15M 1W 1D<br> ns localhost.<br><br>schoolserver IN A 67.195.160.76<br>school IN CNAME schoolserver<br>www IN CNAME schoolserver<br>ntp IN CNAME schoolserver<br>
time IN CNAME schoolserver<br>presence IN CNAME schoolserver<br>xs IN CNAME schoolserver<br>library IN CNAME schoolserver<br>conference.schoolserver IN CNAME schoolserver<br>
<br>But then named never comes back up:<br><br>Starting named: <br>Error in named configuration:<br>zone localdomain/IN: loaded serial 42<br>zone localhost/IN: loaded serial 42<br>zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700<br>
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700<br>zone 255.in-addr.arpa/IN: loaded serial 42<br>zone 0.in-addr.arpa/IN: loaded serial 42<br>dns_rdata_fromtext: school.internal.zone.db:1: near 'root': bad name (check-names)<br>
school.internal.zone.db:2: no TTL specified; zone rejected<br>school.internal.zone.db:4: schoolserver1.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:4: no TTL specified; zone rejected<br>school.internal.zone.db:5: schoolserver2.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:5: no TTL specified; zone rejected<br>school.internal.zone.db:6: schoolserver3.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:6: no TTL specified; zone rejected<br>school.internal.zone.db:7: schoolserver4.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:7: no TTL specified; zone rejected<br>school.internal.zone.db:8: schoolserver5.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:8: no TTL specified; zone rejected<br>school.internal.zone.db:9: schoolserver6.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:9: no TTL specified; zone rejected<br>school.internal.zone.db:10: schoolserver7.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:10: no TTL specified; zone rejected<br>school.internal.zone.db:11: schoolserver8.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:11: no TTL specified; zone rejected<br>school.internal.zone.db:13: schoolserver.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:13: no TTL specified; zone rejected<br>school.internal.zone.db:14: school.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:14: no TTL specified; zone rejected<br>school.internal.zone.db:15: www.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:15: no TTL specified; zone rejected<br>school.internal.zone.db:16: ntp.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:16: no TTL specified; zone rejected<br>school.internal.zone.db:17: time.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:17: no TTL specified; zone rejected<br>school.internal.zone.db:18: presence.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:18: no TTL specified; zone rejected<br>school.internal.zone.db:19: xs.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:19: no TTL specified; zone rejected<br>school.internal.zone.db:20: library.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:20: no TTL specified; zone rejected<br>school.internal.zone.db:22: conference.schoolserver.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:22: no TTL specified; zone rejected<br>
school.internal.zone.db:29: no TTL specified; zone rejected<br>school.internal.zone.db:32: no TTL specified; zone rejected<br>zone \@\@BASEDNSNAME\@\@/IN: loading from master file school.internal.zone.db failed: bad name (check-names)<br>
localhost_resolver/@@BASEDNSNAME@@/in: bad name (check-names)<br>dns_rdata_fromtext: school.internal.zone.db:1: near 'root': bad name (check-names)<br>school.internal.zone.db:2: no TTL specified; zone rejected<br>
school.internal.zone.db:4: schoolserver1.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:4: no TTL specified; zone rejected<br>school.internal.zone.db:5: schoolserver2.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:5: no TTL specified; zone rejected<br>school.internal.zone.db:6: schoolserver3.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:6: no TTL specified; zone rejected<br>school.internal.zone.db:7: schoolserver4.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:7: no TTL specified; zone rejected<br>school.internal.zone.db:8: schoolserver5.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:8: no TTL specified; zone rejected<br>school.internal.zone.db:9: schoolserver6.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:9: no TTL specified; zone rejected<br>school.internal.zone.db:10: schoolserver7.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:10: no TTL specified; zone rejected<br>school.internal.zone.db:11: schoolserver8.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:11: no TTL specified; zone rejected<br>school.internal.zone.db:13: schoolserver.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:13: no TTL specified; zone rejected<br>school.internal.zone.db:14: school.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:14: no TTL specified; zone rejected<br>school.internal.zone.db:15: www.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:15: no TTL specified; zone rejected<br>school.internal.zone.db:16: ntp.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:16: no TTL specified; zone rejected<br>school.internal.zone.db:17: time.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:17: no TTL specified; zone rejected<br>school.internal.zone.db:18: presence.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:18: no TTL specified; zone rejected<br>school.internal.zone.db:19: xs.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:19: no TTL specified; zone rejected<br>school.internal.zone.db:20: library.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.internal.zone.db:20: no TTL specified; zone rejected<br>school.internal.zone.db:22: conference.schoolserver.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>school.internal.zone.db:22: no TTL specified; zone rejected<br>
school.internal.zone.db:29: no TTL specified; zone rejected<br>school.internal.zone.db:32: no TTL specified; zone rejected<br>zone \@\@BASEDNSNAME\@\@/IN: loading from master file school.internal.zone.db failed: bad name (check-names)<br>
internal/@@BASEDNSNAME@@/IN: bad name (check-names)<br>school.internal.zone.in-addr.db:1: no TTL specified; using SOA MINTTL instead<br>zone 0.18.172.in-addr.arpa/IN: loaded serial 1<br>school.internal.zone.16.in-addr.db:1: no TTL specified; using SOA MINTTL instead<br>
zone 16.18.172.in-addr.arpa/IN: loaded serial 1<br>school.internal.zone.32.in-addr.db:1: no TTL specified; using SOA MINTTL instead<br>zone 18.18.172.in-addr.arpa/IN: loaded serial 1<br>school.internal.zone.48.in-addr.db:1: no TTL specified; using SOA MINTTL instead<br>
zone 20.18.172.in-addr.arpa/IN: loaded serial 1<br>dns_rdata_fromtext: school.external.zone.db:1: near 'root': bad name (check-names)<br>school.external.zone.db:2: no TTL specified; zone rejected<br>school.external.zone.db:4: schoolserver.\@\@BASEDNSNAME\@\@: bad owner name (check-names)<br>
school.external.zone.db:4: no TTL specified; zone rejected<br>school.external.zone.db:5: no TTL specified; zone rejected<br>school.external.zone.db:6: no TTL specified; zone rejected<br>school.external.zone.db:7: no TTL specified; zone rejected<br>
school.external.zone.db:8: no TTL specified; zone rejected<br>school.external.zone.db:9: no TTL specified; zone rejected<br>school.external.zone.db:10: no TTL specified; zone rejected<br>school.external.zone.db:11: no TTL specified; zone rejected<br>
school.external.zone.db:12: no TTL specified; zone rejected<br>zone \@\@BASEDNSNAME\@\@/IN: loading from master file school.external.zone.db failed: bad name (check-names)<br>external/@@BASEDNSNAME@@/IN: bad name (check-names)<br>
[FAILED]<br><br><br>So, is it my router or is there something on the XS that runs at the top of every hour that breaks if a particular port isn't open? I searched all over /var/log and didn't see anything.<br>
<br>If someone has advice with either of these options, that would be very helpful:<br><br>1. The XSXO has an IP from my LAN (192.168.1.200 for example) and I can forward 80, 5222, 5223 (or other ports!) to it and the presence service doesn't reset every hour.<br>
<br>2. The XSXO is in the DMZ and named will start up.<br><br>Anna Schoolfield<br>Birmingham<br><br>