From owner-freebsd-questions@FreeBSD.ORG Fri Sep 23 00:08:42 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4A921065674 for ; Fri, 23 Sep 2011 00:08:42 +0000 (UTC) (envelope-from frank@esperance-linux.co.uk) Received: from asmtp1.iomartmail.com (asmtp1.iomartmail.com [62.128.201.248]) by mx1.freebsd.org (Postfix) with ESMTP id 594738FC1B for ; Fri, 23 Sep 2011 00:08:41 +0000 (UTC) Received: from asmtp1.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp1.iomartmail.com (8.13.8/8.13.8) with ESMTP id p8N08cDP026297; Fri, 23 Sep 2011 01:08:38 +0100 Received: from orange.esperance-linux.co.uk (host-92-22-130-66.as13285.net [92.22.130.66]) (authenticated bits=0) by asmtp1.iomartmail.com (8.13.8/8.13.8) with ESMTP id p8N08br6026290; Fri, 23 Sep 2011 01:08:37 +0100 Received: by orange.esperance-linux.co.uk (Postfix, from userid 1001) id 568DE33C1F; Fri, 23 Sep 2011 01:08:37 +0100 (BST) Date: Fri, 23 Sep 2011 01:08:37 +0100 From: Frank Shute To: Ryan Coleman Message-ID: <20110923000837.GD7704@orange.esperance-linux.co.uk> References: <201109222014.p8MKEobt083145@mail.r-bonomi.com> <4B62F4A4-4B49-4CB5-91F1-A3C3E624251F@d3photography.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="F8dlzb82+Fcn6AgP" Content-Disposition: inline In-Reply-To: <4B62F4A4-4B49-4CB5-91F1-A3C3E624251F@d3photography.com> User-Agent: Mutt/1.4.2.3i X-Face: *}~{PHnDTzvXPe'wl_-f%!@+r5; VLhb':*DsX%wEOPg\fDrXWQJf|2\,92"DdS%63t*BHDyQ|OWo@Gfjcd72eaN!4%NE{0]p)ihQ1MyFNtWL X-Operating-System: FreeBSD 8.2-STABLE amd64 X-Organisation: 'shute.org.uk' Cc: FreeBSD Questions Subject: Re: much to my surprise.... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Frank Shute List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Sep 2011 00:08:42 -0000 --F8dlzb82+Fcn6AgP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 22, 2011 at 04:28:50PM -0500, Ryan Coleman wrote: > >=20 > On Sep 22, 2011, at 3:14 PM, Robert Bonomi wrote: >=20 > >> From owner-freebsd-questions@freebsd.org Thu Sep 22 14:30:49 > >> 2011 Date: Thu, 22 Sep 2011 12:30:54 -0700 From: Gary Kline > >> To: FreeBSD Mailing List > >> Cc: Subject: much to my > >> surprise.... > >>=20 > >>=20 > >> guys, > >>=20 > >> well, after a forced, unexpected, and emergency 5 days away, i > >> got back to my desk and could not ping. while mail seemed to be > >> working, and my *local* ping worked---I could ping around from my > >> freebsd server to my other computers--i spent 3+ hours trying to > >> ping various sites. Zero. i tried everything i could think of. > >> NOTHING worked. i tried the -d -f -f to named and on and on and > >> on. nothing. > >>=20 > >> *Finally*, i saw that my telco router was displaying "INT" in > >> red LED's. i didn't know they displayed in any other color but > >> the default green, but after power-cycling, voila! back to green. > >> and now, yes, i can ping freebsd.org. and i'm pretty sure other > >> network things will work too. =20 > >>=20 > >> from any/all sysadmin types or others:: i would like tricks, > >> tips, insights--whatever--about named and whatever else. i > >> thought i had collected many. nope. i've got bind 9.8 > >> installed and it was working fine until my recent 'vacation.' > >> Other than checking one's routers (hub/switch), and other > >> hardware (including server, computers, cables, etc) does anybody > >> have a checklist of what to do to diagnose this? are there any > >> other utilities i can try besides ping and named -d 3 -f -g? > >> other network utilities with a debug flag? i'm running 7.3 on a > >> dell 530. > >>=20 > >> tia for any insights, > >=20 > > You should _really_ consider hiring a professional to maintain > > your systems. > >=20 > > Diagnosing _this_ problem should have taken no more than about 30 > > *seconds*.=20 > >=20 > > If you can't get somewhere 'by name', you try to get there 'by > > address'. > >=20 > > If 'by address' works and 'by name' doesn't, *that* is the > > indication of a DNS problem. > >=20 > > If you can't get there 'by address', it is *NOT* a DNS problem, > > and you start looking for a 'connectivity' problem. > >=20 > > The *BASIC* tools for that start with 'traceroute'. Which would > > have *immediately* (well, within abut ten seconds :) indicated > > exactly _where_ the problem was. > >=20 > > Those who don't understand these kind dof things are "too > > dangerous" to be trusted with the superuser password. > >=20 > > Bluntly, not only do you not know the things you need to know to > > manage a (even 'personal') network, you "DON'T KNOW _what_ you > > don't know", and until you *do* learn the basics, you'll save > > youself a *LOT* of hair- tearing if you hire someone to solve the > > problems for you. >=20 > I whole-heartedly agree with Robert's points. >=20 > I host in my apartment... but I have more than a decade's experience > maintaining networks and systems and, while the occasional issue > stumps me, I'm pretty good at getting to the root of issues in > minutes vs hours. >=20 > Yes, I was once a... for lack of a better term... moron on these > things and I relied heavily on the tech who pushed me (gently) > towards ?BSD from RHL and I am gracious every day for that nudge. >=20 > Experience is the best way to pick up the "quick list" of things to > check on if there's a problem on your connectivity... but there's > one thing I *must* stress: NEVER EVER EVER run your own DNS service. > It's too much of a PITA. When I quit doing my own DNS my issues > revolving around that ended. I use DynDNS to run my primary domain > and all the others run through GoDaddy's free DNS manager. This is > because I use the primary domain's hostname as my MX record on all > the others. While GD's DNS is functional, it's also cumbersome, too > cumbersome to update on a semi-regular basis. I highly suggest that > you do the same. $20/year for DynDNS' full domain service is worth > the price. >=20 > My two bits (and a nibble). -- > Ryan_______________________________________________ It's $30/year for DynDNS where I am (UK). I had to use them because my static IP all of a sudden became dynamic (crappy ISP). Now it seems to have gone back to static again. I certainly wouldn't consider running my own DNS server (having done it). It's more trouble than it's worth and is just one more vulnerability/thing to go wrong. You can just use hosts for a small network. Regards, --=20 Frank Contact info: http://www.shute.org.uk/misc/contact.html --F8dlzb82+Fcn6AgP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAk57zgQACgkQHduKvUAgeK5cSACeNUTxt+B+JdU16aBL1SfVzznx KkgAoIA2QEm0Dcffn++GTEnFlNG5JVO5 =DXyV -----END PGP SIGNATURE----- --F8dlzb82+Fcn6AgP--