Closed
Bug 907173
Opened 11 years ago
Closed 11 years ago
unable to access http://dev-master01.build.scl1.mozilla.com:8036
Categories
(Infrastructure & Operations :: Infrastructure: OpenVPN, task)
Infrastructure & Operations
Infrastructure: OpenVPN
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: jmaher, Unassigned)
Details
Attachments
(1 file)
9.93 KB,
text/plain
|
Details |
I am using the new openvpn mozillavpn and I don't have access to: http://dev-master01.build.scl1.mozilla.com:8036. I used to be able to get here, please give me access to these things so I can be productive.
Updated•11 years ago
|
Assignee: nobody → relops
Component: Other → RelOps
Product: Release Engineering → Infrastructure & Operations
QA Contact: joduinn → arich
Version: unspecified → other
Comment 1•11 years ago
|
||
Hi Relops, Can you please allow jmaher to reach dev-master01? Thanks!
Comment 2•11 years ago
|
||
Any access requests should go to the infra group so they can open the VPN appropriately.
Assignee: relops → infra
Component: RelOps → Infrastructure: OpenVPN
QA Contact: arich → jdow
Reporter | ||
Comment 3•11 years ago
|
||
thanks for getting this to the right place!
Comment 4•11 years ago
|
||
Can I get the output of netstat -nr and the output of ifconfig pasted here?
(In reply to Ed Lim [:limed] from comment #4) > Can I get the output of netstat -nr and the output of ifconfig pasted here? (while connected to the VPN)
Flags: needinfo?(jmaher)
Reporter | ||
Comment 6•11 years ago
|
||
$ netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 wlan0 10.2.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.8.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.10.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.12.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.14.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.16.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.18.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.20.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.21.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.22.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.22.248.1 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 10.22.248.181 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 10.24.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.26.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.30.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.32.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.34.0.0 10.22.248.181 255.254.0.0 UG 0 0 0 tun0 10.110.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.128.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.130.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.132.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.134.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.150.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.224.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.242.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.250.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0 10.250.48.0 10.22.248.181 255.255.252.0 UG 0 0 0 tun0 10.253.0.0 10.22.248.181 255.255.255.0 UG 0 0 0 tun0 63.245.215.58 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.215.245 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.215.254 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.216.84 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.47 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.202 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.203 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.204 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.210 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.213 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.214 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.215 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.216 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.217 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 63.245.217.218 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 ifconfig eth0 Link encap:Ethernet HWaddr 3c:97:0e:64:f3:86 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:20 Memory:f2500000-f2520000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:50 errors:0 dropped:0 overruns:0 frame:0 TX packets:50 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:6041 (6.0 KB) TX bytes:6041 (6.0 KB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.22.248.182 P-t-P:10.22.248.181 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 60:67:20:f7:b3:dc inet addr:192.168.1.70 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::6267:20ff:fef7:b3dc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:644279 errors:0 dropped:0 overruns:0 frame:0 TX packets:593864 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:403957251 (403.9 MB) TX bytes:561742043 (561.7 MB)
Flags: needinfo?(jmaher)
Comment 7•11 years ago
|
||
So I can confirm that you are on the right group in LDAP and the group has the routes for dev-master01.scl1 so you should be able to access the host and you have routes to connect to the host based on your netstat. Are you using ubuntu's Network manager? There are some issues with it and there are some instructions here https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=30769829 that might resolve your issue.
Reporter | ||
Comment 8•11 years ago
|
||
I am using openvpn from the commandline as I couldn't get network manager to work very well. is it possible that dns isn't working? Is there a way I could verify that?
Comment 9•11 years ago
|
||
What does your resolv.conf look like? cat /etc/resolv.conf In the openvpn doc https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=30769829 there is a section for ubuntu command line that has instructions on how to fix the dns issues. You will need to install the resolvconf package and add these 2 lines to your vpn config up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf
Reporter | ||
Comment 10•11 years ago
|
||
I have added the up/down to my .ovpn file for update-resolv-conf, but I am still not getting dns resolution, maybe dns isn't the problem? here is my resolv.conf: cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 8.8.8.8 search gateway.2wire.net
Comment 11•11 years ago
|
||
Your nameserver is 8.8.8.8 which is a google dns server, this is a DNS issue in which your client is not updating resolv.conf provided from openvpn server. All of our hosts will only resolve if your DNS servers point to our internal DNS
Reporter | ||
Comment 12•11 years ago
|
||
how do I do that? if I am not on the vpn, then the dns won't resolve unless internal dns is external.
Comment 13•11 years ago
|
||
Thats what the resolvconf package is for and why you have to add the 2 lines to the ovpn file, those 2 commands actually update your resolv.conf file for you. If you could post logs from openvpn when trying to establish a connection that would be great.
Reporter | ||
Comment 14•11 years ago
|
||
here is the console log while running openvpn: https://pastebin.mozilla.org/2924988
Comment 15•11 years ago
|
||
Uploading since pastebins are not forever
Comment 16•11 years ago
|
||
<snip> dhcp-option DNS 10.22.75.40 dhcp-option DNS 10.22.75.41 dhcp-option DOMAIN mozilla.com dhcp-option DOMAIN build.mozilla.org dhcp-option DOMAIN mozilla.org /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf </snip> The vpn server is actually pushing the DNS options for you but your client is not updating it. You have all the routes thats needed to get to the host so this is actually an issue with your client not updating its resolv.conf.
Comment 17•11 years ago
|
||
Is this still an issue? as far as I can tell that there is an issue with the client side here
Reporter | ||
Comment 18•11 years ago
|
||
I just ask people for ip addresses and I can access things. No idea why dns doesn't work on my system, it works for the rest of the internet just fine.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•