Closed
Bug 907173
Opened 11 years ago
Closed 11 years ago
unable to access http://dev-master01.build.scl1.mozilla.com:8036
Categories
(Infrastructure & Operations :: Infrastructure: OpenVPN, task)
Infrastructure & Operations
Infrastructure: OpenVPN
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: jmaher, Unassigned)
Details
Attachments
(1 file)
|
9.93 KB,
text/plain
|
Details |
I am using the new openvpn mozillavpn and I don't have access to: http://dev-master01.build.scl1.mozilla.com:8036. I used to be able to get here, please give me access to these things so I can be productive.
|
||
Updated•11 years ago
|
Assignee: nobody → relops
Component: Other → RelOps
Product: Release Engineering → Infrastructure & Operations
QA Contact: joduinn → arich
Version: unspecified → other
|
|
||
Comment 1•11 years ago
|
||
Hi Relops, Can you please allow jmaher to reach dev-master01? Thanks!
|
||
Comment 2•11 years ago
|
||
Any access requests should go to the infra group so they can open the VPN appropriately.
Assignee: relops → infra
Component: RelOps → Infrastructure: OpenVPN
QA Contact: arich → jdow
|
Reporter | |
Comment 3•11 years ago
|
||
thanks for getting this to the right place!
|
||
Comment 4•11 years ago
|
||
Can I get the output of netstat -nr and the output of ifconfig pasted here?
(In reply to Ed Lim [:limed] from comment #4) > Can I get the output of netstat -nr and the output of ifconfig pasted here? (while connected to the VPN)
Flags: needinfo?(jmaher)
|
|
Reporter | |
Comment 6•11 years ago
|
||
$ netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 wlan0
10.2.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.8.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.10.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.12.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.14.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.16.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.18.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.20.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.21.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.22.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.22.248.1 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
10.22.248.181 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.24.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.26.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.30.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.32.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.34.0.0 10.22.248.181 255.254.0.0 UG 0 0 0 tun0
10.110.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.128.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.130.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.132.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.134.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.150.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.224.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.242.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.250.0.0 10.22.248.181 255.255.0.0 UG 0 0 0 tun0
10.250.48.0 10.22.248.181 255.255.252.0 UG 0 0 0 tun0
10.253.0.0 10.22.248.181 255.255.255.0 UG 0 0 0 tun0
63.245.215.58 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.215.245 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.215.254 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.216.84 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.47 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.202 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.203 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.204 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.210 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.213 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.214 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.215 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.216 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.217 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
63.245.217.218 10.22.248.181 255.255.255.255 UGH 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
ifconfig
eth0 Link encap:Ethernet HWaddr 3c:97:0e:64:f3:86
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:20 Memory:f2500000-f2520000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:50 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6041 (6.0 KB) TX bytes:6041 (6.0 KB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.22.248.182 P-t-P:10.22.248.181 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr 60:67:20:f7:b3:dc
inet addr:192.168.1.70 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6267:20ff:fef7:b3dc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:644279 errors:0 dropped:0 overruns:0 frame:0
TX packets:593864 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:403957251 (403.9 MB) TX bytes:561742043 (561.7 MB)Flags: needinfo?(jmaher)
|
|
||
Comment 7•11 years ago
|
||
So I can confirm that you are on the right group in LDAP and the group has the routes for dev-master01.scl1 so you should be able to access the host and you have routes to connect to the host based on your netstat. Are you using ubuntu's Network manager? There are some issues with it and there are some instructions here https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=30769829 that might resolve your issue.
|
|
Reporter | |
Comment 8•11 years ago
|
||
I am using openvpn from the commandline as I couldn't get network manager to work very well. is it possible that dns isn't working? Is there a way I could verify that?
|
|
||
Comment 9•11 years ago
|
||
What does your resolv.conf look like? cat /etc/resolv.conf In the openvpn doc https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=30769829 there is a section for ubuntu command line that has instructions on how to fix the dns issues. You will need to install the resolvconf package and add these 2 lines to your vpn config up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf
|
|
Reporter | |
Comment 10•11 years ago
|
||
I have added the up/down to my .ovpn file for update-resolv-conf, but I am still not getting dns resolution, maybe dns isn't the problem? here is my resolv.conf: cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 8.8.8.8 search gateway.2wire.net
|
|
||
Comment 11•11 years ago
|
||
Your nameserver is 8.8.8.8 which is a google dns server, this is a DNS issue in which your client is not updating resolv.conf provided from openvpn server. All of our hosts will only resolve if your DNS servers point to our internal DNS
|
|
Reporter | |
Comment 12•11 years ago
|
||
how do I do that? if I am not on the vpn, then the dns won't resolve unless internal dns is external.
|
|
||
Comment 13•11 years ago
|
||
Thats what the resolvconf package is for and why you have to add the 2 lines to the ovpn file, those 2 commands actually update your resolv.conf file for you. If you could post logs from openvpn when trying to establish a connection that would be great.
|
|
Reporter | |
Comment 14•11 years ago
|
||
here is the console log while running openvpn: https://pastebin.mozilla.org/2924988
|
|
||
Comment 15•11 years ago
|
||
Uploading since pastebins are not forever
|
|
||
Comment 16•11 years ago
|
||
<snip> dhcp-option DNS 10.22.75.40 dhcp-option DNS 10.22.75.41 dhcp-option DOMAIN mozilla.com dhcp-option DOMAIN build.mozilla.org dhcp-option DOMAIN mozilla.org /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf </snip> The vpn server is actually pushing the DNS options for you but your client is not updating it. You have all the routes thats needed to get to the host so this is actually an issue with your client not updating its resolv.conf.
|
|
||
Comment 17•11 years ago
|
||
Is this still an issue? as far as I can tell that there is an issue with the client side here
|
|
Reporter | |
Comment 18•11 years ago
|
||
I just ask people for ip addresses and I can access things. No idea why dns doesn't work on my system, it works for the rest of the internet just fine.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•