It's my own fault. I connected the serial console of my Net-4801 to chef, started minicom and ... nothing happened. A fatal "Send Break" later, minicom is no longer responding and the userland on chef is dead. No idea _why_ that happened, but it coincided with the break on the serial port. Thankfully, chef's kernel dutifully continued to route traffic, so I could search Google, and openbsd.org, but to no avail. In the end I power-cycled chef and am now waiting for the raid check to complete. *sigh*
On the positive side, my Internet connection is now running through the NET-4801. mail and web will continue to be handled by chef for the time being (once it comes back up), but basic Internet access as well as my private domain server and key-protected ssh are working already. My prep-work from early October paid off. Another 1.5 hours to go until chef is back online. I'm going to bed, but set the alarm early, so I can fix email before Patricia gets up.
Things left to do for chef:
- ifconfig to .10
- connect LAN cable
- reconfigure syslog to use -u and accept syslog from gw
- test mail connectivity (local and remote)
- test web connectivity (local and remote, both sites)
Update:
I also had to add the rdr entries for PF to redirect web/mail connections to chef. Then, my website didn't work anymore from the inside, because the redirect is applied only on traffic that enters gw on the outside interface, so I changed the internal DNS views to resolve my websites straight to chef, instead of going through gw.
Testing the configuration from my workstation at work, it worked right away for web access, but for the heck of it I couldn't get a SMTP connnection going. Everything looked right on my end. Actually, I used the same config options for web as for mail. While thinking about this, I noticed a mail coming in. Huh? ... I remembered we block outbound SMTP from workstations at work. Alright, all good.
No comments:
Post a Comment