[isf-wifidog] IPTables locking up with OpenWRT - another distro?

Aaron Z aaronz at pls-net.org
Lun 1 Fév 11:09:06 EST 2010 

What we found was that the DNS alias (such as new_address.pls-net.org) that pointed to the server address (ie: old_address.pls-net.org) would stop resolving. 
The alias address would not resolve when we tried to ping to new_address.pls-net.org, but pinging to the IP address or old_address.pls-net.org worked fine. Restarting fixed this and it lets the update script run every night at midnight, so this setup works fine for us.
As for addresses, we now have a record for new_address.pls-net.org (rather than an alias) and we have decommissioned the server that was on old_address.pls-net.org (it was a old Gentoo box that hadn't been updated because there was so many things running on it which had been kludged on over the years that we didn't want to risk updates breaking something).


Aaron Z

----- "Steve Congrave" <steve at congrave.com> wrote:

> From: "Steve Congrave" <steve at congrave.com>
> To: "WiFiDog Captive Portal" <wifidog at listes.ilesansfil.org>
> Sent: Monday, February 1, 2010 10:52:24 AM GMT -05:00 US/Canada Eastern
> Subject: Re: [isf-wifidog] IPTables locking up with OpenWRT - another distro?
>
> I agree that OpenWRT is easy to use - we do have a partial build using
> the
> latest version but I'm reluctant to continue down that path until I'm
> sure
> that the iptables was resolved as others report the same problems.
> Our
> implementation makes a lot of use of iptables in a dynamic way and
> that may
> be the cause of the problem as we change rules so frequently.
> 
> What are the DNS oddities that you experience because the result of
> the
> iptables problem is the client being denied access that looks exactly
> like a
> dns issue from the client end?
> 
> I appreciate your feedback.
> 
> Steve 
> 
> -----Original Message-----
> From: wifidog-bounces at listes.ilesansfil.org
> [mailto:wifidog-bounces at listes.ilesansfil.org] On Behalf Of Aaron Z
> Sent: Monday, February 01, 2010 7:30 AM
> To: WiFiDog List
> Subject: [isf-wifidog] IPTables locking up with OpenWRT - another
> distro?
> 
> Can you upgrade to the current version of OpenWRT (8.09.x) or is that
> not
> possible?
> We recently rolled out 40ish WAPS running OpenWRT 8.09 and WiFiDog
> (with a
> custom WiFiDog backend) on WRT54GL hardware and are very happy with
> them. We
> have them in libraries and use WiFiDog for the public network
> (authentication against our patron database and access control only)
> and a
> WPA2 encrypted network for staff use.
> We do a nightly reboot (to force them to check for updates and because
> of
> some DNS oddities that seem to crop up after the WAP has been running
> for a
> few days) but we are very happy with it. I personally find OpenWRT
> easier to
> work with than DD-Wrt, but that is probably just be a personal
> preference.
> 
> 
> Aaron Z
> 
> ----- "Steve Congrave" <steve at congrave.com> wrote:
> 
> > From: "Steve Congrave" <steve at congrave.com>
> > To: "WiFiDog Captive Portal" <wifidog at listes.ilesansfil.org>
> > Sent: Monday, February 1, 2010 1:58:06 AM GMT -05:00 US/Canada
> Eastern
> > Subject: [isf-wifidog] IPTables locking up with OpenWRT - another
> distro?
> >
> > https://dev.openwrt.org/ticket/2558
> > 
> > This ticket is showing as closed but it appears that others are
> still
> > having
> > problems.
> > 
> > Our routers (WRT54GL) running OpenWRT 7.09 are locking up at least
> > once a
> > day - much more often when they have 5 or 6 customers connected and
> > we
> > implemented the update at https://dev.openwrt.org/changeset/16141
> > 
> > We have tried everything that we can think of to get this working
> but
> > it's
> > hard to even find a workaround as there seems to be no way of
> testing
> > for it
> > happening. At the moment we are running a reboot every 2 hours just
> to
> > get
> > around this but it's hardly satisfactory.
> > 
> > Is anyone else on the list having a problem - has anyone fixed it
> yet?
> > Have
> > you all moved away from OpenWRT because of it?
> > 
> > What other distro would you suggest to try instead of OpenWRT on a
> > Linksys
> > WRT54GL for WifiDog?
> > 
> > 
> > 
> > 
> > _______________________________________________
> > WiFiDog mailing list
> > WiFiDog at listes.ilesansfil.org
> > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> 
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

Plus d'informations sur la liste de diffusion WiFiDog