[9fans] Mail exchanger

[9fans] Mail exchanger

[Lucio De Re]

I hate to ask this type of question, but I have resolved in my own
fashion too many different misunderstandings between me and Plan 9 and
I wonder if this last one is not the result of a bad guess on my part.

Briefly, I want my freshly installed server to operate as a mail
exchanger.  So what's hard about that?  Well, it's dual-homed and that
seems to add an entire dimension of problems.  Here is a checklist
that requires some input:

	/lib/namespace - add "bind #l1 /net.alt; bind #I1 /net.alt"
			 for the second ethernet card.

	/lib/ndb - create internal and external databases.  I don't
		   quite grasp how to discriminate between them,
		   I'm merely extrapolating that "local" as used
		   in the documentation actually represents whatever
		   the target of the -f option happens to be where
		   one can specify an alternative.

Then, what in fact fails is smtp (I think), together with DNS?
Somehow I don't figure I've explained to either of these quite how to
deal with the two interfaces, so perhaps someone with the right
experience can point me in the right direction or, at least, make
suggestions at what mistakes I may have made.

Basically, I can't figure out how SMTP would know how to determine how
to deliver mail so I am not surprised, only disappointed that it says,
in the queue directory:

	smtp: no route (net!hivemind.net)

Something for the wiki, definitely.

++L

Re: [9fans] Mail exchanger

[C H Forsyth]

	/lib/namespace - add "bind #l1 /net.alt; bind #I1 /net.alt"

i'm sure one or both of those should have -a

do you intend the two interfaces to be on distinct IP stacks, with possibly different
sets of services running on each, as for certain types of gateway,
or have you just got interfaces on different network segments with different sets
of IP addresses, so that the server just happens to have two or more IP addresses?

Re: [9fans] Mail exchanger

[Lucio De Re]

On Mon, Aug 02, 2004 at 04:15:10PM +0100, C H Forsyth wrote:
>
> 	/lib/namespace - add "bind #l1 /net.alt; bind #I1 /net.alt"
>
> i'm sure one or both of those should have -a
>
Yes, of course.  Copied with minor alterations from the original.  And
I note that

	mount -a /srv/cs_net.alt /net.alt
	mount -a /srv/dns_net.alt /net.alt
	mount -a /srv/net.alt /net.alt

(the last one being a mystery to me :-) also seem to be
required/desirable.  I added them to /lib/namespace.$sysname (oh,
all right, .tackle, to be pedantic) but that did not seem to help
as much as inserting them in the middle of the file instead.

> do you intend the two interfaces to be on distinct IP stacks, with possibly different
> sets of services running on each, as for certain types of gateway,
> or have you just got interfaces on different network segments with different sets
> of IP addresses, so that the server just happens to have two or more IP addresses?

No, the machine is not intended the be a gateway, but it does
straddle two disjoint networks, which are also spanned by the
firewall and the proxy server.  I want it to be able to service
traffic from both networks, as transparently as possible, with
largely the same services running on both interfaces/IP stacks.

I'm _nearly_ there, but I think I'm just not starting the services
in the right sequence, so bits of the namespace seem to go missing
when certain utilities are activated.  Right now, it seems only
upas/smtp has a problem, but I'm sure others have not been pushed
over the edge yet.

I can't make it readily accessible from the Internet (it's at
196.30.44.147, if anyone wants to try) as I don't have the packet
filtering router's access codes handy, but I do plan it to make it
publicly reachable soon.

++L

Re: [9fans] Mail exchanger

[C H Forsyth]

> No, the machine is not intended the be a gateway, but it does
> straddle two disjoint networks, which are also spanned by the
> firewall and the proxy server.  I want it to be able to service
> traffic from both networks, as transparently as possible, with
> largely the same services running on both interfaces/IP stacks.

if so, i wondered why you didn't just add the extra
interface as an extra interface on the existing IP stack, in which
case you don't need to mess with net.alt.  for instance,
	ip/ipconfig ether /net/ether1 <addresses>
binds a new device interface to the existing IP stack,
with the address parameters you give.  you might
also possibly set iprouting on the interfaces
if you want the server to do that.

Re: [9fans] Mail exchanger

[Lucio De Re]

On Mon, Aug 02, 2004 at 04:49:52PM +0100, C H Forsyth wrote:
>
> if so, i wondered why you didn't just add the extra
> interface as an extra interface on the existing IP stack, in which
> case you don't need to mess with net.alt.  for instance,
> 	ip/ipconfig ether /net/ether1 <addresses>
> binds a new device interface to the existing IP stack,
> with the address parameters you give.  you might
> also possibly set iprouting on the interfaces
> if you want the server to do that.

Sounds like a wonderful idea, if only I could understand it.  Nearly
ten years down the line and me believing I'm of above average
intelligence and Plan 9 still causes me to doubt my sanity :-(

Let me mull over this, I certainly would like the suggested
simplicity, I just hope I can make sense of it.

++L

Re: [9fans] Mail exchanger

[Lucio De Re]

On Mon, Aug 02, 2004 at 04:49:52PM +0100, C H Forsyth wrote:
>
> if so, i wondered why you didn't just add the extra
> interface as an extra interface on the existing IP stack, in which
> case you don't need to mess with net.alt.  for instance,
> 	ip/ipconfig ether /net/ether1 <addresses>

Is this the type of idea (explicitly listing each step)?

	bind -a '#l0' /net
	bind -a '#l1' /net
	bind -a '#I' /net
	ip/ipconfig ether /net/ether0 172.24.16.12 255.255.0.0
	ip/ipconfig -g 196.30.44.1 ether /net/ether1 196.30.44.147 255.255.255.0
	echo 'add 10.17.13.224 255.255.255.240 172.24.16.129' > /net/iproute
	echo 'add 172.16.16.0 255.255.248.0 172.24.16.129' > /net/iproute
	echo 'add 196.25.217.192 255.255.255.248 172.24.16.129' > /net/iproute
	echo 'add 10.17.13.224 255.255.255.240 172.24.16.129' > /net/iproute
	echo 'add 172.16.16.0 255.255.248.0 172.24.16.129' > /net/iproute
	echo 'add 192.168.30.16 255.255.255.248 172.24.16.129' > /net/iproute
	echo 'add 196.25.217.192 255.255.255.248 172.24.16.129' > /net/iproute
	ndb/cs -s
	ndb/dns -rs

The latter (sorry about the unnecessary details) being the exceptional
routes.  And then all the subnets can co-exist in /lib/ndb/local?

Why do I find it hard to believe that it could be this simple?

++L

PS: I would then only need to add the #l1 bind in the namespace
template.  But if I wanted different services on different interfaces
I would have to separate out the networks, wouldn't I?

PPS: Thanks, Charles, if I don't hear further from you, I'll have to
give this a definite try.