On 12/10/2018 12:56 PM, Stuart Henderson wrote: > On 2018-12-09, Denis <den...@mindall.org> wrote: >> Stuck when running cvsync in rdomain 1. It seems cvsync does not using >> second routing table because of pf.conf misconfiguration or something. >> >> em0 as a main ISP channel, ppp0 works as reserved wireless ISP channel. >> Some system services like cvsync, git, ntp should use second routing >> table (rtable 1) assigned to ppp0. >> >> # route -T1 exec cvsync -c /etc/cvsync.conf >> Connecting to cvsync_server_remote_IP port 7777 >> host cvsync_server_remote_IP port 7777: Can't assing requested address >> service is not available at cvsync_server_remote_IP port 7777 >> >> --- configs >> # cat /etc/hostname.em0 >> rdomain 0 >> dhcp >> >> # cat /etc/hostname.ppp0 >> rdomain 1 >> dhcp > > DHCP doesn't run on PPP.
My mistake, the actual content of hostname.ppp0 is: rdomain 1 inet 10.0.99.1 255.255.255.0 10.0.99.255 > >> # pppd call ISP >> >> # ifconfig ppp0 >> ppp0: flags=8051<UP,POINTTOPOINT,RUNNING,MULTICAST> rdomain 1 mtu 1500 >> index 7 priority 0 llprio 3 >> grups: ppp >> inet ISP_ppp0_gateway --> local_ppp0_IP netmask 0xffffffc0 inet 10.161.49.16 --> 10.0.99.1 netmast 0xffffffc0 >> >> # route -T1 show >> local_ppp0_IP ISP_ppp0_gateway_IP UH Prio 8 ppp0 >> ISP_ppp0_gateway_IP ISP_ppp0_gateway_IP UHl Prio 1 ppp0 # route -T1 show 10.0.99.1 10.161.49.16 UH Prio 8 ppp0 10.161.49.16 10.161.49.16 UHl Prio 1 ppp0 > > No default route. Perhaps you need to run pppd in rdomain 1? By running pppd in rdomain 1: # route -T1 exec pppd call ISP I have the same routing table as above. No default route as before. dmesg shows some kernel messages every second: ppp0: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 0 ppp0: trying to send packet on wrong domain. if 1 vs. mbuf 0, AF 0 > >> # cat /etc/pf.conf >> ... >> match out on rdomain 0 from lo0 to any nat-to (em0) port 1024:65535 rtable 0 >> match out on rdomain 1 from lo0 to any nat-to (ppp0) port 1024:65535 >> rtable 1 >> ... >> pass out quick on ppp0 inet proto tcp from (ppp0) to any port 7777 flags >> S/SA modulate state queue cvs >> ... > > As an aside, I would recommend using rsync rather than cvsync - many > of the repo mirrors offer this, it's noted on cvsync.html. cvsync is > fragile and frequently breaks. > Stuart, thank you for advice. First of all I would like to fix rdomain, next stop will be migrate from cvsync to rsync, although I have no any sensible issues with cvsync before. By the way, can rsync be encrypted? Do repo mirrors accept encryption overlap for it?
