how to debug 'starting network' hangs

Tue, 16 Jun 2009 15:55:29 -0700 

Running 4.5/i386 on a pair of firewalls using pf and carp and pfsync
(and also multiple VLANs).

After a reboot, either system will hang at 'starting network' until
pressing Ctrl-C at the console. (By 'hang' I means no action for at
least 60 minutes; I have not waited longer than that.)

Initially I thought this was because of a hostname resolution problem,
but pf.conf and resolv.conf contain only IP addresses, not hostnames.

Also, 'pfctl -f /etc/pf.conf' runs OK from the console. Same deal with
'sh /etc/netstart' and the OpenVPN stuff in rc.local, pasted below.

Presumably something is broken after /etc/rc says 'starting network',
but what? I've read on this list one should never edit /etc/rc.

Thanks in advance for suggested techniques for debugging and fixing the
hang behavior.

dn

ps. FWIW I've pasted the contents of /etc/rc.local below. Addresses and
passwords have been obfuscated.

echo -n 'starting local daemons:'

# Add your local startup actions here.

echo '.'

# VLAN config
ifconfig vlan10 10.0.0.2 netmask 255.255.255.0 vlan 10 vlandev bge1
ifconfig vlan11 10.0.1.2 netmask 255.255.255.0 vlan 11 vlandev bge1
ifconfig vlan12 10.0.2.2 netmask 255.255.255.0 vlan 12 vlandev bge1
ifconfig vlan13 10.0.3.2 netmask 255.255.255.0 vlan 13 vlandev bge1
ifconfig vlan14 10.0.128.2 netmask 255.255.255.0 vlan 14 vlandev bge1

# 07/16/06 CARP config is here to avoid hacking netstart
ifconfig carp2 inet 10.0.0.1 netmask 255.255.255.0 broadcast 10.0.0.255 vhid
 203 advskew 1 pass seekret123 carpdev vlan10
ifconfig carp3 inet 10.0.1.1 netmask 255.255.255.0 broadcast 10.0.1.255 vhid
 204 advskew 1 pass seekret123 carpdev vlan11
ifconfig carp4 inet 10.0.2.1 netmask 255.255.255.0 broadcast 10.0.2.255 vhid
 205 advskew 1 pass seekret123 carpdev vlan12
ifconfig carp5 inet 10.0.3.1 netmask 255.255.255.0 broadcast 10.0.3.255 vhid
 206 advskew 1 pass seekret123 carpdev vlan13
ifconfig carp6 inet 10.0.128.1 netmask 255.255.255.0 broadcast 10.0.128.255
vhid 207 advskew 1 pass seekret123 carpdev vlan14

# sample static routes
/sbin/route add -net 10.0.0.0/16 10.0.1.158
# to do -- add other static routes

# DHCP helper addresses
dhcrelay -i vlan10 10.0.0.103
dhcrelay -i vlan11 10.0.0.103
dhcrelay -i vlan12 10.0.0.103
dhcrelay -i vlan13 10.0.0.103
dhcrelay -i vlan14 10.0.0.103

# start openvpn
#
if [ -x /usr/local/sbin/openvpn ]; then
        /usr/local/sbin/openvpn --config /opt/openvpn-2.0/server.conf &&
echo 'opening openvpn server...' &
else
echo 'ERROR: cannot start openvpn; file /usr/local/sbin/openvpn is missing.'
fi

# start bacula
if [ -x /usr/local/libexec/bacula/bacula-ctl-fd ]; then
  /usr/local/libexec/bacula/bacula-ctl-fd start
  echo -n ' bacula-fd'
fi

# start net-snmp
if [ -x /usr/local/sbin/snmpd ]; then
        echo -n ' snmpd';       /usr/local/sbin/snmpd
fi

# start apcupsd
# Start the UPS daemon. Do not remove the 'TAG_APCUPSD' text
if [ -x /etc/rc.apcupsd ]; then       # TAG_APCUPSD
          /etc/rc.apcupsd start       # TAG_APCUPSD
fi                                    # TAG_APCUPSD

Reply via email to