I’m installing my very first Nethserver. NS7… goal being to understand better what this server is made of and how things are organized “inside”. As I’m going to publish here feedback, remarks or even questions related any topic, component etc… I don’t exactly where to post it. So “uncategorized” fits better, for the time being.
Installation from ISO (on Proxmox VM) went very smoothly.
I’m a bit surprised that:
default installation installs almost nothing but very bare NS core. Why not
on the other hand, installation process makes some decision for you like: "interface will by default look for DHCP server but will nevertheless “manually” configure DNS server to point to 8.8.8.8
looking at software center, I definitely need to think twice before installing components. Mail, e.g. is spread in different areas. webmail front-end is found in mail section but also in Roundcube dedicated section… well I definitely need to get used to wording and vocabulary.
AD like domain installation… blocked at 14% for a while, then console is unresponsive.
Indeed , I can’t access web GUI any more.
Something locked at VM level. I can’t even access SSH. Strange enough.
Let’s try to reboot.
Looking at netstat, only IPV6 listen on port 980… oops…Am I really using IPV6? Definitely not through FW that is providing me with access to this “tests DMZ”.
for sure this is exactly what I did (I mean “netstat -nap | grep 980”) in order to check why I can’t access any more. And this is why I wrote “listen on IPV6 only”.
OK this is normal behaviour but then I wonder why I could access during first installation steps because my FW (no I’m not testing NS 7 directly on my LAN but through my main FW) doesn’t permit IPV6
So I assume, as my FW rules didn’t change, that something changed on NS side.
And no I can’t reach any console. I’m investigating… and will come back here with my feedback.
Quick feedback: ok this is default behaviour but… I launched this installation on proxmox server installed on DMZ that is not allowing IPV6. I’ve been able to access for a while until I decided to configure AD like DC (Note I’m not saying there is any relationship between what I describe as a behaviour and this configuration step )
This means that at some time during installation, IPV4 was enabled (otherwise NS would have been unreachable from LAN) .
So IPV6 is default behaviour, yes for sure but not from the installation.
I’ll stop my test for the time being, having to think what will be the next step on my side. I do not plan to change my internal network settings to allow IPV6 yet.
Indeed proxmox is nice and offers console from which I can access NS terminal. Cool
From this terminal, trying to wonder why I can access NS web GUI any more, and looking at services listening, I realize that web based services are listening on IPV6 “only”
Why not but then I wonder how access was done few minutes ago
No. I think you’re misled by netstat output.
I repeat: this is the output of netstat on one VM I have:
[root@ns7rc1 ~]# netstat -lanp | grep 980
tcp6 0 0 :::980 :::* LISTEN 896/httpd
tcp6 0 0 192.168.56.71:980 192.168.56.1:41284 TIME_WAIT -
tcp6 0 0 192.168.56.71:980 192.168.56.1:41286 TIME_WAIT -
tcp6 0 0 192.168.56.71:980 192.168.56.1:41260 TIME_WAIT -
tcp6 0 0 192.168.56.71:980 192.168.56.1:41290 TIME_WAIT -
tcp6 0 0 192.168.56.71:980 192.168.56.1:41292 TIME_WAIT -
tcp6 0 0 192.168.56.71:980 192.168.56.1:41294 TIME_WAIT -
As you can see, my client (192.168.56.1) has 6 ipv4 connections open to port 980 on the vm (192.168.56.71) because I’m using the server-manager web interface.
[quote=“alefattorini, post:7, topic:4826, full:true”]
Strange enough, please give us more details. It’s not common at all[/quote]
Most likely because did something strange, although I still wonder what …
I selected multiple components (mail, AD DC, firewall…) then started configuration with AD…
As soon as I’ve some time, I’ll investigate further and revert back here. No hurry, at least from my side
)
… 