On Thu, 2011-06-16 at 22:19 +0200, Timothy Murphy sent: > I think I got this wrong too. > I am running shorewall on my server, > and I forgot to turn iptables off. Whenever I see mentions of "turning firewall off," that's a red flag, to me. Is shorewall an independent thing, or is it a configurator for iptables? Had turning off iptables turned off your firewall, or has it handed control of it over to something else? > I see now I can go to Manage Connections in NM, > and specify the name servers. > Now NM seems to leave /etc/resolv.conf alone. > Previously I was just adding the nameservers by hand. Adding them to what, though? That file? Hand editing files that are automatically managed by something else is fraught with problems. Your changes may disappear at any time. The resolv.conf file is one that NetworkManager would fiddle with. >>> Changes to the routing table on the latter, eg changing the default >>> gateway, do not seem to come into force until I re-boot. >> How are you trying to bring about the gateway change? Are you bringing >> its interface down and back up again, to force a configuration reload? > I was using "route delete default" and "route add default gw ...". > This seemed to be recognized at once on Fedora, > but not on CentOS. When playing with commands, like that, you need to find out whether they just make temporary changes when you issue them, or whether they permanently change configurations. >> To be honest, my opinion about NetworkManager is thus: You'd only use >> it on clients. All servers and gateways would have manually set >> network configurations, and be using the old network service. > Thanks for the suggestion. > I see I am running NM on the server in question. That can be a problem. A server needs to be up and running before clients can use it. If the server needs external configuration, too (such as yet another device is the DHCP server), then it gets really messy. Plus servers generally need fixed IPs, and that can be easiest done by manually configuring each machine with fixed IPs. Though more experienced sysadmins may find it easy enough to fix all IPs consistently through their DHCP server, and just ensure that all computers are booted up in the appropriate sequence (DHCP/DNS servers before print servers, etc.). > I'm never quite sure if we are allowed to use the network service. Your organisation won't let you, or do you mean technical considerations? You can run NetworkManager and the network service at the same time, as long as you ensure that each only controls specific network devices, and neither tries to control their opponent's. For equipment with multiple interfaces, you may find NetworkManager to be a thorn in your side. I've seen people mention NetworkManager being a problem in that regard, switching their whole network configuration around, rather than just adding yet another interface to the network (as cables are plugged in, or wireless networks come into range). -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines