Results 1 to 22 of 22
  1. #1
    Join Date
    Aug 2007
    Posts
    354

    Which Linux OS I should run for openvpn?

    Hi guys,

    I have just rented xen virtual private server with 128mb of ram and I need your help. I have a trouble of install openvpn on my server as I'm using CentOS 5.5 32bit PyGrub, I couldn't be able to forward the IP because I keep getting this:

    Code:
    iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded

    I have opened the ticket to support and within hours, they have replied. Here's what they said:

    Code:
    Mark,
    
    I just realized that you chose a 32-bit template, which run's it's own Kernel via PyGrub (does not share the host Kernel because it's 64-bit). You'll need to recompile your kernel for your specific needs, as this is an unmanaged VPS.
    
    ---------------------------------------------------------------
    
    Regards,
    Michael McRae
    I am not sure what I am going to do now, whether to stick with 32-bit or change to 64-bit. So here's the two options for me.

    Options 1: If I go with CentOS 32-bit, I will need to rebuilt kernel and other modules to get the openvpn working in order, it will use less ram.

    Options 2: If I go with CentOS 64-bit, the kernel and other modules are already installed on the server which I wouldn't need to rebuilt while I will need to install openvpn, but it will use more ram.


    Can you give me an advice with which options i should go with and tell me why? if i should go with 64-bit, I want to know how much ram would I have left it for myself after it have been used to run CentOS 64-bit and openvpn?

    Any advice would be much appreciated.

    Thanks,
    Mark

  2. #2
    That's strange,

    I've never had that problem myself, and I run a CentOS 32Bit VPS with 98MB Dedicated ram, and 128MB SWAP and have no problem's whatso ever.

    Have you tried looking else where for a provider that can assist you more then your current one has with the OpenVPN solution? As I know of plenty providers that even offer budget solutions that have VPN capabilities already enabled and ready for you after your VPS is provisioned such as like BuyVM.

    But, personally. I would just re-install your OS with the 64bit option and do it, but you won't have much ram left running a 64bit option OS on a 128mb Memory VPS.

    But if you are experienced with linux and managing a VPS; it shouldn't be to hard for you to rebuild it and get it setup property.

  3. #3
    Join Date
    Jul 2010
    Location
    ~/
    Posts
    1,382
    Are you using OpenVPN Access Server or Openvpn community edition?

    That is a known issue on the access server version that happens from time to time, few simple fixes are to simply flush your ip tables 'iptables -F' then 'service iptables restart' then 'service openvpnas restart'

    Make sure you do a full update and reboot too.

    Personally I suggest 32bit Debian or CentOS for OpenVPN

    If it is access server your running there is a support channel on freenode #openvpn-as , if not have a look at it, it does come with 2 free licenses out of the box and has a Web UI for management.
    -> INCEPTION HOSTING LIMITED Since 2010!
    -> I am most active on the lowendspirit hosting forum Come join us!
    -> PHOENIX USA & THE NETHERLANDS & UK EU

  4. #4
    Join Date
    Aug 2007
    Posts
    354
    Quote Originally Posted by Laststop View Post
    That's strange,

    I've never had that problem myself, and I run a CentOS 32Bit VPS with 98MB Dedicated ram, and 128MB SWAP and have no problem's whatso ever.

    Have you tried looking else where for a provider that can assist you more then your current one has with the OpenVPN solution? As I know of plenty providers that even offer budget solutions that have VPN capabilities already enabled and ready for you after your VPS is provisioned such as like BuyVM.

    But, personally. I would just re-install your OS with the 64bit option and do it, but you won't have much ram left running a 64bit option OS on a 128mb Memory VPS.

    But if you are experienced with linux and managing a VPS; it shouldn't be to hard for you to rebuild it and get it setup property.
    Yeah, it sound very strange but I'm using Xen server installed CentOS 32-bit PyGrub without kernel. I tried with 64-bit and it works fine, but it uses alot of ram. Do you know where I can install or upgrade kernel on my xen server that will make the iptables to works?
    Last edited by mark103; 10-12-2011 at 01:58 PM.

  5. #5
    Join Date
    Aug 2007
    Posts
    354
    Quote Originally Posted by backtogeek View Post
    Are you using OpenVPN Access Server or Openvpn community edition?

    That is a known issue on the access server version that happens from time to time, few simple fixes are to simply flush your ip tables 'iptables -F' then 'service iptables restart' then 'service openvpnas restart'

    Make sure you do a full update and reboot too.

    Personally I suggest 32bit Debian or CentOS for OpenVPN

    If it is access server your running there is a support channel on freenode #openvpn-as , if not have a look at it, it does come with 2 free licenses out of the box and has a Web UI for management.
    I'm using OpenVPN and nothing is else. I can't flush my ip tables using with 'iptables -F', because kernel need to be upgraded. I keep getting this:

    Code:
    iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.

    here's the command.

    [root@server1 ~]#iptables -F
    iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.
    [root@server1 ~]#


    The reason I'm awake of it doesn't work, because some modules of kernel is missing or need to be upgraded. I have tried with 64-bit which it has kernel in it and it works quite well. I don't know what to do, but please can you help me to find the upgraded version for kernel that it will make the iptables and other methods to work well like the 64-bit did but I want to use 32-bit?

  6. #6
    Join Date
    Jul 2010
    Location
    ~/
    Posts
    1,382
    Well I would say regardless of the fact that the VPS is unmanaged if your host is offering templates with broken IPTABLES right out of the box then they need to deal with that not you.

    Anyway, you dont need any extra modules to use iptables it should be compiled in the kernel already

    what is the output of:

    rpm -q iptables

    and

    cat /etc/sysconfig/iptables-config
    -> INCEPTION HOSTING LIMITED Since 2010!
    -> I am most active on the lowendspirit hosting forum Come join us!
    -> PHOENIX USA & THE NETHERLANDS & UK EU

  7. #7
    Join Date
    Aug 2007
    Posts
    354
    The output for this line of rpm -q iptables is:

    Code:
    iptables-1.3.5-5.3.el5_4.1

    And the last output for this line is:

    Code:
    [root@server1 ~]#cat /etc/sysconfig/iptables-config
    # Load additional iptables modules (nat helpers)
    #   Default: -none-
    # Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
    # are loaded after the firewall rules are applied. Options for the helpers are
    # stored in /etc/modprobe.conf.
    IPTABLES_MODULES=""
    
    # Unload modules on restart and stop
    #   Value: yes|no,  default: yes
    # This option has to be 'yes' to get to a sane state for a firewall
    # restart or stop. Only set to 'no' if there are problems unloading netfilter
    # modules.
    IPTABLES_MODULES_UNLOAD="yes"
    
    # Save current firewall rules on stop.
    #   Value: yes|no,  default: no
    # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
    # (e.g. on system shutdown).
    IPTABLES_SAVE_ON_STOP="no"
    
    # Save current firewall rules on restart.
    #   Value: yes|no,  default: no
    # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
    # restarted.
    IPTABLES_SAVE_ON_RESTART="no"
    
    # Save (and restore) rule and chain counter.
    #   Value: yes|no,  default: no
    # Save counters for rules and chains to /etc/sysconfig/iptables if
    # 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or
    # SAVE_ON_RESTART is enabled.
    IPTABLES_SAVE_COUNTER="no"
    
    # Numeric status output
    #   Value: yes|no,  default: yes
    # Print IP addresses and port numbers in numeric format in the status output.
    IPTABLES_STATUS_NUMERIC="yes"
    
    # Verbose status output
    #   Value: yes|no,  default: yes
    # Print info about the number of packets and bytes plus the "input-" and
    # "outputdevice" in the status output.
    IPTABLES_STATUS_VERBOSE="no"
    
    # Status output with numbered lines
    #   Value: yes|no,  default: yes
    # Print a counter/number for every rule in the status output.
    IPTABLES_STATUS_LINENUMBERS="yes"

  8. #8
    Join Date
    Jul 2010
    Location
    ~/
    Posts
    1,382
    change IPTABLES_MODULES_UNLOAD="yes" to IPTABLES_MODULES_UNLOAD="no" and reboot
    -> INCEPTION HOSTING LIMITED Since 2010!
    -> I am most active on the lowendspirit hosting forum Come join us!
    -> PHOENIX USA & THE NETHERLANDS & UK EU

  9. #9
    Join Date
    Aug 2007
    Posts
    354
    Thanks, I have made the change and I have reboot. After I have reboot, when I input the command in putty:

    Code:
    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

    I still get this:
    Code:
    iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded

    Any idea?

  10. #10
    Join Date
    Aug 2007
    Posts
    354
    do anyone know how to fix this?

  11. #11
    Join Date
    Feb 2010
    Location
    New York
    Posts
    3,410
    Can you run /script/fixxenkernel and see if that will help you out.
    Jacob Khanis - Chief Marketing Officer
    ServerMeadows.com - The Next Generation of Managed IT Services
    Follow us on Twitter at http://Twitter.com/ServerMeadows
    Helping WHT Say April Fools Since 2010

  12. #12
    Join Date
    Aug 2007
    Posts
    354
    No I can't, it doesn't support it because I'm using Xen VM.

  13. #13
    Maybe you should get an OpenVZ VPS which supports OpenVPN natively.
    VirtualSRV.com
    |Affordable Prices|Premium Hardware
    |Instant Set Up|OpenVZ Virtualization
    Visit Us! www.virtualsrv.com

  14. #14
    Quote Originally Posted by vpsplug View Post
    Maybe you should get an OpenVZ VPS which supports OpenVPN natively.
    Are you sure that openvz supports openvpn natively? AFAIK xen supports openvpn natively because on openvz you still need to ask your vps provider to enable tun/tap.

    Reload your vps to other centos versions they have and check if iptables will function properly.


    You could also try to load the kernel module yourself. Ive run into this same problem before on my vps with quickweb and here's what i have done to load iptables.

    Visit http://repos.nethconsulting.com/cent...ernel/modules/ and download into your /lib/modules directory the required kernel for your os. run uname -r to check your kernel version

    untar the file
    Code:
    tar -xvzf 2.6.xxxxxxxxx.tar.gz
    Load iptables
    Code:
    modprobe -a iptables
    or 
    echo "iptables" >> /etc/modules

  15. #15
    Join Date
    Aug 2007
    Posts
    354
    Quote Originally Posted by VPSForge-Ray View Post
    Are you sure that openvz supports openvpn natively? AFAIK xen supports openvpn natively because on openvz you still need to ask your vps provider to enable tun/tap.

    Reload your vps to other centos versions they have and check if iptables will function properly.


    You could also try to load the kernel module yourself. Ive run into this same problem before on my vps with quickweb and here's what i have done to load iptables.

    Visit http://repos.nethconsulting.com/cent...ernel/modules/ and download into your /lib/modules directory the required kernel for your os. run uname -r to check your kernel version

    untar the file
    Code:
    tar -xvzf 2.6.xxxxxxxxx.tar.gz
    Load iptables
    Code:
    modprobe -a iptables
    or 
    echo "iptables" >> /etc/modules
    No, I'm using Xen VM on my vps which it doesn't support tun/tap on centos 32-bit, but it does support on 64-bit.

    here's the kernel version:

    Code:
    [root@server1 ~]#uname -r
    2.6.18-164.6.1.el5xen
    And here's the iptables version:

    Code:
    [root@server1 ~]#modprobe -a iptables
    FATAL: Could not load /lib/modules/2.6.18-164.6.1.el5xen/modules.dep: No such file or directory

    Can you tell me what I should do now??

    How can I download the latest version of kernel into my /lib/modules directory?
    Last edited by mark103; 10-13-2011 at 11:23 AM.

  16. #16
    Xen supports tun/tap on 32 and 64 bit versions. Your problem is iptables and not the tap driver.

    The instructions is already in my previous post.

    Code:
    cd /lib/modules
    wget http://download.srv.ro/pub/misc/xen/kern-modules/2.6.18-164.6.1.el5xen.tar.gz
    tar xvf 2.6.18-164.6.1.el5xen.tar.gz
    modprobe -a iptables
    See if that works

  17. #17
    Join Date
    Aug 2007
    Posts
    354
    Thanks, I have input in each command for each line.

    However, I'm getting this:

    [root@server1 modules]#modprobe -a iptables
    WARNING: Module iptables not found.
    [root@server1 modules]#


    It said that iptables is not found. Any idea?

  18. #18
    Join Date
    Aug 2011
    Posts
    57
    You may have to recompile the kernel to enable the functionality s the support ticket said. It seems odd to me that you wouldn't have the iptables module enabled by default and they suggest you need managed service in order to have them do it for you. It really is a pretty basic functionality for a server and I can't see why it is disabled by default. In any event, in response to your inital question, you can run oepnvpn on a 32-bit debian box; I am at the moment with no problems. Note that it is openvz though.

  19. #19
    Join Date
    Apr 2011
    Location
    New York City
    Posts
    58
    I used CentOS on an OpenVZ vps with TUN/TAP following this guide:

    http://tipupdate.com/how-to-install-...on-centos-vps/

  20. #20
    Join Date
    Aug 2007
    Posts
    354
    thanks SeedPlox, it can only works well for 64-bit if you do recommend it because it will support kernel modules. And can you tell me how to making a VPN connection by create new connection in win xp?

  21. #21
    Join Date
    Apr 2011
    Location
    New York City
    Posts
    58
    Quote Originally Posted by mark103 View Post
    thanks SeedPlox, it can only works well for 64-bit if you do recommend it because it will support kernel modules. And can you tell me how to making a VPN connection by create new connection in win xp?
    I set it up on x64 CentOS without a hitch.

    Also, at the bottom of the guide there is a little tutorial on how to connect on Windows.

  22. #22
    Join Date
    Aug 2007
    Posts
    354
    i don't want to download openvpn software, i just want to create a new vpn connection in win xp by going to start menu > control panel > network connections > create a new connection.

    is it possible to work as i have tried it but i'm keep getting an 800 error?

Similar Threads

  1. OpenVPN Installation Service with Admin Panel (Centos Linux/Windows 2003/2008)
    By smeago in forum Other Web Hosting Related Offers
    Replies: 0
    Last Post: 03-06-2011, 09:05 AM
  2. Replies: 13
    Last Post: 10-25-2010, 09:49 AM
  3. Replies: 14
    Last Post: 06-17-2010, 05:02 PM
  4. looking for a vps to run openvpn
    By stapow in forum VPS Hosting
    Replies: 20
    Last Post: 03-01-2010, 09:00 AM
  5. VPS Linux France Support RapidLeech And OpenVPN
    By kunc86 in forum VPS Hosting Offers
    Replies: 0
    Last Post: 01-20-2010, 08:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •