Results 1 to 22 of 22
-
10-12-2011, 12:52 PM #1Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
Which Linux OS I should run for openvpn?
Hi guys,
I have just rented xen virtual private server with 128mb of ram and I need your help. I have a trouble of install openvpn on my server as I'm using CentOS 5.5 32bit PyGrub, I couldn't be able to forward the IP because I keep getting this:
Code:iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded
I have opened the ticket to support and within hours, they have replied. Here's what they said:
Code:Mark, I just realized that you chose a 32-bit template, which run's it's own Kernel via PyGrub (does not share the host Kernel because it's 64-bit). You'll need to recompile your kernel for your specific needs, as this is an unmanaged VPS. --------------------------------------------------------------- Regards, Michael McRae
Options 1: If I go with CentOS 32-bit, I will need to rebuilt kernel and other modules to get the openvpn working in order, it will use less ram.
Options 2: If I go with CentOS 64-bit, the kernel and other modules are already installed on the server which I wouldn't need to rebuilt while I will need to install openvpn, but it will use more ram.
Can you give me an advice with which options i should go with and tell me why? if i should go with 64-bit, I want to know how much ram would I have left it for myself after it have been used to run CentOS 64-bit and openvpn?
Any advice would be much appreciated.
Thanks,
Mark
-
10-12-2011, 12:57 PM #2Disabled
- Join Date
- Sep 2011
- Posts
- 47
That's strange,
I've never had that problem myself, and I run a CentOS 32Bit VPS with 98MB Dedicated ram, and 128MB SWAP and have no problem's whatso ever.
Have you tried looking else where for a provider that can assist you more then your current one has with the OpenVPN solution? As I know of plenty providers that even offer budget solutions that have VPN capabilities already enabled and ready for you after your VPS is provisioned such as like BuyVM.
But, personally. I would just re-install your OS with the 64bit option and do it, but you won't have much ram left running a 64bit option OS on a 128mb Memory VPS.
But if you are experienced with linux and managing a VPS; it shouldn't be to hard for you to rebuild it and get it setup property.
-
10-12-2011, 01:01 PM #3Web Hosting Master
- Join Date
- Jul 2010
- Location
- ~/
- Posts
- 1,382
Are you using OpenVPN Access Server or Openvpn community edition?
That is a known issue on the access server version that happens from time to time, few simple fixes are to simply flush your ip tables 'iptables -F' then 'service iptables restart' then 'service openvpnas restart'
Make sure you do a full update and reboot too.
Personally I suggest 32bit Debian or CentOS for OpenVPN
If it is access server your running there is a support channel on freenode #openvpn-as , if not have a look at it, it does come with 2 free licenses out of the box and has a Web UI for management.█ -> INCEPTION HOSTING LIMITED Since 2010!
█ -> I am most active on the lowendspirit hosting forum Come join us!
█ -> PHOENIX USA & THE NETHERLANDS & UK EU
-
10-12-2011, 01:54 PM #4Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
Last edited by mark103; 10-12-2011 at 01:58 PM.
-
10-12-2011, 01:59 PM #5Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
I'm using OpenVPN and nothing is else. I can't flush my ip tables using with 'iptables -F', because kernel need to be upgraded. I keep getting this:
Code:iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.
here's the command.
[root@server1 ~]#iptables -F
iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
[root@server1 ~]#
The reason I'm awake of it doesn't work, because some modules of kernel is missing or need to be upgraded. I have tried with 64-bit which it has kernel in it and it works quite well. I don't know what to do, but please can you help me to find the upgraded version for kernel that it will make the iptables and other methods to work well like the 64-bit did but I want to use 32-bit?
-
10-12-2011, 02:25 PM #6Web Hosting Master
- Join Date
- Jul 2010
- Location
- ~/
- Posts
- 1,382
Well I would say regardless of the fact that the VPS is unmanaged if your host is offering templates with broken IPTABLES right out of the box then they need to deal with that not you.
Anyway, you dont need any extra modules to use iptables it should be compiled in the kernel already
what is the output of:
rpm -q iptables
and
cat /etc/sysconfig/iptables-config█ -> INCEPTION HOSTING LIMITED Since 2010!
█ -> I am most active on the lowendspirit hosting forum Come join us!
█ -> PHOENIX USA & THE NETHERLANDS & UK EU
-
10-12-2011, 02:28 PM #7Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
The output for this line of rpm -q iptables is:
Code:iptables-1.3.5-5.3.el5_4.1
And the last output for this line is:
Code:[root@server1 ~]#cat /etc/sysconfig/iptables-config # Load additional iptables modules (nat helpers) # Default: -none- # Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which # are loaded after the firewall rules are applied. Options for the helpers are # stored in /etc/modprobe.conf. IPTABLES_MODULES="" # Unload modules on restart and stop # Value: yes|no, default: yes # This option has to be 'yes' to get to a sane state for a firewall # restart or stop. Only set to 'no' if there are problems unloading netfilter # modules. IPTABLES_MODULES_UNLOAD="yes" # Save current firewall rules on stop. # Value: yes|no, default: no # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped # (e.g. on system shutdown). IPTABLES_SAVE_ON_STOP="no" # Save current firewall rules on restart. # Value: yes|no, default: no # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets # restarted. IPTABLES_SAVE_ON_RESTART="no" # Save (and restore) rule and chain counter. # Value: yes|no, default: no # Save counters for rules and chains to /etc/sysconfig/iptables if # 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or # SAVE_ON_RESTART is enabled. IPTABLES_SAVE_COUNTER="no" # Numeric status output # Value: yes|no, default: yes # Print IP addresses and port numbers in numeric format in the status output. IPTABLES_STATUS_NUMERIC="yes" # Verbose status output # Value: yes|no, default: yes # Print info about the number of packets and bytes plus the "input-" and # "outputdevice" in the status output. IPTABLES_STATUS_VERBOSE="no" # Status output with numbered lines # Value: yes|no, default: yes # Print a counter/number for every rule in the status output. IPTABLES_STATUS_LINENUMBERS="yes"
-
10-12-2011, 02:31 PM #8Web Hosting Master
- Join Date
- Jul 2010
- Location
- ~/
- Posts
- 1,382
change IPTABLES_MODULES_UNLOAD="yes" to IPTABLES_MODULES_UNLOAD="no" and reboot
█ -> INCEPTION HOSTING LIMITED Since 2010!
█ -> I am most active on the lowendspirit hosting forum Come join us!
█ -> PHOENIX USA & THE NETHERLANDS & UK EU
-
10-12-2011, 03:04 PM #9Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
Thanks, I have made the change and I have reboot. After I have reboot, when I input the command in putty:
Code:iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
I still get this:
Code:iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded
Any idea?
-
10-12-2011, 08:16 PM #10Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
do anyone know how to fix this?
-
10-12-2011, 08:24 PM #11Web Hosting Master
- Join Date
- Feb 2010
- Location
- New York
- Posts
- 3,410
Can you run /script/fixxenkernel and see if that will help you out.
ᗖJacob Khanis - Chief Marketing Officer
ᗗ ServerMeadows.com - The Next Generation of Managed IT Services
ᗖ Follow us on Twitter at http://Twitter.com/ServerMeadows
ᗗ Helping WHT Say April Fools Since 2010
-
10-12-2011, 08:49 PM #12Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
No I can't, it doesn't support it because I'm using Xen VM.
-
10-13-2011, 04:20 AM #13Junior Guru
- Join Date
- Jul 2009
- Posts
- 183
Maybe you should get an OpenVZ VPS which supports OpenVPN natively.
VirtualSRV.com
|Affordable Prices|Premium Hardware
|Instant Set Up|OpenVZ Virtualization
Visit Us! www.virtualsrv.com
-
10-13-2011, 06:02 AM #14WHT Addict
- Join Date
- Apr 2010
- Posts
- 162
Are you sure that openvz supports openvpn natively? AFAIK xen supports openvpn natively because on openvz you still need to ask your vps provider to enable tun/tap.
Reload your vps to other centos versions they have and check if iptables will function properly.
You could also try to load the kernel module yourself. Ive run into this same problem before on my vps with quickweb and here's what i have done to load iptables.
Visit http://repos.nethconsulting.com/cent...ernel/modules/ and download into your /lib/modules directory the required kernel for your os. run uname -r to check your kernel version
untar the file
Code:tar -xvzf 2.6.xxxxxxxxx.tar.gz
Code:modprobe -a iptables or echo "iptables" >> /etc/modules
-
10-13-2011, 11:18 AM #15Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
No, I'm using Xen VM on my vps which it doesn't support tun/tap on centos 32-bit, but it does support on 64-bit.
here's the kernel version:
Code:[root@server1 ~]#uname -r 2.6.18-164.6.1.el5xen
Code:[root@server1 ~]#modprobe -a iptables FATAL: Could not load /lib/modules/2.6.18-164.6.1.el5xen/modules.dep: No such file or directory
Can you tell me what I should do now??
How can I download the latest version of kernel into my /lib/modules directory?Last edited by mark103; 10-13-2011 at 11:23 AM.
-
10-13-2011, 02:24 PM #16WHT Addict
- Join Date
- Apr 2010
- Posts
- 162
Xen supports tun/tap on 32 and 64 bit versions. Your problem is iptables and not the tap driver.
The instructions is already in my previous post.
Code:cd /lib/modules wget http://download.srv.ro/pub/misc/xen/kern-modules/2.6.18-164.6.1.el5xen.tar.gz tar xvf 2.6.18-164.6.1.el5xen.tar.gz modprobe -a iptables
-
10-13-2011, 03:06 PM #17Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
Thanks, I have input in each command for each line.
However, I'm getting this:
[root@server1 modules]#modprobe -a iptables
WARNING: Module iptables not found.
[root@server1 modules]#
It said that iptables is not found. Any idea?
-
10-13-2011, 06:13 PM #18Junior Guru Wannabe
- Join Date
- Aug 2011
- Posts
- 57
You may have to recompile the kernel to enable the functionality s the support ticket said. It seems odd to me that you wouldn't have the iptables module enabled by default and they suggest you need managed service in order to have them do it for you. It really is a pretty basic functionality for a server and I can't see why it is disabled by default. In any event, in response to your inital question, you can run oepnvpn on a 32-bit debian box; I am at the moment with no problems. Note that it is openvz though.
-
10-13-2011, 06:46 PM #19Junior Guru Wannabe
- Join Date
- Apr 2011
- Location
- New York City
- Posts
- 58
I used CentOS on an OpenVZ vps with TUN/TAP following this guide:
http://tipupdate.com/how-to-install-...on-centos-vps/
-
10-13-2011, 06:53 PM #20Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
thanks SeedPlox, it can only works well for 64-bit if you do recommend it because it will support kernel modules. And can you tell me how to making a VPN connection by create new connection in win xp?
-
10-13-2011, 06:55 PM #21Junior Guru Wannabe
- Join Date
- Apr 2011
- Location
- New York City
- Posts
- 58
-
10-13-2011, 06:57 PM #22Aspiring Evangelist
- Join Date
- Aug 2007
- Posts
- 354
i don't want to download openvpn software, i just want to create a new vpn connection in win xp by going to start menu > control panel > network connections > create a new connection.
is it possible to work as i have tried it but i'm keep getting an 800 error?
Similar Threads
-
OpenVPN Installation Service with Admin Panel (Centos Linux/Windows 2003/2008)
By smeago in forum Other Web Hosting Related OffersReplies: 0Last Post: 03-06-2011, 09:05 AM -
need help in picking a vps to run openvpn + first post
By elazar55 in forum VPS HostingReplies: 13Last Post: 10-25-2010, 09:49 AM -
i'm looking for a vps that can run pptpd or openvpn.need you help!
By kagetu_toki in forum VPS HostingReplies: 14Last Post: 06-17-2010, 05:02 PM -
looking for a vps to run openvpn
By stapow in forum VPS HostingReplies: 20Last Post: 03-01-2010, 09:00 AM -
VPS Linux France Support RapidLeech And OpenVPN
By kunc86 in forum VPS Hosting OffersReplies: 0Last Post: 01-20-2010, 08:45 PM