Just an FYI to anyone who mistakenly puts a question mark (i.e. ?) at the end of one of their hostnames in the static leases section of their DHCP server tab. It will hose all DNS lookups (i.e. no internet) on the network served by the ddwrt router. I know this should be obvious to any web developer, but I did this and it took me 30 mins to resolve the issue. Hope this helps someone else.
I’ve grown to really appreciate the community version of the proxmox vitalization server, but because I’m too poor to afford the subscription version I tend to upgrade the entire server on a semi-annual basis. I do this by moving all the containers, or KVM images, to another proxmox server, then upgrade the now bare proxmox server using the updated proxmox install iso . I then reconfigure the server to my specific needs using a bash script. One of the tasks in this script is to set up postfix’s relayhost config to allow my promox server to email via google’s smtp servers when something is wrong. It is usually pretty straight forward, but with proxmox version 4.0 (based on Debian Jessie) I got this error in /var/log/mail.log:
SASL authentication failed; cannot authenticate to server smtp.gmail.com no mechanism available
Since I had used the exact same setup/configs as my prior servers I knew something was up. A quick search of google produced the answer. I needed to run:
aptitude install libsasl2-modules
And then everything worked. Thank you HowToForge for the answer.
For those who are interested, here’s the relevant portion of my install script
#Add email forwarding
aptitude install -y libsasl2-modules #this fixed a SASL authentication failed; cannot authenticate to server smtp.gmail.com no mechanism available error
sed -i 's|relayhost =|relayhost = [smtp.gmail.com]:587|g' /etc/postfix/main.cf
sed -i 's|mynetworks = 127.0.0.0/8|mynetworks = 127.0.0.0/8, 10.X.X.X/24|g' /etc/postfix/main.cf
sed -i 's|inet_interfaces = loopback-only|inet_interfaces = all|g' /etc/postfix/main.cf
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
myorigin=$HOSTNAME.$DOMAIN" >> /etc/postfix/main.cf
#add password db for email google authentication
echo "[smtp.gmail.com]:587 firstname.lastname@example.org:"$GOOGLE_PW > /etc/postfix/sasl_passwd
chmod 400 /etc/postfix/sasl_passwd
#register aliases and restart postfix
echo "root:email@example.com" >>/etc/aliases
Some background: I run a small software consulting firm, but I’m also a family doc and I keep a few thousand pages of clinical notes in a semantic mediawiki (“NotesWiki”) that I host on my own servers. I wanted network redundancy of this NotesWiki so I enlisted my parent’s network 150 miles away. On my parents network I installed a proxmox VM server and placed the VM server on a separate subnet from my parents local subnet. There are lots of ways to do this using debian/Proxmox, but I decided to use a ddwrt router as the subnet separation point (me7). See drawing below for an explanation of my network.
This setup seemed easy enough but for some reason I could not direct network traffic from the internet to me20 (the webserver) despite correct port forwarding in twc1. After days of pinging, packet watching w/ wireshark, and pulling my hair out, I finally figured out what was going on. me20 is a virtual machine that sits on a proxmox VM Server (me29). I had set me29’s gateway as 10.10.10.6 (me6) and this meant that packets which arrived at me20 from the internet would take a return path through me6. Obviously this didn’t work. The solution was to set the gateway to the a more appropriate outgoing route (e.g. 10.10.10.7). See proxmox config image below.
I hope this post saves someone else the frustration I experienced.