DHCP IPv4 vs IPv6 : Basic concept

Most of us are familiar with DHCP (Dynamic Host Configuration Protocol). We use it all the time to get an IP address and network configurations for our devices like laptop, computers, handheld IP devices, IP TV and more... It makes our life easy as we don't have to manually define the IP address for our system and we also don't have to worry about IP address duplication problem. DHCP takes care all of those for us.

We all know that IPv6 is drilling our internet world and it's going to replace IPv4. There is going to be revolution. DHCP is one of those areas. Architecture of DHCPv4 (IPv4 system) and DHCPv6 (IPv6) are totally different. I will try my best to explain the differences in very easy language.

1. In IPv4 systems, hosts send broadcast traffic requesting an IP address in hope to get reply from the DHCP server, thus network doesn't know how far to send the request.

But all IPv6 systems support multicasting and DHCPv6 servers are ready to receive DHCPv6 multicast packets. Thus network knows where to send the DHCP requests from clients. (FF02::1:2 is a link-scoped multicast address used by a client to communicate with neighboring i.e on-link, relay agents and server. All servers and relay agents are members of this multicast group)

[Wireshark capture for DHCPv6: notice a link-scoped multicast address. I intentionally hid my link-local address(IPv6) of my laptop which acts as IPv6 host ]




2. In IPv4 systems, clients doesn't have any valid IP address to start with. It uses 0.0.0.0 as it's initial IP address and sends request (requesting IP address and network configuration ) broadcast traffic to 255.255.255.255 in hope to get response from DHCP servers.

(Here is the complete DHCPv4 request-reply messaging in IPv4 environment: captured by wireshark using filter BOOTP. DHCPv4 uses BOOTP)



In IPv6 systems, each hosts have valid link-local address that can be used to send traffic on the link it is connected to, thus makes it possible to send request to DHCP server for REAL address.

There are more to talk... But I have to watch NBA finals: MAVS vs Heat. :D
I will keep on updating this article.


Reference:
http://www.ietf.org/rfc/rfc3315.txt
http://www.isc.org/community/blog/201104/isc-dhcp-and-ipv6-dhcpv6-story
http://en.wikipedia.org/wiki/IPv6#Stateless_address_autoconfiguration

Centralized LogServer in SuSE Linux

LogServer: ServerA [IP address: 192.168.1.5]
NetworkServers: ServerB, ServerC... and more

ServerB-------send log files-----> ServerA[LogServer] <-----------send log files---- ServerC

Here we want ServerB, Server C to send it's log file to ServerA for centralized access of log files.

Daemon: syslog-ng
Files:
/etc/sysconfig/syslog
/etc/syslog-ng/syslog-ng.conf

Commands:
/etc/init.d/syslog start|restart|stop

ps aux|grep syslog --> to see if syslog-ng is running or not

SuSEconfig --module syslog-ng --> to reload the change done on /etc/syslog-ng/syslog-ng.conf


Configure LogServer i.e ServerA to accept the log files from NetworkServers

Edit /etc/syslog-ng/syslog-ng.conf on ServerA(Log Server)

source src {
#
# include internal syslog-ng messages
# note: the internal() soure is required!
#
internal();

#
# the default log socket for local logging:
#
unix-dgram("/dev/log");

#
# uncomment to process log messages from network:
#
udp(ip("0.0.0.0") port(514));
#I uncommented above line telling ServerA to accept the log files from network
};


At the bottom of this file, I defined the destination and log

#
#Added by DShah 05/25/11
#
destination std { file("/var/log/HOSTS/$YEAR-$MONTH/$HOST/$FACILITY-$YEAR-$MONTH-$DAY" owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes));
};

log { source(src);
destination(std);
};

Over here I am telling ServerA to process the log files coming source src to destination std.
Destination std tells ServerA to save log messages from each host in a separate directory called /var/log/HOSTS/YEAR-MONTH/hostname/.

Now run the command
#SuSEconfig --module syslog-ng --> to reload the config changes done

#/etc/init.d/syslog restart OR
#syslog-ng restart

#ps aux|grep syslog --> to check if syslog-ng is running

If you need to kill syslog-ng process for any reason, you can simply run the command

#killall syslog-ng
or
#kill -9 [PID-of-syslog-ng]

Configure NetworkServers (Server B, ServerC... ) to send log files to LogServer(ServerA):

Edit /etc/syslog-ng/syslog-ng.conf or /etc/syslog-ng/syslog-ng.conf.in (preffered) on ServerB, ServerC

#
#Added by DShah 05/25/2011
#
destination logserver {
udp("192.168.1.5" port(514));
#Note: here 192.168.1.5 is an IP add of LogServer i.e ServerA
};

log {
source(src);
destination(logserver);
};

Now run the command
#SuSEconfig --module syslog-ng --> to reload the config changes done

#/etc/init.d/syslog restart OR
#syslog-ng restart

#ps aux|grep syslog --> to check if syslog-ng is running


ServerA should be already collecting the log files. You can go to /var/log/HOSTS directory on ServerA to see the log files from different Network Servers.

Illustration by Additional applications:
Let's say I want remote asterisk server to dump it's log file /var/log/asterisk/full in the centralized log server
Edit /etc/syslog-ng/syslog-ng.conf or /etc/syslog-ng/syslog-ng.conf.in (preffered) on remote Asterisk Server

#
# Added by DShah
#
source asterisklog { pipe("/var/log/asterisk/full");
};

destination logserver { udp("192.168.1.5" port(514));
};

log { source(asterisklog); destination(logserver); };


and run the command

#syslog-ng restart

Now please check /var/log/HOSTS , you should see log file from asterisk server.


If you need any help on Linux/Unix systems, you can email me at erdevendra@gmail.com with subject title rapidtechguide.

For more info: http://www.novell.com/coolsolutions/feature/18044.html
20 minutes video on syslog-ns : http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/overview#
Syslog-ns to collect apache logs: http://peter.blogs.balabit.com/2010/02/how-to-collect-apache-logs-by-syslog-ng/

SCREEN command: Handy tool for multi-screen session and remote interaction

Screen is the Multi-Screen utility that allows the users to access the multiple screen in single SSH session that allows user to do different tasks on different screens. User doesn't require to open multiple SSH session. However, you need to learn some keyboard short-cuts.

How to start Screen?
# screen -S mySessionName

e.g screen -S rapidlinux

Common screen commands

screen command	Task
Ctrl+a c	Create new window
Ctrl+a k	Kill the current window / session
Ctrl+a w	List all windows
Ctrl+a 0-9	Go to a window numbered 0 9, use Ctrl+a w to see number
Ctrl+a Ctrl+a	Toggle / switch between the current and previous window
Ctrl+a S	Split terminal horizontally into regions and press Ctrl+a c to create new window there
Ctrl+a :resize	Resize region
Ctrl+a :fit	Fit screen size to new terminal size. You can also hit Ctrl+a F for the the same task
Ctrl+a :remove	Remove / delete region. You can also hit Ctrl+a X for the same taks
Ctrl+a tab	Move to next region
Ctrl+a D (Shift-d)	Power detach and logout
Ctrl+a d	Detach but keep shell window open
Ctrl-a Ctrl-\	Quit screen
Ctrl-a ?	Display help screen i.e. display a list of commands

Play with above listed commands. Once you are comfortable with those commands, let's learn one more thing: REMOTE INTERACTION

Scenario: Let's say you SSHed into your client's machine. Your client want to see what commands you are running. You can do that via SCREEN :)

1. SSH into client's machine with your support user ID on client's machine.
e.g #ssh rapidsupport@client.machine

2. Run Screen command with session name
e.g #screen -S rapidsupportSession

3. You have to allow multiple user access in screen session. So, Press Ctrl + a followed by :multiuser on

4. You have to grant permission to client to access your screen session. So, Press Ctrl + a followed by :acladd clientname where clientname is the client's user ID

5. Now client can connect to your screen session using the command syntax #screen -x username/session

e.g #screen -x clientname/rapidsupportSession

6. Now your screen is shared with your client.


Done!!!!

Let's say ur client's machine is behind NAT (i.e client's machine doesn't have public IP ) and you want to provide remote support to your client. Your workstation should have public IP address to support it as ur client.

We can use Reverse SSH to achieve that.

To permit you to access your client's machine through Reverse SSH (Secure Shell protocol), client should execute the following command as root user (superuser) on his machine:

Example:

#ssh -fN -R 5099:localhost:22 rapidsupport@public-ip-address-of-rapidsupport -p 443

where, rapidsupport is an user id on your workstation

If successful, this command will set up an SSH tunnel between client's machine and rapidsupport's workstation, and will display a new command-line prompt on your server.

Note: This method of connecting is called "reverse" SSH because the connection is initiated from client's machine, not from rapidsupport.

Now, rapidsupport can SSH in client's machine using credential of client's machine.

#ssh localhost -p 5099

For more:

http://www.linux.com/archive/feed/56443
http://www.cyberciti.biz/tips/linux-screen-command-howto.html

VLAN : 5 mintue reading to get the core concept of VLAN implementation

VLAN (Virtual LAN) is the logical technique that enables hosts across various LANs to communicate with each other as if they are on same LAN/wire.

VLAN splits the broadcast domain as host on one VLAN can't talk with host on another VLAN without the help of Layer 3 device.

There are two types of the switch port operation mode:

Trunk Mode: Allows multiple VLAN ID to pass through; Usually FastEthernet 0/24 port or GigabitEthernet port for inter-switch link. Multiple switches are interconnected via link connected to the port in Trunk mode.

Access Mode: Allows only one VLAN ID; Hosts are connected to the ports defined as Access mode. By default all ports on the switch are in Access Mode.



Let's see how to define VLAN, add interface/switch ports to VLAN and define TRUNK port

[ In this example we have FinanceDept and HumanResourceDept and we want to separate them using VLAN]

>en
Switch#config term
Switch#hostname Switch1

Switch1-config# vlan 2
Switch1-config-vlan#name HumanResourceDept

Switch1-config-vlan#vlan 3
Switch1-config-vlan#name FinanceDept

Switch1-config-vlan#exit
Switch1-config#exit

Switch1#show vlan
(Find which ports are being used by HumanResourceDept hosts and FinanceDept hosts; say F0/1,F0/2 are being used by HumanResourceDept hosts and F0/3 and F0/4 are being used by FinanceDept hosts)

Switch1#config term
Switch1-config#int F0/1
Switch1-config-if#switchport access vlan 2
Switch1-config-if#int F0/2
Swtich1-config-if#switchport access vlan 2

Switch1-config#int F0/3
Switch1-config-if#switchport access vlan 3
Switch1-config-if#int F0/4
Swtich1-config-if#switchport access vlan 3

Switch1-config-if# [press Ctrl + z]
Switch1#

Now check, if F0/1 and F0/2 are assigned to VLAN 2 , similarly check if F0/3 and F0/4 are assigned to VLAN 3

Switch1#show vlan

Now, hosts belonging to HumanResourceDept connected to Port F0/1 and F0/2 should be able to talk to each other. Perfom ping test.
Similarly do the test with FinanceDept hosts

VERY VERY IMPORTANT CONCEPTS:
>> Hosts on same vlan *must* has same subnet number. For example HumanResourceDept hosts should be under same subnet e.g 192.168.1.0/24 like Host1 IP: 192.168.1.2/24 Host2 IP: 192.168.1.3/24

>> Layer 3 device is required to establish communication between different VLANs


Now, lets define Trunk port on Switch1 so that we can interconnect it to another switch Switch2.

Switch1#config term
Switch1-config#int F0/24
Switch1-config-if#switchport mode trunk

Switch1-config-if# [Press Ctrl + z]

Switch1#show interface trunk

[This will show that F0/24 passes all the VLAN from one switch to another switch. Thus TRUNK mode is only enabled on FastEthernet port and GigabitEthernet port as it requires high bandwidth to pass all VLAN]

Do the same on Switch2

Switch>en
Switch#hostname Switch2

Switch2#config term
Switch2-config#int F0/24
Switch2-config-if#switchport mode trunk

Switch2-config-if# [Press Ctrl + z]

Switch2#show interface trunk


Let's say there is one host of FinanceDept plugged in on port F0/10 of switch2. For the hosts of FinanceDept on switch1 to talk with host on switch2, you have to define VLAN on switch2 and add the desired access port (here in our example: it's port F0/10 on that vlan 3).

Switch2#config term
Switch2-config#int F0/10
Switch2-config-if#switchport access vlan 3

Now, perform ping test between hosts of FinanceDept plugged in to Switch1 and Switch2. [ Friendly reminder: Hosts on same vlan should have same subnet number.]

Console Port Connection in Cisco Routers

The router has an EIA/TIA-232 asynchronous serial console port (RJ-45). Depending on the cable and the adapter used, this port appears as a DTE or DCE device at the end of the cable.

For connection to a PC running terminal emulation software e.g HyperTerminal in Windows machine, router is provided with an RJ-45 to DB-9 adapter cable (blue cable).

The default parameters for the console port are 9600 baud, 8 data bits, 1 stop bit, and no parity. The console port does not support hardware flow control.

For general overview of Hardware installation and Software configuration, please go thru' following links:

Hardware Installation

Software Configuration with upgrade techniques

Update JAVA and Install NetBeans in Mac OS X 10.5

Mac OS X:
Check Mac OS X version by executing
> sw_vers
ProductName: Mac OS X
ProductVersion: 10.5.8
BuildVersion: 9L31a

Version 10.5.x

Java Version:
Check Java version in your system by executing

>java -version
java version "1.5.0_13"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_13-b05-237)
Java HotSpot(TM) Client VM (build 1.5.0_13-119, mixed mode, sharing)

This is J2SE 5.0


[On the top right corner, there is spotlight/search. Search for "Java Preferences". Open that application. It allows you to select/de-select various versions of Java in your system ]

Our task: Update J2SE 5.0 to Java 6 [ Java SE 6] :
[ Java replaced name J2SE with Java SE starting from version 6 ]


Step 1: Go to http://support.apple.com/downloads/ and search for " java for mac os x 10.5 "

Step 2: Download the Java for Mac OS X 10.5 update 4
http://support.apple.com/kb/DL848

Java for Mac OS X 10.5 Update 4 delivers improved reliability, security, and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.7 and later. This release updates Java SE 6 to version 1.6.0_13, J2SE 5.0 to version 1.5.0_19, and J2SE 1.4.2 to 1.4.2_21.

Check java version:

>java -version
java version "1.6.0_13"
Java(TM) SE Runtime Environment (build 1.6.0_13-b03-211)
Java HotSpot(TM) 64-Bit Server VM (build 11.3-b02-83, mixed mode)


Step 3: Download the Java for Mac OS X 10.5 update 5
http://support.apple.com/kb/DL924

Caution: After installation of update 5, you have to restart the system.

Java for Mac OS X 10.5 Update 5 delivers improved reliability, security, and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5 .8 and later. This release updates Java SE 6 to version 1.6.0_15, J2SE 5.0 to version 1.5.0_20, and J2SE 1.4.2 to 1.4.2_22.

Check Java Version:

>java -version
java version "1.6.0_15"
Java(TM) SE Runtime Environment (build 1.6.0_15-b03-226)
Java HotSpot(TM) 64-Bit Server VM (build 14.1-b02-92, mixed mode)

Step 4: Download the Java for Mac OS X 10.5 update 8

http://support.apple.com/kb/DL971

Java for Mac OS X 10.5 Update 8 delivers improved compatibility, security, and reliability by updating J2SE 5.0 to 1.5.0_26, and updating Java SE 6 to 1.6.0_22 for 64-bit capable Intel-based Macs . J2SE 1.4.2 is no longer being updated to fix bugs or security issues and remains disabled by default in this update.

Check Java version
>java -version
java version "1.6.0_22"
Java(TM) SE Runtime Environment (build 1.6.0_22-b04-307-9M3263)
Java HotSpot(TM) 64-Bit Server VM (build 17.1-b03-307, mixed mode)


After updating Java from J2SE 5.0 to Java SE 6.0 with latest updates, we are now ready to install NetBeans ( IDE for Java,C,PHP.. more Programming)

Go to http://netbeans.org/downloads/index.html
and download your desired bundle for the Mac OS. It has pretty neat chart showing the NetBeans IDE support integration.

Since I am going to do basic Java SE programming, I will download very basic NetBeans IDE.

Install the downloaded .dmg file for NetBeans IDE and you are good to go.



[I have assumed that you know how to install the download .dmg file for Mac. It's easy. Just double click the respective downloaded .dmg file, the wizard will automatically walk you through the installation process]

How e-mail works? .. even a caveman can understand, yes even a caveman

SMTP (Port 25): handles outgoing mail

POP3/IMAP (Port 110/143): handles incoming mail

Let's have scenario: John Doe at hotmail.com sends email to Laura Johnson at gmail.com. John Doe uses Outlook to send an email. Laura uses web interface for gmail.com to access the email from John. 

(Outlook, web interface are the front end for the users. Those are just the GUI interface)

John uses Outlook--> sends email from Hotmail.com account to Laura Johnson at Gmail.com account--> Laura checks email at www.gmail.com

1. Outlook connects to SMTP server at hotmail.com using Port 25

John writes an email to Laura

From: John.Doe@hotmail.com

To: Laura.Johnson@gmail.com

Subject: Hi Laura

Body: Hi Laura, How are you? What's your plan for this weekend? Let's go to the state fair at Dallas.

2. SMTP server at hotmail.com reads "TO" field and breaks it into two parts e.g Laura.Johnson@gmail.com is broken into "Laura.Johnson" and "gmail.com"

3. SMTP server at hotmail.com queries to DNS server; Who is SMTP server at gmail.com?

DNS server looks into MX records and replies back with one or more SMTP servers at gmail.com

4. SMTP server at hotmail.com connects to one of the SMTP server at gmail.com and handles the message. SENDMAIL and POSTFIX are the most popular MTA (Mail Transfer Agent) to deliver mail from one SMTP server to another another SMTP server. My preference is POSTFIX as it's free, easy, secure, customizable and popular too.

5. SMTP server at gmail.com recognizes that "Laura.Johnson" is the user at gmail.com and it handover the message to gmail POP3/IMAP server which puts the message in the Laura.Johnson's INBOX.

6. Laura logs in to www.gmail.com and checks her email.

It's that easy. Remember, we didn't talk about handling the junk emails.

It goes little bit complex for handling the junk emails. Please google about that if you want to know more...

Extra Treat:

SMTP commands:

HELO

EHLO

MAIL FROM

RCPT TO

DATA

RESET

QUIT

HELP

VRFY

EXPN

VERB

POP3 commands:

USER

PASS

QUIT

LIST

RETR

DELE

TOP