Feeds:
Posts
Comments

VMWare Server Tips

VMWare Server on Linux (VMWare Server 1.04 on Ubuntu 7.10 Server)

– Physical Network Interfaces that will only be used by VMWare Guests:

Even though you may have a physical interface that a Host will not use, you need to set-it-up in /etc/network/interfaces. This will activate the network interface for the Host, which will only then allow the Guest system to utilize it. I am sure there may be a more elegant and secure way to accomplish this – I just haven’t had the time to do it myself. So, as a work around, I assign a static IP address, with a 32-bit subnet mask. This activates the interface, without providing a IP capabilities on the network.

There is probably a better/ more secure way to do this… let me know.

Advertisements

My toolbox – an incomplete list:

MTR – Link Diagnostics
IPerf – bandwidth test
TCPTrack – track tcp connections per interface

MTR:
An indespensbile trouble shooting tool is MTR. It is already a part of my favorite distro, Ubuntu. It combines the functions of ping and traceroute, and the info provided is excellent for diagnostics. More at: http://www.bitwizard.nl/mtr/

Just use it in place of ‘ping’. For example:

mtr 10.10.10.1

This will update your terminal display with:

– Packet Loss %

– Packets Sent

– Ping, Last Response Time

– Ping, Average Response Time

– Ping, Best Response Time

– Ping, Worst Response Tim

and my favorite

– Ping, Standard Deviation

IPerf:

The gold standard for bandwidth testing. In Ubuntu:

sudo apt-get install iperf

To use, you need one session running as the server, and another (or several) as the client.

A quick example:

Server:

iperf -s -D

this command will run the server

Client:

iperf -c 10.10.100.1 -r -t 30 -P 3

this will connect to a server at IP 10.10.100.1, and perform a two-way test for 30 seconds each. The -P 3 is interesting, as it will run 3 parallel processes to get full bandwidth results. This is especially useful on a Windows system, and a single connection test won’t be able to pump out the full bandwidth capabilities.

The results are quite useful.

TCPTrack:

Quick reference to active connects on an interface.  Excellent on a proxy/ router to monitor who might be using to much traffic

Check out http://www.lm-sensors.org  an open source project for embedded “sensors” for your Linux system.

I needed an easy way to check the CPU temperature for my new PC from the command line.  This is yet another great example of what open source has to offer.

On my Ubuntu 7.10 server, it was too easy:

sudo apt-get install lm-sensors

sudo sensors-detect

This will test your system to see which sensors should be installed.  Near the end, allow it to auto-add the kernel modules for you (make a note, in case you want to yank them later – for me, once I am done with the testing, I may remove them.)

Reboot your system

Once rebooted, type:

sensors

This gave me what I was looking for – CPU temp.  And a bonus – fan RPM.

I am sure there are many other uses for this – I have just scratched the surface.

Install Webmin

Real quick – Webmin on Ubuntu 7.10.

Get Dependencies:

sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl

Download:

sudo wget http://prdownloads.sourceforge.net/webadmin/webmin_1.380_all.deb

(or whatever version is latest – browse to the webmin site, and paste the link for the current version download)

Install:

sudo dpkg -i webmin_1.380_all.deb

I was installing Evolution to my laptop recently (see article on Evolution, the best Outlook replacement).  After firing up Evolution, I didn’t have the option for Exchange.  I found that the Exchange connector is listed as a suggested package, so my command of “apt-get install evolution” only retrieved the basics.

I’ve seen this problem before: I want to install the full application with the features I need, but some of the packages are listed as suggested or recommended.  If using the GUI package manager (Synaptic or Adept) it is easy enough to click them – but it is a pain to type them all in on a terminal.

That is where Wajig comes in:

First, install it:

  sudo apt-get install wajig

Now, you can use it in place of apt-get to select recommended and/or suggested packages.  For example, I want to install Evolution, so I have 4 options:

sudo apt-get install evolution
– This installs Evolution alone

sudo wajig installr evolution
– This installs Evolution with recommended packages (see the “r”)

sudo wajig installs evolution
– This installs Evolution with suggested packages (see the “s”)

sudo wajig installrs evolution
– This installs Evolution with recommended and suggested packages (see the “rs”)

Way cool…

I’ve been in the IT industry for almost 15 years, and worked with both large and small companies. I have never had an opportunity to work with the BGP protocol, until now. My experience with it has been fun (for a nerd), and I have now expanded my networking knowledge, just a little bit, so I want to share with you what I have found. I am by no means a BGP expert now, but can confidently understand and configure a somewhat complex arrangement with it.

As with all things for me, it would have helped immensely if there was a step-by-step example of how to complete my project. I learn by example, and can understand something if I can see the completed work first. So, I will provide that for you here.

Of course, I will be using open source tools – old hardware on Ubuntu Server 7.10, with Quagga. Clean, simple, stable, reliable.

Details to follow soon…

Network Interface examples

I found this sample file on the net, so I thought I’d post it here.  There are some excellent and complexconfig examples here:
It has a few good examples of configurations for your interfaces file.    See Also: http://www.cyberciti.biz/faq/setting-up-an-network-interfaces-file/ #/etc/network/interfaces — configuration file for ifup(8), ifdown(8)
#
# A “#” character in the very first column makes the rest of the line
# be ignored. Blank lines are ignored. Lines may be indented freely.
# A “\” character at the very end of the line indicates the next line
# should be treated as a continuation of the current one.
#
# The “pre-up”, “up”, “down” and “post-down” options are valid for all
# interfaces, and may be specified multiple times. All other options
# may only be specified once.
#
# See the interfaces(5) manpage for information on what options are
# available.
######################################################################

# We always want the loopback interface.
#
# auto lo
# iface lo inet loopback

# An example ethernet card setup: (broadcast and gateway are optional)
#
# auto eth0
# iface eth0 inet static
#     address 192.168.0.42
#     network 192.168.0.0
#     netmask 255.255.255.0
#     broadcast 192.168.0.255
#     gateway 192.168.0.1

# A more complicated ethernet setup, with a less common netmask, and a downright
# weird broadcast address: (the “up” lines are executed verbatim when the
# interface is brought up, the “down” lines when it’s brought down)
#
# auto eth0
# iface eth0 inet static
#     address 192.168.1.42
#     network 192.168.1.0
#     netmask 255.255.255.128
#     broadcast 192.168.1.0
#     up route add -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.2
#     up route add default gw 192.168.1.200
#     down route del default gw 192.168.1.200
#     down route del -net 192.168.1.128 netmask 255.255.255.128 gw 192.168.1.2

# A more complicated ethernet setup with a single ethernet card with
# two interfaces.
# Note: This happens to work since ifconfig handles it that way, not because
# ifup/down handles the ‘:’ any differently.
# Warning: There is a known bug if you do this, since the state will not
# be properly defined if you try to ‘ifdown eth0’ when both interfaces
# are up. The ifconfig program will not remove eth0 but it will be
# removed from the interfaces state so you will see it up until you execute:
# ‘ifdown eth0:1 ; ifup eth0; ifdown eth0’
# BTW, this is “bug” #193679 (it’s not really a bug, it’s more of a
# limitation)
#
# auto eth0 eth0:1
# iface eth0 inet static
#     address 192.168.0.100
#     network 192.168.0.0
#     netmask 255.255.255.0
#     broadcast 192.168.0.255
#     gateway 192.168.0.1
# iface eth0:1 inet static
#     address 192.168.0.200
#     network 192.168.0.0
#     netmask 255.255.255.0

# “pre-up” and “post-down” commands are also available. In addition, the
# exit status of these commands are checked, and if any fail, configuration
# (or deconfiguration) is aborted. So:
#
# auto eth0
# iface eth0 inet dhcp
#     pre-up [ -f /etc/network/local-network-ok ]
#
# will allow you to only have eth0 brought up when the file
# /etc/network/local-network-ok exists.

# Two ethernet interfaces, one connected to a trusted LAN, the other to
# the untrusted Internet. If their MAC addresses get swapped (because an
# updated kernel uses a different order when probing for network cards,
# say), then they don’t get brought up at all.
#
# auto eth0 eth1
# iface eth0 inet static
#     address 192.168.42.1
#     netmask 255.255.255.0
#     pre-up /path/to/check-mac-address.sh eth0 11:22:33:44:55:66
#     pre-up /usr/local/sbin/enable-masq
# iface eth1 inet dhcp
#     pre-up /path/to/check-mac-address.sh eth1 AA:BB:CC:DD:EE:FF
#     pre-up /usr/local/sbin/firewall

# Two ethernet interfaces, one connected to a trusted LAN, the other to
# the untrusted Internet, identified by MAC address rather than interface
# name:
#
# auto eth0 eth1
# mapping eth0 eth1
#     script /path/to/get-mac-address.sh
#     map 11:22:33:44:55:66 lan
#     map AA:BB:CC:DD:EE:FF internet
# iface lan inet static
#     address 192.168.42.1
#     netmask 255.255.255.0
#     pre-up /usr/local/sbin/enable-masq $IFACE
# iface internet inet dhcp
#     pre-up /usr/local/sbin/firewall $IFACE

# A PCMCIA interface for a laptop that is used in different locations:
# (note the lack of an “auto” line for any of these)
#
# mapping eth0
#    script /path/to/pcmcia-compat.sh
#    map home,*,*,*                  home
#    map work,*,*,00:11:22:33:44:55  work-wireless
#    map work,*,*,01:12:23:34:45:50  work-static
#
# iface home inet dhcp
# iface work-wireless bootp
# iface work-static static
#     address 10.15.43.23
#     netmask 255.255.255.0
#     gateway 10.15.43.1
#
# Note, this won’t work unless you specifically change the file
# /etc/pcmcia/network to look more like:
#
#     if [ -r ./shared ] ; then . ./shared ; else . /etc/pcmcia/shared ; fi
#     get_info $DEVICE
#     case “$ACTION” in
#         ‘start’)
#             /sbin/ifup $DEVICE
#             ;;
#         ‘stop’)
#             /sbin/ifdown $DEVICE
#             ;;
#     esac
#     exit 0

# An alternate way of doing the same thing: (in this case identifying
# where the laptop is is done by configuring the interface as various
# options, and seeing if a computer that is known to be on each particular
# network will respond to pings. The various numbers here need to be chosen
# with a great deal of care.)
#
# mapping eth0
#    script /path/to/ping-places.sh
#    map 192.168.42.254/24 192.168.42.1 home
#    map 10.15.43.254/24 10.15.43.1 work-wireless
#    map 10.15.43.23/24 10.15.43.1 work-static
#
# iface home inet dhcp
# iface work-wireless bootp
# iface work-static static
#     address 10.15.43.23
#     netmask 255.255.255.0
#     gateway 10.15.43.1
#
# Note that the ping-places script requires the iproute package installed,
# and the same changes to /etc/pcmcia/network are required for this as for
# the previous example.

# Set up an interface to read all the traffic on the network. This
# configuration can be useful to setup Network Intrusion Detection
# sensors in ‘stealth’-type configuration. This prevents the NIDS
# system to be a direct target in a hostile network since they have
# no IP address on the network. Notice, however, that there have been
# known bugs over time in sensors part of NIDS (for example see
# DSA-297 related to Snort) and remote buffer overflows might even be
# triggered by network packet processing.
#
# auto eth0
# iface eth0 inet manual
#     up ifconfig $IFACE 0.0.0.0 up
#       up ip link set $IFACE promisc on
#       down ip link set $IFACE promisc off
#       down ifconfig $IFACE down

# Set up an interface which will not be allocated an IP address by
# ifupdown but will be configured through external programs. This
# can be useful to setup interfaces configured through other programs,
# like, for example, PPPOE scripts.
#
# auto eth0
# iface eth0 inet manual
#       up ifconfig $IFACE 0.0.0.0 up
#       up /usr/local/bin/myconfigscript
#       down ifconfig $IFACE down