GOOGLE Search
Sunday, March 30, 2008
Linux How To's
Tutorials
- How To: DHCP Server (1)
- How To: DHCP Server Logs (1)
- How To: MySQL Server Installation (1)
- How To: Apache Web Server (1)
- How To: Caching DNS (1)
- How To: IPTABLES Configuration (1)
- How To: IPTABLES Installation (1)
- How To: IPTABLES Scenario 1 (1)
- How To: IPTABLES Scenario 1.1 (1)
- How To: IPTABLES Scenario 2 (1)
- How To: IPTABLES Scenario 2.1 (1)
- How To: IPTABLES Tip (1)
- How To: PHP (1)
- How To: Squid Proxy (1)
- How To: Squid Proxy Authentication (1)
- How To: Squid Proxy Restricting Site (1)
- How To: Squid Proxy Transparent (1)
- How To: Squid Proxy using ACL (1)
- How To: VSFTP Server (1)
Network Tip No. 40: Show Available Memory
Show Used and Available Memory of your Cisco router or switch
A router can be limited by its available memory. To show the used and available memory,
Router#show proc mem At the beginning of the output, look for a line like this:
Total: 200234528, Used: 70508188, Free: 129726340
Network Tip No. 39: Show Processor Load
Show proccessor load of your router or switch,which can be limited by its processing power. To show the processor utilization,
Router#show proc cpu
At the beginning of the output, look for a line like this:
CPU utilization for five seconds: 37%/30%; one minute: 39%; five minutes: 40%
Network Tip No. 38: CLI Editing Tips
Learn the command-line editing keys.
Control A Goes to the beginning of the line
Control E Goes to the end of the line
Control K Deletes everything to the right of the cursor
Control P Recalls the previous command in the history buffer
Control N Recalls the next command in the history buffer
Network Tip No. 37: ACL on DNS
No browsing.... A common access-list pitfall is when people forget to allow DNS (Domain Name Servers) from their internal network to the provider's DNS servers. Mainly this is a problem on home or small office routers where you might not have an internal DNS server running. The following command allows DNS access from your hosts to the outside DNS server. In this example, our outside DNS servers are 192.168.30.11 and 192.168.30.12
access-list 110 permit udp host 192.168.30.11 eq domain any gt 1023
access-list 110 permit udp host 192.168.30.12 eq domain any gt 1023
Network Tip No. 36: ACL on ICMP
Some are having some problems on the ICMP access-list. Try this oneallow pings into the network
access-list 110 permit icmp any any echo
! allow ping responses
access-list 110 permit icmp any any echo-reply
! allow ICMP source-quench
access-list 110 permit icmp any any source-quench
! allow path MTU discovery
access-list 110 permit icmp any any packet-too-big
! allow time-exceeded, which is useful for traceroute
access-list 110 permit icmp any any time-exceeded
! deny all other ICMP packets
access-list 110 deny icmp any any
Network Tip No. 35: Stopping the router from crazy output
Stopping the router from crazy output... An annoying problem output everytime you mistype a command and the router thinks you just typed a hostname. For example: The way to handle this is to change the preferred transport method: The output shows the lack of a failed connection based on our mistyped keyword:
Router#shwo
Translating "shwo"...domain server (10.1.1.1)
% Unknown command or computer name, or unable to find computer address
Router#
! Console port
line con 0
transport preferred none
! VTY Ports
line vty 0 5
transport preferred none
Router#shwo
^
% Invalid input detected at '^' marker.
Network Tip No. 34: The reload command
When everything fails.... hehe
Router#reload in 3
Reload scheduled in 3 minutes
Proceed with reload? [confirm]y
Wednesday, March 26, 2008
Linux Tip No. 36: How to Enable IP Forwarding
Enable IP Forwarding
1. Check if IP Forwarding is enabled
Using sysctl:
[root@proxy ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
or just checking out the value in the /proc system:
[root@proxy ~]# cat /proc/sys/net/ipv4/ip_forward
0Value 0 means it is disabled.
2. Enable IP Forwarding on the fly
[root@proxy ~]#sysctl -w net.ipv4.ip_forward=1or
[root@proxy ~]#echo 1 > /proc/sys/net/ipv4/ip_forward
the setting is changed instantly; the result will not be preserved after rebooting the system.
3. Permanent setting using /etc/sysctl.conf
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1
[root@proxy ~]#vi/etc/sysctl.conf
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.
To enable the changes made in sysctl.conf you will need to run the command:
[root@proxy ~]#sysctl -p /etc/sysctl.conf
Restart the network service
[root@proxy ~]#service network restart
Linux Tip No. 35: Enable service at boot up
To Check:
[root@jepoy ~]# chkconfig --list |grep httpd
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
To enable at boot up:
[root@jepoy ~]# chkconfig httpd on
Linux Tip No. 34: How to Check Services
This command is used to start/stop your services.
service start/stop/restart/status [root@jepoy ~]# service httpd start
To Stop:
[root@jepoy ~]# service httpd stop
To Restart:
[root@jepoy ~]# service httpd restart
To check:
[root@jepoy ~]# service httpd status
Monday, March 24, 2008
Linux Tip No. 33: How to check your DHCP server
This command tells you what DHCP server you are using.
[root@jepoy ~]# grep dhcp-server-identifier /var/lib/dhcp/dhclient.leases
option dhcp-server-identifier 192.168.0.254;
Linux Tip No. 32: Checking the top 10 directories
Top 10 directories eating up your disk space:
[root@mail etc]# du -cksh * | sort -rn | head -10
852K sysconfig
784K termcap
704K selinux
704K makedev.d
632K firmware
552K X11
544K pam.d
472K prelink.cache
460K alsa
444K postfix
Linux Tip No. 31: Renew/Release DHCP client
[root@proxy ~]# dhclient -r
[root@proxy ~]# dhclient
Internet Systems Consortium DHCP Client V3.0.2
Copyright 2004 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP
The -r flag
explicitly releases the current lease, and once the lease has been released, the client exits.
Sunday, March 23, 2008
Network Tip No. 33: Troubleshootin IGRP
Troubleshooting IGRP Issues
| Router#debug ip igrp events | Shows all IGRP events in real time |
| Router#debug ip igrp transactions | Shows IGRP updates between routers |
Network Tip No. 32: IGRP Routing Optional Commands
Network Tip No. 31: IGRP Routing Commands
IGRP Routing: Mandatory Commands
| Router(config)#router igrp as-number | Enables IGRP routing process. The autonomous system number (AS-number) used in the IGRP routing process must match all other routers that are going to share routing updates in order for communication to take place |
| Router(config-router)#network w.x.y.z | w.x.y.z is the network number of the directly connected network you want to advertise |
Note:
You need to advertise only the classful network number, not a subnet:
Router(config-router)#network 172.17.0.0 not
Router(config-router)#network 172.17.10.0 If you advertise a subnet, you will not receive an error message, because the router will automatically convert the subnet to the classful network address.
Tuesday, March 18, 2008
Linux Tip No. 30: Managing Disk Space
[root@mail ~]# fdisk -l
Disk /dev/sda: 36.4 GB, 36419584000 bytes
255 heads, 63 sectors/track, 4427 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 63 506016 83 Linux
/dev/sda2 64 3905 30860865 83 Linux
/dev/sda3 3906 4427 4192965 82 Linux swap
Disk /dev/sdb: 36.4 GB, 36419584000 bytes
255 heads, 63 sectors/track, 4427 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 * 1 4427 35559846 83 Linux
Linux Tip No. 29: Becoming a Super User
Becoming Super User (The su Command)
[docadmin@mail ~]$ su
Password: ******
[root@mail docadmin]#
When you are prompted, type in the root user's password. The prompt for the regular user ($) will be changed to the super user prompt (#). At this point, you have full permission to run any command and use any file on the system. However, one thing that the su command doesn't do when used this way is read in the root user's environment. As a result, you may type a command that you know is available and get the message "command not found." To fix this problem, you can use the su command with the dash (-) option instead, as follows:
[docadmin@mail ~]$ su -
Password:
[root@mail docadmin]#
When you are prompted, type in the root user's password. The prompt for the regular user ($) will be changed to the super user prompt (#). At this point, you have full permission to run any command and use any file on the system. However, one thing that the su command doesn't do when used this way is read in the root user's environment. As a result, you may type a command that you know is available and get the message "command not found." To fix this problem, you can use the su command with the dash (-) option instead, as follows:
$ su -
Password: ******
#
Linux Tip No. 28: Command-Line Recall
Command-Line Recall
After you type a command line, that entire command line is saved in your shell's history list. The list is stored in a history file, from which any command can be recalled to run again.
[docadmin@mail ~]$ history 20
526 exit
527 su -
528 cd /etc
529 more inittab
530 exit
531 su
532 lspcis
533 lspci
534 su
535 su -
536 su
537 su -
538 su -
539 su -
540 su -
541 id
542 su jepoy
543 history
544 history 10
545 history 20
Network Tip No. 30: RIP Version 2: Optional Commands
RIP Version 2: Optional Commands
|
Network Tip No. 29: RIP Version 2: Mandatory Commands
RIP Version 2: Mandatory Commands
| Router(config)#router rip | Turns on the RIP routing process; the same command as used for RIP Version 1 (RIP-1) |
| Router(config-router)#version 2 | Turns on Version 2 of the routing process. Version 1 is default |
| Router(config-router)#network w.x.y.z | w.x.y.z is the network number of the directly connected classful network you want to advertise |
Network Tip No. 28: Troubleshooting RIP Issues
Network Tip No. 27: RIP Version 2
RIP Version 2
| Router(config-router)#version 2 | RIP will now send and receive RIP-2 packets globally |
| Router(config-if)#ip rip send version 1 | Interface will send only RIP-1 packets |
| Router(config-if)#ip rip send version 2 | Interface will send only RIP-2 packets |
| Router(config-if)#ip rip send version 1 2 | Interface will send both RIP-1 and RIP-2 packets |
| Router(config-if)#ip rip receive version 1 | Interface will receive only RIP-1 packets |
| Router(config-if)#ip rip receive version 2 | Interface will receive only RIP-2 packets |
| Router(config-if)#ip rip receive version 1 2 | Interface will receive both RIP-1 and RIP-2 packets |
Linux Tip No. 27: Exiting the Shell
Linux Tip No. 26: Checking Directories
To find out what your current directory is, type the pwd command:
$ pwd
/usr/bin
To find out the name of your home directory, type the echo command, followed by the $HOME variable:
$ echo $HOME
/home/jepoy
To change your directory, use the cd command. You could also use the tilde (~) character to indicate the home directory. So cd ~ would have the same resultas just cd.
$ cd /var/log
$ pwd
/var/log
To check if its a directory, use the ls -la command. "d" means its a directory.
[jepoy@mail ~]$ ls -al
total 33048
drwx------ 7 jepoy jepoy 4096 Mar 15 12:12 .
drwxr-xr-x 85 root root 4096 Jan 28 13:35 ..
-rw-r--r-- 1 jepoy jepoy 304 Jul 27 2007 .bash_logout
-rw-r--r-- 1 jepoy jepoy 191 Jul 27 2007 .bash_profile
-rw-r--r-- 1 jepoy jepoy 124 Jul 27 2007 .bashrc
drwxr-xr-x 3 jepoy jepoy 4096 Aug 29 2007
dr-x------ 2 jepoy jepoy 4096 Mar 14 15:50 download_only
drwxr-xr-x 2 jepoy jepoy 4096 Aug 16 2007 DVBH
drwxr-xr-x 2 jepoy jepoy 4096 Aug 16 2007 Dynamips
Linux Tip No. 25: Checking Your Login Session
To find out information about your identity, use the id command as follows:
[jepoy@mail docadmin]$ iduid=10023(jepoy) gid=10023(jepoy) groups=10023(jepoy)
Network Tip No. 26: RIP Routing Optional Commands
RIP Routing: Optional Commands
| Router(config)#no router rip | Turns off the RIP routing process |
| Router(config-router)#no network w.x.y.z | Removes network w.x.y.z from the RIP routing process |
| Router(config-router)#passive-interface s0/0 | RIP updates will not be sent out this interface |
| Router(config-router)#neighbor a.b.c.d | Defines a specific neighbor with which to exchange information |
| Router(config-router)#no ip split-horizon | Turns off split horizon (on by default) |
| Router(config-router)#ip split-horizon | Re-enables split horizon |
| Router(config-router#timers basic 30 90 180 270 360 | Changes timers in RIP: |
| 30 = Update timer (in seconds) | |
| 90 = Invalid timer (in seconds) | |
| 180 = Hold-down timer (in seconds) | |
| 270 = Flush timer (in seconds) | |
| 360 = Sleep time (in milliseconds) | |
| Router(config-router)#maximum-paths x | Limits the number of paths for load balancing to x (4 = default, 6 = maximum) |
| Router(config-router)#default-information originate | Generates a default route into RIP |
