Archive for June, 2008

Sources of Lack of Connectivity

June 17, 2008 at 11:10 am · Filed under Networking ·Tagged ,

Another problem that we have to face is lack of connectivity. The sources of this issue is:

–> Power failures

–> The remote server or an application on the remote server being shutdown.

Comments (1)

Sources of Network Slowness

June 17, 2008 at 11:06 am · Filed under Networking ·Tagged , ,

Maximum Network Support people have to face the problem with network slowness. Here I want to some sources of this issue:

–> NIC duplex and speed incompatibilities

–> Network congestion

–> Poor routing

–> Bad cabling

–> Electrical interference

–> An overloaded server at the remote end of the connection

–> Misconfigured DNS

Wish you to comment a advice about this issue.

Comments (1)

DHCP Server Configuration

June 16, 2008 at 7:43 pm · Filed under Linux, Servers ·Tagged , , ,

DHCP stands for Dynamic Host Configuration Protocol. This protocol reduces the workload. dhcp-3.0.1-59.EL4, dhcp-3.0.1-58.EL4, dhcp-3.0.1-54.EL4 — anyone of these packages are used for dhcp server. At first we have to check the package whether it is installed or not. We can check this with the following command.

#rpm -qa | grep dhcpd*

Here the * sign after the ‘dhcpd’ means anything after ‘dhcpd’ wil be grep. If the package is installed than we can directly go for configuration. If no output appears than we have to install the package. We can do this with the following command.

#rpm -ivh dhcpd*

Now, the package is installed. We have to edit the /etc/dhcpd.conf file to configure the dhcp server.

vi /etc/dhcpd.conf

Sometimes we will not find any file like /etc/dhcpd.conf . At such situation we have to go to /usr/share/doc/ directory. There we will find another folder named like dhcp-3.01. We will enter into that directory.

#cd /usr/share/doc

#cd dhcp-3.01

Here will find a file named dhcpd.conf.sample. We will copy this file as follows.

cp dhcpd.conf.sample /etc/dhcpd.conf

Now we will edit the file.

vi /etc/dhcpd.conf

And in this file we will change the file as follows.

{

optionrouters 192.168.100.1

optionnetmask 255.255.255.0

domainnameserver 192.168.0.1, 4.2.2.1;

optionbroadcastaddress 192.168.100.255

optionbootp 192.168.100.2 192.168.100.254

defaultleasttime 21600

maxleasttime 43200

}

This will configure dhcp server. If we want to enter fixed IP, than we have to add the folowing after the previous command.

host DNS

{

hw ether 00:21:D3:C1:11:12

fixed-address 192.168.100.5

}

This is important as some pc connected to printer will need to have fixed IP.

Thats all according to my knowledge. Expect some comments about this issue.

Leave a Comment

A simple Firewall at Linux

June 14, 2008 at 4:21 pm · Filed under Linux, Networking ·Tagged , ,

Here I want to share a simple firewall example. This will be a firewall using iptables at Linux. We have to create a file at /usr/bin name firewall. We can do this with the following command.

vi /usr/bin/firewall

Then we will edit the file. The edition are written below:

vi /usr/bin/firewall

#!/bin/bash

iptables -F


# set defaukt policy

iptables -P INPUT ACCEPT

iptables -P OUTPUT ACCEPT

iptables -P FORWARD DROP


# accept WAN interface

iptables -A FORWARD -i eth0 -j ACCEPT


# allow a specific IP

iptables -A FORWARD -i eth1 -s 192.168.100.2/32 -d  0/0 -j ACCEPT

Now We will set execution permission to all type user with the following command.

chmod +x /usr/bin/firewall

Now if we write firewall, just like other unix command, it will start firewall file.

For adding at startup configuration we can write a command at /etc/rc.local

vi /etc/rc.local

/usr/bin/firewall

We can also allow or deny any specified MAC also with the following command:

iptables -A FORWARD -i eth0 -s 192.168.100.2 -m mac –mac-source 00:21:D3:C1:11:17 -d 0/0 -j ACCEPT

We have add to the /usr/bin/firewall file.

Expect to get better advice.

Comments (1)

Gateway Server Configuration

June 14, 2008 at 3:50 pm · Filed under Linux, Networking, Servers ·Tagged , , , ,

Gateway server configuration is the easiest thing in Linux server configuration. For this we have to follow the following steps.

1. We have to ensure that the server computer two NICs. Then we have to configure the NICs. I think most of us can do this thing. To configure interface eth1 we have to create a file /etc/sysconfig/network-scripts/ifcfg-eth1 (If there is no such file; if there exist the file then we have to edit this file) as follows:

vi /etc/sysconfig/network-scripts/ifcfg-eth1

# Intel Corporation 82573E Gigabit Ethernet Controller (Copper)

DEVICE=eth1

BOOTPROTO=static

HWADDR=12:34:56:78:9A:BC

IPADDR=192.168.100.1

NETMASK=255.255.255.0

Here the network is 192.168.100.0/24

This is the LAN side.

We will configure WAN side at eth0 with the following command:

vi /etc/sysconfig/network-scripts/ifcfg-eth0

# Intel Corporation 82573E Gigabit Ethernet Controller (Copper)

DEVICE=eth0

BOOTPROTO=static

HWADDR=12:34:56:78:9A:BC

IPADDR=221.120.96.233

NETMASK=255.255.255.224
Now we will restart the interfaces.

/etc/init.d/network restart
2. Now we have to do minimum two things.

* IP forwarding

* NAT (Network Address Translation)

3. For IP forwarding we can chose any one procedure as follows:

* Procedure 1: We can write only one command as follows :

# echo 1>/proc/sys/net/ipv4/ip_forward

and then entry this line at /etc/rc.local file.

* Procedure 2: We can edit the /etc/sysctl.conf file and do there we will change the value 0 of net.ipv4.ip_forward to 1.

# vi /etc/sysctl.conf

net.ipv4.ip_forward=1

Then we have to restart the file with the following command:

# sysctl -p
4. For NAT we can add only two line at /etc/rc.local file:

iptables -t nat -F

iptables -t nat -A POSTROUTING -s 192.168.100.0/24 -d 0/0 -j SNAT –to-source 221.120.96.233

Thats all. Our Gateway server is configured. Now we can check whether its working or not.

Any suggestions ?

Comments (2)

Copy from a remote Server

June 12, 2008 at 6:32 am · Filed under Linux, Networking ·Tagged , ,

We can copy from and copy to a remote server using scp command. scp means secure copy. The structure of the command is as follows:

scp source destination

Suppose I want to copy to 192.168.100.5 . We want to copy the /etc/passwd to the remote server at /root .

Then we have to use the following command:

scp /etc/passwd root@192.168.100.5:/root

If we want to copy from 192.168.100.5 /etc/passwd file to /root, then we will write

scp root@192.168.100.5:/etc/passwd /root

We have to remind one thing that we must have to use root user for secure copy.

To copy a folder we have to use the following structure:

scp -r source destination

Leave a Comment

Allow and deny IP for ssh

June 12, 2008 at 2:31 am · Filed under Linux, Networking ·Tagged , , , , ,

We can allow and deny IP for ssh. To do this we have to change some configuration at /etc/host.deny and /etc/host.allow files. Suppose we want to deny 192.168.100.5, then we will edit the /etc/host.deny file and do some changes as follows.

vi /etc/host.deny

sshd:192.168.100.5

Save & exit

This will deny 192.168.100.5 to ssh.

Suppose we want to allow only 192.168.100.5 to ssh. Then we will edit two files as follows:

vi /etc/host.deny

sshd:all

save & exit

vi /etc/host.allow

sshd:192.168.100.5

save & exit

We can do the same by changing only at /etc/host.deny as follows:

vi /etc/host.deny

sshd:all except 192.168.100.5

save & exit

Comments (2)

Deny root user for ssh

June 11, 2008 at 9:20 am · Filed under Linux, Networking ·Tagged , , ,

We can deny root user for ssh. For this we have to edit the sshd-config file. To do this we have to write the following command:

vi /etc/ssh/sshd-config

Now we will find out a line

PermitRootLogin=yes

We will replaced the yes with no.

PermitRootLogin=no

Now not only the root, but also all super user can not ssh at this ssh server.

To allow any user we have to add the following line at the last line of the configuration.

AllowUsers reza

This command will allow reza user.

AllowUsers reza nayem

This command will allow reza and nayem, both users.

We must have to restart the service after editing the file. Otherwise it wont work.

Any advice regarding this issue is highly expected.

Leave a Comment

Changing the port number at ssh

June 11, 2008 at 8:35 am · Filed under Linux, Networking ·Tagged ,

We can change the port number of ssh. By default the port number of ssh is 22. To change the port address we have to edit the file /etc/ssh/sshd-config. We can do this with the following command.

vi /etc/ssh/sshd-config

In this file we will find a line

port 22

We will replace the 22 with 29 and then save the file.

Now we will restart the service sshd.

service sshd restart

/etc/init.d/sshd restart

Now to ssh at this server or os we have to write the following line

ssh -p 29 root@192.168.100.5

Leave a Comment

Logging at a server with ssh

June 11, 2008 at 7:57 am · Filed under Linux, Networking ·Tagged , ,

We can log in at a server or pc with ssh. For this here is some instruction.

1. Suppose we are at 192.168.100.1 and trying to ssh at 192.168.100.5 .

ssh 192.168.100.5

This command will try to connect the 192.168.100.5 as the user that he already logged in the 192.168.100.1. Suppose we are at the root user in the 192.168.100.1. Then the command will try to connect at 192.168.100.5 as the root user.

2. ssh reza@192.168.100.5

This command will try to ssh at 192.168.100.5 as the reza user.

3. ssh -l nayem 192.168.100.5

This command will try to ssh at 192.168.100.5 as nayem user.

4. ssh -p 29 root@192.168.100.5

This command will try to ssh at 192.168.100.5 using the port 29.

Thats all my knowledge about this issue. Expect to get any advice from you.

Comments (3)

Older Posts »