Pages

Thursday, February 9, 2012


I wanted to configure a route to go over specific link in a case with multi-path, and found below info from Cisco Doc, and worked like a charm.  At one site, we have Nexus 7k, the router map had to be build with prefix rather than access-list.

So, the example is 
ip prefix-list LEAK-MAP seq 10 permit 10.1.1.0/24
route-map LEAK-10-1-1 permit 10
match ip address prefix-list LEAK-MAP
----
---Cisco IP Routing Protocol Commands: -

EIGRP Support For Leaking Routes
Configuring the leak-map keyword allows to advertise a component route that would otherwise be suppressed by the manual summary. Any component subset of the summary can be leaked. A route map and access list must be defined to source the leaked route.
The following is default behavior if an incomplete configuration is entered:
If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised but all component routes are suppressed.
If the leak-map keyword is configured but the access-list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.

Examples

The following example, starting in Global configuration mode, configures an administrative distance of 95 on interface Ethernet 0/0 for the 192.168.0.0/16 summary address: 
Router(config)# router eigrp 1 

Router(config-router)# exit 

Router(config)# interface Ethernet 0/0 

Router(config-if)# ip summary-address eigrp 1 192.168.0.0 0.0.255.255 95
The following example, starting in Global configuration mode, configures the 10.1.1.0/24 subnet to be leaked through the 10.0.0.0 summary address: 
Router(config)# router eigrp 1 

Router(config-router)# exit 

Router(config)# access-list 1 permit 10.1.1.0 0.0.0.255 

Router(config)# ! 

Router(config)# route-map LEAK-10-1-1 permit 10 

Router(config-route-map)# match ip address 1 

Router(config-route-map)# exit 

Router(config)# interface Serial 0/0 

Router(config-if)# ip summary-address eigrp 1 10.0.0.0 0.0.0.255 leak-map LEAK-10-1-1 

Router(config-if)# end
Posted by at No comments:

Monday, October 3, 2011

Setup yum repositories to install or update from local mounted iso file

First mount iso file
mount -o loop /path/to/isofile.iso /media/cdrom


Create dvd.repo in /etc/yum.repos.d


example dvd.repo

[dvd]
name=Red Hat Enterprise Linux 6.1
mediaid=1305068199.328169
metadata_expire=-1
gpgcheck=0
cost=500
baseurl=file:///media/cdrom/
enabled=1
Posted by at No comments:
Labels:

Wednesday, August 3, 2011

rsh setup on RHEL

yum install rsh-server
modify /etc/xinetd.d/rsh file to set "disable" to "no"
add "rsh" to /etc/securetty file
add trusted hosts to ~/.rhosts file
add "-A INPUT -m state --state NEW -m tcp -p tcp --dport shell -j ACCEPT" to /etc/sysconfig/iptables
in /etc/pam.d/rsh
change "auth       required   pam_rhosts.so" to "auth       sufficient   pam_rhosts.so"
service xinetd restart
server iptables restart
Posted by at No comments:
Labels:

Thursday, June 23, 2011

RHEL Virtual Guest Network Connection

 I liked to use a network bridge to virtual machines direct access to real network, without using the default virtbr0(NATed) networking.  I did following to change the host and Virtual Machine configurations


First, I choose em3 of the quad ports NIC for bridging.


--ifcfg-em3--

DEVICE="em3"
HWADDR="84:2B:2B:73:B2:53"
NM_CONTROLLED="no"
ONBOOT="yse"
BRIDGE=br0

--ifcfg-br0

DEVICE=br0
TYPE=Bridge
BOOTPROTO=none
ONBOOT=yes
DELAY=0
--



#iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# service iptables save# service iptables restart


# service network restart

#virsh edit vm_system_name
Change interface type='network' to interface type='bridge'.
Change source network='default' to source bridge='br0'.


Or in virtual machine manager, go into Hardware tab to remove NIC and add a new NIC. 


This all worked out right.


Than, I thought of using the first two NICs that had been setup with bonding to do the bridging.


I changed to ifcfg-bond0 with all IP info remarked ,and added "BRIDGE=br0", and moved IP address info into ifcfg-br0.  Again, it worked.  This is what I liked since it has redundancy.
Posted by at No comments:

Tuesday, June 21, 2011

RedHat 6.1 Changes to Network Interface Bonding Configuration

--ifcfg-bond0-

DEVICE=bond0
IPADDR=xxx.xxx.xxx.xxx
NETMASK=xxx.xxx.xxx.xxx
ONBOOT=yes
BOOTPROTO=none
USERCTL=no
BONDING_OPTS="miimon=100 mode=1"
---

Parameters for the bonding kernel module must be specified as a space-separated list in the BONDING_OPTS="<bonding parameters>" directive in the ifcfg-bond<N> interface file. Do not specify options for the bonding device in /etc/modprobe.d/<bonding>.conf, or in the deprecated/etc/modprobe.conf file.



For a channel bonding interface to be valid, the kernel module must be loaded. To ensure that the module is loaded when the channel bonding interface is brought up, create a new file as root named <bonding>.conf in the/etc/modprobe.d/ directory. Note that you can name this file anything you like as long as it ends with a .confextension. Insert the following line in this new file:
alias bond<N> bonding
Posted by at 1 comment:

Monday, June 20, 2011

some redhat commands and info

www.redhat.com/dell/activate, to activate Dell Server with RedHat installation

dmidecode - really cool command
Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard (see a sample output). This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag as well as a lot of other details of varying level of interest and reliability depending on the manufacturer. This will often include usage status for the CPU sockets, expansion slots (e.g. AGP, PCI, ISA) and memory module slots, and the list of I/O ports (e.g. serial, parallel, USB).


bonding

  • modprobe.conf 
    • alias bond0 bonding
    •         options bonding miimon=100 mode=1 (mode=802.3ad or 4 for port-channel)
  • ifcfg-bond0
    • DEVICE=bond0
    • USERCTL=no
    • ONBOOT=yes
    • BOOTPROTO=static
    • BROADCAST=xxx.xxx.xxx.xxx
    • IPADDR=xxx.xxx.xxx.xxx
    • NETMASK=xxx.xxx.xxx.xxx
    • NETWORK=xxx.xxx.xxx.xxx
    • GATEWAY=xxx.xxx.xxx.xxx
  • ifcfg-eth(n)
    • DEVICE=eth(n)
    • ONBOOT=yes
    • BOOTPROTO=none
    • MASTER=bond0
    • SLAVE=yes
  • VLAN taging
    • ifcfg-bond0 need to remove all IP address info.
    • ifcfg-bond.(vlan_id)
      • DEVICE=bond0.(vlan_id)
      • ONBOOT=yes
      • VLAN=yes
      • BOOTPROTO=none (or static with ip info below)



Posted by at No comments:

Thursday, May 26, 2011

Sniffing COS and VLAN ID

Had a hard time to find COS bits and Vlan ID in all my captures to prove QOS settings for a Nexus 2k switch.  At the end had to use a hub (a old 10 BaseT Ethernet hub, the reason had to use a mini switch before connect to a Nexus 2k port), a mini switch and a old RealTek NIC to get the capture showing the 802.1q tag.  Later found these url http://wiki.wireshark.org/CaptureSetup/VLAN and http://www.intel.com/support/network/sb/CS-005897.htm that explained almost everything.
Below is a Frame showing the COS and VLAN ID.

And here is the Ethernet Frame with 802.1q fields

Posted by at No comments:
Subscribe to: Posts (Atom)