CONFIGURE NFS SERVER IN RHEL6

CONFIGURE NFS SERVER IN RHEL6

SERVER SIDE CONFIGURATION

[root@gagan ~]#  yum –y install nfs*

[root@gagan ~]#  vi /etc/exports

#(Insert the following entry)

/home 192.168.0.0/24(rw,sync,no_root_squash,no_all_squash)

# options

# /home  = shared directory.

# 192.162.0.0/24  = Range of the network which nfs will

# grant access to.

# rw = Read and write access.

# ro = Read only access.

# sync = synchronize

# no_root_squash  = enables root access and privilege.

# no_all_squash   = enables user access.

[root@gagan ~]#  service nfslock restart

[root@gagan ~]#  service nfs restart

[root@gagan ~]#  chkconfig nfslock on

[root@gagan ~]#  chkconfig nfs on

CLIENT CONFIGURATION

[root@anjana ~]#  yum –y install nfs*

[root@anjana ~]#  service nfslock restart

[root@anjana ~]#  service netfs restart

[root@anjana ~]#  chkconfig nfslock on

[root@anjana ~]#  chkconfig netfs on

[root@anjana ~]#  mount –t nfs 192.168.0.63:/home /home

[root@anjana ~]#  df –h

o    nfs — (/sbin/service nfs start) starts the NFS server and the appropriate RPC processes to service requests for shared NFS file systems.

o    nfslock — (/sbin/service nfslock start) is a mandatory service that starts the appropriate RPC processes to allow NFS clients to lock files on the server.

[root@anjana ~]#  vi /etc/fstab

# insert the following entry in the fstab file

192.168.0.63:/home   /home       nfs        defaults,_netdev           1 1

[root@anjana ~]#  mount-a

IP BONDING IN LINUX

IP BONDING IN LINUX

Linux network Bonding is creation of a single bonded interface by combining 2 or more Ethernet interfaces. This helps in high availability of your network interface and offers performance improvement. Bonding is same as port trunking or teaming.

Bonding allows you to aggregate multiple ports into a single group, effectively combining the bandwidth into a single connection. Bonding also allows you to create multi-gigabit pipes to transport  traffic through the highest traffic areas of your network. For example, you can aggregate three megabits ports into a three-megabits trunk port. That is equivalent with having one interface with three megabytes speed

Steps for bonding in Oracle Enterprise Linux and Redhat Enterprise Linux are as follows..

Step 1.

Create the file ifcfg-bond0 with the IP address, netmask and gateway. Shown below is my test bonding config file.

$ cat /etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0
IPADDR=192.168.1.12
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
USERCTL=no
BOOTPROTO=none
ONBOOT=yes

Step 2.

Modify eth0, eth1 and eth2 configuration as shown below. Comment out, or remove the ip address, netmask, gateway and hardware address from each one of these files, since settingsshould only come from the ifcfg-bond0 file above. Make sure you add the MASTER and SLAVE configuration in these files.

$ cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
# Settings for Bond
MASTER=bond0
SLAVE=yes

$ cat /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1
BOOTPROTO=none 
ONBOOT=yes
USERCTL=no
# Settings for bonding
MASTER=bond0
SLAVE=yes

$ cat /etc/sysconfig/network-scripts/ifcfg-eth2

DEVICE=eth2
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes

Step 3.

Set the parameters for bond0 bonding kernel module. Select the network bonding mode based on you need, The modes are

• mode=0 (Balance Round Robin)
• mode=1 (Active backup)
• mode=2 (Balance XOR)
• mode=3 (Broadcast)
• mode=4 (802.3ad)
• mode=5 (Balance TLB)
• mode=6 (Balance ALB)

Add the following lines to /etc/modprobe.conf

# bonding commands
alias bond0 bonding 

options bond0 mode=1 miimon=100

Step 4.

Load the bond driver module from the command prompt.

$ modprobe bonding

Step 5.

Restart the network, or restart the computer.

$ service network restart # Or restart computer

When the machine boots up check the proc settings.

$ cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.0.2 (March 2, 2014)

Bonding Mode: adaptive load balancing
Primary Slave: None
Currently Active Slave: eth2
MII status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth2
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:13:72:80: 62:f0

Look at ifconfig -a and check that your bond0 interface is active. You are done!.

To verify whether the failover bonding works..

• Do an ifdown eth0 and check /proc/net/bonding/bond0 and check the “Current Active slave”.
• Do a continous ping to the bond0 ipaddress from a different machine and do a ifdown the active interface. The ping should not break.

TCPDUMP IN LINUX AND SNOOP IN SOLARIS

TCPDUMP IN LINUX AND SNOOP IN SOLARIS

 

TCPDUMP IN LINUX:

[root@gagan ~]# tcpdump –help

OPTIONS:

-S  : Print absolute sequence numbers.

-e  : Get the ethernet header.

-q  : Show less protocol information.

-E  : Decrypt IPSEC traffic by providing an encryption key.

-n  : Don't resolve hostnames.

-nn : Don't resolve hostnames or port names.

-X  : Show the packet's contents in both hex and ASCII.

-XX : Same as -X, but also shows the ethernet header.

-v, -vv, -vvv : Increase the amount of packet information you get back.

-c  : Only get x number of packets and then stop.

-s  : Define the snaplength (size) of the capture in bytes. 

      Use -s0 to get everything, unless you are intentionally capturing less.

Regular Expressions:

AND    -  and or &&

OR     -   or or ||

EXCEPT -  not or !

TCPDUMP COMMAND EXAMPLES:

1.  To capture all the interfaces network traffic using tcpdump,just run command “tcpdump”

    [root@gagan ~]# tcpdump

       2. To capture the network traffic on the particular interface,

    [root@gagan ~]# tcpdump -i eth0

  

   3.To capture the “N” no of network packets , use “-c” option (To    specify“N”  value.)

[root@gagan ~]# tcpdump -c 8 -i eth0

    4. To capture the network traffic between two IP address.
           Source IP address: Local system IP
            Destination IP address:Remote system IP

  [root@gagan ~]# tcpdump src 10.0.0.2 and dst host 10.0.04 -c 10

       5. To capture the specific local port traffic using tcpdump,

  [root@gagan ~]# tcpdump src port 21 -c 9

       6. To capture network traffic of destination port ,

  [root@gagan ~]# tcpdump dst port 21 -c 8

       7. To filter the network traffic using destination IP address and local port number,

  [root@gagan ~]# tcpdump dst 10.0.0.4  and src port 21 -c 9

      8. To filter the specific network traffic,use the below command.

  [root@gagan ~]# tcpdump net 10.0.0.0/24 -c 8

     9. To filter the traffic using the protocal, Ex:ICMP

  [root@gagan ~]# tcpdump icmp

    10. To filter the traffic using port range,

  [root@gagan ~]# tcpdump portrange 21-25 -c 9

   11. To capture the network packets to the file, use “-w” option.File should have extension with the name “pcap”.

   [root@gagan ~]# tcpdump portrange 21-25 -w saveme.pcap

SNOOP IN SOLARIS

OPTIONS:

snoop

        [ -a ]                  # Listen to packets on audio

        [ -d device ]           # settable to le?, ie?, bf?, tr?

        [ -s snaplen ]          # Truncate packets

        [ -c count ]            # Quit after count packets

        [ -P ]                  # Turn OFF promiscuous mode

        [ -D ]                  # Report dropped packets

        [ -S ]                  # Report packet size

        [ -i file ]             # Read previously captured packets

        [ -o file ]             # Capture packets in file

        [ -n file ]             # Load addr-to-name table from file

        [ -N ]                  # Create addr-to-name table

        [ -t  r|a|d ]           # Time: Relative, Absolute or Delta

        [ -v ]                  # Verbose packet display

        [ -V ]                  # Show all summary lines

        [ -p first[,last] ]     # Select packet(s) to display

        [ -x offset[,length] ]  # Hex dump from offset for length

        [ -C ]                  # Print packet filter code

        [ -q ]                  # Suppress printing packet count

        [ -r ] 

EXAMPLES OF SNOOP:

1. capture all packets going to and from the box gagan007.
  # snoop host gagan007
2. We can also see all packets that goes through specific port. In this case it is port 22.
  # snoop port 22
3. To examine only packets on specific interface (eth0) and store the output to the file, enter the following:
  # snoop -d eth0 -o /tmp/output1.file
4. You can read your captured output file by issuing following command:
  # snoop -i /tmp/output.file
  # snoop -v host system2 port 513
5. Observing Traffic by Identifying the Zone

  # snoop -I eth0 gagan1 -I eth1 gagan2