Monday, 10 December 2012

IPv6 Supported SNMP MIB Browsers

We have below SNMP MIB browser , which supoorts both IPv6 and IPv4.

Some of these are licensed product , but free evaluation copy is available for limited time.


1) NuDesign :http://www.ndt-inc.com/SNMP/Download.html

2) WebNMS: http://www.webnms.com/snmputilities/mib-browser.html

3) ByteSphere : http://www.oidview.com/news_mib_browser_to_support_ipv6_with_snmp_traps.html

4) MG-Soft : http://www.mg-soft.si/mgMibBrowserPE-evaluate.html

5) Ireasoning :http://ireasoning.com/mibbrowser.shtml



Which Internet browsers supports link local IPv6 address ?

This draft states of making zone identifier common for all browsers. It is set to expire in May , 2013

http://tools.ietf.org/html/draft-ietf-6man-uri-zoneid-05


A section from this states:

==================================================
Web Browsers


   Due to the lack of a standard in this area, web browsers have been inconsistent in providing for ZoneIDs.  Many have no support, but there are examples of ad hoc support.  For example, older versions of Firefox allowed the use of a ZoneID preceded by an unescaped "%" character, but this was removed for consistency with RFC 3986.  As another example, recent versions of Internet Explorer allow use of a ZoneID preceded by a "%" character escaped as "%25", still beyond the
   syntax allowed by RFC 3986.  This syntax extension is in fact used internally in the Windows operating system and some of its APIs.

   This document implies that all browsers should recognise a ZoneID preceded by an escaped "%".  In the spirit of "be liberal with what
   you accept", we also recommend that URI parsers accept bare "%" signs (i.e., a "%" not followed by two valid hexadecimal characters).  This
   makes it easy for a user to copy and paste a string such as  "fe80::a%en1" from the output of a "ping" command and have it work.


======================================================


1) IE version 7 and above support link local with '%25' added

  http://msdn.microsoft.com/en-us/library/windows/desktop/ms740593%28v=vs.85%29.aspx

2) Firefox older version 3.x supported, later it got removed , firefox bug which states this:

   https://bugzilla.mozilla.org/show_bug.cgi/attachment.cgi?id=392428&action=edit

3) Chrome bug:

     http://code.google.com/p/chromium/issues/detail?id=70762


Could not find information on Opera and Safari.





How to enable DHCPv6 route option in ISC-DHCP server

As per information given in link

http://www.isc.org/community/blog/201111/routing-configuration-over-dhcpv6

I tried to enable route prefix option in ISC-DHCP server , the configuration of server is :

vim /etc/dhcp/dhcpv6.conf
===================================================

## NEXT_HOP option with RTPREFIX option included
option dhcp6.next-hop-rt-prefix code 242 = { ip6-address, unsigNed integer 16,un
signed integer 16, unsigned integer 32, unsigned integer 8, unsigned integer 8,
ip6-address };
#
#   # This statement configures actual values to be sent
#   # RTPREFIX option code = 243, RTPREFIX length = 22
#   # lifetime = 9000 seconds
#   # route 2001:db8:2::/64
#   # metric 1
  option dhcp6.next-hop-rt-prefix 2001:db8:270::100:100 243 64 9000 0 1 ::;

=================================================

the configuration of dhcp client :


vim /etc/dhcp/dhcpv6.conf

=========================================

script "/sbin/dhclient-script";

option dhcp6.next-hop-rtprefix code 242 = { ip6-address,unsigned integer 16, uns
igned integer 16,unsigned integer 32,unsigned integer 8, unsigned integer 8, ip6
-address };

# RTPREFIX option

interface "eth1" {
                 request dhcp6.next-hop-rtprefix,dhcp6.vendor-opts,dhcp6.name-servers;
                       }

=================================

I can see the prefix 242 in DHCP packets.

Do DHCPv6 has default gateway option ?

DHCPv6 is defined in RFC 3315.

As such there is no default gateway option in DHCPv6, so we can not assign some specific option for it, to get from DHCP Server.

Actually the default gateway option should come through the Router advertisements (RA)

In windows 7, if we enable DHCP mode, it will accept , the server IP address from DHCPv6 Server and default gateway from RA.

In Fedora core 16, we have to enable mode "Dynamic+Auto" mode to get this behavior.

We have one draft coming up for DHCPv6 route option (http://datatracker.ietf.org/doc/draft-ietf-mif-dhcpv6-route-option/) this will expire in Feb 2013.

Once it comes to RFC status , we will have this option to enable on DHCPv6 servers.

As of now, isc- dhcp server support this option , please see below link for more information.

(http://www.isc.org/community/blog/201111/routing-configuration-over-dhcpv6)




Sunday, 25 November 2012

Join Testlink QA group for testing Testlink-Open Source test management tool

Testlink is one of the free open to use test management tool. If you are in QA or in testing and wants to join andy open source project , please do so by joining this group.

These are some schedule for Testlink release:


1. NEXT MAJOR RELEASE => 2.0 and We need HAVE ZERO ISSUE WITH MSSQL and the other DBMS,

2. NEXT MINOR RELEASE/FIX => 1.9.5  probable release date : 2012-12-01, do not expect special work on MSSQL

The testlink is supported on three databases : Postgres, MSSQL and MySQL

Its a huge tool, and to test it, the more people volunteer the better it will be. I am part of this team , and to work with other countries, other mindset, other culture, well, so many things to learn....

Join this group and explore new things, these are few pointers for you to start with :

Visit below links to get associated with it:

http://www.teamst.org/forum/viewtopic.php?f=11&t=7052


https://groups.google.com/forum/?fromgroups=#!forum/testlink-qa


Keep Learning , Keep exploring !!!!



Sunday, 18 November 2012

BSNL modem IPv6 Issue !!


My BSNL modem has following configuration


BoardID:96338W
Software Version:1132_061507-3.08L.BSNL_02.
Bootloader (CFE) Version:1.0.37-8.7
Firmware Version:WA3002G4-0021.01
Hardware Version:WA3002G4 1.0
Model Name:WA3002G4
Wireless Driver Version:3.131.35.6.cpe2.0a.s


IF we enable IPv6 ( which is given in advanced setting )












and reboot the device, the devices wifi goes down. I did not check with Local Ethernet connection , but there seems to be an issue if we enable this option.

When i contacted customer support, they told we do not support IPv6 as of now and, it can not be enabled in the device.

So the question is, why the option is present in the Modem ? It should have been removed.Is testing team is responsible for not raising issue regarding that OR may be they have raised the issue, but internal team did not gave it enough priority ?

You tell me !

Keep breaking , Keep testing !! :-)


IPV6 Speed Test Results for BSNL connection using IPV6 and IPV4


I ran speed test for my home connection (http://ipv6-test.com/speedtest/) and this is the result :


IPV6 Speed Test results


How to pass Enthusiast Level of Hurricane Electric IPV6 Certification with Windows XP machine and BSNL connection !

Just now passed the third level of HE-IPv6 free certification ( http://ipv6.he.net/certification/cert-main.php).

This level we need to have one IPv6 capable host, one web server and one domain name to map the IPv6 address of the web server.

This all can be done if we use gogoCLIENT and Freenet6 Tunnel services. Both are free services, only one time registration is required.

The gogoClient can be downloaded from http://www.gogo6.com/gogoware/gogoclient

With this client installed in Windows XP machine, we will get our own IPv6 static ip address, which can be tested  with http://ipv6-test.com/ , if the IP address is properly assigned or not. Also with its Home access version, we get web server also, with account related domain name.

Use this domain name, and web server configuration , you can create one file which is required to be fetched by HE server.

After this there are few basic questions to be answered, and the Certificate ->


IPv6 Certification Badge for sv3


Keep Learning , Keep Sharing  !!!!


Friday, 16 November 2012

Windows XP command to enable/diable IPv6 and add/remove default route


To use IPv6 in windows XP machine

1) install ipv6

    ipv6 install


2) Set global static IPv6 address


netsh interface ipv6 set address "Local Area connection" 2001:db8:1::2

3) Set default gateway


netsh interface ipv6 add route ::/0 ""Local Area connection" 2001:db8:1::1


To remove IPv6 from Windows XP machine


1) Delete global static IPv6 address


netsh interface ipv6 del address "Local Area connection" 2001:db8:1::2

2) Remove default gateway


netsh interface ipv6 del route ::/0 ""Local Area connection" 2001:db8:1::1


3) Un-install ipv6

    ipv6 uninstall

Wednesday, 14 November 2012

How to set hostname in fedora core 16

We have three way to change the hostname in Fedora core 16


1) Vim /etc/hosts, edit and add "test123" in last



127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 test123
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 test123


2) Vim /etc/sysconfig/networks, change hostname

 NETWORKING=yes
HOSTNAME=test123
~                             

3) Use command hostname 

  set hostname test123


4) Reboot the machine

the machine should display the new hostname "test123"

IPv6 Certification Tests for individuals, Hurricane Electric IPv6 Certification

Its quite some time i am using IPv6 in my setup. I gave some presentation on IPv6 also.

I was looking for some certification tests for IPv6 and i cam across this:

For individuals : http://ipv6.he.net/certification/cert-main.php

they have many levels, first level some basic questions, passed all.

For second level we need to do some work . Today i got the second level cleared , the "Explorer" certification.


We need to enable IPv6 on client machine.

In my office we have following setup:

                 public IP
Internet----------Router/firewall( NAT)-------------PC1(local ip)

The tunnel has to be created with Public IP, using their another free service

http://www.tunnelbroker.net/

you will give : your public IP , and remote IP ( you can select from the list)

it will create the tunnel. Now got to your client machine , I have Fedora core 16 client machine . In website for all type of OS, you can get the commands: For me following is valid :

Linux-router



modprobe ipv6
ip tunnel add he-ipv6 mode sit remote 230.X.X.X local 192.X.X.X ttl 255
ip link set he-ipv6 up
ip addr add 2001:X:X:X::2/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr


Make sure that the Local IP is the NAT actual Client IP and not the public IP as given in the example configuration of website.

Now ping

 ping6 ipv6.google.com -> should work fine

 go to http://test-ipv6.com/ and see if they can detect your IPv6 address.


Keep Exploring, Keep Learning !!!

Friday, 2 November 2012

Dual stack Server configuration for IPv4 and IPV6

Ok, so I have finished working on below things , i hope i posted all configurations in my previous posts.

These servers will serve both IPv4 and IPv6 requests.

1) Tftp Server

2) DHCP Server

3) Free Radius Server

4) Telnet Server

5) FTP Server ( Vsftpd)

6) HTTP server

7) Syslog Server

DNS Server is pending and will do it later.

How to enable DHCP Server in Linux Fedora core 16 for both IPv4 and IPv6


How to enable DHCP Server in Linux Fedora core 16 for both IPv4 and IPv6

We need to run two instances of dhcp to serve IPv4 and IPv6 separately, also we should have two config files for this.

1) yum install dhcp-common

    yum install dhcp

2)  cd /etc/dhcpd/


Copy sample files


# cp /usr/share/doc/dhcp*/dhcpd.conf.sample dhcpd.conf


#cp /usr/share/doc/dhcp*/dhcpd6.conf.sample dhcpd6.conf



3) configure the subnets for both IPv4 and IPv6 in config files


# vim /etc/dhcp/dhcpd.conf


subnet 192.16.2.0 netmask 255.255.255.0 {

  range 192.16.2.10 192.16.2.80;
  option routers 192.168.2.1;
  option broadcast-address 192.168.2.255;
  default-lease-time 600;
  max-lease-time 7200;
}



# vim /etc/dhcp/dhcpd6.conf



subnet6 2001:db8:1:0::/64 {

        range6 2001:db8:1:0::10 2001:db8:1:0::80;

        range6 2001:db8:1:0:: temporary;

        prefix6 2001:db8:1:0:: 2001:db8:1:0:: /64;
      
           # Override of the global definitions,
        # works only when a resource (address or prefix) is ass
#       option dhcp6.name-servers 3ffe:501:ffff:101:200:ff:fe00

}


Save both the files


4) Start the servers

  dhcpd -4 -cf /etc/dhcp/dhcpd.conf

  dhcpd -6 -d -cf /etc/dhcp/dhcp6.conf

Got error-> "Can't open lease file /usr/local/var/db/dhcp6.lease"


5) vim /etc/dhcp/dhcpd6.conf'

change log path :

dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";

6) Generate blank file

   touch /var/lob/dhcpd/dhcpd6.leases

7) Kill the servers, if running and start again the servers

   dhcpd -4 -cf /etc/dhcp/dhcpd.conf

  dhcpd -6 -d -cf /etc/dhcp/dhcp6.conf


8) Verify by making any Windows 7 Windows PC as IPv6 Client, it should get the ip address from this Server.


Keep Learning, Keep Breaking !!!!

How to enable rsyslog for both IPv4 and IPv6 in Linux fedora core 16

To enable rsyslog please follow these steps:

Syslog Server Fedora Core 16 PC

1) yum install syslog

2) vim /etc/rsyslog.conf

Modify below things

===================
$ModLoad imuxsock # provides support for local system logging (e.g. via logger c
ommand)
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability

# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

# This one is the template to generate the log filename dynamically, depending o
n the client's IP address.

$template FILENAME,"/var/log/%fromhost-ip%/syslog.log"

#
# # Log all messages to the dynamically formed file. Now each clients log (192.1
68.1.2, 192.168.1.3,etc...), will be under a separate directory which is formed
by the template FILENAME.

 *.* ?FILENAME


=======================


3) start Syslog Server


systemctl restart rsyslog.service


Fedora Core 11 as Syslog Client

1) vim /etc/rsyslog.conf


2) Add the ipv6 server ip address (fe80::1e64:66ff:fec7:8221)

#### MODULES ####

$ModLoad imuxsock.so    # provides support for local system lo
 logger command)
$ModLoad imklog.so      # provides kernel logging support (pre
 rklogd)
#$ModLoad immark.so     # provides --MARK-- message capability

# Provides UDP syslog reception
#$ModLoad imudp.so
#$UDPServerRun 514

*.* @[fe80::1e64:66ff:fec7:8221]

3) Start syslog

systemctl restart rsyslog.service


Test Server

Make another interface down in client ( not the one through which the server is connected )

ifconfig eth1 down

ifconfig eth1 up

Server -> go to /var/log -> you should see ip address of client directory

go to that directory-> vim syslog.log -> should give details about the interface up and down.

How to enable HTTP Server for both IPv4 and IPv6 in Fedora core 16 ( Linux )

Errors and Troubleshooting:


1) vim /etc/httpd/conf/httpd.conf

Verify if you have below line

Listen *:80

this will server both ipv4 and ipv6 address.

2)
In fedora core 16 we have bug , if we start http server


root@localhost ~]# /etc/init.d/httpd start
Starting httpd (via systemctl):  Job failed. See system logs and 'systemctl status' for details.
                                                           [FAILED]


root@localhost ~]# apachectl start
/usr/sbin/apachectl: line 102:  2028 Segmentation fault      $HTTPD $OPTIONS -k $ARGV


To remove this error:

just comment below line vim /etc/httpd/conf.d/perl.conf

 #LoadModule perl_module modules/mod_perl.so

3)  after this when i restarted the server some error came , not exactly captured at that time  but similar to

"hostname nor servname provided, or not known"

for this

vim /etc/httpd/conf/httpd.conf

remove # ( or uncomment below line)

ServerName www.example.com:80

4) restart http service

systemctl start httpd.service

or apachectl start


From another browser try to access apache server, give below URL

http://[2001:db8:1:0:1e6f:65ff:fec5:833d]


You should be able to get fedora test page








How to enable free radius server for both IPV4 and IPV6 in Fedora core 16

How to enable free radius server for both IPV4 and IPV6

1) Download free radius tar file from their website (lets assume name as freeradius)

2) tar xvzf freeradius.tar.gz

3) cd freeradius

4) ./configure

5) make

6) make install

7) The radius server will get install in directory raddb

8) vim /usr/local/etc/raddb/radiusd.conf

ADD below lines if not present



listen {
   
        type = auth
        ipaddr = *
        port = 0
}

listen {
        ipaddr = *
        port = 0
        type = acct
}

listen {
        ipv6addr = ::
        port = 0
        type = auth
}

listen {
        ipv6addr = ::
        port = 0
        type = acct
}


save the file


9) radiusd -X

The server should accept request from both Ipv4 and IPv6 clients.

How to enable telnet server for both IPv4 and IPv6 in Fedora core 16!

To enable Telnet Server please follow below steps :

Fedora core 16 Server as telnet server:


1) yum install telnet-server

2) vim /etc/xinetd.d/telnet


service telnet
{
       disable = no
       flags           = REUSE
       socket_type     = stream
       wait            = no
       user            = root
       server          = /usr/sbin/in.telnetd
       log_on_failure  += USERID
        flags = IPv6
}

Change disable to "no" and add "flags=IPv6"


3) systemctl restart xinetd.service


Fedora Core 11 Client

 telnet  ipv6address%interface-name

Telnet clients supports ipv6 but if you do not specify interface-name in the command , "invalid argument" error will be displayed in clients, when you try to telnet.

telnet fe80::1e63:45ff:fec4:8823%eth1

and

telnet ipv4-address

telnet 192.167.23.2

Both command should work fine.


Wednesday, 31 October 2012

How to enable vsftpd( ftp server) for IPV6 and IPv4

1) yum install vsftpd

2) vim /etc/vsftpd/vsftpd.conf
     change :
         listen=NO
         listen_ipv6= YES
    
     For anonymous upload/dwnload

        anon_mkdir_write_enable= YES
        anon_other_write_enable= YES
          anon_upload_enable= YES

3)  service vsftpd start
    
4) Default path for upload /download directory

       /var/ftp/

5) The Linux native client (ftp) does not support IPv6, so use "lftp" to test the server.

6) Windows 7/ Windows 2008 Server ftp client will work so you can use "ftp ipv4/ipv6" command.
       

       

How to enable TFTP server in Fedora core 16 for IPv6 and IPv4


1) Install Tftp Server

     yum install tftp-server

2) "Flag IPv6" support both IPv4 and IPv6 communication

    Vi /etc/xinetd.d/tftp

     Change -> disable = no
                       flags = IPv6


3) systemctl restart xinetd.service

4) Verify if the server is running

       chkconfig tftp

  it should display "enabled"

5) The default directory is /var/lib/tftproot

Troubleshooting

If you run command

tftp ipv6-address , and in wireshark you observe "unreachable Administratively Prohibited"

this means that the firewall is blocking the packets , disable SELinux,iptables and ip6tables

Commands to disable Firewall

chkconfig iptables off

chkconfig ip6tables off

vim /etc/selinux/config
         change-> disabled

Reboot the PC

How to enable TFTP server in Fedora core 16 for IPv6 and IPv4


1) Install Tftp Server

     yum install tftp-server

2) "Flag IPv6" support both IPv4 and IPv6 communication

    Vi /etc/xinetd.d/tftp

     Change -> disable = no
                       flags = IPv6


3) systemctl restart xinetd.service

4) Verify if the server is running

       chkconfig tftp

  it should display "enabled"

5) The default directory is /var/lib/tftproot

Troubleshooting

If you run command

tftp ipv6-address , and in wireshark you observe "unreachable Administratively Prohibited"

this means that the firewall is blocking the packets , disable SELinux,iptables and ip6tables

Commands to disable Firewall

chkconfig iptables off

chkconfig ip6tables off

vim /etc/selinux/config
         change-> disabled

Reboot the PC

How to use ping6 command for IPv6?

Once you have enabled IPv6 in your Linux or Windows 7/Windows 2008 PC, we have to use ping command to verify the connections. The way commands are used in Windows and Linux are little different but the concept is same.

In IPv6 we need to tell the interface on which it is going to send the ping, In windows %n tells the interface and in Linux it is "-I interface"


Windows :

ping6 fe80::1e6f:66ff:fec6:844d%5

Linux

ping6 -I eth1 fe80::1e6f:66ff:fec6:844d

Server installation in Fedora core 16 for IPv6

As i have mentioned in my earlier posts, i need to enable all servers for ipv4 and ipv6.

The first step is to install all servers in my Fedora core 16 machine.


1) Install wireshak

      yum install wireshark
      yum install wireshark-gnome

2) Install TFTP server

      yum install tftp-server

3) Install telnet server

      yum install telnet-server

4) Install ftp server

       yum install vsftpd

5) Update ftp client ( the native ftp client in FC16 does not support IPv6) so need to install another client

       As of now lftp seems fine, but commands are little difficult, need to work on this

         yum install lftp

6)  Install Http Server

        yum install httpd

7) Install dhcp Server

       yum install dhcp-common
       yum -y install dhcp

8) Install Syslog Server

         yum install syslog

9) Install NTP Server

         yum install ntp


Tuesday, 30 October 2012

How to disable firewall (ipv6tables and iptables) in Linux Fedora core 16 (IPv4 and IPv6)


IPv4 firewall ( iptables)

chkconfig iptables off

IPv6 firewall ( ip6tables)

chkconfig  ip6tables off

Verify if disabled

chkconfig iptables

chkconfig ip6tables
 

Lab Server to be migrated for dual stack ( IPV6 and IPV4)

We are migrating to dual IPV6 and IPv4 stack. I have to enable all servers for dual mode ( IPv6 and IPv4)

These are the servers to be migrated :

1) TFTP-Server

2) FTP Server

3) HTTP Server

4) Radius Server

5) DHCP Server

6) Syslog Server

7) NTP Server

8) Telnet Server

We use Windows 2003 server and Linux EL as servers , now for full IPv6 support we need Windows 2008 server and instead of EL I am using Fedora core 16.

So in few days i will try to configure all servers in FC 16 and once done, will move to Windows 2008 server.

Monday, 29 October 2012

How to make Linux Fedora Core 14 work as IPV6 Router

We have in IPv6 Stateless Address Auto-configuration, it is defined in RFC 4862.

1) We need radvd for it to work

 # yum install radvd

2) Make changes in radvd.conf

# vim /etc/radvd.conf


interface eth1
{
AdvSendAdvert on;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 2001:db8:1:0::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};

};

3) Enable IPv6 forwarding,

 we need to set following in /etc/sysctl.conf

    net.ipv6.conf.all.forwarding=1


4)   Reboot the PC


5) service radvd start


6) Now the service should start fine

How to test :

Connect Windows 7 PC-> make it tcp/ipv6 DHCP client , connect to Linux Server ( above configured PC)

The two should communicate using IPv6, the Linux Server should assign IPv6 address to windows 7 client.

ping6 -I eth1 ipv6-address-of-windows

should work fine.



Keep Learning !! Keap sharing !!!



Activating IPv6 Stack on Fedora Core 14 ( How to assign/enable IPv6 address in Fedora)

To enable IPv6 in Fedora core 14 following steps is to done:

1)#  vim /etc/sysconfig/network

add "NETWORKING_IPv6=yes"

    NETWORKING=yes
    NETWORKING_IPV6=yes
    HOSTNAME=localhost.localdomain



2) Verify using modprobe

# modprobe -c | grep net-pf-10

    alias net-pf-10 ipv6
    alias net-pf-10-proto-0-type-6 dccp_ipv6
    alias net-pf-10-proto-33-type-6 dccp_ipv6
    alias net-pf-10-proto-132 sctp

3) Assign  static IPv6 address in

vim /etc/sysconfig/network-scripts/ifcfg-eth1


4) restart service "network"

   # service network restart 

Your interface should be assigned IPv6 address.

5) You can use command ifconfig also  to assign ip address

ifconfig eth0 inet6 add 2001:db8:1::1/64







How to enable IPv6 Forwarding in Linux ( Fedora Core 14 )

To enable IPv4 forwarding in Linux we use below command :

# echo 1 > /proc/sys/net/Ipv4/ip_forward


To enable IPv6 forwarding we need to set following in /etc/sysctl.conf
net.ipv6.conf.all.forwarding=1


Reboot the PC,IPv6 forwarding should work.

Tuesday, 16 October 2012

How to configure Linux DHCP server for multiple VLAN?

Recently i was working on VLAN and DHCP.

  The setup was something like this :


              PC1------------VLAN Switch1 -----------VLAN Switch 2---------------DHCP Server
                                           |
                                           |
                                          PC2

PC1 and PC2 are connected to Access port of VLAN switch 1 with VLAN ID 100 and 200.

The DHCP server was supposed to server both the VLAN.

DHCP Server is Linux PC.

How to do this?


1) VLAN S/W 1 will be connected to VLAN S/W 2 "trunk Port".

2) DHCP Server should be connected to VLAN S/W 2 "trunk port".

3) All trunk port should expect tagged traffic

4) PC1 and PC2 will send untagged traffic to VLAN  S/W 1 , the switch will tag with respective vlan id and send to switch 2.

5) The DHCP Server should support both VLAN otherwise it will drop the packets. The DHCP Server should be configured for both VLAN.

Command to enable multiple VLAN on Linux:

                  ifconfig eth0 0.0.0.0 
                 
                  vconfig add eth0 100
                   
                  ifconfig add eth0.100 10.1.1.1 netmask 255.0.0.0

                  vconfig add eth0 200
                   
                  ifconfig add eth0.200 20.1.1.1 netmask 255.0.0.0
 
                
Command to enable DHCP

           Vim /etc/dhcp/dhcpd.conf

 Add both subnets

subnet 10.1.1.0 netmask 255.0.0.0 {
range 10.1.1.10 10.1.1.20;
option routers 10.1.1.1;
option broadcast-address 10.1.1.255;
}

subnet 20.1.1.0 netmask 255.0.0.0 {

range 20.1.1.10 10.1.1.20;
option routers 20.1.1.1;
option broadcast-address 20.1.1.255;
}

            

Run dhcp server :

           dhcpd &


6) Now make PC1 and PC2 as DHCP client

  Both should be able to get IP address from DHCP server in their respective VLAN.



      

Thursday, 11 October 2012

Another intersting Question ! !

The situation is in a network.
                                                            
PC1--------Internet ------HTTP  Server ( DNS Server, hostname "Server")

Symptoms

1) From PC1 if you ping to "Server", it is properly resolving the IP address.

2) From PC1 if you ping to IP address of the Server , it is ping fine

Issue :
 If you try to open webpage in Browser , nothing is coming.

How do you debug it, where could be the problem?

Wednesday, 10 October 2012

How to take backup for Windows IAS server and DHCP server ?

For Windows 2003 Server if we want to take backup and restore it in another Windows machine, we have a very handy command "netsh"

c:\> netsh ?

Commands in this context:
?              - Displays a list of commands.
aaaa           - Changes to the `netsh aaaa' context.
add            - Adds a configuration entry to a list of entries.
bridge         - Changes to the `netsh bridge' context.
delete         - Deletes a configuration entry from a list of entries.
dhcp           - Changes to the `netsh dhcp' context.
diag           - Changes to the `netsh diag' context.
dump           - Displays a configuration script.
exec           - Runs a script file.
firewall       - Changes to the `netsh firewall' context.
help           - Displays a list of commands.
interface      - Changes to the `netsh interface' context.
ipsec          - Changes to the `netsh ipsec' context.
ras            - Changes to the `netsh ras' context.
routing        - Changes to the `netsh routing' context.
rpc            - Changes to the `netsh rpc' context.
set            - Updates configuration settings.
show           - Displays information.
wins           - Changes to the `netsh wins' context.
winsock        - Changes to the `netsh winsock' context.

To take IAS server backup

Server 1

c:\> netsh aaaa show config > backup.txt

Server 2 ( restore)

c:> netsh exec backup.txt

To take DHCP Server backup and restore

Server 1

c:\> netsh dhcp server export dhcpbackup.txt all

Server 2

c:\>  netsh dhcp server import dhcpbackup.txt all


Tuesday, 9 October 2012

What will Happen if we ping in this case?


A very basic question ....


   PC1--------------------------Router 1-------Router 2---------PC2 ( 10.1.1.1, mac : 00:22:33:33:44:55)
192.168.1.2        192.168.1.1

The IP address of PC1 is 192.168.1.2.  PC1 and PC2 are windows XP machines.

 At PC1 the default gateway is 192.168.1.1.

We added static arp entry for PC2 in PC1

arp -s 10.1.1.1 00:22:33:33:44:55

Now tell me , if we ping from PC1 -> ping 10.1.1.1 , what packets will be sent by PC1 ?









Tuesday, 25 September 2012

How to disable ICMP requests on Linux and Windows

The ICMP requests can be disabled in Linux and Windows. It is disabled for security purposes.


a) Linux


Linux we have to use procfs

To ignore broadcasts :

    $ cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

    $ echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

To ignore all type of ICMP traffic

    $ cat /proc/sys/net/ipv4/icmp_echo_ignore_all

    $ echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all


b) Windows -> go to "Network connections" -> Select Local Area connection


  On Left side -> "Change setting of this connection" -> Advanced -> Setting -> Advanced

 ICMP-> Settings-> Un-check all to disable all type of ICMP traffic





Wednesday, 19 September 2012

Linux command to know the location of executable file

In Linux we have one command "which" which can be used to know the location of executable.

For example

[root@localhost] # which radiusd
/usr/local/sbin/radiusd


[root@localhost] # which pppoe
/usr/sbin/pppoe





Monday, 10 September 2012

Who maintain Enterprise or Vendor codes ?

IANA ( Internet Assigned Numbers Authority ) assigns these numbers to companies.

http://www.iana.org/assignments/enterprise-numbers

Some Vendor codes are :

1 ) Cisco : 5771

2) Netgear : 4526

3 ) Proxim Wireless : 841

4)  Juniper : 4874

5) Amazon : 4843

6) WIPRO Infotech Ltd : 1062

7)  Tata Consultancy Services : 14013

8) Infosys Technologies Limited : 15797

Check for your company what is vendor code ?

Keep Learning , Keep Sharing

Sunday, 9 September 2012

Difference between IPv4 and IPv6


IPv6 world launch day is on 8 June 2011 , next event held on 6 June 2012.

Here I am listing main difference between the two protocols.


1) IPv4 : RFC 791
    IPv6 : RFC 2460


2) IPv4 : Address size : 32 bits
    IPv6 : Address size :  128 bits

3) IPv4 : unicast, multicast, broadcast
    IPv6 : unicast , multicast ( some changes ),  anycast
   
4) IPv4 routers : Does Fragmentation
    IPv6 routers : No fragmentation (Pv6 host should perform path mtu discovery or do end-to end fragmentation)

5) IPv4: default PATH MTU 68  
    IPv6 : default PATH MTU 1280

6)  Minimum datagram which host should accept : IPv4 : 576
                                                                            IPv6 : 1280

7) Payload limit : IPv4 : 65535 ((216−1)
                          IPv6 : 4294967295 (232−1) , known as Jumbograms

8) IPv4 : TTL ( Time to Live)
    IPv6 : Hop Limit ( same functionality only name change)

9) Header :

 a)        IPv4 : check sum present
            IPv6 : No check sum

b)         IPv4 : Includes "option"
            IPv6 :  Separate " extension header" not in IPv6 header

c)       IPv4 : IPsec optional
          IPv6 : IPsec compulsary

10) IPv4 : Address ( Manual/DHCP)
       IPv6 : Stateless auto configuration ( link local)

11) IPv4 : To resolve IP->MAC  -> ARP broadcast
      IPv6 : To resolve IP->MAC  -> Multicast solicitation messages ( neighbor discovery protocol)

12) IPv4 -> Broadcast to all hosts
      IPv6 -> Link local all nodes multicast group ( to send to all nodes)


 
 




 

Tuesday, 4 September 2012

VLAN standards ( QinQ )

VLAN standard : 802.1 q

QinQ standard : 802.1ad

How do you identify if the packet is VLAN tagged ?

By seeing TPID ( 2 byte ) which is 0x8100 for normal VLAN ( single tag) packets and 0x88a8  for double VLAN ( QinQ) packets.

Why some devices use 0x9100  as TPID for QinQ packets?

Well the initial standard  that defined double tagging is defined in "802.1QInQ-2007" standard. In this standard the TPID is defined as 0x9100 , after this the current standard came which is 802.1ad , in this the TPID for double VLAN packets are defined as 0x88a8. So manufacturer who has released their products before this standard finalized are still using 0x9100 as TPID.

if you go through Juniper documentation

http://www.juniper.net/techpubs/en_US/junose13.2/topics/reference/command-summary/svlan-ethertype.html

They have added option to configure all the three types : 8100, 9100, 88a8 in their OS.

If you go through below documentation from Cisco , they talk about only 8100 or  9100 as TPID

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/qinq.html.

Latest documentation tells about 0x88a8  TPID.

http://www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm-ieee_802_1ad.pdf


So it all depends on vendor implementation. I have seen most of the devices have configurable option for TPID for QinQ mode.

Let me know what your device supports, is 0x9100 is out of market or still being used !!

Keep exploring , Keep Testing !!!






Friday, 24 August 2012

Can ARP Request be unicast ?

Yes ? Don't make that funny face :-) , i know in normal scenarios it is always broadcast. It has to be broadcast as it is used to get the mac address of the destination or the target. If you know mac address why you will send ARP request at the first place ?

All are correct but read this, as per RFC 1122:

====================
(2)  Unicast Poll -- Actively poll the remote host by
                      periodically sending a point-to-point ARP Request
                      to it, and delete the entry if no ARP Reply is
                      received from N successive polls.  Again, the
                      timeout should be on the order of a minute, and
                      typically N is 2.
 
========================
 
This is one of four mechanism to timeout the stale ARP entries.  

So if you are seeing in your network Unicast ARP Request, see if this is the case.

Any other case , i am not aware of , let me know if you any ...

Also one Linux tool is there which generates unicast ping request "Arpping".
 
But it first sends broadcast, get the mac address and changes subsequent requests to
unicast , its a tool .


How do ARP flush Entries ?

Its given in RFC 1122

====================================

Four mechanisms have been used, sometimes in
                 combination, to flush out-of-date cache entries.

                 (1)  Timeout -- Periodically time out cache entries,
                      even if they are in use.  Note that this timeout
                      should be restarted when the cache entry is
                      "refreshed" (by observing the source fields,
                      regardless of target address, of an ARP broadcast
                      from the system in question).  For proxy ARP
                      situations, the timeout needs to be on the order
                      of a minute.

                 (2)  Unicast Poll -- Actively poll the remote host by
                      periodically sending a point-to-point ARP Request
                      to it, and delete the entry if no ARP Reply is
                      received from N successive polls.  Again, the
                      timeout should be on the order of a minute, and
                      typically N is 2.

                 (3)  Link-Layer Advice -- If the link-layer driver
                      detects a delivery problem, flush the
                      corresponding ARP cache entry.

                 (4)  Higher-layer Advice -- Provide a call from the
                      Internet layer to the link layer to indicate a
                      delivery problem.  The effect of this call would
                      be to invalidate the corresponding cache entry.
                      This call would be analogous to the
                      "ADVISE_DELIVPROB()" call from the transport layer
                      to the Internet layer (see Section 3.4), and in
                      fact the ADVISE_DELIVPROB routine might in turn
                      call the link-layer advice routine to invalidate

=======================================================


What is Hardware type in ARP header ?

If You see ARP frame in Wireshark, you will notice "Hardware type" a two byte field , value given as 0x0001 ( Ethernet ). What are other hardware types defined for ARP ? Did you had any time to think about it ?

We have few more hardware types defined for ARP , and here Ethernet refers to10 Mb Ethernet.  If you go through RFC 826 the ARP RFC , they are always talking about 10 Mb Ethernet , so for Ethernet protocol the hardware type is fixed as 1 ( Ethernet 10 Mb).

Why we did not change the hardware type when Fast Ethernet or Gig Ethernet came ? Not sure . Let me know if you know the answer.

What about "Hardware type" for Wireless ARP packets between 802.11 a/b/g/n AP or station?

Well the hardware type is  1  ( Wrong or is it a Bug !) Dont have enough expertise to comment on this , so no comments on this too....Let me know if you know any reason for it . Check in Wireshark/Omniipeek for wireless packets , if you dont trust me.

Anyway you should never trust anyone if you a tester , but test it, verify it and then give your comments !!!

Back to main topic what are different hardware types defined for ARP? Here is the list , and it is defined in RFC 1060.

http://tools.ietf.org/html/rfc1060

========================

Hardware Type (hrd)

      Type   Description                                 
      ----   -----------                                 
        1    Ethernet (10Mb)                                  
        2    Experimental Ethernet (3Mb)                      
        3    Amateur Radio AX.25                             
        4    Proteon ProNET Token Ring                        
        5    Chaos                                            
        6    IEEE 802 Networks                                
        7    ARCNET                                           
        8    Hyperchannel                                     
        9    Lanstar                                           
       10    Autonet Short Address                          
       11    LocalTalk                                       
       12    LocalNet (IBM PCNet or SYTEK LocalNET)           

=========================

Do ARP RFC Requires validatation of Source Ip address ?

ARP is defined in RFC 826.The ARP packet size is 28 bytes. The EtherType for ARP is 0x806. Packet format for IPV4 is :
=========================================
ARP header :

Hardware type (HTYPE) : 2 byte
    This field specifies the network protocol type. Example: Ethernet is 1.

Protocol type (PTYPE) : 2byte
     For IPv4, this has the value 0x0800

Hardware length (HLEN) : 1 byte
    Length (in octets) of a hardware address. Ethernet addresses size is 6.

Protocol length (PLEN) : 1 byte
      IPv4 address size is 4.

Operation  : 2 byte
     1 for request, 2 for reply.

Sender hardware address (SHA) : 4 byte
     Source mac address

Sender protocol address (SPA) : 6 byte
     Source Ip address

Target hardware address (THA) : 4 byte
         ( o.o.o.o for request, in reply (destination mac of target)

Target protocol address (TPA) : 6 byte
    Destination Ip address

===============================================

Do you know that RFC 826 does not talk about source MAC validation. So if you send ARP request with  ARP header source MAC address as 0.0.0.0 , the windows and Linux PC will accept it , as it is and update the arp table. Dont trust me test it.

How do you send these packets, use Colasoft packet builder .

Windows :



Linux :



So why this is not done ? Well if you check in routers/ switches like in Cisco, Juniper they have separate commands to handle this. Something called "arpspoof", using this you can enable the validations.

Why in Linux it is not done ? Well its open source .....and Windows  ?  Well they do what they think is correct !!!!

Please check in your companies router/switches if it is done or not ?

Keep Learning, Keep Breaking !!!

Thursday, 16 August 2012

Why IP ( internet protocol ) is considered as connection less protocol ?


Internet protocol is defined in RFC 791.  This protocol works at network layer.  The network layer is also called as Internet protocol layer or IP layer. Some one recently asked me why Internet protocol is mentioned as connectionless protocol. We all know that the connection oriented and connection less protocols comes at transport layer, then why IP is called as connection less protocol ? Was it required to be specific about this ?

I did some study and came across this information. Connection less protocols can be anything which does not require prior establishment of channel or links to transfer data. Some of the examples of connection less protocols are HTTP, UDP, IP, ICMP, Ethernet, IPX, NetBEUI etc.

Why HTTP 1.0 is considered as connection less protocol even if it uses TCP ? Well it did not keep track earlier requests and every request is new request for it. HTTPS is connection oriented protocol.

Now IP , why IP is connection less protocol ? It is mentioned in RFC 1122

==================================

Internet Layer

              All Internet transport protocols use the Internet Protocol (IP) to carry data from source host to destination host.IP is a connectionless or datagram internetwork service, providing no end-to-end delivery guarantees. Thus, IP datagrams may arrive at the destination host damaged,duplicated, out of order, or not at all.  The layers above IP are responsible for reliable delivery service when it is required.  The IP protocol includes provision for addressing, type-of-service specification, fragmentation and reassembly, and security information.The datagram or connectionless nature of the IP protocol is a fundamental and characteristic feature of the Internet architecture.  Internet IP was the model for the  OSI Connectionless Network Protocol [INTRO:12].


====================================



Keep learning , Keep sharing !!!


Sunday, 5 August 2012

How to enable email/notification settings in OpenKM ( document management system)

We are using OpenKM as our knowledge management system. To enable notification/email generation we need to do only one change in xml file. We are using SMTP server as mail server.



1) go to

$JBOSS_HOME/server/default/deploy/mail-service.xml


2) Change only the highlighted portion with your mail server.

<?xml version="1.0" encoding="UTF-8"?>
<!-- $Id: mail-service.xml 62349 2007-04-15 16:48:15Z dimitris@jboss.org $ -->
<server>

  <!-- ==================================================================== -->
  <!-- Mail Connection Factory                                              -->
  <!-- ==================================================================== -->

  <mbean code="org.jboss.mail.MailService"
         name="jboss:service=Mail">
    <attribute name="JNDIName">java:/Mail</attribute>
    <attribute name="User">nobody</attribute>
    <attribute name="Password">password</attribute>
    <attribute name="Configuration">
      <!-- A test configuration -->
      <configuration>
        <!-- Change to your mail server prototocol -->
        <property name="mail.store.protocol" value="pop3"/>
        <property name="mail.transport.protocol" value="smtp"/>

        <!-- Change to the user who will receive mail  -->
        <property name="mail.user" value="nobody"/>

        <!-- Change to the mail server  -->
        <property name="mail.pop3.host" value="pop3.nosuchhost.nosuchdomain.com"/>

        <!-- Change to the SMTP gateway server -->
        <property name="mail.smtp.host" value="176.12.12.43"/>

        <!-- The mail server port -->
        <property name="mail.smtp.port" value="25"/>

        <!-- Change to the address mail will be from  -->
        <property name="mail.from" value="embsystest@gmail.com"/>

        <!-- Enable debugging output from the javamail classes -->
        <property name="mail.debug" value="false"/>
      </configuration>
    </attribute>
    <depends>jboss:service=Naming</depends>
  </mbean>

  <!-- OpenKM -->
  <mbean code="org.jboss.mail.MailService" name="jboss:service=OpenKM">
    <attribute name="JNDIName">java:/mail/OpenKM</attribute>
    <attribute name="User">nobody</attribute>
    <attribute name="Password">password</attribute>
    <attribute name="Configuration">
      <configuration>
        <property name="mail.transport.protocol" value="smtp"/>
        <property name="mail.smtp.host" value="176.12.12.43"/>
        <property name="mail.smtp.port" value="25"/>
        <property name="mail.from" value="embsystest@gmail.com"/>
        <property name="mail.debug" value="true"/>
      </configuration>
    </attribute>
    <depends>jboss:service=Naming</depends>
  </mbean>
</server>

Thursday, 2 August 2012

Issue in Windows or issue in Media File Players ?

Well , if you have used VLC , you must have noticed this issue.

if you open VLC-> Media-> "Open Folder" and select the folder , it plays files in random order.

It will always play in same order but the files selection is random. I am observing this issue for some time , but as i do not maintain the playlist and any order is fine with me. I never cared about the order.

Today i tried to investigate the issue, on what basis it is playing the files?

I opened  the folder and try to analyze the files. The track number for 1st song and second song displays same "1 only". The name of the first file started with "D" and second was "B" so it was not playing in alphabetical order. 

FYI, in VLC-> Tools->Preferences-> "Advanced Setting"-> Playlist->"Play files randomly forever " is not checked in.So it is not playing in random order, some order is there but which order it follows ?

I could not get anything after comparing these two files, so i went to play third and fourth files. Again everything was so random , no relation with track, file names, album, artist ?

OK, so next i asked friend  "Google".

And see what , it seems that "it all depends on creation date of the file" . Viola !!!

I checked all four files again and YES ! all has proper order , seconds difference in creation date and accordingly it was being played.

Well ! so now the issue is found , but solution Alas !!! Not yet fixed it seems !!

This issue exists because it seems Windows give the files in this order to media players and they play . The issue still exists in WINAMP and VLC players as of August 02, 2012.

So if you are developer, try to fix it and if you are testers, help me in finding the workarounds.


Ref : http://forum.videolan.org/viewtopic.php?f=13&t=55953
        http://forums.winamp.com/showthread.php?t=234010
   








Wednesday, 1 August 2012

Difference Types of Networks and their standards !

We have many types of networks :

1) LAN : Local Area Network ( Family of IEEE 802 standards)

  •  HAN : Home Area Network (   ITU-T G.9951–3,G.9954,G.9954,G.9960–1,G.9963,G.9970,G.9972)
  •  SAN : Storage Area Network ( Internet Small Computer Systems Interface (iSCSI) : RFC 3720)                           

2) CAN : Campus Area Network


3) MAN : Metropolitan Area Network ( IEEE Std 802-2002)


4) WAN : Wide Area Network
           

  •  Leased Line [PPP(RFC 1661), HDLC (RFC 2687, RFC 1662) , SDLC( RFC 1747) , HNAS]
  •  Circuit Switching (PPP, ISDN)
  •  Packet Switching ( X.25 Frame-Relay)
  •  Cell Relay (ATM)

5) PAN : Personal Area Network

6) WPAN : Wireless Personal Area Network ( Family of IEEE 802.15 Standards)

7) BAN : Body Area Network ( IEEE 802.15.6)


8) VPN : Virtual Private Network ( RFC 4026)





Wednesday, 25 July 2012

Few Best cartoon from http://cartoontester.blogspot.in/


I came across these great cartoons by Andy Glover.  It is really really Good and so meaningful  !!!! Have a look !!!


How to find out the Version of MySQL and other bundled software of Xampp !

I have been looking for version of MySQL for my xampp installation.

For those, who are not aware, xampp is a bundled package of many software and very easy to install. It has Apache, MySQL, PHP and many more.

You can read more about this in

http://www.apachefriends.org/en/xampp.html
So i had installed some version of xampp in my PC and completely forgot about it.

I had some issue with MySQL and wanted to know which version it was using , and oh! it was so difficult to find.

After that i came across "Readme" file which has everything written on it.

It is in xampp control panel-> Click on Help-> Now you see "Read Me" in another pop-up window

Click on ReadMe it will give all details of all software installed with xampp.

Something like this :

===============================
###### ApacheFriends XAMPP (Basispaket) version 1.7.0 ######

  + Apache 2.2.11
  + MySQL 5.1.30 (Community Server)
  + PHP 5.2.8 + PEAR (Support for PHP 4 has been discontinued)
  + PHP-Switch win32 1.0 (use "php-switch.bat" in the xampp main directory)
  + XAMPP Control Version 2.5 from www.nat32.com   
  + XAMPP Security 1.0   
  + SQLite 2.8.15
  + OpenSSL 0.9.8i
  + phpMyAdmin 3.1.1
  + ADOdb 4.990
  + Mercury Mail Transport System v4.52
  + FileZilla FTP Server 0.9.29
  + Webalizer 2.01-10
  + Zend Optimizer 3.3.0
  + eAccelerator 0.9.5.3 für PHP 5.2.8 (but not activated in the php.ini)

===================================



Monday, 23 July 2012

Review and installation of OpenKM ( Part 2 )

Few Days back i have started reviewing software for Document management system. I came across few and OpenKM seems the best out of it for our requirements.

We have some departments, some users, and some documents. Internal documents to be managed for each project.

You can read about installation process in my another blog entry

http://www.embeddedsystemtesting.com/2012/06/review-openkm-document-management.html

So with this software I was able to do following things :

1) Create Folders, Sub-folders. Rename/Move/Copy/Delete Files and folders.

               if you are creating folder and giving some name to it, It doesn't seem to do anything. We need to click "Enter" after that, to create the folder immediately. The same applies to "Rename" also. If you have to rename the folder. After renaming-> "Enter".

2) We can upload multiple files using import zip option.

              Create zip folder of all your documents and while uploading "tick" import documents from zip file.  Lets say you have folder "ABC" with 10 documents.
then zip "ABC.zip" and upload. In DMS the folder ABC will be created with all 10 files in it.

3) "Delete" permission can be removed for normal users after creating a new profile. In new profile remove "Delete" operation.

4) The activity log will give all details of users logged in and work done by them.

5) Move/Copy/Delete of multiple files are not supported in ver 5.X. It should be supported in Ver 6.X community version.

6) File Versions are created if we check out the file and check in. But the versions cannot be controlled in Ver 5.X , hopefully Ver 6.0 will have some control on it.

         As of now it will go on creating 1.n versions of the file. If you go back and restore lets say 1.2 and make some changes, it will start creating 1.2.1 etc.

7) Application becomes unresponsive sometimes and if you leave it for sometime, it recovers or exit and login again.


8) Recursive Security permission for user and groups are working. The important thing is in Security-> update-> First check the "recursive permission changes" and then do something. It  will only overwrite the existing permission but do not touch the other permissions. Lets say you have 1 person which has read write access to all folders , now if you want to add another one with only read access. First check recursive permission changes and then add new user. The existing user permission will still be the same.




        

Friday, 20 July 2012

When you should think about changing job ?

This is one question which i came across myself many times in my career. These are few of the questions which are asked my juniors ...rather as a friend or mentor .  In professional space its really very difficult to get good mentors and if you have one you are lucky.

"Should i go for job change, should i look for better opportunity ? Should i settle down here ? What if , yesterday they fire me ?  "

You should know below things as a common practice :

1) If you have been in 1 company for 2-3 years , it is a good time frame.

2) If you are changing company in less than two years, you should think again before changing jobs.

3) Look profitability graph of you company if it is in continuous loss for three years, chances of  "trimming the heads count " will be more.

4) If you join some company, join for at least 2-3 years time frame. If you don't like the company , leave the company within 2-3 months of joining. Don't waste your time or company's time.

5) Money/Salary will always be less, compared to what your friends are getting. So dont think too much about money.

6) If your sole purpose is money , try to jump every 2-3 years to new company.

7) Same company if you are more than 5 years , expect your salary to be less than other new people joining at same rank.

8) MNC's always pay more than Indian companies. But chances of getting fired is more in MNC's than in Indian company.

9) If you are comfortable with job profile and work , dont think about money too much. You will be happy. Spend more time with family. They are essential part of you life.

10) When you join as a fresher, work hard, don't settle in one company. Look for new opportunities, but at least work for 2 years in any company. World is large and one company does not give enough exposure and chance of learning.

I know people who are earning too much, but have too less time to spend even for themselves. They will buy new houses but hardly they stay in them. Life in the end is "Zero". You have nothing when you are born and in the end you take nothing.

So be smart and plan properly your Career.  Corporate jobs are not Government jobs. So be ready for any situation, anytime. Your main aim always should be "Knowledge" . If you have "Knowledge" money will always follow. So pursue "Knowledge" not "Money".

Keep learning and Keep sharing.

Tuesday, 17 July 2012

Prioritizing bugs : Interesting View point but i disagree !

Recently i came across below article by Jean Baptiste , he works in Google ( AOSP, Android Open Source Project ) .

https://plus.google.com/112218872649456413744/posts/XQXX63yfVin

Which says :

===============================================================================================

When prioritizing bugs, the simplest criteria are the easiest ones to apply. I've seen organizations that needed multiple full-page arrays of rules about how a bug was supposed to be prioritized. I need at most 2 questions to determine the priority of a bug:

-Is this bug blocking another engineer right now? If the answer is "yes", this bug should be fixed immediately. If not, skip to the next question.

-If this was the only bug left, would we delay the release, or would we ship anyway? If the answer is "ship anyway", the bug isn't worth fixing for this release, and should be put as far out of sight as possible. Most probably, such bugs will never get fixed, as there'll almost always be more important tasks to handle.

In the end, there are only 3 possible bug priorities: "fix right now", "fix before shipping", and "don't bother". Anything that tries to be more precise adds some unnecessary stress and overhead.

================================================================================================

So according to him we have three priorities

1) P1 - Fix right now ( Blocker , Critical  )

2) P2 - Fix before shipping  ( Major, Normal)

3) P3 - Don't Bother ( Minor, Trivial , Enhancement )


Well he may be right , in terms of meeting deadlines and shipping out the product. But i have seen in many companies, a small issue when it is reported by internal team it is treated in "Don't Bother" category and no body fixes it. But when the same bug is reported by customers it becomes high priority bugs.

I do not have problem with P1 and P2 which is to be given high priority, but what about P3 bugs ? Do we just ignore them ? I think "No".

These are the bugs which can be like :

1) Spelling mistakes

2) Menu not proper

3) WEB/CLI command Error message not proper.

4) A new feature request.

5) When you do something specific "junk" values are displayed.

6) Some feature is not properly named, eg "DHCP Server" feature  is named as "DHCP" which may create confusion whether the feature is DHCP SERVER, CLIENT or RELAY.

7) Addtional note/comments to be added in WEB/CLI for users to use features effectively.

8) Specific Browsers issues.

9) Something like "add" option is present but "delete" option is not present.

10) Some extra feature is added which is not valid for that product line.


I think these bugs are to be fixed, even if they seem small and trivial or are just enhancements. Again it all depend on deadlines and shipping date, but these are the bugs which makes product usable from customer point of view.

The testing can be done from different view points but the testing which is done keeping "Customers" in mind will always succeed. How customer will configure these features, how he/she will try to use them, how they will deploy them. In this process even if "small issues" comes it should be fixed to enhance the customer experience.

If you are saying that as a developer "i don't care" about "Speeling mitsakes" and let the product ship with it as it not "blokcing" other "Enginer" or it is not delaying the "sheeping" time,

I Disagree.


YMMV. (Your Mileage May Vary)

Ping multicast address , RFC for Multicast

Anytime did u try to ping any multicast address ?

What will happen if I ping to multicast IP lets say 224.1.1.1?

Multicast addresses are in the range of 224.0.0.0 through 239.255.255.255.

The IANA registry talks about these multicast address.

http://www.iana.org/assignments/multicast-addresses/multicast-addresses.xml

It is defined in RFC 1112.

As per IANA

"The range of addresses between 224.0.0.0 and 224.0.0.255, inclusive, is reserved for the use of routing protocols and other low-level topology discovery or maintenance protocols, such as gateway discovery and group membership reporting.  Multicast routers should not forward any multicast datagram with destination addresses in this range, regardless of its TTL. "

OK so now main question , when you ping to multicast address how ARP gets resolved ?

Well , if you go through RFC 1112 , you will come to know that for multicast ip- mac address mapping is done at local network interface itself. It wont be done at IP or ARP layers but at Ethernet layer itself.

So if you ping to this address there wont be any ARP request generated but directly ICMP ECHO request packet will be generated by the PC and will be sent with Ethernet 2 -MAC address as 01:00:5E:01:01:01.

Don't Trust me Test it !!!


Keep learning and Keep Sharing !!!


Monday, 16 July 2012

Very Nice Simple Hex Tool Free Editor

This HxD is one of the easy-to-install and use-as-you-install tool.

http://mh-nexus.de/en/hxd/

Very less time spent on installation and editing Hex files. Nice free software.

Thursday, 12 July 2012

How to find start and end address of registers ?

Each sector is of 64 K.
1 KB = 1024 byte
Lets say the starting address is 0x016F2818 and you have reserved 192 sectors for this , so what will be end address ?
1) Convert in decimal all numbers
               1024*64*192 ===12582912, convert in hexa = c00000
2) Now add to starting location address
            016f2818+c00000=22f2818
3) The end address will be 22f2818-1 =0x22f2817

Answer these common networking interview questions


These are some of the basic networking questions, but every time i ask these 90 % of the people give answers wrong. Try it and post in comments , lets see ...

1) What is destination mac address in ARP header ?

2) What is destination IP address for any DHCPDISCOVER packet ?

3) What tables/statistics/parameter bridge will modify/update when any packet it receives for the first time ?

4) If i have 390 switches in between PC1 and PC2 will they ping ? what will happen if i change switches with routers ?

5) What is maximum and minimum converge time for STP ( spanning tree protocol ) when they will come?

6) Your desktop PC is it a router or bridge ?

7) Why IP address is required for pure L2 switch, nno routing functionality ?

8) What will happen if you  ping from PC ? What tables and parameters is looked into before sending the packet out?

9) Lets say a single broadcast packet is received by a 4 port switch on one of its port, now how many packets it will generate and send to all ports?

10) How tftp protocol identifies if the file transfer is finished? Is there any bit in message exchange which signifies this?

Please post your answers....

Wednesday, 11 July 2012

How to convert OmniPeek capture file to Colasoft frame format

Omnipeek is wireless network analyzer tool. It has free Demo version. With the demo, we can create up to 5 capture windows, which are limited to 2,000 packets or 5 minutes of capture whichever comes first.

Each capture window can only capture once. Also, we can not save files or print.

If you have licensed version of it, you can capture the wireless packet and send it using Colasoft packet player to simulate the traffic.

Colasoft packet player/builder are free network, software tools from Colasoft company.

To open Omnipeek packet capture in Colasoft we have to save it in specific format. The Colasoft wont recognize the direct saved packet from Omnipeek.

1) First capture the packet in Omnipeek.

2) Save the packet as wireshark file ( extension will be like xyz.pcap)

3) Open the saved packet in wirehark. Now save the packet with extension "xyz.pkt"

4) Open Colasoft player or builder , you should be able to import the saved packet and play it continuously.



Related Posts Plugin for WordPress, Blogger...