Monday, 30 December 2013

Embedded Linux Basic tutorials

Recently i came across this series on "Getting Started with Embedded Linux" by Michael Eager.

Below are some of the points covered and its really nice tutorial to get started. The content is mostly from the original author and i have just added few points to make it more simpler for myself.


Part 1-> Learning linux for embedded systems

Install Linux

a) Use a separate Linux PC

b) Make your desktop dual boot, with Windows and Linux

c) Use VMware to install virtual machine environment in your existing Windows desktop.

The author recommends the third approach, but if you have resources use first approach. It is always better to include one Linux PC in your existing setups.

Point to be noted :-)

I certainly do not recommend reading Linux source to try to learn how to program Linux. That's like trying to learn to drive by studying how a car's transmission works.


Part 2 : Getting Started with Embedded Linux



a) Open terminal window -> try these commands-> ls,cp, cd, pwd, cat, less, file, man , info, apropos , man apropos, find

b) Learn vi editor basic commands:
  vi filename, :i, :q, Esc y -> select 1 line, p-> paste 1 line, d->delete one line

You can learn more commands using below link:

http://www.cs.colostate.edu/helpdocs/vi.html

c) Hierarchical file system->
  •   root->/ -> starting point
  •   /proc ->process directory
  •  /boot -> contains boot program
  •  /bin and /sbin -> programs run by administrators
  •  /dev -> devices both real and virtual
  •   /etc -> system configuration file
  •   /home -> user files
  •   /sys -> system information
  •   /lib -> libraries
  •   /usr -> programs which can be run by users
  •   /tmp -> temporary files
  •   /var -> system logs
Additionally you can see following directories/files as well:
  •  /opt -> Other software and add-on packages that are not part of the default installation
  •  /srv -> site specific data
  • /mnt ->  Mount your filesystems
d) Process structure
  • Try ps various options -> list all processess-> ps alx, ps l, ps -l, ps alx | less
  • init -> Process ID 1 -> created by Linux kernel when system starts

Part 3 : Getting started with Embedded Linux


1) Understand
  • GCC : GNU compiler collection, Binutils: GNU Binary utils, make
  • IDE: Integrated developement environment like Eclipse
  • Text editors: vi, emacs,gedit, kwrite
2) Write first program,

[root@localhost]#vi hello.c

#include <stdio.h>

int main ()

{ printf("Hello World\n");
return 0;

}

3) Now compile the program

[root@localhost]#gcc -o hello -g -O1 hello.c

gcc : compiler used

-o filename : output file or executable file name

-g level : generate the debugging information ( capital alphabet O (optimized) level in digits 1)
            can be -O0 (for easy debugging alphabet O with digit 0)


4) If no error, run the program

[root@localhost]# ./hello
Hello World

5) If error , try to install the proper packages with

 yum install (for Fedora)


6) GDB: GNU debugger

[root@localhost ~]# gdb hello

GNU gdb (GDB) Fedora (6.8.50.20090302-21.fc11)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
(gdb)
(gdb)
(gdb) break main
Breakpoint 1 at 0x80483bd: file hello.c, line 5.
(gdb) run
Starting program: /root/hello

Breakpoint 1, main () at hello.c:5
5       { printf ("Hello World\n");
Missing separate debuginfos, use: debuginfo-install glibc-2.10.2-1.i686
(gdb) cont
Continuing.
Hello World

Program exited normally.
(gdb) quit
[root@localhost ~]#

7) The compiler name and debugger name can be different, like
arm-none-eabi-gcc which generates the code for ARM using the EABI (Embedded application binary interface)


Part 4 :  Getting started with Embedded Linux


1) Recommended books/resources :
  • Advanced Programming in the UNIX Environment by W. Richard Stevens
  • The Linux Programming Interface by Michael Kerrisk.
  • http://stackoverflow.com/
  • http://www.fsf.org/
  • http://gnu.mirrors.pair.com/gnu/
  •  http://sourceforge.net/
  •  http://freecode.com/
  •  https://github.com/

2) Utilities : make, automake, autoconf, libtool, diffutils, wget
 
  •  make : checks which files need to be compiled ( Makefile) and manages order
  •  automake: generate Makefiles, identifying dependencies and invoking libtool (to create shared libraries
  • autoconf: libraries or programs to be compiled for different targets and OS
  • diffutils: package of several programs related to finding differences between files (diff, diff3, cmp, sdiff)
  • wget : utility for download of files from internet

3) Process

a) Download source files


[root@localhost ~]# wget ftp://ftp.gnu.org/gnu/diffutils/diffutils-3.3.tar.xz


b) Untar

[root@localhost ~]# tar xfv diffutils-3.3.tar.xz
[root@localhost ~]# cd diffutils-3.3


c) Read README file in the directory

d) Build the package

 [root@localhost ~]# ./configure
 [root@localhost ~]# make
 [root@localhost ~]# make install

 
Install to specific directory

 [root@localhost ~]#./configure --prefix=~/mydiff


Part 5 : Getting started with Embedded Linux


For part 5 I recommend you to read the original content

http://www.embedded.com/electronics-blogs/open-mike/4425954/Getting-started-with-Embedded-Linux--Part-Five

Ref :

http://www.linuxtopia.org/online_books/linux_beginner_books/linux_filesystem/opt.html

Ref : http://www.embedded.com/electronics-blogs/4420670/Open-Mike

About the author of these articles:


Michael Eager


Michael Eager is principal consultant at Eager Consulting in Palo Alto, Calif.  He has over four decades experience developing compilers, debuggers, and simulators for a wide range of processor architectures used in embedded systems. His current and former clients include major semiconductor companies and systems developers. Michael has been a member of the ISO C++ Standard Committee and ABI Committees for several processor architectures. He is chair of the Debugging Standards Committee for DWARF, a widely used debug data format. He is active in the open-source and Linux communities.


Thursday, 19 December 2013

What is WAVE, 802.11p ?

WAVE-IEEE-802.11p

1) Wireless access in vehicular environments (WAVE)

2) Added support in 802.11 for Intelligent Transportation Systems (ITS) applications.

3) Applicable ITS band 5.9 GHz (5.85-5.925 GHz).

4) IEEE 1609 is a higher layer standard based on the IEEE 802.11p.

5) There is no association and authentication procedure before exchange of data.

6) Use of wildcard BSSID ( a value of all 1s) in the header of all frames they exchange, and may start communication as soon as they arrive on same communication channel.

7) Addition of new management frame for timing advertisement, which allows IEEE 802.11p enabled stations to synchronize themselves with a common time reference. The only time reference defined in the IEEE 802.11p amendment is UTC or Coordinated Universal Time.

8) Channel rejection requirements can be implemented  (for both adjacent and nonadjacent channels) to avoid out-of-channel interferences. They only apply to OFDM transmissions in the 5GHz band used by the IEEE 802.11a physical layer.

9) Frequecy band : 5.9GHz band (5.850-5.925 GHz) with 5MHz, 10MHz and 20MHz channel spacings, countries: United States , Europe



Ref: Wiki, 802.11p standard
http://www.etsi.org/deliver/etsi_es/202600_202699/202663/01.01.00_50/es_202663v010100m.pdf


How to change the default MTU size in Windows 7 ?

Steps to follow to change mtu size in Windows 7:

1) Go to Start-> type cmd-> right click on cmd.exe-> select->Run as administrator

2) Using this command prompt give below command to know the existing MTU of interfaces

C:\>netsh interface ipv4 show subinterfaces

MTU  MediaSenseState   Bytes In  Bytes Out  Interface
------  ---------------  ---------  ---------  -------------
4294967295                1          0    1486381  Loopback Pseudo-Interface 1
  1300                1   16167334    2330876  Wireless Network Connection
  1300                5          0          0  Local Area Connection



3) To change give below commands

C:\> netsh interface ipv4 set subinterface "Local Area Connection" mtu=1500 store=persistent
ok

4) View the changed MTU

C:\>netsh interface ipv4 show subinterfaces

MTU  MediaSenseState   Bytes In  Bytes Out  Interface
------  ---------------  ---------  ---------  -------------
4294967295                1          0    1486381  Loopback Pseudo-Interface 1
  1300                1   16167334    2330876  Wireless Network Connection
  1500                5          0          0  Local Area Connection

Saturday, 7 December 2013

RFC 5625 : DNS Proxy Implementation Guidelines

 DNS Proxy RFC http://tools.ietf.org/html/rfc5625

Should

1) The role of the proxy should therefore be no more and no less than to
     receive DNS requests from clients on the LAN side, forward those
     verbatim to one of the known upstream recursive resolvers on the WAN
     side, and ensure that the whole response is returned verbatim to the
     original client.

2)  It is RECOMMENDED that proxies should be as transparent as possible,
   such that any "hop-by-hop" mechanisms or newly introduced protocol
   extensions operate as if the proxy were not there.

3)  Except when required to enforce an active security or network policy
   (such as maintaining a pre-authentication "walled garden"), end-users
   SHOULD be able to send their DNS queries to specified upstream
   resolvers, thereby bypassing the proxy altogether.  In this case, the
   gateway SHOULD NOT modify the DNS request or response packets in any
   way.

4) DNS proxies should not arbitrarily reject or otherwise drop requests
     or responses based on perceived non-compliance with standards.

5) Since UDP packets larger than 512 octets are now expected in normal
   operation, proxies SHOULD NOT truncate UDP packets that exceed that
   size.

6) Whenever a proxy receives a request over TCP, the proxy
   SHOULD forward the query over TCP and SHOULD NOT attempt the        same query over UDP first.

7) Proxies SHOULD be capable of forwarding UDP packets up to a payload
   size of at least 4096 octets.

8)  As per Section 3, end-users SHOULD be able to send their DNS queries
   directly to specified upstream resolvers, ideally without hard-coding
   those settings in their stub resolver.

9)  It is therefore RECOMMENDED that gateways SHOULD support device-
   administrator configuration of values for the "Domain Name Server"
   DHCP option

10)  It is strongly RECOMMENDED that DNS proxies follow the relevant
   recommendations in [RFC5452], particularly those in Section 9.2
   relating to randomisation of Query IDs and source ports.  This also
   applies to source port selection within any NAT function.

11) If a DNS proxy is running on a broadband gateway with NAT that is
   compliant with [RFC4787], then it SHOULD also follow the
   recommendations in Section 10 of [RFC5452] concerning how long DNS
   state is kept.

12) The DNS proxy in a gateway SHOULD NOT, by default, be accessible from the WAN interfaces of the device.

Must:

1)  Proxies MUST ignore any unknown DNS flags and proxy
   packets as usual.

2)  Proxies MUST forward packets regardless of the presence or absence of compressed labels therein. (
   Compression of labels as per Section 4.1.4 of [RFC1035]

3) [RFC3597] requires that resolvers MUST handle Resource Records (RRs)
   of unknown type transparently.

 4)  All requests and responses MUST be proxied regardless of the values
   of the QTYPE and QCLASS fields.

5)  All responses MUST be proxied regardless of the values of the TYPE and CLASS fields of any Resource Record therein.

6)  If a proxy must unilaterally truncate a response, then the proxy MUST
   set the TC bit.  Similarly, proxies MUST NOT remove the TC bit from
   responses.

7) DNS proxies MUST therefore be prepared to receive and forward queries
   over TCP.

8) As per Section 4.1, proxies MUST NOT refuse to proxy such packets which contain an OPT RR

9)   DNS proxies MUST implement Section 4.7 of [RFC2845] and either
   forward packets unchanged (as recommended above) or fully implement
   TSIG.

10)    As per Section 4.3, DNS proxies MUST be capable of proxying packets
   containing TKEY [RFC2930] Resource Records.

11)  Since no standard exists for a "local" scoped domain name suffix, it is RECOMMENDED that the default value for this option SHOULD be empty, and that this option MUST NOT be sent to clients when no value is configured.


Key words for use in RFCs to Indicate Requirement Levels

 http://tools.ietf.org/html/rfc2119 :
       

1. MUST
 This word, or the terms "REQUIRED" or "SHALL", mean that the
   definition is an absolute requirement of the specification.


2. SHOULD
 This word, or the adjective "RECOMMENDED", mean that there
   may exist valid reasons in particular circumstances to ignore a
   particular item, but the full implications must be understood and
   carefully weighed before choosing a different course.

Sunday, 1 December 2013

How to write professional mails, some sample professional mails.

I think i have covered it in one of my posts, but this is really important. Yesterday again i got one mail, which has its own mistakes.I am not claiming to be proficient in English or done any majors, but these are very basic and you should try to follow.

1) Read at-least 3 times your mail before sending it. Sometimes we think we have written properly, but if you read it again , you will realize how it is actually.

2) Dont write stories. Be precise and to the point. Write in points if you have multiple things to say.

3) Start first letter in "capital" and follow grammar rules.

4) Salutation: How to  address other person ? Generally private companies do not follow "Sir" policy but its better to confirm in your company. In India some people are used to be called as Sir and Madam, and if you don't use it, they may feel bad. But generally below can be used
  Hi, Hello, Dear ABC,  Dear Mr XYZ

5) Dont use 'Thanks and Regards' instead

Thank you
Regards

or just "Regards"

6)  "can you share" instead use "could you share"

7) "Please find the attached file' instead use 'The file has been attached for your reference' or "Please see attachment"

8) "As per your mail' instead use 'According to your mail'

9)'Please revert back' instead use 'Please revert'.

10) Dont use all capital letters it is considered as arrogant.

11) Avoid using exclamation marks, sometimes it may be considered as if you are making fun of them.

12) Avoid short forms or expand it at-least once.

13) Use spell check option, it is there in almost all email clients.


Wednesday, 27 November 2013

What you reply when you receive wrong email !

I have been receiving emails not intended to me for quite sometime. I am looking for some 2 words like "Wrong number" , which everyone knows and tell once they receive calls which is not for them

I have tried replying to them with :

"Wrong ID "

"Wrong Email"

"Wrong Person"

"Ask Correct ID"

"Type Properly"

"Not ME"

"Ignored by ME"

"Deleted"

 Can you suggest which one looks more kind of "OK" ?


Keep Learning , Keep Sharing!

New Technical Terms !

Below is the list of few new upcoming new terms which i am hearing now a days.

IoT : Internet of Things

IoE : Internet of Everything

M2M communications : Machine to machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same type.

BYOD    :   Bring your own device
BYOT    :   Bring your own technology
BYOP    :   Bring your own phone
BYOPC  :   Bring your own PC

It refers to the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications.

Similar terms, which i can think of :-)

BYOTab   :    Bring your own Tab,
BYOLT     :    Bring your own Laptop,
BYODC    :    Bring your own Data CARD
BYOC      :    Bring your own Charger

Post in comments what else you can "Bring your own" in an office ?


Keep thinking , Keep Learning!

Monday, 4 November 2013

About DHCPv6 !

1)   DHCPv6 makes use of the following multicast addresses:

     a)  All_DHCP_Relay_Agents_and_Servers (FF02::1:2) A link-scoped multicast address used by a client to communicate with neighboring relay agents and servers.
                

      b) All_DHCP_Servers (FF05::1:3) A site-scoped multicast address used by a relay agent to communicate with servers


2) Clients listen for DHCP messages on UDP port 546.  Servers and relay
   agents listen for DHCP messages on UDP port 547.

3) DHCP Message Types


      SOLICIT (1)        A client sends a Solicit message to locate
                         servers.

      ADVERTISE (2)      A server sends an Advertise message to indicate
                         that it is available for DHCP service, in
                         response to a Solicit message received from a
                         client.

      REQUEST (3)        A client sends a Request message to request
                         configuration parameters, including IP
                         addresses, from a specific server.

      CONFIRM (4)        A client sends a Confirm message to any
                         available server to determine whether the
                         addresses it was assigned are still appropriate
                         to the link to which the client is connected.


     RENEW (5)          A client sends a Renew message to the server
                         that originally provided the client's addresses
                         and configuration parameters to extend the
                         lifetimes on the addresses assigned to the
                         client and to update other configuration
                         parameters.

      REBIND (6)         A client sends a Rebind message to any
                         available server to extend the lifetimes on the
                         addresses assigned to the client and to update
                         other configuration parameters; this message is
                         sent after a client receives no response to a
                         Renew message.

      REPLY (7)          A server sends a Reply message containing
                         assigned addresses and configuration parameters
                         in response to a Solicit, Request, Renew,
                         Rebind message received from a client.  A
                         server sends a Reply message containing
                         configuration parameters in response to an
                         Information-request message.  A server sends a
                         Reply message in response to a Confirm message
                         confirming or denying that the addresses
                         assigned to the client are appropriate to the
                         link to which the client is connected.  A
                         server sends a Reply message to acknowledge
                         receipt of a Release or Decline message.

      RELEASE (8)        A client sends a Release message to the server
                         that assigned addresses to the client to
                         indicate that the client will no longer use one
                         or more of the assigned addresses.

      DECLINE (9)        A client sends a Decline message to a server to
                         indicate that the client has determined that
                         one or more addresses assigned by the server
                         are already in use on the link to which the
                         client is connected.

      RECONFIGURE (10)   A server sends a Reconfigure message to a
                         client to inform the client that the server has
                         new or updated configuration parameters, and
                         that the client is to initiate a Renew/Reply
                         or Information-request/Reply transaction with
                         the server in order to receive the updated
                         information.


      INFORMATION-REQUEST (11) A client sends an Information-request
                         message to a server to request configuration
                         parameters without the assignment of any IP
                         addresses to the client.

      RELAY-FORW (12)    A relay agent sends a Relay-forward message
                         to relay messages to servers, either directly
                         or through another relay agent.  The received
                         message, either a client message or a
                         Relay-forward message from another relay
                         agent, is encapsulated in an option in the
                         Relay-forward message.

      RELAY-REPL (13)    A server sends a Relay-reply message to a relay
                         agent containing a message that the relay
                         agent delivers to a client.  The Relay-reply
                         message may be relayed by other relay agents
                         for delivery to the destination relay agent.

                         The server encapsulates the client message as
                         an option in the Relay-reply message, which the
                         relay agent extracts and relays to the client.

Wednesday, 28 August 2013

How to change Lease time in tftpd32 DHCP server!

The tftpd32  is one easy to use open source DHCP server. It can be used for testing many functionalities of DHCP client.
 
The parameter i was looking for, was, Lease time, through GUI we do not have option to change it. 
 
Using tftpd32.ini file we can change this paramter.
 
Steps to download and change the lease time on Windows XP platform as Host machine.
 
1) Download Tftpd32-4.00-setup.exe from http://tftpd32.jounin.net/tftpd32_download.html
 
2) Install the file on Windows XP.
 
3) Go to "C:\Program Files\Tftpd32" and start tftpd32.exe
 
4) Configure DHCP related parameter by going to its setting Like ( ip ppol, size of pool, default router and mask) , remove persistant leases ( uncheck)
 
5) Click Ok and close it
 
6) Open tftpd32.ini file in "C:\Program Files\Tftpd32" , the file will be like given below
 
 
 
[DHCP]
Lease_NumLeases=0
IP_Pool=17344704
PoolSize=0
BootFile=
DNS=17344704
Mask=16580607
Gateway=34121920
DomainName=
Lease (minutes)=2880
AddOptionNumber1=0
AddOptionValue1=
AddOptionNumber2=0
AddOptionValue2=
AddOptionNumber3=0
AddOptionValue3=
AddOptionNumber4=0
AddOptionValue4=
AddOptionNumber5=0
AddOptionValue5=
AddOptionNumber6=0
AddOptionValue6=
AddOptionNumber7=0
AddOptionValue7=
AddOptionNumber8=0
AddOptionValue8=
AddOptionNumber9=0
AddOptionValue9=
AddOptionNumber10=0
AddOptionValue10=
[TFTPD32]
BaseDirectory=.
TftpPort=69
Hide=0
WinSize=0
Negociate=1
PXECompatibility=0
DirText=0
ShowProgressBar=1
Timeout=3
MaxRetransmit=6
SecurityLevel=1
UnixStrings=1
Beep=0
VirtualRoot=0
MD5=0
LocalIP=
Services=15
TftpLogFile=
SaveSyslogFile=
PipeSyslogMsg=0
LowestUDPPort=0
HighestUDPPort=0
MulticastPort=0
MulticastAddress=
PersistantLeases=0
DHCP Ping=1
DHCP LocalIP=
Max Simultaneous Transfers=100
UseEventLog=0
Console Password=tftpd32
Support for port Option=0
Keep transfer Gui=5
Ignore ack for last TFTP packet=0
Enable IPv6=0
 
7) Change "Lease (minutes)=2880" paramter to suit your requirements.
 
 
Keep Learning , Keep sharing !
 

 

Friday, 23 August 2013

Short tutorial on Busybox!

BusyBox:

1) It is a collection of common used Linux binaries.

2) Latest version is 29 June 2013 -- BusyBox 1.21.1 (stable) as of today (Aug 23, 2013).

4) It supports almost 292 various commands.

5) Use "yum install busybox" to install  it .



[root@localhost ~]# busybox --help
BusyBox v1.13.2 (2009-02-09 07:22:45 EST) multi-call binary
Copyright (C) 1998-2008 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.

Usage: busybox [function] [arguments]...
   or: function [arguments]...

        BusyBox is a multi-call binary that combines many common Unix
        utilities into a single executable.  Most people will create a
        link to busybox for each function they wish to use and BusyBox
        will act like whatever it was invoked as!

Currently defined functions:
        [, [[, addgroup, adduser, adjtimex, ar, arp, arping, ash,
        awk, basename, blkid, brctl, bunzip2, bzcat, bzip2, cal,
        cat, catv, chat, chattr, chgrp, chmod, chown, chpasswd,
        chpst, chroot, chrt, chvt, cksum, clear, cmp, comm, cp,
        cpio, crond, crontab, cryptpw, cttyhack, cut, date, dc,
        dd, deallocvt, delgroup, deluser, depmod, devmem, df, dhcprelay,
        diff, dirname, dmesg, dnsd, dos2unix, du, dumpkmap, dumpleases,
        echo, ed, egrep, eject, env, envdir, envuidgid, ether-wake,
        expand, expr, fakeidentd, false, fbset, fbsplash, fdformat,
        fdisk, fgrep, find, findfs, fold, free, freeramdisk, fsck,
        fsck.minix, ftpget, ftpput, fuser, getopt, getty, grep,
        gunzip, gzip, halt, hd, hdparm, head, hexdump, hostid, hostname,
        httpd, hush, hwclock, id, ifconfig, ifdown, ifenslave, ifup,
        inetd, init, insmod, install, ip, ipaddr, ipcalc, ipcrm,
        ipcs, iplink, iproute, iprule, iptunnel, kbd_mode, kill,
        killall, killall5, klogd, last, length, less, linux32, linux64,
        linuxrc, ln, loadfont, loadkmap, logger, login, logname,
        logread, losetup, lpd, lpq, lpr, ls, lsattr, lsmod, lzmacat,
        makedevs, makemime, man, md5sum, mdev, mesg, microcom, mkdir,
        mkfifo, mkfs.minix, mknod, mkswap, mktemp, modprobe, more,
        mount, mountpoint, msh, mt, mv, nameif, nc, netstat, nice,
        nmeter, nohup, nslookup, od, openvt, passwd, patch, pgrep,
        pidof, ping, ping6, pipe_progress, pivot_root, pkill, popmaildir,
        poweroff, printenv, printf, ps, pscan, pwd, raidautorun,
        rdate, rdev, readahead, readlink, readprofile, realpath,
        reboot, reformime, renice, reset, resize, rm, rmdir, rmmod,
        route, rtcwake, run-parts, runlevel, runsv, runsvdir, rx,
        script, sed, sendmail, seq, setarch, setconsole, setfont,
        setkeycodes, setlogcons, setsid, setuidgid, sh, sha1sum,
        showkey, slattach, sleep, softlimit, sort, split, start-stop-daemon,
        stat, strings, stty, su, sulogin, sum, sv, svlogd, swapoff,
        swapon, switch_root, sync, sysctl, syslogd, tac, tail, tar,
        tcpsvd, tee, telnet, telnetd, test, tftp, tftpd, time, top,
        touch, tr, traceroute, true, tty, ttysize, udhcpc, udhcpd,
        udpsvd, umount, uname, uncompress, unexpand, uniq, unix2dos,
        unlzma, unzip, uptime, usleep, uudecode, uuencode, vconfig,
        vi, vlock, watch, watchdog, wc, wget, which, who, whoami,
        xargs, yes, zcat, zcip

[root@localhost ~]#

Thursday, 22 August 2013

A short tutorial on dmesg, Linux command !

The command is "dmesg" which means "display messages" or "driver messages" as per Wiki, but I think it should be "debug messages" as these messages helps the developers to debug the Linux Kernel problem occurred during boot-up time or later. These messages are mostly hardware related messages, in which the peripherals or the actual ports gets initialized. If we give this command without any option it will print all messages on screen.

The format of command:

Usage: dmesg [-c] [-n level] [-s bufsize]
The man file says:

[root@localhost ~]# man dmesg
Formatting page, please wait...
       The program helps users to print out their bootup messages.  Instead of
       copying the messages by hand, the user need only:
              dmesg > boot.messages
       and mail the boot.messages file to whoever can debug their problem.
OPTIONS
       -c     Clear the ring buffer contents after printing.
       -r     Print the raw message buffer, i.e., donĂ¢t strip  the  log  level
              prefixes.
       -sbufsize
              Use  a  buffer  of size bufsize to query the kernel ring buffer.
              This is 16392 by default.  (The  default  kernel  syslog  buffer
              size was 4096 at first, 8192 since 1.3.54, 16384 since 2.1.113.)
              If you have set the kernel buffer to be larger than the  default
              then this option can be used to view the entire buffer.
       -nlevel
              Set  the  level at which logging of messages is done to the con-
              sole.  For example, -n 1 prevents  all  messages,  expect  panic
              messages, from appearing on the console.  All levels of messages
              are still written to /proc/kmsg, so syslogd(8) can still be used
              to  control  exactly  where kernel messages appear.  When the -n
              option is used, dmesg will not print or clear  the  kernel  ring
              buffer.
              When  both options are used, only the last option on the command
              line will have an effect.
SEE ALSO
       syslogd(8)
AVAILABILITY
       The dmesg command is part of the util-linux-ng package and is available
       from ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/.
                                                     
The commands which can be used are:

1) dmesg -> display whole output on screen

2) dmesg | less  -> display output as one screen at a time

3) dmesg > debug.log -> redirect all messages to log file

4) dmesg | grep usb/time/interrupt/tty/dma/memory -> to display(grep) only relevant or required information

5) dmesg -n 1 -> stop all messages except panic messages

I could not find information on various levels , let me know if any one of you know.

Heppy Learning, Happy Sharing!

Monday, 5 August 2013

Things to avoid in Life !

Recently I heard below things and like it. We all do it without knowing and if somebody else do it we feel irritated :-)
 
 

Me first Attitude (MFA)

TTT (Talk, Talk and Talk…)

PTB (Pass the buck)

I already Know IT (IAKI)

Prove it to me (PITM)

Monday, 29 July 2013

Cisco command to see the time and the command to see DHCP bindings


show clock : To see time on Cisco

show ip dhcp binding : To see the lease time of dhcp clients

Thursday, 25 July 2013

Freeradius configuration for PEAP/TLS and TTLS

Free Radius Server can be downloaded from http://sourceforge.net/projects/freeradius/

Some of the common commands are :

1) To run RADIUS service :

radiusd –X


2) To kill RADIUS service, search for the process-id

ps –ax

kill 9 <pid>


3) Configure Clients:

/usr/local/etc/raddb/clients.conf

client 10.0.0.1/16 {

secret = test123

shortname = private-network-2

}


4) Configure users:

/usr/local/etc/raddb/users

"user1" Cleartext-Password: = "test1"

5) PEAP :To authenticate a client using PEAP, the following configurations are needed for the PEAP module in the eap.conf file

peap {
default_eap_type = mschapv2
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
}


6) To authenticate a client by validating the server certificate, "ca.der " certificate needs to be installed in the client

7) TLS: To authenticate a client using TLS ,the following configurations are needed for the TLS module in the eap.conf file
 tls {
certdir = ${confdir}/certs
cadir = ${confdir}/certs
private_key_password = whatever
private_key_file = ${certdir}/server.pem
certificate_file = ${certdir}/server.pem
CA_file = ${cadir}/ca.pem
dh_file = ${certdir}/dh

random_file = ${certdir}/random
CA_path = ${cadir}
cipher_list = "DEFAULT"
make_cert_command = "${certdir}/bootstrap"
cache {
enable = no
lifetime = 24 # hours
max_entries = 255
}

}


8) TTLS: To authenticate a client using TTLS ,the following configurations are needed for the TTLS module in the eap.conf file

ttls {
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
}


How to generate the certificates

1) To generate the certificates for ca and server use command "./bootstrap" in the below folder

/usr/local/etc/raddb/certs

2) To generate certificates for client

Use command, "make client.pem" and copy the certificate "client.p12" to client and install

*** while installing the client.p12 in windows client, config password same as in certificate i,e "whatever" as per in client.cnf


Radius VLAN assignment

"user1" Cleartext-Password := "test1"

Tunnel-type = VLAN,

Tunnel-medium-type = IEEE-802,

Tunnel-Private-Group-Id = "10"




Note: "use_tunneled_reply" is to be enabled for authentication to work. To enable, need to configure, "use_tunneled_reply = yes" in the eap.conf file




Wednesday, 24 July 2013

"No option 125" error from Cisco DHCP server

Problem : "No option 125" error was continuosly repeating and DHCP Server on Cisco was not offering any IP address to the clients.
 =========================================
Jul 24 05:36:21.147: DHCPD: No option 125
Jul 24 05:36:21.147: DHCPD: DHCPDISCOVER received from client 001e.e5dc.ae.c0 on interface GigabitEthernet0/1.
Jul 24 05:36:30.707: DHCPD: client's VPN is .
Jul 24 05:36:30.707: DHCPD: No option 125
 ========================================
Solution: After some debugging, came to know that the problem is with the subnet configured on the Gigabit ethernet. For DHCP Server to offer the ipa ddress atleast one interface should be in the same network as the pool is defined. Once the subnet is properly configured, the Server started replying.
The basic config file  for configuring DHCP SERVER on Cisco router
service dhcp
no ip dhcp conflict logging
!
ip dhcp pool 1
 network 11.0.0.0 255.0.0.0
 default-router 11.0.0.1
!
interface GigabitEthernet0/1
 ip address 11.0.0.1 255.0.0.0

iwconfig sample commands

 
1) iwconfig
 
 
Iwconfig command is used to configure wireless interface in Linux. It is similar to ifconfig command but with lots of wireless paramters.
 
Sample Commands
 
iwconfig eth0 essid My Network
 
iwconfig eth0 channel 3
 
iwconfig eth0 mode Managed
iwconfig eth0 rts 250
iwconfig eth0 key 0123-4567-89
iwconfig eth0 txpower 15
 
2) Atheros driver commands ( Madwifi)
 
 
a) iwconfig
b) wlanconfig
c) iwpriv
 

iwconfig ath0 essid test123

ifconfig ath0 up

wlanconfig ath0 create wlandev wifi1 wlanmode ap

iwconfig ath0 essid test123

iwpriv ath0 mode 11G

iwconfig ath0 channel 1

ifconfig ath0 up

wlanconfig ath0 list chan

iwconfig ath0 channel 36

iwpriv wifi0 getCountry

iwpriv wifi0 getCountryiD

iwpriv wifi0 setCountry US

iwpriv ath0 mode 11NAHT20

wlanconfig ath0 destroy

 

Monday, 15 July 2013

Presentation Skills how much important ?

We had presentations for internal team by internal team members last week. It was a good experience and i think each and every member got benefited with this. I am just giving some feedback on how it was from my view, and it is not intended for making fun or hurting sentiments.The sole purpose of this post is to make people aware, what are the common mistakes people do and how we can avoid them.

1) First day : This person , only one day before i asked him to give presentation and he agreed. He was confident , he selected the topic on which he was working.He started with writing all the topics on board and explained the scope of discussion, topics he is going to cover and what are not covered in the session. After that he started in detail about each topic and covered well.

2) Second Day :Next day, we had presentation in which the presenter was confident but the selected topic was very vast and it has to be explained in detail. He started nicely , but it was like he started using too many technical jargon, which few people were not able to understand. So it started and finished , but it could have been better.

3) Third Day: We had a nice presentation , the presenter did well in explaining the topic and showing slides and details whenever required.

4) Fourth day : We had an informal discussion on various things, as actual presenter was on leave.I explained the manufacturing process in general , how the embedded boards are actually formed, what are the various stages it has to go before reaching to our hands and we had some discussion on deployment scenarios.

5) Fifth day : We had a presentation on RIP, this person started off nicely with explanation on  what is route , static route, what is routing, network, different types of routing protocol (link state, distance vector) , count to infinity, route poisoning and split horizon. It was already one hr , in the end one person asked "Are we going to start RIP now ?".
We all had a good laugh and concluded that as time is already over we will go for another session on RIP (only RIP)

So as you see, every person has a way of giving presentation , but it make sense only when the whole team is able to understand what you are saying. Always prepare presentation based on the audience, and it is very-very much required that "You" get used in giving presentation. Experience and number of years does not matter.

Learn from your mistakes and start by giving overview of topics which you are going to cover. If some one asks question and you are not sure , write it down and tell them that after presentation, you'll let them know.

Take feedback from your fellow members after presentation. Use technical terms but expand it or explain it so that all know what you are telling, also do not go to very basic, thinking that people doesn't know even basic things, it will be a waste of time for all.

One person i remember used "actually" too much during presentation, even his every 3 sentence  started with "actually", but as he become more comfortable in giving presentations he could understand and started avoiding "actually" and used it only when actually it was required. :-) :-)

Don't think too much and start giving presentations as soon as possible, plan for at least one presentation per year.

Happy Learning  , Happy Sharing !

Tuesday, 2 July 2013

How to add static routes in DHCP Clients, DHCP option supported for Classless routing !


If you want to add static routes in DHCP Clients use DHCP option 121 in DHCP SERVER.

It is defined in

http://www.faqs.org/rfcs/rfc3442.html. The option code is 121.

However, Microsoft DHCP server uses another option i.e. 249 to serve the same purpose.

In Linux based DHCP server i.e. ISC DHCP server , you can try adding the options as specified in

http://www.j-schmitz.net/blog/pushing-static-routes-with-isc-dhcp-server


Sunday, 30 June 2013

TFTP gets Timed out, No error message.

We had a issue with Windows XP laptop, the TFTP server stops responding. We checked the ports were fine, and was not used by any other tftp server. The windows XP firewall was off. Tried with two TFTP servers Solarwinds and TFTPD , both were not responding.

No error message :-( , if we reboot it in safe mode, it was working. So first clue , some service was stopping the TFTP operation.

Identifying service was also very frustrating, but looks like it was Cisco VPN client, which has Stateful firewall, once we stop this service, the TFTP was working fine.

From Cisco :

================================

How can I disable the Stateful Firewall Feature during the installation of the Cisco VPN Client?

A. For VPN Client versions prior to 5.0:

Refer to the Documentation Changes section of the VPN Client Rel 4.7 Release Notes in order to learn about the two topics "Using MSI to Install the Windows VPN Client without Stateful Firewall" and "Using InstallShield to Install the Windows VPN client without Stateful Firewall".

For VPN client versions after 5.0:

Beginning with Cisco VPN Client release 5.0.3.0560, an MSI installation flag was added to avoid the installation of the guild in firewall files:

msiexec.exe /i vpnclient_setup.msi DONTINSTALLFIREWALL=1

Refer to Bypassing Installation of Firewall Files When Stateful Firewall Is Not Required section for more information regarding this.


Ref:http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_qanda_item09186a00801c2dbe.shtml


Solarwinds TFTP server documentation also states something similar:

Error message: " %Error opening tftp://IP_Address/filename (Timed out) ERROR: Failed to open archive file tftp://IP_Address/filename." when you try to transfer a file in TFTP Server

This error is typically caused by a firewall blocking access. We recommend disabling any firewalls on the machine running the TFTP Server.

FYI, Cisco's VPN client has a setting under options that states "Stateful Firewall Always On". If you have this client installed, you will want to uncheck this setting.


=====================================

Hope it helps someone !


Wednesday, 26 June 2013

Answer these DHCP protocol related interview question !

Post your answers in comments.

1) DHCP is based on which protocol ?

2) Can DHCP Server, itself can be DHCP client ?

3) DHCP supports three types of IP allocation schemes. What are they?

4) In which allocation scheme the IP address reuse is allowed?

5) How many types of DHCP messages you know or have seen it, how many are their in standard?

6) "DHCP is not used for configuring routers" this statement is true or false and why?

7) On what parameter the DHCP server decides, to send its OFFER as unicast packet or broadcast packet?

8) How do you identify the DHCPREQUEST packet is sent at init time, T1 time or T2 time?


Later more, Keep learning , Keep sharing!


Thursday, 13 June 2013

How to install and use ZAP wireless tool from Ruckus Wireless on Fedora or Linux PC


This tool is used for UDP performance testing mostly for Video or IPTV kind of traffic for wireless AP


How Zap Works from Ruckus website:

Zap works by sending controlled bursts of packets and measuring both packet loss and inter-arrival times. The primary results reported are number of packets lost, total packets

received and detailed throughput statistics. Because Zap provides a measure of both throughput and consistency over time and distance, it has particular importance to streaming

video, voice and other latency-sensitive applications. Conversely, knowing only average throughput levels will not help predict the performance of a wireless network.

By measuring the maximum throughput of batches of packets, Zap is able to determine the minimum throughput that can be expected at a given percentile. For example, if Zap reports

the 99.5 percentile to be 50Mbps, that means statistically, throughput is at or greater than 50Mbps 99.5 percent of the time. For video applications, the ability to determine

throughput within the 99.5 percentile gives IT managers and network designers the assurance of the maximum throughput that a given IP wireless network can deliver reliably to

ensure picture-perfect viewing.

Steps to install and use this tool in Fedora or Linux PC

Internet is connected to this machine.


1) Download and install SVN client on PC

 #yum install svn

2) once installed  run below command

#svn checkout http://zapwireless.googlecode.com/svn/trunk zaptool

3) Change directory

 #cd zaptool

4) Install the tool

# make

# make install

5) you will need gcc compiler to make the files if not installed in machine

#yum install gcc

run step 4

6) After step 4 the tool is installed in the pc , repeat the same on another linux PC for back to back tests


7) Connect both the PC, back to back and run below commands

PC1 ( 154.1.1.1)-----PC2 (154.1.1.2)


PC1#zapd &

PC2#zapd &

PC2#zap -s154.1.1.1 -d154.1.1.2 -X30


8) You should be seeing some results on PC2 after running above commands. Success-> try with your wireless devices

which is to be tested. Error-> go to step 9


9) If you get error -> could not Rx or similar try below commands on both PC, it will disable firewall.

PC1#service iptables stop

PC1#echo 0 > /selinux/enforce

PC2#service iptables stop

PC2#echo 0 > /selinux/enforce


10) Repeat step 7, should work fine.


Results : The result can be interpreted as below (taken from ZAP QSG)

 
Example zap output:

 192.168.0.2 192.168.0.177 408=rx 0=dr 0=oo 0=rp 20=rx in 57.6ms 4.1mbps  4.3|10.2  3.7  0.2  0.1  0.1  0.1

The details on all the fields are:

src    src address
dst    dst address
rx    cumulative received packets
dr    dropped packets
oo    out of order packets
rp    retried packets
rx in    received packets in this batch (sample)
b_time    batch (sample) time
b_thrput    batch thruput (for given batch or sample)
avg    cumulative aggregate thruput
0%    max thruput observed (peak thruput)
50%    median thruput
90%    thruput at 90 percentile (i.e. thruput was better than this 90% of the time)
95%    thruput at 95 percentile
99%    thruput at 99 percentile
99.9%    thruput at 99.9 percentile



Keep learning,Keep sharing!

Tuesday, 11 June 2013

How to install Tomcat server in fedora core 14 PC ?

Following steps is to be done to install tomcat server on Fedora PC. I have used core 14, but the steps should be pretty much same for other Fedora versions.

1) Download latest Tomcat server from the website

wget http://mirror.nexcess.net/apache/tomcat/tomcat-7/v7.0.41/bin/apache-tomcat-7.0.41.tar.gz

2) tar -xvzf apache-tomcat-7.0.41.tar.gz

3) The JRE 7 or 6 is to be installed on the PC. Download and install the rpm. In my pc it was already installed. The path should be properly set

export JAVA_HOME=/usr/java/jdk1.6.0_23

4) Set the path

export CATALINA_HOME=/home/user1/apache-tomcat-7.0.41

5) Start the Server

$CATALINA_HOME/bin/startup.sh

6) The server will set some defaults and should start without any errors.

7) Browser the default page

http://localhost:8080/


Wednesday, 8 May 2013

Check CRC /Hash calculation for files

We can send files to any other person or organization as attachment. Only if one download and opens it, will know if the file is correct or not, that too if it is in human readable format, like pdf, doc, excel etc. What if it is binary file or image, which is to be given to the other person? The other person cannot identify it until it uses it in the application for which it is intended.

One easy way is to do CRC32 check at both the ends. There is one free tool available hashtab which does hash calculation and generates the unique values.

Once this tool is downloaded and installed, for any file, if you right click -> properties -> you can see one extra tab "File hashes" -> It will display the Name and the Hash value unique to the file.

You can copy this information and send to the other party as well. The other person once download the file, he/she can check the properties-> and the hash value, if both sides it matches, means the file is fine,otherwise resend the file.

You can download the hashtab from below link and try it.

http://www.implbits.com/HashTab/HashTabWindows.aspx

Keep learning, Keep sharing !


Thursday, 2 May 2013

Window disappears when minimized in Linux (Fedora) once Panel is deleted

In fedora PC, someone accidentally deleted the bottom Panel. Now we could add the new panel, but all the opened windows just disappears when we minimized them. How ever using ALT+Tab we can access them.

I could find the solution with the help of friend Google.

1)       Once bottom panel is deleted

2)       Right click on Top panel -> New Panel

3)       The bottom panel will get created

4)       Right click on bottom panel -> Add to panel

5)       In Find an item-> type Window-> select Windows List-> ADD

6)       Now all the opened windows can be seen in this panel.

I think it can be done using Panel Preferences also, but I am not sure it is supported or not in Fedora.

Keep learning, Keep sharing !

Monday, 8 April 2013

"adapter not available" in windows XP with Odyssey Client

I have Windows XP laptop and it has Atheros AR9285 Wireless Network Adapter with Driver date 3/27/2009 version 7.7.0.267.

It was all working fine with Odyssey client Manager version 0.15.

Suddenly after reboot i observed  "adapter not available" in Odyssey. Exit, disable/enable the service, reboot of the laptop does not resolve the issue.

I had to uninstall the Wireless card and again reinstall it. After that it started working.

Sunday, 17 March 2013

Error (STOP: 0X0000007B (0xF78d2524,0XC0000034,0X00000000, 0X00000000)] in installing Windows XP

Recently i tried to change the OS of DELL Inspiron from ubuntu to Widows XP. I keep getting this error

STOP: 0X0000007B (0xF78d2524,0XC0000034,0X00000000, 0X00000000)

The solution was to change in the BIOS setting, the mode of  SATA controller from AHCI mode to ATA mode.


Tuesday, 5 February 2013

How to change IGMP Version (IGMP v1/v2/v3) in Windows XP PC?

By default when the Windows XP host joins IGMP group it uses IGMP v3. If you want to change this behavior and want PC to generate IGMP v1 or v2 messages change the registry settings as follows:


1) Start -> Run -> regedit

2) Go to HKEY_LOCAL_MACHINE ->SYSTEM->CurrentControlSet->Services->Tcpip->Paramters

3) Right Click -> New-> DWORD Value-> Rename the field as  "IGMPVersion"

Set the Value according to the table below and reboot the PC.  

Value "2" ->  IGMP Version 1

        "3" -> IGMP Version 2

        "4" -> IGMP Version 3 ( Default)


              

Why windows XP sends messages with 239.255.255.250 destination IP address?

We can see few packets destined to 239.255.255.250 IP address in Wireshark. They are:

1) SSDP Messages

2)  IGMP messages destined to 239.255.255.250

SSDP protocol is used to discover Upnp (Plug and play) devices in network. When we enable or disable the network interface, you can observe these messages.




What is Wireshark filter for SSDP protocols?

For SSDP protocols there is no separate Wireshark filter. We have to use either of the following two:


1) (udp.dstport==1900)

2) http




Wednesday, 30 January 2013

What is Duration attack in wireless (WLAN) ?

The Duration attack in short:

"The duration value in the WLAN frame indicates the time duration in milliseconds for which the channel is reserved. The Network Allocation Vector (NAV) stores this duration information. The rule is that any node can transmit only if the NAV reaches zero.

Attackers make use of the above vulnerability. They inject packets into the WLAN with huge duration values. This would force the other nodes in the WLAN to keep quite as they cannot send any packet until this value reaches zero. If the attacker sends such frames continuously it will prevent other nodes in the WLAN from operation for a long time and there by disrupting the entire wireless service."


Ref :http://manageengine.com.mx/wireless-network-management/duration-attack.html

The Omnipeek sniffer or some wireless sniffers can identify this attack and the packets can be seen in the logs. This effectively make the wireless network down, as many devices will be waiting and the attacker will be utilizing the bandwindth." 

Some of the other examples where this type of issue is identified :


1 ) Meru Wireless AP 

Below excerpts taken from

https://supportforums.cisco.com/thread/339022

=================================================

Meru's secret [manipulation of the RF] may leave a bitter aftertaste, especially if a neighboring business is running a Meru system on the same channel as your non-Meru system. Cisco was unambiguous in claiming that Meru is violating 802.11 standards by artificially manipulating the NAV (network allocation vector) value in certain duration fields (see "Duration, Duration, Duration" below). Meru denies these allegations, claiming its products are "100 percent standards-compliant." Based on our understanding of 802.11's virtual carrier sense architecture and the role that duration field values play in managing contention, we find Cisco's charges credible, but we'll reserve final judgment until other industry experts weigh in on this controversial issue."

 In other words, by manipulating the carrier sense in an unorthodox manner, the Cisco APs never get a chance to talk on the RF.

 For some reason, Cisco products appear to be more susceptable to this Meru-induced issue.

 Your Cisco WLC should be able to see the adjacent WiFi devices - if any exist. 

Or, if you have a wireless sniffer (AirMagnet, etc.), you might be able to see adjacent "rogue" access points.  Even a laptop with WiFi might be able to see a list of foreign SSIDs that are not yours.

 If you can get the wireless MAC address of these foreign APs (assuming that they are there), you can lookup OUI (the first three bytes of the MAC address) at the following site to determine the manufacturer of the access point:

 http://standards.ieee.org/regauth/oui/index.shtml

 If Meru pops up, it might be the source of your problem.  If so, you may be able to work around this problem by using a channel other than that of the neighboring Meru WLAN (since Meru uses the *same* channel for *EVERY* access point in its WLAN - yes, bizarre, but true).

 =======================================================


2)  Apple IPhone

http://revolutionwifi.blogspot.in/2012/05/are-apple-iphones-misbehaving-on-wi-fi.html

========================================================


 The finding in question was that the Apple iPhone, iPad, and other mobile devices based on the latest Broadcom chipsets are setting really long Duration values in the range of 10-14ms within Wi-Fi control frames (e.g. RTS/CTS-to-self). This essentially reserves the medium for the device to transmit without a collision. The problem is that this is an excessively long period of time for an 802.11n capable device, and through my packet analysis I have found that no large frame transmission is subsequently occurring. This indicates that a performance problem may exist with the devices, and may be reported as an NAV DoS attack on the network by WIPS systems.

=======================================================


3)  Intel client

http://revolutionwifi.blogspot.in/2012/05/are-apple-iphones-misbehaving-on-wi-fi.html

========================================================
Intel clients use the technique of sending a long duration (usually 4ms) in an RTS frame, sending their data and then releasing with a CFE frame. They only do this under certain circumstances however. You can see it by associating an 11n Intel client (I used a 6205) to an 11n AP (using the 2.4GHz radio) and then associating a legacy (non-11n) client. From a wired pc, then ping the 11n client. You'll see the RTS frames that the 11n client sends (for wireless protection) have a large duration and after it transmits the ping response, it sends a CFE.

So someone at Intel believes this is a better method of sending data in a crowded environment. They don't do this behavior in 5GHz as far as I've seen. Broadcom may be trying to replicate something like this.

==========================================================

So if in your WLAN network if you are seeing such packets, try to identify the device, client or AP, see if its one of above. If not, post in comments.



How to take backups of Linux machine?

I have not tried it yet, but  Clonezilla is one free tool which can create 1 PC backup or can take simultaneously back up of many PCs.

http://clonezilla.org/



Monday, 28 January 2013

Unicast DHCPREQUEST is not sent by DHCPCLIENT after T1 time expires ?

Recently i came across one issue in which unicast DHCPREQUEST was not being sent by the DHCP CLIENT after the T1 expires.

I will explain some basic things about DHCP before going to the issue.

1)  It is explained in RFC 2131.
2) The packets between server and clients are DHCPDISCOVER, DHCPOFFER,DHCPREQUEST and DHCPACK
3) After T1 time ( 50 % of lease time)  the client should send unicast DHCPREQUEST to server. If server available, renew lease, if not continue using the lease.
4) If server is not present after T1 time wait for T2 time ( 87.5 % of lease time) and send broadcast DHCPREQUEST.
5) if Server is not available  after T2, continue using the IP address till lease time expires. Stop using the IP and start sending broadcast DHCPDISCOVER.


Now the issue :

We had a server in which lease time is set as 15 min.The client gets the ip address and other parameter from server. The t1 time is 7 min, after T1 time the client should send unicast DHCPREQUEST, but it sends broadcast DHCPREQUEST. It appears as an issue because when client moves to renewing state it should send unicast DHCPREQUEST.

As per RFC 2131

   At time T1 the client moves to RENEWING state and sends (via unicast) a DHCPREQUEST message to the server to extend its lease.

These are some of the Observations :

1) Server Windows 2008 DHCP server ( lease time 15 min)

2) Linux PC as client

Setup :

Linux PC---switch--WINDOWS DHCP Server.

Once the client gets IP remove the server.

Linux showed  DHCPREQUEST as broadcast packets.


Analysis:


In Linux the default arp timeout value is 60 sec and is configured using this parameter

 

/proc/sys/net/ipv4/neigh/eth1/gc_stale_time

 

After the arp entry for DHCP server will get deleted, the device will send ARP REQUEST for the DHCP server. After T1 time, if it does not get any arp reply, it is sending the BROADCAST DHCPREQUEST message.

 

If the server is always connected, the ARP will get resolved and it will send the unicast DHCPREQUEST.

 

So it seems not an issue. If ARP entry is present in the device, the client will send the unicast DHCPREQUEST, if it gets expired before T1 it will send broadcast DHCPREQUEST.

 


Let me know your comments, observation on this.

 

Keep learning, Keep sharing !!!


Friday, 25 January 2013

What will happen in this basic networking subnet case ?


We have two PC with switch in between

PC1----------------------------------------------------------Switch-------PC2 ( 192.168.7.1 netmask 255.255.0.0)
(192.168.7.10 netmask 255.255.255.0)

Will they ping each other ?

What I am changing here ?

I am changing the subnet mask of the PC , so that they are in different broadcast domains.

Let me know what you think ?

Thursday, 24 January 2013

ARP Timeout Value for Linux, Windows, Cisco 2960 and DELL Switch

ARP timeout


As per RFC 826

"https://tools.ietf.org/html/rfc826"

"It may be desirable to have table aging and/or timeouts.  The
implementation of these is outside the scope of this protocol."

So the ARP timeouts are vendor dependent and can very drastically from one vendor to another. Here is some information about ARP timeouts.

1) ARP timeout for Cisco 2960 switch

# show interfaces vlan 1
Vlan1 is up, line protocol is down
  Hardware is EtherSVI, address is 5897.1ec9.1040 (bia 5897.1ec9.1040)
  Internet address is 192.168.100.1/24
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive not supported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:10:09, output 00:10:07, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     60274 packets input, 5100402 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     66629 packets output, 52011719 bytes, 0 underruns
     0 output errors, 3 interface resets
     0 output buffer failures, 0 output buffers swapped out

The default ARP timeout for cisco switch is 4 hrs.

It can be changed using following command :


#configure
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line.  End with CNTL/Z.
cisco(config)#interface vlan 1
cisco(config-if)#arp timeout ?
  <0-2147483>  Seconds
cisco(config-if)#arp timeout 600



2) ARP time out for DLINK switch


Default value for ARP timeout is 20 sec in DLINK switch



# show arpentry
Command: show arpentry


ARP Aging Time : 20

Interface      IP Address       MAC Address        Type
-------------  ---------------  -----------------  ---------------
System         192.168.100.0      FF-FF-FF-FF-FF-FF  Local/Broadcast
System         192.168.100.167    00-1B-11-11-BD-41  Local
System         192.168.100.255    FF-FF-FF-FF-FF-FF  Local/Broadcast

Total Entries  : 3


Command to change the ARP entry time out value in DLINK switch

DES-3026:4#config arp_aging
Command: config arp_aging

Next possible completions:
        time

DES-3026:4#config arp_aging time
Command: config arp_aging time

Next possible completions:
        <value 0-65535>

DES-3026:4# config arp_aging time 600



3) Linux Fedora core 16

Default ARP timeout value in LInux is 60 sec

can be changed at  /proc/sys/net/ipv4/neigh/eth1/gc_stale_time

gc_stale_time (since Linux 2.2)
Determines how often to check for stale neighbor entries. When a neighbor entry is considered stale, it is resolved again before sending data to it. Defaults to 60 seconds.
gc_thresh1 (since Linux 2.2)
The minimum number of entries to keep in the ARP cache. The garbage collector will not run if there are fewer than this number of entries in the cache. Defaults to 128.
gc_thresh2 (since Linux 2.2)
The soft maximum number of entries to keep in the ARP cache. The garbage collector will allow the number of entries to exceed this for 5 seconds before collection will be performed. Defaults to 512.
gc_thresh3 (since Linux 2.2)
The hard maximum number of entries to keep in the ARP cache. The garbage collector will always run if there are more than this number of entries in the cache. Defaults to 1024.
4)  Windows

It was difficult to find about XP. For windows 2000 i got following lines from the link given at reference.

Windows 2000 adjusts the size of the ARP cache automatically to meet the needs of
the system. If an entry is not used by any outgoing datagram for two minutes, the entry is
removed from the ARP cache.Entries that are being referenced are given additional time, in two minute increments,
up to a maximum lifetime of 10 minutes.After 10 minutes, the ARP cache entry is removed and must be rediscovered using
an ARP Request frame. To adjust the time an unreferenced entry can remain in the ARP cache, change the
value of the ArpCacheLife and ArpCacheMinReferencedLife registry entries.
(HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters).


So the default value looks like is 2 min.


5) For brocade switch the default value is 10 min.

command to enable aging time

ip arp-aging-timeout value
no ip arp-aging-timeout


The ARP ageing time is different from the MAC bridge learning time or the MAC table time . If there is mismatch between the MAC bridge learning table and ARP ageing time , it can result in unicast flood. So normally , its better if the ARP aging time is less than the bridge learning table time ( in Linux this value is 300 sec or 5 min can be seen using brctl command)

References:


http://linux.die.net/man/7/arp
https://tools.ietf.org/html/rfc826
http://thetechfirm.com/packets/ARP.pdf
http://www.brocade.com/downloads/documents/html_product_manuals/NOS_CLI_301/wwhelp/wwhimpl/common/html/wwhelp.htm#href=commands_a_z.4.172.html&single=true


ARP table and MAC table discussions

https://learningnetwork.cisco.com/thread/44041

https://learningnetwork.cisco.com/thread/2450




Wednesday, 23 January 2013

How to configure LACP in DLINK switches

To configure LACP in DLink switches , these commands can be used


DLINK 1

config link_aggregation group_id 1 master_port 20 ports 20-21 state enable

config link_aggregation algorithm mac_destination

config lacp_port 20-21 mode active

 

 

 


 

DLINK 2

 

config link_aggregation group_id 1 master_port 20 ports 20-21 state enable

config link_aggregation algorithm mac_destination

config lacp_port 20-21 mode passive

 


How to configure VLAN in DLINK switches

These are the commands to configure VLAN in DLINK switches

config vlan default delete 1-26

config vlan default add untagged 1-14

 

 

create vlan vlan_100 tag 100

config vlan vlan_100 add untagged 18

config vlan vlan_100 add tagged 19-20

 

create vlan vlan_200 tag 200

config vlan vlan_200 add untagged 10

config vlan vlan_200 add tagged 11-12


Friday, 18 January 2013

IXIA Chariot version 4.3 console always terminates When Microsoft Windows remote login terminates or minimized

We use IXIA Chariot tool for performance tests. It is a licensed software product from IXIA which supports, different types of tests.

For more information on this you can refer :

http://www.ixiacom.com/support/ixchariot

Just to explain how it is used , it has one console and other act as endpoints. The traffic runs between the endpoints.

Now the issue ( We have IXIA Chariot console version 4.3)

1) Lets say console is installed in Windows XP PC, and we are remotely login in this using Microsofts "remote desktop" , in windows

Start-> Run ->mstsc -> it will open one window -> Give the IP address of the PC to connect to and login to the PC.


2) Now run the chariot remotely->  it will run fine.

3) Minimise the remote window -> open again -> No trace of Chariot console ??? ( it will get closed :-( )

4) Again start the tests

5) Terminate the remote session and go to that PC and login locally to check results.

6) No results -> issue ->  the moment , the remote desktop session is closed the chariot console stopped.

Why

Reason -> Unknown

Is it a bug in Chariot ? Well, not sure, how it behaves in newer version. If you have ,do some analysis and let me know...

My analysis

Ran Wireshark and did following tests :

1) Local PC ran Chariot and stopped using its right hand corner "x" button

2) Local PC ran Chariot , stopped chariot.exe process using taskmanager

3) Remotely ran Chariot and closed the session

Well, the Wireshark capture for point 2 and 3 are almost same. So this implies that when we are closing the remote session, the chariot process is also getting killed.

What you can do 

If you are in IXIA QA team, raise a bug. If you have Chariot, test the same thing and let me know your observation.


Keep breaking, Keep Learning !!!!










How to create virtual IP interfaces in Linux

We have this requirement , always , to simulate large number of clients using less no of resources ( Read PC or test pcs).

So we use virtual interfaces  on Linux PC to simulate this.

These are the commands to enable virtual interface and assign IP address to them

1) #cd /etc/sysconfig/network-scripts

2) create a new range file
 
# vim ifcfg-eth0-range0

CLONENUM_START=0
IPADDR_START=11.1.1.1
IPADDR_END=11.1.1.254

3) create another range file with another group of address
 
CLONENUM_START=254
IPADDR_START=11.1.2.1
IPADDR_END=11.1.2.254


4) # ifdown eth0

5) # ifup eth2

6) # ifconfig

It should show all the interface created with numbers like this.

eth0, eth0:0, eth0:1

To Remove all the virtual interface issue below command

#ifdown eth2


Internally Linux uses ifup-aliases script in /etc/sysconfig/network-scripts for crating aliases.



Happy Learning, Happy Working !!!


Thursday, 10 January 2013

How to configure Cisco Switch for Radius authentication ?



Setup :

                ______________________   
                 | Port1   Port2  Port3.......|
                 ------------------------------------
                    |             |
Client PC ---              ------------ FreeRadius Server


Client PC is windows XP

Free radius is on Linux Fedora core 14

 Console Commands to configure 802.1X in Cisco Switch Catalyst  2950 series:
-------------------------------------------------------------------

configure terminal
aaa new-model
aaa authentication dot1x default group radius
interface fastethernet0/1
dot1x port-control auto
end
config t
interface vlan 1
ip address 197.168.10.1 255.255.255.0
no shutdown


--------------------------------------------------------------------
Switch(config)# radius-server host 197.168.10.230 auth-port 1812 key shared-secret


The client should get authenticated with free radius server, with user name and password configured in free radius server (users file) and given on PC.


Happy New Year 2013!

Happy new year to all ! Hope this year brings more joys and achievements for everyone .

Keep Learning, Keep Sharing and Keep Exploring!!!
Related Posts Plugin for WordPress, Blogger...