Tuesday 25 September 2012

How to disable ICMP requests on Linux and Windows

The ICMP requests can be disabled in Linux and Windows. It is disabled for security purposes.


a) Linux


Linux we have to use procfs

To ignore broadcasts :

    $ cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

    $ echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

To ignore all type of ICMP traffic

    $ cat /proc/sys/net/ipv4/icmp_echo_ignore_all

    $ echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all


b) Windows -> go to "Network connections" -> Select Local Area connection


  On Left side -> "Change setting of this connection" -> Advanced -> Setting -> Advanced

 ICMP-> Settings-> Un-check all to disable all type of ICMP traffic





Wednesday 19 September 2012

Linux command to know the location of executable file

In Linux we have one command "which" which can be used to know the location of executable.

For example

[root@localhost] # which radiusd
/usr/local/sbin/radiusd


[root@localhost] # which pppoe
/usr/sbin/pppoe





Monday 10 September 2012

Who maintain Enterprise or Vendor codes ?

IANA ( Internet Assigned Numbers Authority ) assigns these numbers to companies.

http://www.iana.org/assignments/enterprise-numbers

Some Vendor codes are :

1 ) Cisco : 5771

2) Netgear : 4526

3 ) Proxim Wireless : 841

4)  Juniper : 4874

5) Amazon : 4843

6) WIPRO Infotech Ltd : 1062

7)  Tata Consultancy Services : 14013

8) Infosys Technologies Limited : 15797

Check for your company what is vendor code ?

Keep Learning , Keep Sharing

Sunday 9 September 2012

Difference between IPv4 and IPv6


IPv6 world launch day is on 8 June 2011 , next event held on 6 June 2012.

Here I am listing main difference between the two protocols.


1) IPv4 : RFC 791
    IPv6 : RFC 2460


2) IPv4 : Address size : 32 bits
    IPv6 : Address size :  128 bits

3) IPv4 : unicast, multicast, broadcast
    IPv6 : unicast , multicast ( some changes ),  anycast
   
4) IPv4 routers : Does Fragmentation
    IPv6 routers : No fragmentation (Pv6 host should perform path mtu discovery or do end-to end fragmentation)

5) IPv4: default PATH MTU 68  
    IPv6 : default PATH MTU 1280

6)  Minimum datagram which host should accept : IPv4 : 576
                                                                            IPv6 : 1280

7) Payload limit : IPv4 : 65535 ((216−1)
                          IPv6 : 4294967295 (232−1) , known as Jumbograms

8) IPv4 : TTL ( Time to Live)
    IPv6 : Hop Limit ( same functionality only name change)

9) Header :

 a)        IPv4 : check sum present
            IPv6 : No check sum

b)         IPv4 : Includes "option"
            IPv6 :  Separate " extension header" not in IPv6 header

c)       IPv4 : IPsec optional
          IPv6 : IPsec compulsary

10) IPv4 : Address ( Manual/DHCP)
       IPv6 : Stateless auto configuration ( link local)

11) IPv4 : To resolve IP->MAC  -> ARP broadcast
      IPv6 : To resolve IP->MAC  -> Multicast solicitation messages ( neighbor discovery protocol)

12) IPv4 -> Broadcast to all hosts
      IPv6 -> Link local all nodes multicast group ( to send to all nodes)


 
 




 

Tuesday 4 September 2012

VLAN standards ( QinQ )

VLAN standard : 802.1 q

QinQ standard : 802.1ad

How do you identify if the packet is VLAN tagged ?

By seeing TPID ( 2 byte ) which is 0x8100 for normal VLAN ( single tag) packets and 0x88a8  for double VLAN ( QinQ) packets.

Why some devices use 0x9100  as TPID for QinQ packets?

Well the initial standard  that defined double tagging is defined in "802.1QInQ-2007" standard. In this standard the TPID is defined as 0x9100 , after this the current standard came which is 802.1ad , in this the TPID for double VLAN packets are defined as 0x88a8. So manufacturer who has released their products before this standard finalized are still using 0x9100 as TPID.

if you go through Juniper documentation

http://www.juniper.net/techpubs/en_US/junose13.2/topics/reference/command-summary/svlan-ethertype.html

They have added option to configure all the three types : 8100, 9100, 88a8 in their OS.

If you go through below documentation from Cisco , they talk about only 8100 or  9100 as TPID

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/qinq.html.

Latest documentation tells about 0x88a8  TPID.

http://www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_cfm-ieee_802_1ad.pdf


So it all depends on vendor implementation. I have seen most of the devices have configurable option for TPID for QinQ mode.

Let me know what your device supports, is 0x9100 is out of market or still being used !!

Keep exploring , Keep Testing !!!