Distance vector vs. Link state routing protocols

Routing protocols are very important for a network to function. How would a router know

signpost

where to send a packet if there was no routing protocol. A network admin would have to configure this all by hand. Just imagine the administrative burden for a network with more than 10 routers…

 

There are several different routing protocols. These protocols can be divided into two categories (some might argue about this, but these two categories, at least, everybody agrees on). These categories are ‘Distance Vector’ and ‘Link State’. But what’s the difference between the two and which should you be using in your network?

Continue reading

ERSPAN on Cisco Nexus

Most network admins are familiar with span and rspan which makes it possible to troubleshoot traffic flowing through your switches.

The Nexus switches however, do not support rspan. This makes troubleshooting a switch a tad more difficult. Luckily they do support ERSPAN. ERSPAN stands for Encapsulated Remote Span. It makes span possible using a GRE tunnel to any routable address. This is even better that rspan!

What makes it even more usable is that the newest versions of wireshark natively support erspan. You can send all the span data to your own pc and analyze it from there.

To configure erspan you can use the following guide:

http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_erspan.html

Kickstarting CentOS using PXE

There are many tutorials online for kickstarting a linux server, but they all cover part of the whole process. I’ll attempt to cover it all here.

First off, I’ll tell you my setup. I wanted to use PXE, kickstart and a local mirror to be able to install a lot of computers simultaniously. However, to be able to do this I tested the installation in Virtualbox with a virtual machine. Both my server and client are virtual. Second I would like to say that I’m a debian minded person. However, CentOS was required for this setup, so here we go.

One of the things I encountered was a VM which did not do any DHCP. The key here was that you need to select the right network adapter for the VM. I used the network bridge adapter which was virtualised as a PCnet-Fast III. Some others might work, but this one did it for me.

On your server you will need some software packages to be installed:

yum install httpd system-config-kickstart dhcp tftp-server syslinux

It’s possible that some are already installed. system-config-kickstart installes a gui kickstart editor. When your server doesn’t have a gui it’s useless. However, if it does, it’s easier to make a kickstart file with it.

As I also wanted a local yum repository I needed to sync a remote repository. This is not really neccesary, but when using this setup in an offline environment you’ll need it. Bear in mind that a repository for a single release is about 25GB.

rsync -avrt --delete --exclude "local*" --exclude "isos" \
rsync://mirrors.rit.edu/centos/6.2 /usr/local/share/CentOS/

This is going to take a while, but while it is syncing you can continue with the other configuration tasks.

Continue reading

$8 billion Ipod

The entertainment industries keep on claiming incredible losses due to music and video piracy. Are these losses really that great?? Cinema visits increase yearly, music revenues are going through the roof…

Sure, many people are downloading ‘illegally’. However, the question is, would these people have bought the CD or movie if it wasn’t for the Internet? I think not, but who am I to judge?

In the movie below Rob Reid introduces us to something called Copyright Math. It’s fun to watch and might open your eyes to their propaganda.

However, there is still a good reason to buy music or visit concerts; support your favorite artists!

Circumventing piratebay blockade

Although I’m not a big time user of torrents and the like, I do not like the BREIN imposed blockade of the piratebay. There are multiple reasons for this, but first and foremost is my opinion that the Internet should be a freely accessible medium. Blocking sites does not fit in that philosophy.

Therefore I installed squid on my server to act as a proxy for me. The installation is fairly straightforward:

  • Install squid3 (apt-get install squid3 squid3-common)
  • Configure security settings for squid:
    • Configure localnet to contain only your IP address (otherwise you’re making an open proxy, which might not be what you want)
    • Configure http_access to allow the localnet
    • Optionally change the default proxy port (which is security through obscurity, but if it makes you feel better it’s fine)
  • Restart squid

That’s it. Configure your pc to use the newly configured proxy and you should be able to bypass the blockade. Off course your server should not be behind a Ziggo or XS4ALL connection.

If you don’t want all your traffic to pass through the proxy you could use the Firefox plug-in called foxyproxy. You can use it to automatically use the proxy for some websites and not for others.