study notes
IPv4 Subnetting Made Easy
October 29, 2012
Many people are intimidated by the idea of subnetting a block of IP Addresses. In reality, it’s much easier than what it appears and with some practice it can be easily done in a persons head, on the fly.
Virtual LAN's and Trunks
August 4, 2010
Virtual LAN, also known as VLAN, is exactly as it sounds. It’s a method of having several virtual LAN’s on a single switch or even on an enterprise campus LAN. It’s completely driven by software and is strictly layer 2. Just as physical LAN’s, you can connect VLAN’s together with layer 3 devices, either routers or switches capable of providing layer three services.
VLAN Trunking Protocol
July 27, 2010
VLAN Trunking Protocol, aka VTP, is a Cisco proprietary protocol that allows Cisco switches to manage your VLAN database across all switches in your LAN through a central switch. This is done via a client / server environment.
MPLS Control and Data Plane Cheat Sheet
December 8, 2014
I made this image to help me wrap my head around the control and data plane flow in regards to MPLS.
Connecting Your Virtual IOS-XE and IOX-XR Lab To Your Physical Lab
October 1, 2014
I’ve been building and using virtual IOS images, such as IOS-XE (CSR1000v) and IOS-XRv for a while now. It’s been great to just spin up a lab, based upon what ever topology that I want, not have to worry about a mess of cables, or hear the mildly annoying hum of a rack of routers and switches running up my electric bill.
OSPF Area Types and LSA's
April 11, 2014
Link State Advertisement (LSA) Types have never been my strong suite. I made a visual representation of how they are forwarded to help me get a better grasp on them.
IOS-XR (XRv) and IOS-XE (CSR1000v) KVM Config Generation
April 5, 2014
As I’m mostly going to be using XRv and the CSR1000v to create my Service Provider Lab Environment to study for the CCNP Service Provider exams, I thought that I would throw together a quick script so that I can build lab environments quickly. If you’ve played with XRv or CSR1000v in KVM at all, you know that it’s a hassle to generate your topologies. I’ve made that way easier with the “Virtual Network Lab Config Generator”. Note that this doesn’t generate device configs, but rather the KVM configuration that you use to spin up and connect your virtual devices. The code is on github.com. It was written hastily, so it’s very rough. :)
CCNP - Service Provider - SPROUTE
April 4, 2014
I plan on studying for the CCNP Service Provider - SPROUTE exam over the up coming months. I suppose the best place to start is from the beginning and work my way through the requirements. As I study, I’ll keep notes and publish them here. Up first, “OSPFv2 and OSPFv3 Routing in Service Provider Environments”.
Layer 3 LAN Switching
August 8, 2010
As enterprise LANs grow, there becomes a need to break up LANs with routers. Traditionally, routers have performed the layer 3 functionality, but in today’s high-speed LANs there is a need to be able to forward packets much quicker than the traditional routers have been able to. That is where layer 3 switches come into play.
Virtual LAN's and Trunks
August 4, 2010
Virtual LAN, also known as VLAN, is exactly as it sounds. It’s a method of having several virtual LAN’s on a single switch or even on an enterprise campus LAN. It’s completely driven by software and is strictly layer 2. Just as physical LAN’s, you can connect VLAN’s together with layer 3 devices, either routers or switches capable of providing layer three services.
VLAN Trunking Protocol
July 27, 2010
VLAN Trunking Protocol, aka VTP, is a Cisco proprietary protocol that allows Cisco switches to manage your VLAN database across all switches in your LAN through a central switch. This is done via a client / server environment.
SELinux - Listing Available Contexts
October 29, 2012
As you know, I’ve been studying for the RHCE exam. One of the things that I was unsure about with SELinux was how to find all the available contexts. It’s easy to find booleans with the ‘getsebool’ command, but what about a context?
RHCE Series: SSH and NTP
October 27, 2012
SSH Configure key-based authentication. Configure additional options described in documentation.
RHCE Series: SMTP
October 27, 2012
Configure a mail transfer agent (MTA) to accept inbound email from other systems. Configure an MTA to forward (relay) email through a smart host.
RHCE Series: HTTP
October 27, 2012
Configure a virtual host. Configure private directories. Deploy a basic CGI application. Configure group-managed content.
RHCE Series: DNS
October 26, 2012
Configure a caching-only name server. Configure a caching-only name server to forward DNS queries. Note: Candidates are not expected to configure master or slave name servers.
RHCE Series: Configure the service to start when the system is booted.
October 25, 2012
[root@server1 ~]# chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@server1 ~]# chkconfig --level 345 httpd on [root@server1 ~]# chkconfig --list httpd httpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off [root@server1 ~]# chkconfig --level 345 httpd off [root@server1 ~]# chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@server1 ~]# chkconfig httpd off [root@server1 ~]# chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@server1 ~]# chkconfig --list auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off named 0:off 1:off 2:off 3:off 4:off 5:off 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off svnserve 0:off 1:off 2:off 3:off 4:off 5:off 6:off sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
RHCE Series: Configure SELinux to support the service.
October 25, 2012
Every process or object has a SELinux context: identity:role:domain/type The SELinux policy controls: What identities can use which roles What roles can enter which domains What domains can access which types To change the context of a file, you can use the chcon command: chcon -R –reference=/var/www/html To restore the default labeling from the policy and apply the contexts to file: restorecon -R To change the SELinux mode during boot, you can pass the ‘enforcing=0’ option to the kernel in GRUB. sestatus setenforce getenforce policycoreutils setroubleshoot system-config-selinux <- part of policycoreutils-gui in RHEL. setsebool getsebool chcon restorecon When troubleshooting potential SELinux issues, you can turn off SELinux while troubleshooting.
RHCE Series: Remote Logging
October 24, 2012
I’ll be combining two objectives into one, as I feel that they are very closely related.
RHCE Series: Produce and deliver reports on system utilization
October 24, 2012
The sysstat package provides several utilities for system monitoring and generating reports based upon system utilization.
RHCE Series: Build a simple RPM that packages a single file.
October 24, 2012
Alright, so this is a little more in depth than creating a simple package, but I figured I could full-fill the Red Hat requirement and create a little bit of documentation on how to create the rpm for OpenNHRP in one swoop. :)
RHCE Series: Use /proc/sys and sysctl to modify and set kernel runtime parameters.
October 16, 2012
Kernel tuning is pretty easy. There are a couple of ways of doing it. The old way of modifying kernel perimeters was by modifying the /proc.
RHCE Series: Configure a system as an iSCSI initiator that persistently mounts an iSCSI target.
October 16, 2012
Creating an iscsi target isn’t part of the RHCE objectives, but I’ll show my commands here so that you can create your own target for testing.
RHCE Series: Use iptables to implement packet filtering and configure network address translation (NAT): Part 2
October 15, 2012
In this second part, we’ll discuss how to set up a NAT in Linux, using iptables. As in the previous blog, here are the stats of my VM’s:
RHCE Series: Use iptables to implement packet filtering and configure network address translation (NAT): Part 1
October 12, 2012
This section is on using IPTables to create a packet filtering firewall as well as implementing NAT with IPTables. My test environment are two stock installs of CentOS 6.3 in a virtualized environment.
RHCE Series: Route IP traffic and create static routes
October 10, 2012
As I start preparing for the RHCE exam, I’m attempting to go through each exam objective one by one and put together my notes on the subjects. I’ll try to go trough each exam objective in the order that it’s listed on it’s page, but I may skip around a little bit on the objectives that very vague on what exactly they want. This first set of notes is on routing IP traffic and static routes. Enjoy.
RHCE Exam Objectives
October 7, 2012
I’m starting to study for the RHCE exam. Below are the current exam objectives and will be referring to them as I study.
RHCSA Version 8: Operating Running Systems
January 30, 2022
Boot, reboot, and shut down a system normally
RHCSA Version 8: Getting Started
January 10, 2022
I plan on earning at least an RHCSA again this year, since I’m currently in a role that requires more Linux skills. I previously had an RHCE for version 6, but it has long expired. Since I more or less know what to expect, I believe most of the studying will be a brush up of what I already know. However, I do plan on creating a blog for every major section of the exam objective, which are posted below.