Formatting code for Network
{{parent page="HomePage"}}
==Cisco 3-layered network model==
{{image url="images/SG_INT.2.1.gif" title="cisco-network-model" alt="text"}}
From http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml
== Cisco gears ==
[[CiscoSNMP SNMP config]]
==Network Probe==
[[NetworkNmap Nmap]]
== Software firewall ==
[[LinuxIptables iptables]]
[[FreeBSDIpfw ipfw]]
== Traffic shaping ==
[[LinuxTC tc]]
==Network Services==
[[DNS DNS]]
[[DHCP DHCP]]
[[NetworkStunnel Stunnel]]
[[NetworkOpenVPN OpenVPN]]
== Other network stuff==
[[ifconfig ifconfig]]
[[DefaultGateway Default gateway in different subnet]]
[[tcpdump tcpdump]]
[[NetworkArpcache Arp caching]]
=== Getting vlan id ===
Need to see what vlan id an interface is connected to?
%%
tcpdump -nn -v -s 1500 -c 1 'ether[20:2] == 0x2000' -i eth0
# then do a broadcast ping, possibly on another screen
%%
On Solaris:
%%
snoop -d <interface> -x0 -v 'ether[20:2] = 0x2000'
%%
=== Firewire networking ===
Firewire networking under linux is extremely easy. Tested on FC5
Note: On Fedora Core 7, firewall stack has been rewritten. Don't know what that means but the default kernel does not have eth1394 enabled. To use firewire networking, one need to re-compile the kernel.
%%
modprobe eth1394
echo "alias eth1 eth1394 >> /etc/modprobe.conf"
ifconfig eth1 10.0.0.1 netmask 255.255.255.0
%%
It's a little tricker to get firewire networking to work on FC6. I got the following after many attempts. Remember this will break when the kernel is upgraded.
%%
alias eth1 eth1394
install eth1394 modprobe -k raw1394; insmod /lib/modules/2.6.18-1.2798.fc6/kernel/drivers/ieee1394/eth1394.ko
%%
===tcpdump to capture arp converstaion===
%%
# tcpdump -ennqti eth0 \( arp or icmp \) | grep "00:16:d3:16:38:04"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.50 tell 192.168.18.150, length 46
00:13:21:24:72:90 > 00:16:d3:16:38:04, ARP, length 60: Reply 192.168.18.50 is-at 00:13:21:24:72:90, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.13 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
%%
===Network speed test with iperf===
On one node, start the server process
%%
iperf -s
%%
On another node, start the client process. -t parameter specifies how many seconds the test should run.
%%
iperf -c 1.2.3.4 -t 60
%%
==Cisco 3-layered network model==
{{image url="images/SG_INT.2.1.gif" title="cisco-network-model" alt="text"}}
From http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml
== Cisco gears ==
[[CiscoSNMP SNMP config]]
==Network Probe==
[[NetworkNmap Nmap]]
== Software firewall ==
[[LinuxIptables iptables]]
[[FreeBSDIpfw ipfw]]
== Traffic shaping ==
[[LinuxTC tc]]
==Network Services==
[[DNS DNS]]
[[DHCP DHCP]]
[[NetworkStunnel Stunnel]]
[[NetworkOpenVPN OpenVPN]]
== Other network stuff==
[[ifconfig ifconfig]]
[[DefaultGateway Default gateway in different subnet]]
[[tcpdump tcpdump]]
[[NetworkArpcache Arp caching]]
=== Getting vlan id ===
Need to see what vlan id an interface is connected to?
%%
tcpdump -nn -v -s 1500 -c 1 'ether[20:2] == 0x2000' -i eth0
# then do a broadcast ping, possibly on another screen
%%
On Solaris:
%%
snoop -d <interface> -x0 -v 'ether[20:2] = 0x2000'
%%
=== Firewire networking ===
Firewire networking under linux is extremely easy. Tested on FC5
Note: On Fedora Core 7, firewall stack has been rewritten. Don't know what that means but the default kernel does not have eth1394 enabled. To use firewire networking, one need to re-compile the kernel.
%%
modprobe eth1394
echo "alias eth1 eth1394 >> /etc/modprobe.conf"
ifconfig eth1 10.0.0.1 netmask 255.255.255.0
%%
It's a little tricker to get firewire networking to work on FC6. I got the following after many attempts. Remember this will break when the kernel is upgraded.
%%
alias eth1 eth1394
install eth1394 modprobe -k raw1394; insmod /lib/modules/2.6.18-1.2798.fc6/kernel/drivers/ieee1394/eth1394.ko
%%
===tcpdump to capture arp converstaion===
%%
# tcpdump -ennqti eth0 \( arp or icmp \) | grep "00:16:d3:16:38:04"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.50 tell 192.168.18.150, length 46
00:13:21:24:72:90 > 00:16:d3:16:38:04, ARP, length 60: Reply 192.168.18.50 is-at 00:13:21:24:72:90, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.13 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
00:16:d3:16:38:04 > ff:ff:ff:ff:ff:ff, ARP, length 60: Request who-has 192.168.18.1 tell 192.168.18.150, length 46
%%
===Network speed test with iperf===
On one node, start the server process
%%
iperf -s
%%
On another node, start the client process. -t parameter specifies how many seconds the test should run.
%%
iperf -c 1.2.3.4 -t 60
%%
