Showing posts with label linux. Show all posts
Friday, 9 May 2014
Connect GNS3 with Linux
This post assumes that reader has basic knowledge of GNS. For those who does not know they can visit GNS3 official website www.gns3.net.
To communicate GNS3 with Linux, simple steps have to follow :-
1. Create loopback interface.
2. IP address to loopback interface.
3. Connect loopback to GNS3.
4. Connect Linux to windows.
5. Assign IP address to Linux.
Step 1. Create Loopback interface
Loopback is the logical interface given by Microsoft in windows. To create loopback interface follow these steps.a. Type windows key + R, it will open run.
b. write hdwwiz.exe in run, press enter.
c. click next, then choose install the hardware manually.
d. click next ---> Network adapters ---> Microsoft ---> Microsoft KM-TEST Loopback Adapter.
It will add a new loopback interface in Network and Sharing Center.
Step2. IP address to loopback interface :-
Here loopback interface name is Ethernet 2, and IP address given to this interface is 100.0.0.1
Step3. Connect loopback to GNS3.
a. Add 1 router and a cloud in GNS3.b. Select loopback interface Ethernet 2 in cloud.
c. Assign IP address to Router 100.0.0.2/24.
Step4. Connect Linux to windows.
a.
Start Linux in VMware workstation.
b.
Open Virtual Network Editor (go to Edit -Ã
Virtual Network Editor).
c.
Add a new network, select network as VMnet1, make it
Bridged and select loopback interface there.
See there is a confusion here, if you have created more than 1 loopback interfaces then in Network and Sharing Center name of the loopback interfaces would be Ethernet 2 and 3 , but in VMware it will get recognized by Microsoft loopback for 1st and for 2nd it will be Microsoft loopback #2. So in VMware always 1 less counting is done for loopback. So do not confuse to select loopback.
See there is a confusion here, if you have created more than 1 loopback interfaces then in Network and Sharing Center name of the loopback interfaces would be Ethernet 2 and 3 , but in VMware it will get recognized by Microsoft loopback for 1st and for 2nd it will be Microsoft loopback #2. So in VMware always 1 less counting is done for loopback. So do not confuse to select loopback.
d. Now go to the setting and select VMnet1 as network.
Step5. Assign IP address to Linux.
b. Turn off firewall of Linux by setenforce 0.
Now you can ping Linux from Router.
Ping from Router to Linux.
By :- Vishal Sharma
Tuesday, 6 May 2014
IPv6 DNS Server on Linux
IPv6 DNS Name Resolution
IPv6 is of 128 bits, and each slot is of 16 bits, separated by column (:). It is very difficult to remember 128 bits address for each host and for each website. So Name Resolution can be done through DNS server.
DNS SERVER : DNS stands for
DOMAIN NAME SERVER. DNS server is used to translate the IP address to HOSTNAME.
In Linux Environment DNS server installed by BIND Packages. The name of service
for DNS is NAMED.
DNS server is based on two versions of IP, 1 IPv4 DNS
and 2. IPv6 DNS.
IPv4 DNS server is normal server which convert IPv4
address to hostname. But IPv6 DNS converts IPv6 address to hostname.
-
DNS server used hierarchical tree structure which
include Host name, subdomain, 2nd level domain, top level domain.
-
DNS managed by ICANN (Internet Corporation Assign Name
and Number ).
DNS Records :-
SOA (start of authority) :- This record
automatically created when ZONE fie created. This is the first record which is
responsible for accept query and resolve it.
NS (Name
Server) :- NS provide the domain name to clients.
CNAME :-Alise name, Duplicate name
Host Record :- It is used to
add the IP Address.
SPF (Sender
Policy Framework) : - text record
TXT Record :- It is used for
authentication purpose.
Two zone files are used to convert the IP address to Hostname.
There are 5 files in which configuration should be change to make the
DNS server.
- /etc/resolv.conf
- /etc/sysconfig/network
- /etc/named.conf
- /var/named/chroot/var/named/for.zone
- /var/named/chroot/var/named/res.zone
[root@server
~]# vim /etc/resolv.conf
The resolv.conf file contains directives with the default search domain or domains, used
for FQDN completion when no domain suffix is supplied as part of the query. It
also contains a list of IP addresses of nameservers available to a host. It
usually looks like:
[root@server
~]# vim /etc/sysconfig/network
This file contain the configuration for enabling networking for IP
version 4 and version 6 with HOSTNAME.
[root@server
~]# vim /etc/named.conf
This named.conf file contain the configuration for DNS server, and
declaration of forward and reverse zone.
[root@server
~]# vim /var/named/chroot/var/named/for.zone
This file contain the configuration for forward zone. In which records
like NS, A, AAAA, CNAME are placed. Here in this file A record is for IPv4 DNS
and AAAA is for IPv6 DNS.
[root@server
~]# vim /var/named/chroot/var/named/res.zone
This file contains the PTR record for all the records of the Forward zone.
By :- Vishal Sharma
Sunday, 13 April 2014
Connect GNS3 to internet via NVI
NAT Virtual Interface
NVI is the feature given by cisco in IOS series greater then 12.4. In this, for NAT we do not have to enter in or out on the interfaces, it is very confusing for fresher to understand in which side it will be in or out. This feature has avoided the usage of in and out, we only have to specify on the interface that this interface is used for NAT. And on the router R2 we have to make NAT pool of a subnet , access list which will show that which subnet is permitted for NAT and which is not.
Configuration of Router R2 R2.txt
Configuration of Router R3 R3.txt
Configuration of Router R4 R4.txt
Ping Confirmation
Router R2 :-
Router R3 :-
Router R4 :-
Linux :-
By :- Vishal Sharma
Wednesday, 9 April 2014
Disable Ping in Linux
Disable Ping in Linux
There are
several methods by which a Ping response can be rendered disabled such as
server security, in order to prevent network congestion.
TYPES:- 1. Temporary 2. Permanent
Disable Ping response Temporarily:
The ping response can be temporarily disabled by
running the following command as root
# echo
"1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
As a
consequence the kernel is instructed to ignore the ping request. However this
is a temporary method and will get removed on rebooting the server.
To enable
the ping response back you can run the following command:
# echo
"0" > /proc/sys/netipv4/icmp_echo_ignore_all
The method
adopted enables the ping temporarily if the ping is disabled permanently.
Disable Ping Response Permanently
To
permanently disable the ping response perform the following simple steps:
1. Open the sysctl.conf file in any text editor:
1. Open the sysctl.conf file in any text editor:
# vi
/etc/sysctl.conf
2. Add the
following line at the end of the file:
net.ipv4.icmp_echo_ignore_all
= 1
3. Now save the code and exit from the file.
:wq
4. Then Execute “sysctl -p” to enforce this setting immediately.
4. Then Execute “sysctl -p” to enforce this setting immediately.
# sysctl
-p
Once
the above cited steps are followed, it will be noticed that the server no
longer reacts to your ping responses.
By :- Vishal Sharma
Subscribe to:
Posts
(
Atom
)