Saturday, 3 May 2014
HSRP with VLANS
HSRP is Hot Standby Router Protocol, it is a protocol which provide redundancy in between the paths. Here the topology given below is made on GNS3, in which this HSRP protocol is providing redundancy between the vlans paths. On DSw1 and DSw2 vlans (10,20,30,40,50,60,70,80,90,100) are created with HSRP redundancy. Switch DSw1-3 , CSw1-2 are Layer 3 switches and ASw1-4 switches are Layer 2. Among Layer 3 switches OSPF routing is running. Both DSw1 and DSw2 switches have connectivity with all layer 2 switches, when one of the connection of layer 2 switch got down/cut form one layer 3 switch then other switch automatically provide the support for that layer 2 switch.
GNS3 is a simulator so all the commands are not running on these switches. I used 3725 IOS image for the switch.
Configuration of Topology :- Config.zip
If you are interested in procuring the .net file for GNS3 then enter your email id in comment box
By :- Vishal Sharma
Saturday, 26 April 2014
ISP core routing topology
The network comprises of technologies like MPLS L3 VPN, IPv6, eBGP, OSPF, EIGRP etc. The company which is simulated here is SEMBO TECHNOLOGY. The various labs in this company have been provided with server access via the internet. SEMBO_TECH company is equipped with 9 switches out of which 5 (DSw1, DSw2, DSw3, CSw1, CSw2)are layer 3 and remaining (ASw1, ASw2, ASw3, ASw4)are layer 2. Vlans have been made over DSw1, DSw2 which are redundant to each other with Hot Standby Router Protocol (HSRP). Over these switches DHCP pools for vlans have been made. Over all the layer 3 switches OSPF 100 routing protocol is running. SEMBO_TECH company has got internet access through SEMBO_TECH router. Internet has got several pathways each of which are connected to each other giving birth to redundancy. Even in this lab redundancy has been generated. SEMBO_TECH router has two pathways one passes through MPLS layer 3 VPN whilst the other through eBGP routers. This redundancy has been created by using Virtual Router Redundancy Protocol (VRRP). If a packet chooses to take the MPLS pathway, it will get a label attached to it, as a consequence the other routers will not open it and transfer it directly to the destination through path SEMBO_TECH_GW -> PE2 -> P -> PE1 -> SEMBO_TECH_GW_2. The benefit of this is that it enhances the speed of transfer. If the packet takes the other pathway then it will pass via eBGP, this too will give speed to it because it has the capacity to jump over the hops(routers) through path VRRP_Router -> eBGP_Router -> GLBP_Router. This is the other end of the internet in this topology, here redundancy has been provided by means of Gateway Load Balancing Protocol (GLBP) in between GLBP_router, Server_router and SEMBO_TECH_GW_2 router. Server_router is directly connected to the Linux server. In the eventuality of the packet being of IPv6 then path will be taken from SEMBO_TECH -> VRRP_router -> IPv6_Tunnel_des -> IPv4_router -> IPv6_Tunnel_source -> GLBP_router. When IPv6 packet is received by the GLBP_router, then it will transfer that packet to server_router because there is a dual stacking in between the Server_router and GLBP_router. Afterwards the packet reached the server.
configuration of the topology :- Config.zip
If you are interested in procuring the .net file for GNS3 then enter your email id in comment box
By :- Vishal Sharma
Sunday, 20 April 2014
WAN Networks of MNC Company
This Project is a WAN network of MNC company, which includes the concepts of VOICE OVER IP (VOIP), dynamic routing like EIGRP, OSPF , Servers like DNS server, WEB server. VLSM concepts with area wise LAN.
If you are interested in procuring the configuration files of routers and switches then enter your email id in comment box.
By :- Vishal Sharma
Monday, 14 April 2014
IPv4 Project
This Project contain EIGRP routing between the routers with PPP within 2 routers, it shows the concepts of NAT, Etherchannel, Inter VLAN Communication, VTP server, FTP server, Web server and DNS server with secure ports & portfast.
If you are interested in procuring the configuration files of routers and switches then enter your email id in comment box.
By :- Vishal Sharma
Sunday, 13 April 2014
Connect GNS3 to internet via NVI
NAT Virtual Interface
NVI is the feature given by cisco in IOS series greater then 12.4. In this, for NAT we do not have to enter in or out on the interfaces, it is very confusing for fresher to understand in which side it will be in or out. This feature has avoided the usage of in and out, we only have to specify on the interface that this interface is used for NAT. And on the router R2 we have to make NAT pool of a subnet , access list which will show that which subnet is permitted for NAT and which is not.
Configuration of Router R2 R2.txt
Configuration of Router R3 R3.txt
Configuration of Router R4 R4.txt
Ping Confirmation
Router R2 :-
Router R3 :-
Router R4 :-
Linux :-
By :- Vishal Sharma
Thursday, 10 April 2014
Redistribution Project
This project cover the concepts of VLSM, NAT(PAT), Etherchannel, portfast, protection of STP using BPDU guard, VLAN trunning protocol, Wireless router and other servers like FTP, WEB server, Exchange server with routing protocols like OSPF, EIGRP, and static routing. Redistribution of all routing protocols are done on the boundary routers.
If you are interested in procuring the configuration files of routers and switches then enter your email id in comment box.
By :- Vishal Sharma
Wednesday, 9 April 2014
WAN Network Design with Redundancy
The project was intended to solve the commonplace problem related to network issues in corporates with single internet connection. Concepts of BGP Routing, EIGRP Routing, GLBP, SLB and Frame-Relay were used. The servers used were based on Linux (RHEL 6.0). Redundancy is created by two paths, one is IPv4-v6-IPv4 tunneling and other is normal BGP routing. Gateway Load Balancing Protocol (GLBP) is used to provide redundancy in this topology.
The project was primarily undertaken to solve a commonplace problem faced by corporates which have a single internet connection, as a result, if a snag occurs in the internet the complete connectivity collapses. To ensure that this does not happen in my project, I simulated an organization with dual internet connections as a result, whenever one connection becomes down the other would replace it. Thereby allowing the work to proceed without a break. This would prove useful to all the corporates as in today`s world a break in connectivity even for a single moment could result in drastic losses. For instance in banks, research centres etc. This project has also helped me to depict redundancy of Linux servers, such as Apache etc. As the site is on both the servers, even if one server becomes down the site is unaffected.
In this topology there are 6 routers, 1 frame-relay switch, 5 ethernet switches and 2 linux servers. On router R1 server load balancing (SLB) is done with the help of two linux severs, which are on VMWare and are connected via cloud to GNS3. Router R1 is connected to router R2 as well as router R6 via Frame-relay switch FR1. Amidst these three routers EIGRP routing is running with AS number 10. In one path way router R6 is connected to router R3 and between the two there is IPv4-v6-IPv4 tunneling. While on the other path, router R2 is connected to R4. In both the connections, BGP routing is running. On router R6 and router R2 redistribution of BGP with EIGRP is done. Router R4, R3 and R5 are connected through switch SW1 and between them Gateway Load Balancing Protocol (GLBP) is running. And on router R5 a DHCP sever is configured, which is responsible for giving the IP address automatically. There are 3 hosts which are connected though switches and have different operating systems like windows xp, redhat linux and microcore linux. To conduct this experiment I used 7200 series router with IOS version 15.4. In this topology, I made servers on the RedHat Enterprise Linux 6 (RHEL 6), which is installed in VMWare Workstation 10 and connected to the GNS3 through cloud (which in itself is feature of GNS3).
The project was primarily undertaken to solve a commonplace problem faced by corporates which have a single internet connection, as a result, if a snag occurs in the internet the complete connectivity collapses. To ensure that this does not happen in my project, I simulated an organization with dual internet connections as a result, whenever one connection becomes down the other would replace it. Thereby allowing the work to proceed without a break. This would prove useful to all the corporates as in today`s world a break in connectivity even for a single moment could result in drastic losses. For instance in banks, research centres etc. This project has also helped me to depict redundancy of Linux servers, such as Apache etc. As the site is on both the servers, even if one server becomes down the site is unaffected.
In this topology there are 6 routers, 1 frame-relay switch, 5 ethernet switches and 2 linux servers. On router R1 server load balancing (SLB) is done with the help of two linux severs, which are on VMWare and are connected via cloud to GNS3. Router R1 is connected to router R2 as well as router R6 via Frame-relay switch FR1. Amidst these three routers EIGRP routing is running with AS number 10. In one path way router R6 is connected to router R3 and between the two there is IPv4-v6-IPv4 tunneling. While on the other path, router R2 is connected to R4. In both the connections, BGP routing is running. On router R6 and router R2 redistribution of BGP with EIGRP is done. Router R4, R3 and R5 are connected through switch SW1 and between them Gateway Load Balancing Protocol (GLBP) is running. And on router R5 a DHCP sever is configured, which is responsible for giving the IP address automatically. There are 3 hosts which are connected though switches and have different operating systems like windows xp, redhat linux and microcore linux. To conduct this experiment I used 7200 series router with IOS version 15.4. In this topology, I made servers on the RedHat Enterprise Linux 6 (RHEL 6), which is installed in VMWare Workstation 10 and connected to the GNS3 through cloud (which in itself is feature of GNS3).
Configuration file :- config.zip
If you are interested in procuring the configuration files of routers and switches then enter your email id in comment box.
WAN Technologies
Presented a detailed study of the design, operation regarding how company offices access the servers (like DHCP, WEB, TFTP and DNS) over the internet. Concept of VLANs, BGP Routing, EIGRP Routing, OSPF Routing, Static Routing, Wireless Network, OSPF multi-area Tunneling, NAT, PAT and FRAME-RELAY were also demonstrated.
Configuration of Multilayer Switch0 :-
Switch#sh run
Building configuration...
Current configuration : 4131 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
ip dhcp excluded-address 192.168.10.1 192.168.10.2
ip dhcp excluded-address 192.168.20.1 192.168.20.2
ip dhcp excluded-address 192.168.30.1 192.168.30.2
ip dhcp excluded-address 192.168.40.1 192.168.40.2
ip dhcp excluded-address 192.168.50.1 192.168.50.2
ip dhcp excluded-address 192.168.60.1 192.168.60.2
ip dhcp excluded-address 192.168.70.1 192.168.70.2
ip dhcp excluded-address 192.168.80.1 192.168.80.2
ip dhcp excluded-address 192.168.90.1 192.168.90.2
!
ip dhcp pool vlan10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 192.168.50.100
ip dhcp pool vlan20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 192.168.50.100
ip dhcp pool vlan30
network 192.168.30.0 255.255.255.0
default-router 192.168.30.1
dns-server 192.168.50.100
ip dhcp pool vlan40
network 192.168.40.0 255.255.255.0
default-router 192.168.40.1
dns-server 192.168.50.100
ip dhcp pool vlan50
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
dns-server 192.168.50.100
ip dhcp pool vlan60
network 192.168.60.0 255.255.255.0
default-router 192.168.60.1
dns-server 192.168.50.100
ip dhcp pool vlan70
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
dns-server 192.168.50.100
ip dhcp pool vlan80
network 192.168.80.0 255.255.255.0
default-router 192.168.80.1
dns-server 192.168.50.100
ip dhcp pool vlan90
network 192.168.90.0 255.255.255.0
default-router 192.168.90.1
dns-server 192.168.50.100
ip routing
!
spanning-tree mode pvst
spanning-tree vlan 50,60,70,80 priority 4096
spanning-tree vlan 10,20,30,40,90 priority 28672
!
interface FastEthernet0/1
no switchport
ip address 1.1.1.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/2
no switchport
ip address 3.3.3.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
!
interface Vlan40
ip address 192.168.40.1 255.255.255.0
!
interface Vlan50
ip address 192.168.50.1 255.255.255.0
!
interface Vlan60
ip address 192.168.60.1 255.255.255.0
!
interface Vlan70
ip address 192.168.70.1 255.255.255.0
!
interface Vlan80
ip address 192.168.80.1 255.255.255.0
!
interface Vlan90
ip address 192.168.90.1 255.255.255.0
!
router eigrp 100
network 3.3.3.0 0.0.0.3
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
network 192.168.50.0
network 192.168.60.0
network 192.168.70.0
network 192.168.80.0
network 192.168.90.0
auto-summary
!
router ospf 10
log-adjacency-changes
network 1.1.1.0 0.0.0.3 area 10
network 192.168.10.0 0.0.0.255 area 10
network 192.168.20.0 0.0.0.255 area 10
network 192.168.30.0 0.0.0.255 area 10
network 192.168.40.0 0.0.0.255 area 10
network 192.168.60.0 0.0.0.255 area 10
network 192.168.70.0 0.0.0.255 area 10
network 192.168.80.0 0.0.0.255 area 10
network 192.168.90.0 0.0.0.255 area 10
network 192.168.50.0 0.0.0.255 area 10
!
ip classless
!
line vty 0 4
login
!
end
Configuration of Router MERINDA :-
Router#sh run
Building configuration...
Current configuration : 2178 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 2.2.2.1 255.255.255.252
duplex auto
speed auto
!
interface Serial0/0/0
ip address 100.100.100.1 255.255.255.252
ip access-group 101 in
clock rate 2000000
!
interface Serial0/0/1
ip address 10.0.0.1 255.255.255.192
!
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
no ip address
!
router eigrp 100
redistribute static metric 30000 1 255 255 1500
network 2.2.2.0 0.0.0.3
auto-summary
!
router eigrp 10
network 10.0.0.0
auto-summary
!
router ospf 10
log-adjacency-changes
redistribute static subnets
network 1.1.1.0 0.0.0.3 area 10
network 10.0.0.0 0.0.0.63 area 10
!
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.2
!
end
Configuration of Router ISP-I :-
Router#sh run
Building configuration...
Current configuration : 1984 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
spanning-tree mode pvst
!
interface Serial0/0/0
ip address 100.100.100.2 255.255.255.252
!
interface Serial0/0/1
ip address 100.100.100.5 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router bgp 100
bgp log-neighbor-changes
no synchronization
neighbor 100.100.100.6 remote-as 200
network 100.100.100.4 mask 255.255.255.252
redistribute static
!
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.1
!
line vty 0 4
login
!
end
Configuration of Router ISP-2 :-
Router#sh run
Building configuration...
Current configuration : 2309 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
spanning-tree mode pvst
!
interface Serial0/0/0
no ip address
encapsulation frame-relay
!
interface Serial0/0/0.100 point-to-point
ip address 201.209.64.105 255.255.255.252
frame-relay interface-dlci 100
!
interface Serial0/0/0.200 point-to-point
ip address 201.209.64.101 255.255.255.252
frame-relay interface-dlci 200
!
interface Serial0/0/1
ip address 100.100.100.6 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router eigrp 25
redistribute bgp 200 metric 30000 1 255 255 1500
network 201.209.64.100 0.0.0.3
network 201.209.64.104 0.0.0.3
auto-summary
!
router bgp 200
bgp log-neighbor-changes
no synchronization
neighbor 100.100.100.5 remote-as 100
network 100.100.100.4 mask 255.255.255.252
redistribute eigrp 25
!
ip classless
!
line vty 0 4
login
!
end
Configuration of Multilayer Switch0 :-
Switch#sh run
Building configuration...
Current configuration : 4131 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
ip dhcp excluded-address 192.168.10.1 192.168.10.2
ip dhcp excluded-address 192.168.20.1 192.168.20.2
ip dhcp excluded-address 192.168.30.1 192.168.30.2
ip dhcp excluded-address 192.168.40.1 192.168.40.2
ip dhcp excluded-address 192.168.50.1 192.168.50.2
ip dhcp excluded-address 192.168.60.1 192.168.60.2
ip dhcp excluded-address 192.168.70.1 192.168.70.2
ip dhcp excluded-address 192.168.80.1 192.168.80.2
ip dhcp excluded-address 192.168.90.1 192.168.90.2
!
ip dhcp pool vlan10
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 192.168.50.100
ip dhcp pool vlan20
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 192.168.50.100
ip dhcp pool vlan30
network 192.168.30.0 255.255.255.0
default-router 192.168.30.1
dns-server 192.168.50.100
ip dhcp pool vlan40
network 192.168.40.0 255.255.255.0
default-router 192.168.40.1
dns-server 192.168.50.100
ip dhcp pool vlan50
network 192.168.50.0 255.255.255.0
default-router 192.168.50.1
dns-server 192.168.50.100
ip dhcp pool vlan60
network 192.168.60.0 255.255.255.0
default-router 192.168.60.1
dns-server 192.168.50.100
ip dhcp pool vlan70
network 192.168.70.0 255.255.255.0
default-router 192.168.70.1
dns-server 192.168.50.100
ip dhcp pool vlan80
network 192.168.80.0 255.255.255.0
default-router 192.168.80.1
dns-server 192.168.50.100
ip dhcp pool vlan90
network 192.168.90.0 255.255.255.0
default-router 192.168.90.1
dns-server 192.168.50.100
ip routing
!
spanning-tree mode pvst
spanning-tree vlan 50,60,70,80 priority 4096
spanning-tree vlan 10,20,30,40,90 priority 28672
!
interface FastEthernet0/1
no switchport
ip address 1.1.1.2 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/2
no switchport
ip address 3.3.3.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
!
interface Vlan40
ip address 192.168.40.1 255.255.255.0
!
interface Vlan50
ip address 192.168.50.1 255.255.255.0
!
interface Vlan60
ip address 192.168.60.1 255.255.255.0
!
interface Vlan70
ip address 192.168.70.1 255.255.255.0
!
interface Vlan80
ip address 192.168.80.1 255.255.255.0
!
interface Vlan90
ip address 192.168.90.1 255.255.255.0
!
router eigrp 100
network 3.3.3.0 0.0.0.3
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
network 192.168.50.0
network 192.168.60.0
network 192.168.70.0
network 192.168.80.0
network 192.168.90.0
auto-summary
!
router ospf 10
log-adjacency-changes
network 1.1.1.0 0.0.0.3 area 10
network 192.168.10.0 0.0.0.255 area 10
network 192.168.20.0 0.0.0.255 area 10
network 192.168.30.0 0.0.0.255 area 10
network 192.168.40.0 0.0.0.255 area 10
network 192.168.60.0 0.0.0.255 area 10
network 192.168.70.0 0.0.0.255 area 10
network 192.168.80.0 0.0.0.255 area 10
network 192.168.90.0 0.0.0.255 area 10
network 192.168.50.0 0.0.0.255 area 10
!
ip classless
!
line vty 0 4
login
!
end
Configuration of Router MERINDA :-
Router#sh run
Building configuration...
Current configuration : 2178 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
spanning-tree mode pvst
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 2.2.2.1 255.255.255.252
duplex auto
speed auto
!
interface Serial0/0/0
ip address 100.100.100.1 255.255.255.252
ip access-group 101 in
clock rate 2000000
!
interface Serial0/0/1
ip address 10.0.0.1 255.255.255.192
!
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
no ip address
!
router eigrp 100
redistribute static metric 30000 1 255 255 1500
network 2.2.2.0 0.0.0.3
auto-summary
!
router eigrp 10
network 10.0.0.0
auto-summary
!
router ospf 10
log-adjacency-changes
redistribute static subnets
network 1.1.1.0 0.0.0.3 area 10
network 10.0.0.0 0.0.0.63 area 10
!
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.2
!
end
Configuration of Router ISP-I :-
Router#sh run
Building configuration...
Current configuration : 1984 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
spanning-tree mode pvst
!
interface Serial0/0/0
ip address 100.100.100.2 255.255.255.252
!
interface Serial0/0/1
ip address 100.100.100.5 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
router bgp 100
bgp log-neighbor-changes
no synchronization
neighbor 100.100.100.6 remote-as 200
network 100.100.100.4 mask 255.255.255.252
redistribute static
!
ip classless
ip route 0.0.0.0 0.0.0.0 100.100.100.1
!
line vty 0 4
login
!
end
Configuration of Router ISP-2 :-
Router#sh run
Building configuration...
Current configuration : 2309 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
spanning-tree mode pvst
!
interface Serial0/0/0
no ip address
encapsulation frame-relay
!
interface Serial0/0/0.100 point-to-point
ip address 201.209.64.105 255.255.255.252
frame-relay interface-dlci 100
!
interface Serial0/0/0.200 point-to-point
ip address 201.209.64.101 255.255.255.252
frame-relay interface-dlci 200
!
interface Serial0/0/1
ip address 100.100.100.6 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router eigrp 25
redistribute bgp 200 metric 30000 1 255 255 1500
network 201.209.64.100 0.0.0.3
network 201.209.64.104 0.0.0.3
auto-summary
!
router bgp 200
bgp log-neighbor-changes
no synchronization
neighbor 100.100.100.5 remote-as 100
network 100.100.100.4 mask 255.255.255.252
redistribute eigrp 25
!
ip classless
!
line vty 0 4
login
!
end
For other Switches and Routers configuration please write your email in comment. I will email you whole packet tracer file.
Disable Ping in Linux
Disable Ping in Linux
There are
several methods by which a Ping response can be rendered disabled such as
server security, in order to prevent network congestion.
TYPES:- 1. Temporary 2. Permanent
Disable Ping response Temporarily:
The ping response can be temporarily disabled by
running the following command as root
# echo
"1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
As a
consequence the kernel is instructed to ignore the ping request. However this
is a temporary method and will get removed on rebooting the server.
To enable
the ping response back you can run the following command:
# echo
"0" > /proc/sys/netipv4/icmp_echo_ignore_all
The method
adopted enables the ping temporarily if the ping is disabled permanently.
Disable Ping Response Permanently
To
permanently disable the ping response perform the following simple steps:
1. Open the sysctl.conf file in any text editor:
1. Open the sysctl.conf file in any text editor:
# vi
/etc/sysctl.conf
2. Add the
following line at the end of the file:
net.ipv4.icmp_echo_ignore_all
= 1
3. Now save the code and exit from the file.
:wq
4. Then Execute “sysctl -p” to enforce this setting immediately.
4. Then Execute “sysctl -p” to enforce this setting immediately.
# sysctl
-p
Once
the above cited steps are followed, it will be noticed that the server no
longer reacts to your ping responses.
By :- Vishal Sharma
Tuesday, 25 March 2014
Kill YUM
How to kill a process which is using YUM for a long time
I was trying to install mysql package , but this started giving me an error.
Existing lock /var/run/yum.pid: another copy is running as pid 2254.
Another app is currently holding the yum lock; waiting for it to exit...
The lock can be broken down by deleting the data from a file called /var/run/yum.pid
Steps to be followed :-
- Type command vi /var/run/yum.pid
- Then in Esc Mode , Press double D (DD)
- It will delete the line (line having a number)
- Now write and save it by :wq command in Esc mode
By this the problem gets solved.
By :- Vishal Sharma
By :- Vishal Sharma
Sunday, 16 March 2014
Could not move/copy file. File not attached
The error "Could not move/copy file. File not attached" occurs when any file is being attached with the mail. The cause of this error is due to the missing /usr/share/squirrelmail/attach/ file.
Solution :-
- Go to the directory /usr/share/squirrelmail/
- And make a directory named attach, by using mkdir attach
- then give permissions to the directory, by using chmod 755 attach/
Saturday, 15 March 2014
error opening /usr/share/squirrelmail/data/default_pref
Error of opening /usr/share/squirrelmail/data/default_pref during installation of Squirrelmail is due to permissions.
then use this command
# chmod -R 755 /usr/share/squirrelmail/
By :- Vishal Sharma
Configure Squirrelmail
Prerequisites
Http
should be installed.
If you
want to keep SELinux on, then enter the following command in Terminal:
# togglesebool
httpd_can_network_connect
Make
changes in this file for Http.
# vi /etc/sysconfig/iptables
[...]
-I INPUT 1 -p tcp --dport 80 -j ACCEPT
-I INPUT 1 -p tcp --dport 443 -j ACCEPT
[...]
Install
Postfix
Let us install
postfix package using the command:
# yum install postfix -y
Configuring
Postfix
Edit /etc/postfix/main.cf,
# vi /etc/postfix/main.cf
find and
edit the following lines:
Line no 75 - Uncomment and set
your mail server FQDN
myhostname = server.stpi.in
Line 83 - Uncomment and Set
domain name
mydomain = stpi.in
Line 99 - Uncomment
myorigin = $mydomain
Line 116 - Set ipv4
inet_interfaces = all
Line 119 – Chech it should be for
all
inet_protocols = all
Line 164 - Comment
#mydestination = $myhostname,
localhost.$mydomain, localhost,
Line 165 - Uncomment
mydestination = $myhostname,
localhost.$mydomain, localhost, $mydomain
Line 264 - Uncomment and add IP
range (in this only these network can access your website)
According to me let it remain as
comment.
#mynetworks = 192.168.1.0/24,
127.0.0.0/8
Line 419 - Uncomment
home_mailbox = Maildir/
Save and
exit the file. Start/restart Postfix service now:
# service postfix restart
# chkconfig postfix on
Testing Postfix mail server
First,
create a test user called “vishu“.
# useradd vishu
# passwd vishu
Access
the server via Telnet and enter the commands manually shown in red colored
text.
# telnet localhost smtp
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 server.stpi.in ESMTP Postfix
ehlo localhost #type this command #
250-server.stpi.in
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
It means its working.
Installing
Dovecot
Dovecot is an open source IMAP and POP3
mail server for Unix/Linux systems. To install:
# yum install dovecot
Configuring
Dovecot
Edit the
file /etc/dovecot/dovecot.conf file,
# vi /etc/dovecot/dovecot.conf
Line 20 - umcomment
protocols = imap pop3 lmtp
Edit file
/etc/dovecot/conf.d/10-mail.conf file
# vi
/etc/dovecot/conf.d/10-mail.conf
Line 24 - uncomment
mail_location = maildir:~/Maildir
Edit /etc/dovecot/conf.d/10-auth.conf
# vi /etc/dovecot/conf.d/10-auth.conf
line 9 - uncomment
disable_plaintext_auth = yes
Line 97 - Add a letter
"login"
auth_mechanisms = plain login
Start
Dovecot service:
# service dovecot start
# chkconfig dovecot on
Testing Dovecot
It’s time
to test Dovecot configuration. Enter the following command in Terminal:
# telnet localhost pop3
Enter the
commands manually marked in red color:
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user vishu # log in as user vishu #
+OK
pass vishu # input user password #
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign
host.
As you
see in the above, Dovecot is working!
Working
with mail in command modes little bit difficult for us. So we will install a
webmail client called Squirrelmail to send/receive emails via a web
browser.
Installing
Squirrelmail
# tar xvf squirrelmail-webmail-1.4.22.tar
Configuring
Squirrelmail
Navigate
to /usr/share/squirrelmail/config/ directory and run the command conf.pl:
# cd
/usr/share/squirrelmail/config/
# ./conf.pl
This screen will come
Type 1 to make changes in
organization Preferences
After pressing 1 this screen will come.
Type 1 to
change Organization Name.
Server
Setting
Folder
Setting
And other
should be remain same.
Create a
squirrelmail vhost in apache config file:
# vi /etc/httpd/conf/httpd.conf
Add the
following lines at the end:
Restart
the Apache service:
# service httpd restart
Access
Webmail
Now
navigate to http://ip-address/squirrelmail or http://domain-name/squirrelmail
from your browser. The following screen should appear. Enter the username and
password of the user.
Subscribe to:
Posts
(
Atom
)