Archive for November, 2010

How to assign range of IP addresses in Linux?

Date: November 26, 2010. Categories: centos, distros, fedora and linux. Comments

Welcome to Linux Screw! If you're new here, you may want to subscribe our RSS feed.

ip address exampleAs we know Linux allows to assign almost unlimited number of IP addresses to its interfaces. Such additional IPs applied to the same NIC are known as secondary IP addresses or just secondaries. Some time ago i faced a problem on how to apply about 500 IP addresses to one Linux box and then ensure that all of them get online after Linux reboots. There are several ways to accomplish this taks so i would like to share them all.

Shell script with ifconfig commands

This is one of the most inefficient ways to get many IP addresses applied to one network interface. Anyways it allows to create as many aliases for the interface as you like so you should create shell script and execute it every time Linux boots.

touch /path/to/script.sh
chmod +x /path/to/script.sh
vi /path/to/script.sh

Now you should add there shell lines which will apply IP addresses, e.g. the following one applies 60 IP addresses to eth0 interface:

for n in {3..63};  do ifconfig eth0:${n} 10.10.10.${n} netmask 255.255.255.0 up; done

If you type ‘ifconfig’ now you will very long output like this one:

eth0:3  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.3  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000 

eth0:4  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.4  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000

...

eth0:63  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.63  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000

If you decide to delete those IPs you can run the following line as a remedy:

for n in {3..63};  do ifconfig eth0:${n} 0.0.0.0 &> /dev/null; done

Once you finished editing /path/to/script.sh script you should add it to startup, so put the line /path/to/script.sh into /etc/rc.local file that Linux executes every time it boots. Please notice that in various distributions this file may be missing so consult with distro’s docs to get where it is stored.

Redhat/Centos/Fedora network scripts

Users of these Linux distributions can apply ranges of IP addresses using ifcfg-eth0-range0 files which are read during initialization of network interfaces during boot up process. The following example will make Linux to apply 200 IP addresses to eth1 during booting:

[root ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth1-range0

IPADDR_START=192.168.1.1
IPADDR_END=192.168.1.200
CLONENUM_START=10

CLONENUM_START value specifies starting identifier of alias that will be applied to eth1 interface, in above example the first 192.168.1.1 will be assigned to eth1:10 alias. The last IP of the range 192.168.1.200 will be applied to eth:210 sub-interface. This is totally easy approach.

Loopback interface

Did you know that by one line presented below you assign 1022 virtual IP addresses to your Linux system? Here it is:

ifconfig lo:0 10.0.0.1/22

Now you can make sure of this by pinging IPs from that range (10.0.0.1 – 10.0.3.254).

[root ~]#ping 10.0.0.1 -c 1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

...

[root ~]#[root@whitehorse /]# ping 10.0.3.254 -c 1
PING 10.0.0.1 (10.0.3.254) 56(84) bytes of data.
64 bytes from 10.0.3.254: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.3.254 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

If you still feel that the first suggested way meets your requirements better than the third one please read more about loopback interface at wikipedia — loopbacks are much more useful than aliases in most cases.

Hope it helps!

ucoz.com — create your own website for free

Date: November 26, 2010. Categories: reviews and sites. Comments

I remember the times when I was looking for quality free web hosting for my first website. It was pretty difficult to find anything quality and reliable. And I am glad to see that nowadays there are such polished free hosters available as www.ucoz.com. You can press a few buttons to create your first website and attract visitors to it, no need to know HTML tags, CSS or related stuff — just follow simple wizard and get your website ready.

What you have to know about www.ucoz.com first of all. They offer unlimited bandwidth and unlimited web storage. Even this fact itself besides other useful features would be pretty valuable factor to choose www.ucoz.com from other free website makers. From the beginning you get 400 MB of storage that expands as longer you stay with Ucoz. You can either upload web pages created by your own or use embedded editor that should be highly appreciated by newbies. You can even don’t have a domain for the website: once registered at Ucoz you will get free sub domain: name.ucoz.com (if you do have a domain for the website you are welcome to transfer it to www.ucoz.com).

No worries if your website is grown to something more that just set of static web pages — there is wide range of paid services which allow to convert your website to a full featured e-shop, file catalog, news site, forum or anything else requiring PHP and database. www.ucoz.com is well known free web hosting — just try to search google for “site:ucoz.com” and you will see about 6.5 million indexed URLs. That’s really matters if you are looking for free hosting with good reputation and affordable level of service.

How to monitor traffic at Cisco router using Linux (Netflow)

Date: November 25, 2010. Categories: applications, cisco, debian, distros, fedora, howtos, linux, perl and ubuntu. Comments

By default Cisco IOS doesn’t provide any traffic monitoring tools like iftop or iptraff available in Linux. While there are lots of proprietary solutions for this purpose including Cisco Netflow Collection, you are free to choose nfdump and nfsen open source software to monitor traffic of one or many Cisco routers and get detailed monitoring data through your Linux command line or as graphs at absolutely no cost.

Below is beginner’s guide that helps to quickly deploy netflow collector and visualizer under Linux and impress everybody by cute and descriptive graphs like these:

nfsen screen

It is highly recommended to look through Netflow basics to get brief understanding of how it works before configuring anything. For example, here is Cisco’s document that gives complete information about Netflow. In a few words to get started you should enable netflow exporting on Cisco router and point it to netflow collector running under Linux. Exported data will contain complete information about all packets the router has received/sent so nfdump and nfsen working under Linux will collect it and visualize to present you the graph like above example.

Cisco Router Setup

1. Enable flow export on ALL Cisco router’s interfaces that send and receive some traffic, here is an example:

Router1# configure terminal
Router1(config)#interface FastEthernet 0/0
Router1(config-if)#ip route-cache flow input
Router1(config-if)#interface FastEthernet 0/1
Router1(config-if)#ip route-cache flow input
...

2. Setup netflow export:

Router1# configure terminal
Router1(config)#ip flow-export source FastEthernet0/0
Router1(config)#ip flow-export source FastEthernet0/1
Router1(config)#ip flow-export version 5
Router1(config)#ip flow-export destination 1.1.1.1 23456

Where 1.1.1.1 is IP address of Linux host where you plan to collect and analyze netflow data. 23456 is port number of netflow collector running on Linux.

Linux Setup

1. Download and install nfdump.

cd /usr/src/
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.2/nfdump-1.6.2.tar.gz/download
tar -xvzf nfdump-1.6.2.tar.gz
cd nfdump-1.6.2
./configure --prefix=/ --enable-nfprofile
make
make install

2. Download and install nfsen.

It requires web server with php module and RRD so make sure you have the corresponding packages installed. I hope you’re running httpd with php already so below are rrd/perl related packages installation hints only.

Fedora/Centos/Redhat users should type this:

yum install rrdtool rrdtool-devel rrdutils perl-rrdtool

Ubuntu/Debian:

aptitude install rrdtool librrd2-dev librrd-dev librrd4 librrds-perl librrdp-perl

If you run some exotic Linux distribution just install everything that is related to rrd + perl.

At last, nfsen installation:

cd /usr/src/
wget http://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.5/nfsen-1.3.5.tar.gz/download
tar -xvzf nfsen-1.3.5.tar.gz
cd nfsen-1.3.5
cp etc/nfsen-dist.conf etc/nfsen.conf

In order to continue you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username, its document root directory etc. That file is commented so there shouldn’t be serious problems with it.

One of the major sections of nfsen.conf is ‘Netflow sources’, it should contain exactly the same port number(s) you’ve configured Cisco with — recall ‘ip flow-export …’ line where we’ve specified port 23456. E.g.

%sources = (
    'Router1'    => { 'port' => '23456', 'col' => '#0000ff', 'type' => 'netflow' },
);

Now it’s time to finish the installation:

./install.pl etc/nfsen.conf

In case of success you’ll see corresponding notification after which you will have to start nfsen daemon to get the ball rolling:

/path/to/nfsen/bin/nfsen start

From this point nfdump started collecting netflow data exported by Cisco router and nfsen is hardly working to visualize it — just open web browser and go to http://linux_web_server/nfsen/nfsen.php to make sure. If you see empty graphs just wait for a while to let nfsen to collect enough data to visualize it.

That’s it!

pixelpoke.com — web hosting reviews

Date: November 25, 2010. Categories: reviews and sites. Comments

It is a pleasure to write reviews of quality, informative and well designed websites. Pixelpoke.com is one of such websites: it offers web hosting reviews in pretty easy way manner. If you plan to start your own website you need a host. If you need a host you should look through www.pixelpoke.com to make right decision and actually bring the website online.

Usually there are a lot of factors on which it depends what hosting company to choose and what service plan to select. If you plan to open your first website and do not wish to spend too much money to keep it online you just should read cheap hosting review on www.pixelpoke.com, that would definitely help you to create clear picture of what’s available on the market and what to choose from all those hosting providers. In contrast you may be experienced web administrator looking for powerful Linux hosting providing SSH access and rest advantages of Linux operating system, if this is so just take a look at hosting review at www.pixelpoke.com.

When trying to choose the best hosting for the website it is important to take into consideration all the factors e.g. positive and nagative reviews of certain hosting around the web, pros and cons of the hosting itself, quality of support, payment methods and so on. Why to invent the bicycle once again if you can just look through all the factors of certain web hosting provider at www.pixelpoke.com? I personally was surprised to find copy/paste of example discussions with support teams of each reviewed hosting providers — that’s really useful to get an initial view of quality of the support.

Friendly Sites:Who is behind Linux Screw?
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu!
My SysAd Blog | Web Upd8
ZEPY | Linux config Wiki | Planet Sysadmin
a non-geek's linux notes | Linux Today
TuxArena: The arena of Tux | LinuxAlt.Com
 My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ››