Category Archives: General

Switch used: Cisco 2960

Delete the VLAN DB File:

dir

If Vlan.dat and multiple-fs files exist – delete them with:

delete [file-name]

erase startup-config

reload

Show and change the switch database – the cisco switch database manager (SDM) providdes various TCAM allocation templates which can be used to support different switch roles, for example, routing, vlan, access, or default.

show sdm prefer ?

For example:

show sdm prefer routing

Then:

sdm prefer dual-ipv4-and-ipv6 routing

Preparing a Cisco Switch

Tagged

Life Lessons In India

IMG_1544

I arrived in Mumbai, India for my first time yesterday afternoon, after winning a place on a trip called Digital India. This trip run by IndoGenius and sponsored by the British Council is to broaden our perspectives of Indian startup and entrepreneurial culture, as well as to put British entrepreneurs in touch with Indian business who can facilitate our needs, be it in the Medical, Agricultural, Technical, Business or Pseudo-science fields. Today our group of 45 young British undergrads and graduates visited the Indian Institute of Technology, The British Council, and were treated to a traditional Indian performance of Kathak dance and Live music. Apart from the stunning contrast from western society that has me taken aback, it is the life lessons I am being taught in the most humble and unsuspecting of ways which have really hit home.

Nick Booker, the Co-founder and CEO of IndoGenius has been accompanying us on the trip and today gave us a speech about India’s forecast for the future. With a population of 1.25bn people – 22m of which inhabit Mumbai alone, India is one of the largest countries in the world, making up around %15 of the earth’s population. India is projected to have the the world’s third highest GDP by 2050 (in bearish predictions) with an estimated annual growth of 7% – Nick then went on to speak about culture, which brings us to today’s life lesson.

Lesson 1: ANEKANTAVADA

IMG_2117

Amazing – eh?

Anekantavada’s Jain meaning is literally “no one, singular doctrine.” Which is the simultaneous acceptance of multiple, diverse, or even contradictory viewpoints. Anekantavada teaches us that each of us has, at most, merely a restricted grasp of the bigger picture. In other words, I might have a completely and thoroughly different understanding of my own viewpoint to you, where you have just as much a thorough understanding of your own. Each individual viewpoint remains but a pixel of the greater picture.

In the Jain version of the tale, six blind men are told about an elephant nearby. Not yet knowing what an elephant is, they decide to go and, using their hands, discover what an elephant “looks” like. As they approach the massive elephant, each man places his hands on a different part of the elephant’s body – one man touches the trunk, another touches a leg. One touches a tusk, the stomach confronts another. One has the tail, another an ear. They begin to describe to each other their newly acquired understanding of the elephant.

Because each man experiences a different part of the elephant and has their own perspective of what it is they are feeling, one man compares the elephant’s leg to a tree. Another is sure that it’s trunk is a rope, where as another believes that it’s ear is a piece of cloth. The six men begin to bicker, arguing over who is right.

A king sees the commotion, and the entirety of the elephant and interrupts the bickering blind men and informs them that they are all indeed, correct, but in their own limited views. The king explains that they are all giving real, truthful accounts of the elephant, but because they are only describing a limited view of the elephant they cannot perceive it as a bigger object.

The lesson I’ve taken from Anekantavada is that I, nor anyone knows everything. We all have our own perceptions in a certain context and must accept this in order to grasp the big picture.

 

Hosting your own mail server on the cheap

Hosting your own mail server is finally easy! Here I hope to provide an in-depth guide showing you how to set up your own server which won’t get you or your clients blacklisted!

Buying a domain

You’re going to want a cool email address like hello@abc.xyz – so head over to Namecheap and purchase a domain for as little as $1 for a .xyz

Get yourself a server!

Ramnode is one of my favourite server hosts due to the amazing support, sometimes they’ve replied to my requests instantly, and they’re always very fast to deliver servers, I assume you want to do this now so head on over to Ramnode and get a server for as little as $15 a year, not bad seeing as you’ve got email for a year for $16 and unlimited users, eh?

Screen Shot 2015-08-17 at 02.52.43

Install Your Server and VestaPanel

Now you’ll want to configure your server – if you have purchased a server with under 4096MB of RAM, you’ll want to install a 32 bit version of Debian, use Debian because it plays nicely with Vesta.

Once you have your VPS up and running, login via ssh with root password Ramnode gave you.

Seeing that we have a new VPS running, go ahead and refresh the package indexes:

apt-get update

Now may also be a good time to upgrade any packages that might need it:

apt-get dist-upgrade

Install Vesta

Next, we download the Vesta installation script:

curl -O http://vestacp.com/pub/vst-install.sh

After which we run this script:

bash vst-install.sh

The install script shows us some information on the software that will be installed:

1

 

 

 

 

 

 

 

 

 

 

Press “y” and “enter” to proceed with the installation.

Then enter a valid email address you have access to

Upon completion, you will be presented with the following information:

2

 

 

 

 

 

 

 

 

 

Take note of the address, username, and password. You will need these to log in to the control panel.

Log in to Vesta

Now that Vesta is installed, open your browser and go to the address that Vesta gave you in step two. If you didn’t take note of it, the address will be as follows:

https://<your-server-IP-address-or-URL>:8083

*Make sure to use HTTPS, you will be presented with a prompt to confirm visiting your site without a valid SSL certificate, click Continue in Safari or Advanced > Proceed in Chrome

Screen Shot 2015-08-17 at 03.04.24

Set Up Your DNS

Head back over to Namecheap and log in to your DNS management panel, then select ‘All Host Records’

Screen Shot 2015-08-17 at 03.08.53

 

 

 

 

Add an A record pointing to your new server with the hostname ‘mail’ where the IP address is that of your new Ramnode VPS.

Screen Shot 2015-08-17 at 03.11.45

 

Then ensure that your Mail settings are like so:

Screen Shot 2015-08-17 at 03.11.52

 

And save your changes, you will then see the following section:

Screen Shot 2015-08-17 at 03.14.31

Configure the mail server hostname to the one you just set up i.e ‘mail.yourdomain.com’ three times with the three different MX preferences – this ensures all providers’ emails will reach you!

Set up your email account

Log back into your VestaCP instance and select mail, then add a new domain (drop the mail. part – or the subdomain) and make sure to select DKIM support. Then add an account. You can then either open webmail and receive emails or set up your mail client using mail.yourdomain.com as the IMAP and SMTP server and yourname@yourdomain.com + password as the username/password.

Screen Shot 2015-08-17 at 03.25.20

Congratulations! You can receive mail!

But! you can’t send mail without being classed as spam just yet. Now you need to set your reverse hostname in your ramnode VPS control panel with Ramnode’s solusVM CP. Scroll to the bottom of your server and select the ‘Hostname’ tab like so and enter the previously configured mail server hostname.

Screen Shot 2015-08-17 at 03.19.17

DKIM and SPF setup on your domain

Now comes the last part – we set up DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) so that hosts like Google Mail, Apple, and other providers don’t class our emails as spam.

Log into vestacp’s webmail with http://mail.yourdomain.com/webmail using yourname@yourdomain.com and your password and send a blank email to the following address:

check-auth@verifier.port25.com

You will then receive results from auth-results@verifier.port25.com – search for the term ‘dkim-signature’ and you should see a long string like the following:

dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=yourdomain.com;'20's=mail;'20'h=Mime-Version:To:Date:Message-Id:Subject:Content-Transfer-Encoding:Content-Type:From;'20'bh=47DEQpj8HBSa+/TImW+sJCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;

Strip out the ‘dkim-signature:’ section, and create a TXT record in the Namecheap ‘All Host Records’ section with ‘_domainkey’ as the host and the text you created earlier without ‘dkim-signature:’ as the string.

Create a second TXT record with ‘yourdomain.com’ as the hostname and the following string as the text entry but substitute the IP address for your own server:

v=spf1 a mx ip4:1.2.3.4 ~all

There you go!

You can now send and receive emails :-)

IPv6 Only Proxmox Containers

So I use an OVH Kimsufi box (kimsufi.com) and have done for the past two years, I love their service but additional IPv4 addresses are £1.50 (ex VAT) a pop per month and you can’t get RIPE blocks allocated on Kimsufi boxes, However you do receive a hefty /64 of IPv6 addresses which equates to around about 18 quintillion addresses.

I’ve been a user of IPv6 since first starting some of my minecraft servers back in 2010. Now I use Proxmox to virtualise servers and recently wondered if one could set up a container with IPv6 only. So here’s the process for any of you wanting to try.

Adding an IPv6 Only Container:

I am using Proxmox version 3.1-21, this process may not produce the same effects in newer/older versions! Be warned :)

Here I am downloading a openvz container template which I will use later to install and configure debian 7, to do this you must go to your desired node, then to storage > content > templates.

Downloading a turnkey linux CT template

Now click your node in the left hand drop down and click create CT, setup your CT with an internal address of 10.0.0.1 or similar for now, we can’t add IPv6 addresses in the web interface and will have to change the IP and DNS settings with the vzctl client on the node shell.

Configuration steps of your new CT (Right to left)

After you have successfully configured and created your CT, you will need to SSH into your Proxmox node in which the CT resides and start by entering

vzctl set <container ID ex: 105> --ipadd [IPv6 Address w/CIDR notation Ex:2001:41d0:8:67d2::80/64] --save

Seeing as you are still in the node’s shell, add the following lines to the bottom of /etc/sysctl.conf

net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.proxy_ndp=1
net.ipv6.bindv6only=1

And then run a cheeky

sysctl -p

Now we set the new container’s IPv6 name servers with

vzctl set 105 --nameserver 2001:4860:4860::88 --save

This doesn’t give us much flexibility though, so we can manually edit /etc/pve/openvz/[container ID].conf and change the line

NAMESERVER="2001:4860:4860::8844"

to

NAMESERVER="2001:4860:4860::8888 2001:4860:4860::8844 8.8.8.8 8.8.4.4"

And now we can boot the container using the Proxmox web interface!
Log into your CT via proxmox shell/vncproxy and try to ping google.com, if you get replies, success! However if you do not, enter

ip route add ::/0 dev venet0

and confirm your added route with

ip -6 route show

If all works, congratulations, you have a virtual machine with an IPv6 interface, you could always add a v4 address if the pains of not being able to easily access rubygems and github are overcoming you :<

Good luck!

IPv6 Rocks! (Excuse the derpy motd)

OVH Network Outage 18/07/2013

Tonight, OVH disappeared from the internet. From around 01:16 AM till 01:26 AM, none of OVH’s entire network could be reached. With a reported 150,000 servers in the EU and 360,000 servers in Northern America, OVH is one of the largest providers in the world. Not being able to access any of their leased services means that a lot of connectivity is lost…

So what could have happened? OVH Network Status page states that 3 Route Reflectors have reloaded (read: restarted) after an issue with their OSPF routing processes caused a crash. We can find out which systems these were by finding an OVH IP that is not responding and cross referencing it with a resource such as bgp.he.net. So, we have the Autonomous System Number  (ASN) of the devices under OVH’s control, we can now see how much of the internet they own… http://bgp.he.net/AS16276#_prefixes shows us the networks allocated to this system in slash notation format. To put this into perspective, there are 10 /16 subnets alone in the allocated prefixes list… That’s 655360 IP addresses which make up 40% (as a quick estimate) of the OVH Network…

Here’s what happened as shown in BGPlay:

I’m still looking into this as it’s just occurred and I need sleep :P Will post updates soon.

Tagged , , , ,