RedHat Enterprise Linux(RHEL) Config and Log gathering application

Posted on 2012/05/17 by glasco1906

Purpose: This is RHEL’s support bundle that would allow all supported information to be placed in a support bundle.

Redhat historically has used:
/usr/bin/????

/usr/bin/sosreport

You will not need any parameters following this command, however it will have several queries before completing. It is good to have your support request number available, as it will request this, and it is used inthe file name.

If you do not have the package installed, simply “/usr/bin/yum install sosreport”, if you have any problems with this, please review RH’s document for the sosreport: https://access.redhat.com/knowledge/solutions/3592

SuSE Enterprise Linux Config and Log gathering application

Posted on 2012/05/17 by glasco1906

Purpose: This is SuSE’s support bundle that would allow all supported information to be placed in a support bundle.

SuSE historically has used:
/usr/bin/siga no

Running with the parameter “no” will suppress the browser, and only gather the data, but again this is deprecated in later versions.

/usr/bin/supportconfig -A

the -A eliminates the 500 line limit for the messages files.

If you do not have the package installed, simply “/sbin/yast -i supportutils”, if not from here, simply download the rpm from http://en.opensuse.org/Supportutils, and install it with this command: /bin/rpm -Uvh supportutils-1*noarch.rpm

TCPDump filter for 802.1q tagged traffic

Posted on 2012/05/16 by glasco1906

The following syntax adds the vlan tag information as well as the rest of the native vlan traffic for the interface:

tcpdump -ni 1.1

To filter the traffic for a specific VLAN tag ID, use the following syntax:

tcpdump -ni 1.1 vlan

The following syntax displays traffic on interface 1.1 with a VLAN tag ID of 105:

tcpdump -ni 1.1 vlan 105 tcpdump: listening on 1.1 09:39:11.800739 802.1Q vlan#2907 P0 10.24.2.254 > 10.24.2.34: icmp: echo request 09:39:11.800739 802.1Q vlan#2907 P0 10.24.2.34 > 10.24.2.254: icmp: echo reply (DF) 09:39:12.640739 802.1Q vlan#2907 P0 10.24.2.254 > 10.24.2.34: icmp: echo request 09:39:12.640739 802.1Q vlan#2907 P0 10.24.2.34 > 10.24.2.254: icmp: echo reply (DF) 09:39:13.690746 802.1Q vlan#2907 P0 10.24.2.254 > 10.24.2.34: icmp: echo request 09:39:13.690746 802.1Q vlan#2907 P0 10.24.2.34 > 10.24.2.254: icmp: echo reply (DF)

When you specify the VLAN name in the tcpdump syntax, the VLAN header is not present because tcpdump reads the packet after it is copied on switch ingress, processed by the TMM and sent to the Host. On BIG-IP version 9.x and 10.x systems, the hardware manages the VLAN tagging operations.

If you do not want to display the VLAN tagged traffic, you can use the following syntax:

tcpdump -ni internal

TCPDump to capture network traffic

Posted on 2012/03/14 by glasco1906

Capturing network traffic on a Linux system is done with TCPDump. Here are a few clear examples. I will include definitions when introducing a new switch. Continue reading “TCPDump to capture network traffic” »

Nexus 1000v Networking troubleshooting tips

Posted on 2012/03/13 by glasco1906

Nexus 1000v Troubleshooting Network Issues

Diagnosing a network issue can seem daunting, but is you follow basic steps, you should be able to close in on the actual issues. So, let’s get started. There are definite assumptions I am making and put forth several case studies from actual cases.

Step 1:

Make certain the driver and firmware version is supported and are the same across your entire environment. This has proven to be the bane of my existence. I generally start with checking any broken esx(i) host against a working host.

Continue reading “Nexus 1000v Networking troubleshooting tips” »

Intense Ping test

Posted on 2012/03/12 by glasco1906

This has to be the most intense ping test one can do, approaching the capacity of your network. Within Linux if you ping with a -f switch, as soon as you get an echo reply, you send and echo request. Here is the definition from the man pages:

-f Flood ping. For every ECHO_REQUEST sent a period “.” is printed, while for ever ECHO_REPLY received a
backspace is printed. This provides a rapid display of how many packets are being dropped. If interval is
not given, it sets interval to zero and outputs packets as fast as they come back or one hundred times per
second, whichever is more. Only the super-user may use this option with zero interval.

Continue reading “Intense Ping test” »

How do I get CDP information with tcpdump?

Posted on 2012/03/12 by glasco1906

Here is an example of gathering cdp information from a Cisco device that is connected on the eth0:

tcpdump -nn -v -i eth0 -s 1500 -c 1 ‘ether[20:2] == 0×2000′

Here is a real world example from my wireless interface.

Continue reading “How do I get CDP information with tcpdump?” »

Use LiSt Open Files (lsof) to see the process listening on a specific port

Posted on 2012/03/11 by admin

To see a specific process on a specific port, use the lsof command. You must be root as you are going to peek into physical ram. If you know the port number, simply file it in as such:

[root@klingon ~]# lsof -i :67 Continue reading “Use LiSt Open Files (lsof) to see the process listening on a specific port” »

Use netstat to see your open ports

Quote

Posted on 2012/03/11 by glasco1906

Nestat is a very powerful tool. We can see how below, with a couple of variations on the command line.

Here we can see every port open including these details: protocol, source permissions, server interface destination, process id, and process name.
Continue reading “Use netstat to see your open ports” »

Simple IPTables

Posted on 2012/03/11 by glasco1906

IPTables Articles
Here is the iptables file from my notebook.

[root@glasco-lnx ~]# cat /etc/sysconfig/iptables # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j DROP -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT [root@glasco-lnx ~]#
Continue reading “Simple IPTables” »

Virtual Tech Notes

Linux/Virtualization/Networking/Android

RedHat Enterprise Linux(RHEL) Config and Log gathering application

SuSE Enterprise Linux Config and Log gathering application

TCPDump filter for 802.1q tagged traffic

TCPDump to capture network traffic

Nexus 1000v Networking troubleshooting tips

Nexus 1000v Troubleshooting Network Issues

Intense Ping test

How do I get CDP information with tcpdump?

Use LiSt Open Files (lsof) to see the process listening on a specific port

Use netstat to see your open ports

Quote

Simple IPTables

May 2012
M	T	W	T	F	S	S
« Mar
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31