Odds and Ends.
bad144
If you are haveing a problem with a disk, try useing /usr/sbin/bad144
"down-and-dirty with the low-level drive formatting."
-- read the MAN PAGE --
Freebsd slices
mount -w /dev/whtever /whtever [will make a slice writeable.]
IDE SLICE
/dev/wd0s1a /
/dev/wd0s1b /swap
/dev/wd0s1e /var
/dev/wd0s1f /usr
SCSI SLICE
/dev/wd0s1b none swap sw 0 0
/dev/wd0s1a / ufs rw 1 1
/dev/wd0s1f /usr ufs rw 2 2
/dev/wd0s1e /var ufs rw 2 2
/dev/da0s1e /dross ufs rw 2 2 #alec
proc /proc procfs rw 0 0
mangy# df -k
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/wd0s1a 198399 59797 122731 33% /
/dev/wd0s1f 3356502 2766212 321770 90% /usr
/dev/wd0s1e 128943 7072 111556 6% /var
/dev/da0s1e 4304834 3287183 673265 83% /dross
procfs 4 4 0 100% /proc
east:/export/home 32264825 27896392 1141953 96% /usr/home/ale
mangy#
# pnpinfo
# To see multicast neighbors:
mrinfo
to test and see if the multicast is reaching a site.
1. mtrace hostname multicast group.
2. Force a join
rsh to the box and type:
mtest [you will get a prompt] and type:
j multicast ip of the i/f [you want to join] then in anouter window do a
tcpdump on the if to see packets.
from io:
/usr/sbin/mtrace saicpc.cairn.net 239.xxx.xxx.255
# ATM
If you want to check the status/activity of a port, say 1B1, you would
1. Login to the switch
2. Use the to show you what you options are at a particular level.
3. Type
4. Type
5. Type
This will display the information on the activitiy level of the port 1B1.
It will look like this:
------------
BL_Donkey_ATM_SWITCH::configuration port> show 1B1
Port Carrier Admin Mbps ATM-Rate CDVT Policing VBROB BuffOB AIS/RDI Model
1B1 yes up 155.0 149.760 250 enabled 100 100 disabled OC3
Note: ATM/OAM processing is disabled
------------
**** Carrier = yes means that there is a phsical connection!!!!
# ATM
The steps:
1. Login to the switch.
2. Use the to show you what you options are at a particular level.
3. Type
4. Type
5. To create an new vc type
The useage is of this form:
new
Now find an open port on the switch eg.
1b3 [The 1 is the "fabric". The "b" is the group of ports. The 3 is the
location of the port within the group.
1b3 is the location on switch 2 for helpmann.
1c3 is the location on switch 2 for tmp6.
To show a particular configuration:
Type
Next select a number which is not being used. The to be sure "show" the whole
string. For example if you want to use the following:
PORT VPI VCI PORT VPI VCI
1b3 0 40 1c3 0 40
you would type:
show 1b3 0 40
show 1c3 0 40
Now to create a vertual connection type:
new 1b3 0 40 1c3 0 40 -name
new 1c3 0 40 1b3 0 40 -name
The "40" is a binary representation of the HEX 28.
To check and see if cells are passing though the switch:
port, statistics
then vcc
for the following:
1C1 0 110 1B2 0 110 0 pvc NIST-spvc
1B2 0 110 1C1 0 110 0 pvc NIST-spvc
type:
vcc 1C1 0 110
then you will get back something like this:
Input Output Cells Cells
Port VPI VCI Port VPI VCI Uptime Received Rejected
1C1 0 110 1B2 0 110 91d:16:05 1.125G 0
1B2 0 110 1C1 0 110 91d:16:05 73.489M 0
Then setup a ping going though the pvc. If you do not see the counter
go up. You may need to delete the vcc. MAKE SURE YOU COPY THE INFORMATION
FIRST!!!! Then when you have deleted the vc, recreate it and see if the
counter increases.
You can also use the web interface, and not delete the vc. For exiample
http://switch2 - this is slow.
You will need this information for the configuration of the rc.local.sh.
How to create an entrie for ATM in the rc.local.sh.
e.g.
#VC for [name] from box1 to box2
ifconfig enp0 xxx.xxx.6.224 netmask 0xfffffffc
route add -iface xxx.xxx.6.225 -link enp0:3.0.0.c8
The 3.0.0.c8 part of the entrie is diagramed this way.
3 is the encapulation protion of the equation. This sometimes changes.
.0.0. remains the same. I am not sure what is dose.
c8 is the HEX repesentation of the BINARY NUMBER of the VC. In this case
the VC is 200.
With a /30 which has a HEX repersentation of c8. This meens that you will have
4 addresses avaiable to you.
e.g
xxx.xxx.xxx.224
xxx.xxx.xxx.225
xxx.xxx.xxx.226
xxx.xxx.xxx.227
.225 & .226 are the ip addresses avilable to use.
.224 & .227 are the broudcast and network addresses.
/27 has a HEX address of: 0xFFFFFFE0
/28 has a HEX address of: 0xFFFFFFF0
/30 s a HEX address of: 0xfffffffc [255.255.255.252]
To check the ip of a switch go to:
configuration ip>
Then type: "show" to see what ip's are listed.
e.g.
ATM SWITCH::configuration ip> show
interface state address netmask broadcast mtu
lo0 up 127.0.0.1 255.0.0.0 N/A 4096
ie0 up xxx.xxx.x.209 255.255.255.0 255 1500
To change:
configuration ip> address ie0 18.62.7.152 255.255.0.0
ROUTE [adding a route.}
FreeBSD
route add -net xxx.xxx.x.0 xxx.xxx.x.242
[Destination] [gateway]
0.0.0.0/0
[would be the default route.]
Linux
route add -net xxx.xxx.x.240 netmask fffffffc gw xxx.xxx.x.242
[Destination] [gateway]
0.0.0.0/0
[would be the default route.]
IPV6 - atm
# Add IPv6/ATM static routes here
#$route add -host -iface -inet6 fe80:3::200:d1ff:fe10:b1f9 -link enp0:3.0.0.69 # A VC
# Route from the nsfpc wireless route to isiepc
$route add -host -iface -inet6 3ffe:1a01:1:201:2a0:ccff:fe40:2fc5 3ffe:1a01:1:201:2a0:c9ff:fe2a
On a /30 [hex=fffffffc bin=255.255.255.252]
xxx.xxx.x.240 network
xxx.xxx.x.241 ip
xxx.xxx.x.242 ip
xxx.xxx.x.243 broadcast
# To enable forwarding manualy:
sysctl -w net.inet.ip.forwarding=1
CHECK THIS.
# To activate proxy-ARP
e.g.
"Must proxy-ARP for and route packets to all the addresses on the show floor
route add -host xxx.xxx.76.230 xxx.xxx.6.225
arp -s xxx.xxx.76.230 auto pub"
This must be done for each ip that is going to be used.
eg:
route add -host xxx.xxx.76.231 xxx.xxx.6.225
arp -s xxx.xxx.76.231 auto pub
route add -host xxx.xxx.76.232 xxx.xxx.6.225
arp -s xxx.xxx.76.232 auto pub
# SDR manual setup.
vic 224.2.132.21/49342/1
vic [ip address][port][ttl]
vat 224.2.154.11/29458/1&
vat [ip address][port][ttl]
Chicken session:
VIC - 239.255.208.158/24919
VAT/RAT - 239.255.129.168/58788
# xterm
To create an xterm window with a name in the title bar type:
xterm -n "name" &
# IPv6 -kame- problems are being logged in:
isiepc20.cairn.net/usr/local/src/PROBLEMS.
# To count the routes in a routeing table:
netstat -rn | wc
netstat -rn -f inet6 | wc (to find out how mangy BGP4+ routes)
# To bring a box up in Single User Mode, and change the passwd.
1. Reboot the box useing Alt-Ctrl-Delete
2. When "boot:" comes up type:
-s
to bring the box up in "single-user-mode."
3. When requested to enter a shell, press enter.
This will give you a default Bourn shell.
4. To mount all of the slices type
mount -a
5. Change directory to /etc and check to see
what shells you have listed in your /etc/shells file.
To do this, type:
cat shells
This will let you know which shells root will have access too.
6. Now edit the password file using:
vipw
if you need to manuly edit the master.passwd file you must run
the make data bace afterwords:
/usr/sbin/pwd_mkdb -p /etc/master.passwd
# master.passwd.local
Sites which have there own accounts on the routers should copy and paste the
account into a file in /etc called master.passwd.local [set at 600 -for root
access only]. Then when I run the passwd update, a script is run updateing
the /etc/master.passwd and /etc/group file.
7. Change the root shell from tcsh to:
/bin/csh
or
/bin/sh
This depends on what shell is listed in your /etc/shells file.
8. Once this is done; save and then exit.
9. Then to reboot type:
sync;sync;reboot
10. To make a boot.img for linux. Put 3.5 disk in floppy then:
dd if=bootnet.img of=/dev/fd0 bs=1440k
11. To make a boot floppy for fbsd:
# fdformat -f 1440 fd0.1440
# disklabel -w -r fd0.1440 floppy3
# newfs -t 2 -u 18 -l 1 -i 65536 /dev/rfd0
kern.flp
mfsroot.flp
- A fixit.flp is a good Idea as well.
If you are using a UNIX system to create the floppy images:
# dd if=kern.flp of=disk_device
disk_device is the /dev entry for the floppy drive. On FreeBSD systems, this is:
/dev/rfd0 for
the A: drive
and
/dev/rfd1 for the B: drive.
With the kern.flp in the A: drive, reboot your computer. The next request you should get is for the
mfsroot.flp floppy, after which the installation will proceed normally.
12. To copy a directory and files from one place to anouter:
# cp -p -r atmrate /usr/src/usr.sbin
This will copy the directory and files [atmrate] to /usr/src/usr.sbin
13. Patch
patch < filename (e.g. files.i386.diff)
14. DNS -is on donkey
Please mimic the named config from donkeyepc (as found in the directory
/etc/named). Any verion of BIND (named) which is 8.1 or greater will
do. The only change from donkeyepc is do not include the lines for
xxx.xxx.xxx.xxx and xxx.xxx.xxx.xxx in the file /etc/named/named.conf when
configuring the master servers.
Addemdum.
You will need to have the /namedb in /etc as well
rc.conf
# named. It may be possible to run named in a sandbox, man security for
# details.
#
named_enable="YES" # Run named, the DNS server (or NO).
#named_program="named" # path to named, if you want a different one.
named_program="/usr/local/sbin/named"
named_flags="-c /etc/named/named.conf" # Flags to named (if enabled).
15. xhost [remote display.]
[local] xhost +
[local] xhost - [to disable xhost]
[remote] xhost + setenv Display ovid.code-donkey.org:0.0
16. latte [Network Monerting.]
you must run
/usr/local/NetMonitor/StartServer.sh &
manualy when restarting the box.
This needs x to run so xhost in
"xhost latte" from your box, and then telnet to latte and type:
xterm &
Then su to root,
then type in the xterm window:
/usr/local/NetMonitor/StartServer.sh &
You will then see someting that looks like:
[1] 1607
latte.code-donkey.org(root):/usr/home/donkeynoc>
Starting NetMonitor WebServer on port: 9191
added the servlet key*
Servlet added: Acme.Serve.FileServlet
SAServer Started on port: 1029
17. lila [DNS]
When lila is rebooted you must do a "mount -a". This will mount all
of the drives/slices.
18. midway.c
The midway.c information will be found in sys/conf/files
The midway.c file which we support is located in /pci/midway.c
The midway.c file which we did not make is found in dev/en/midway.c
19. 1.usr.mode
1. Reboot the box useing Alt-Ctrl-Delete
2. When "boot:" comes up type:
boot -s
to bring the box up in "single-user-mode."
3. When requested to enter a shell, press enter.
This will give you a default Bourn shell.
4. To mount all of the slices type
mount -a
5. Change directory to /etc and check to see
what shells you have listed in your /etc/shells file.
To do this, type:
cat shells
This will let you know which shells root will have access too.
6. Now edit the password file using:
vipw
7. Change the root shell from tcsh to:
/bin/csh
or
/bin/sh
This depends on what shell is listed in your /etc/shells file.
8. Once this is done; save and then exit.
9. Then to reboot type:
sync;sync;reboot
20. man
to read man pages without useing "man" type
nroff -man "name of page" | more
21. ping-page
The ping page configuation files are on latte in /usr/local/www/data in
three directories:
ATDMON
CAIRNMON
SUPPERNETMON
- the file which contains the cairn info is:
/usr/local/www/data/CAIRNMON/cairnpinglist
- the various interface configurations are in:
/usr/local/www/data/NETMON/cairn/cairn_net.cfg
22. tip -console-
parcpc [example]
from? /usr/local/sbin/console -A parc
call boot(0)
~. [to exit from colsole
also
ctrl ec.
[for information on available devices see /etc/remote]
tip -v [baud-rate] cuaa
lblpc.
helpmann->ee.lbl.gov->weed.lbl.gov
donkeynocers [spaces.]
tip weed
23. gif interfaces
##############################################################
#this is just an exapmple of a gif interface.
# configure Tunnel to Code-donkey [to donkeypc4]
#ifconfig gif0 xxx.xxx.4.9 xxx.xxx.4.10 netmask 255.255.255.252
#/usr/local/v6/sbin/gifconfig gif0 xxx.xxx.167.4 xxx.xxx.155.6
##############################################################
#ifconfig iti0 xxx.xxx.2.98 xxx.xxx.2.97 netmask 0xfffffffc mtu 1280 up
#iticonfig iti0 x.x.2.166 xxx.xxx.167.1
ifconfig gif0 xxx.xxx.2.98 xxx.xxx.2.97 netmask 0xfffffffc up
/usr/local/v6/sbin/gifconfig gif0 1xx.2xx.2.166 x40.xx3.167.1
Also:
For FreeBSD, things go something like:
# gifconfig gif0
# ifconfig gif0 inet6
Normally, you would also say something like:
# route add -inet6 default
and, if you plan to route traffic, you'd set your primary
ethernet card to some address:
# ifconfig fxp0 inet6
# sysctl -w net.inet6.ip6.forwarding=1
This last statement tells the kernel to forward IPv6 packets
between interfaces (in your case between fxp0 and gif0)
24. mrtd.conf - to find out which version telnet to mrtd and type:
sh ver
[Example from bbnpc]
####################################
password mrtipv6
debug all /var/log/mrtd.log 5000000
!
access-list 1 deny 0.0.0.0/0 exact #dont allow anything routed on this address
#so this will block everything.
#ACCESS LISTS NEED TO BE ASSOCITED WITH A
# LIST. -see isiepc-
access-list 1 permit all #This says that you can let everything in
#so now, only 0.0.0.0./0 [local intrface]
#will not be distributed. This way you
#keep your local routes out.
!
router rip #RIP - IPv4 IGP [internal g/w protocal]
! network ed0 # ! = dont read/ignore.
network nn0 # Advertise this inteface.
distribute-list 1 out nn0 # Look at the access list above.
redistribute direct # "direct" advertise regardles of weather
# the interface is up or down. If the
# entrie said "redistribute connect" it
# would mean to advertise only if the
# interface was up [connected]. So the
# i/f was down the routes would die out.
redistribute static # Advertise the static ip route.
!
router ripng # RIPng is the IPv6 IGP [internal gateway
# protocal.]
! network ed0
network nn0
redistribute direct
!
! static routes
ip route 0.0.0.0/0 x92.x.37.4 # Example of default route.
ip route x40.x47.0.0/16 xx2.1.37.4
ip route 192.1.100.0/24 xx2.1.37.6
#####################################
BGP4 - IPv4 EGP External g/w protocal
RIP - IPv4 ICP internal g/w protocal
BGP4+ - IPv6 EGP
RIPng - IPv6 IGP
IGP/RIP - used to get to any router within CAIRN.
and to see what routes that are being distributed:
show ip [protocal]
eg.
show ip bgp
How to modify mrtd. [The first implementation of this was on isipc.
find bgp_attr.c. The file is in:
/usr/local/src/mrt-2.2.2a-Aug11/src/lib/bgp_attr/bgp_attr.c
change:
/* skip total path attribute length for now */
p_total_attrib_len = cp;
BGP_PUT_SHORT (0, cp);
start_attr = cp;
to:
/* skip total path attribute length for now */
if (cp + 2 <= maxend) {
p_total_attrib_len = cp;
BGP_PUT_SHORT (0, cp);
start_attr = cp;
} else {
overflow++;
}
assert (cp <= maxend); /* skb */
Then change:
/* Now put in attribute length */
BGP_PUT_SHORT (cp - start_attr, p_total_attrib_len);
p_total_attrib_len -= 2;
}
to:
/* Now put in attribute length */
BGP_PUT_SHORT (cp - start_attr, p_total_attrib_len);
p_total_attrib_len -= 2;
}
assert (cp <= maxend); /* skb */
Once this is done, then run make in the directory, always back up
the original file, and deamon.
-good luck.
For a comparason take a look at either donkeypc, which has the original
work, or look at oingo.code-donkey.org ~aakesson/router/mrtd. The files are there.
# 25. # ping6
ping6 -w will ping an ipaddress and show you the name of the box.
-see the file "v6.tools."
ping6 -I de0 -w ff02::1
This will show all of the active boxes on the subnet. [I think.]
# 26. ndp [Neighbor Discovery Protocal.]
ndp -a
This displays the current Neighbor cache.
ndp -c
To flush the all NDP cache [as root.]
ndp -p
To display the prefix list.
ndp -r
To display the default router list.
# 27. netstat
To see routing table:
# netstat -nr
# netstat -nrl (long format with Ref and Use)
# netstat -apn | more [This shows Active Internet connections
(servers and established)
# netstat -t [filter the output to display only TCP
connections]
# netstat -u [limit the output to UDP]
# netstat -w [display raw session]
# netstat -x [limit the display to UNIX-type sockets
(some database applications, X11 connections,
font server, etc). ]
# netstat -M [IP masquerading entries]
# netstat -et [Active Internet connections (w/o servers)]
Linux
----------------------
To make the netstat program immutable use the chattr program. The
immutable settinv is defined by the +i flag.
chattr +i /bin/netstat
-----------------------
It is also a good idea to keep a copy or netstat on a floppy disk.
This is so that you have a clean copy if you suspect you may have
been spoofed.
tar -cvf /dev/fd0 /bin/netstat # To save the file
tar -xvf /dev/fd0 # To extract the file
# 28. lbl - dpss lbl_nton
To check and see if the lbl_nton link is up.
1. from donkeyepc ping dpss2
2. traceroute -n [to not resolve] dpss2.lbl.gov
if routes 205.xxx.xxx.xxx & 208.xxx.xxx.xxx show up then
SupperNet is up.
3. ssh -l donkeybons dpss2 [use donkeynoc pw.] Then ping the gif
i/f to lbl [not the 140. address, but the core address.]
4. From helpmann.code-donkey.org ssh ee.xx.xx [now rockers.] then tip
into lblpc.
# 29. NSFPC
isiebr.code-donkey.org xxx.xxx.1.250
nsfbr-isiebr.code-donkey.org xxx.xxx.1.251
isiepc-nsfpc.cairn.net xxx.xxx.1.249
nsfpc-isiepc.cairn.net xxx.xxx.1.252
# 30. kernel
To bring back the old kernel, try:
chflags noschg /kernel
rm /kernel
cp /kernel.old /kernel
chflags schg /kernel
# 31 tunnel
http://snafu.freedom.org/linux2.2/tunnel-notes.html
http://snafu.freedom.org/linux2.2/tunnel-notes.html#works
We have ozzy at aaa.168.2.17 running 2.2, gyp at aaa.168.2.64 running 2.2, and fubar at aaa.168.2.23 running 2.0. The first step is the
tunnel end on fubar, which will be aaa.168.3.1. gyp's tunnel end will be aaa.168.3.3 and ozzy's will be aaa.168.3.2.
[fubar]# insmod ipip; insmod new_tunnel
[fubar]# ifconfig tunl0 aaa.168.3.1
[fubar]# route add -host aaa.168.3.2 gw aaa.168.2.17 tunl0
[fubar]# route add -host aaa.168.3.3 gw aaa.168.2.64 tunl0
Next ozzy to fubar:
[ozzy]# insmod ipip
[ozzy]# ip tunnel add mode ipip remote aaa.168.2.23 local aaa.168.2.17
[ozzy]# ip addr add aaa.168.3.2 dev tunl1
[ozzy]# ip link set tunl1 up
[ozzy]# ip route add aaa.168.3.1/32 dev tunl1
# 33 Tar
tar cf - donkeynoc | (cd /usr; tar xf -)
move this directory to.
bz2 [Tipicaly found on LINUX boxes
To decompress a .bz2 file type:
bzip2 -dv [file name]
www.muraroa.demon.co.uk
man bzip2
# 34 Snoopy
helpmann# ./snoopy.pl -h
./snoopy.pl -f
-f use a
as a source of monitored hosts
-c alternatively, use just one host name to be checked
(dns lookup will be performed)
-h prints this message
-l print log to
-q quiet mode (don't output to stdout)
-s disable syslog
-p parallel processing (implies -q)
./snoopy.pl -s -p -f latte.code-donkey.org:/usr/local/share/doc/apache/CAIRNMON/cairnpinglist -l dnsout.log
helpmann# ./DNS_digger.pl -h
./DNS_digger.pl -d
-d DNS server to dig in
-z zone to transfer
-h prints this message
-l print log to
-v print summary of the DNS records as well
-q quiet mode (don't output to stdout)
-s disable syslog
-o output file (default to STDOUT)
./DNS_digger.pl -d lila.code-donkey.org -z cairn.net -l dnsout.log -s -o dnsout.111
# 35 RPM
As root type:
rpm -i {the name of the file .rpm}
# 36 PORTS
To get a list of active network ports in UNIX type:
netstat -a
# 37 file.
you can use the command "file" to tell what type of file a file is. :)
# 38 module
To load the module ipip.o in Linux you:
/sbin/insmod /lib/modules/2.2.14-5.0smp/ipv4/ipip.o
To list what modules are loaded type:
/sbin/lsmod