Understand IPv6 Addresses

IPv6 Address Types

Increasing the IP address pool was one of the major forces behind developing IPv6. It uses a 128-bit address, meaning that we have a maximum of 2¹²⁸ addresses available, or 340,282,366,920,938,463,463,374,607,431,768,211,456, or enough to give multiple IP addresses to every grain of sand on the planet. So our friendly old 32-bit IPv4 dotted-quads don't do the job anymore; these newfangled IPs require eight 16-bit hexadecimal colon-delimited blocks. So not only are they longer, they use numbers and letters. At first glance, those mondo IPv6 addresses look like impenetrable secret code:

2001:0db8:3c4d:0015:0000:0000:abcd:ef12 

Under IPv4 we have the old familiar unicast, broadcast and multicast addresses. In IPv6 we have unicast, multicast and anycast. With IPv6 the broadcast addresses are not used anymore, because they are replaced with multicast addressing.

IPv6 Unicast

This is similar to the unicast address in IPv4 – a single address identifying a single interface. There are four types of unicast addresses:

• Global unicast addresses, which are conventional, publicly routable address, just like conventional IPv4 publicly routable addresses.
• Link-local addresses are akin to the private, non-routable addresses in IPv4 (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). They are not meant to be routed, but confined to a single network segment. Link-local addresses mean you can easily throw together a temporary LAN, such as for conferences or meetings, or set up a permanent small LAN the easy way.
• Unique local addresses are also meant for private addressing, with the addition of being unique, so that joining two subnets does not cause address collisions.
• Special addresses are loopback addresses, IPv4-address mapped spaces, and 6-to-4 addresses for crossing from an IPv4 network to an IPv6 network.

If you read about site-local IPv6 addresses, which are related to link-local, these have been deprecated, so you don't need to bother with them.

Multicast

Multicast in IPv6 is similar to the old IPv4 broadcast address   a packet sent to a multicast address is delivered to every interface in a group. The IPv6 difference is it's targeted   instead of annoying every single host on the segment with broadcast blather, only hosts who are members of the multicast group receive the multicast packets. IPv6 multicast is routable, and routers will not forward multicast packets unless there are members of the multicast groups to forward the packets to. Anyone who has ever suffered from broadcast storms will appreciate this mightily.

Anycast

An anycast address is a single address assigned to multiple nodes. A packet sent to an anycast address is then delivered to the first available node. This is a slick way to provide both load-balancing and automatic failover. The idea of anycast has been around for a long time; it was proposed for inclusion in IPv4 but it never happened.
Several of the DNS root servers use a router-based anycast implementation, which is really a shared unicast addressing scheme. (While there are only thirteen authoritative root server names, the total number of actual servers is considerably larger, and they are spread all over the globe.) The same IP address is assigned to multiple interfaces, and then multiple routing tables entries are needed to move everything along.
IPv6 anycast addresses contain fields that identify them as anycast, so all you need to do is configure your network interfaces appropriately. The IPv6 protocol itself takes care of getting the packets to their final destinations. It's a lot simpler to administer than shared unicast addressing.

Address Dissection

Let's take another look at our example IPv6 address:

2001:0db8:3c4d:0015:0000:0000:abcd:ef12
______________|____|___________________
global prefix subnet  Interface ID

The prefix identifies it as a global unicast address. It has three parts: the network identifier, the subnet, and the interface identifier.
The global routing prefix comes from a pool assigned to you, either by direct assignment from a Regional Internet Registry like APNIC, ARIN, or RIPE NCC, or more likely from your Internet service provider. The subnet and interface IDs are controlled by you, the hardworking local network administrator.

You'll probably be running mixed IPv6/IPv4 networks for some time. IPv6 addresses must total 128 bits. IPv4 addresses are represented like this:

0000:0000:0000:0000:0000:0000:192.168.1.25

Eight blocks of 16 bits each are required in an IPv6 address. The IPv4 address occupies 32 bits, so that is why there are only seven colon-delimited blocks.
The localhost address is 0000:0000:0000:0000:0000:0000:0000:0001.
Naturally we want shortcuts, because these are long and all those zeroes are just dumb-looking. Leading zeroes can be omitted, and contiguous blocks of zeroes can be omitted entirely, so we end up with these:

2001:0db8:3c4d:0015:0:0:abcd:ef12
2001:0db8:3c4d:0015::abcd:ef12
::192.168.1.25
::1

I usually end up counting on my fingers, which is probably not the best method. ipv6calc is invaluable for checking your work. Suppose you're not sure if your compressed notation is correct. ipv6calc displays the uncompressed notation:

$ ipv6calc --in ipv6addr --out ipv6addr --printuncompressed ::1
0:0:0:0:0:0:0:1
$ ipv6calc --in ipv6addr --out ipv6addr --printfulluncompressed 2001:0db8:3c4d:0015::abcd:ef12
2001:0db8:3c4d:0015:0000:0000:abcd:ef12

Domain Authentication for Centos,redhat and fedora

1. login as a root to the machine  or else get the root privilege  using " su - "

2. copy the "LikewiseIdentityServiceOpen-5.1.0.5249-linux-i386-rpm.sh" package on the Desktop of the user

3.  cd username/Desktop

4. Run the command "sh LikewiseIdentityServiceOpen-5.1.0.5249-linux-i386-rpm.sh"

5. type 'yes' to accept the license agreement and installation porcess.

6. check the hostname using 'hostname' command 

7. change the hostname by vim /etc/sysconfig/network 

eg:-
 hostname=09cpu0129L
:wq (save and quit )

8. To make the changes take place restart the network and close the terminal. open a new terminal

9. type 'hostname' to check the hostname is right?
   
  note:- Make sure that hostname is not there in the Active Directory.

10. domainjoin-cli join amritavidya.edu ictsadmin 
    give the password...
    
  note:- You can find SUCCESS If the system is added to the domain sucessfully

11. vim /etc/likewise/lsassd.conf
   uncomment the following line approx:- 81 
eg :- 
    assume-default-domain = yes ( remove the # )

12. Restart the following services to implement the changes
    /etc/init.d/lsassd restart
    /etc/init.d/lwrdrd restart
    /etc/init.d/netlogond restart

13. reboot 

14. will be able to logon to the domain 

Samba: How to share files for your LAN without user/password

This tutorial will show how to set samba to allow read-only file sharing for your LAN computers as guest (without be prompted for a password).
Because users won't be prompted for a user/password, this tutorial is meant to be installed in a LAN where all host are to be trusted.
There is many advantages of sharing files in a LAN. For instance, when you have a multimedia box (playing music, movies....) it is great to be able to access the music on that box from any machines in your LAN.
Let's get started. In the first place, you need to have samba installed.

$sudo apt-get install samba or yum install samba

Because we are going to make samba security insecure, make sure only your local network can access samba service. To do so, open and edit /etc/samba/smb.conf

$sudo vi /etc/samba/smb.conf

and set interfaces to lo and your local network interface. In my case: eth1.

interfaces = lo eth1
bind interfaces only = true

Now, it is time to smoothen samba default security by changing the security variable: security and make sure it is set to share instead of user and that guest account is enabled:

security = share
...
...
guest account = nobody

Now, we can create a share to be accessible to guest users:

[Guest Share]
        comment = Guest access share
        path = /path/to/dir/to/share
        browseable = yes
        read only = yes
        guest ok = yes

You can now test that your configuration is good using testparm:

$ testparm

If everything is fine, it is time to reload samba service to have your new configuration taken into account:

$sudo /etc/init.d/samba reload  or service smb restart

That's it, anybody in your LAN can now access your share.

Network Storage - The Basics

Direct Attached Storage (DAS)
Direct attached storage is the term used to describe a storage device that is directly attached to a host system. The simplest example of DAS is the internal hard drive of a server computer, though storage devices housed in an external box come under this banner as well. DAS is still, by far, the most common method of storing data for computer systems. Over the years, though, new technologies have emerged which work, if you'll excuse the pun, out of the box.

Network Attached Storage (NAS)
Network Attached Storage, or NAS, is a data storage mechanism that uses special devices connected directly to the network media. These devices are assigned an IP address and can then be accessed by clients via a server that acts as a gateway to the data, or in some cases allows the device to be accessed directly by the clients without an intermediary.
The beauty of the NAS structure is that it means that in an environment with many servers running different operating systems, storage of data can be centralized, as can the security, management, and backup of the data. An increasing number of companies already make use of NAS technology, if only with devices such as CD-ROM towers (stand-alone boxes that contain multiple CD-ROM drives) that are connected directly to the network.
Some of the big advantages of NAS include the expandability; need more storage space, add another NAS device and expand the available storage. NAS also bring an extra level of fault tolerance to the network. In a DAS environment, a server going down means that the data that that server holds is no longer available. With NAS, the data is still available on the network and accessible by clients. Fault tolerant measures such as RAID, which we'll discuss later), can be used to make sure that the NAS device does not become a point of failure.
Storage Area Network (SAN)
A SAN is a network of storage devices that are connected to each other and to a server, or cluster of servers, which act as an access point to the SAN. In some configurations a SAN is also connected to the network. SAN's use special switches as a mechanism to connect the devices. These switches, which look a lot like a normal Ethernet networking switch, act as the connectivity point for SAN's. Making it possible for devices to communicate with each other on a separate network brings with it many advantages. Consider, for instance, the ability to back up every piece of data on your network without having to 'pollute' the standard network infrastructure with gigabytes of data. This is just one of the advantages of a SAN which is making it a popular choice with companies today, and is a reason why it is forecast to become the data storage technology of choice in the coming years.
Irrespective of whether the network storage mechanism is DAS, NAS or SAN, there are certain technologies that you'll find in almost every case. The technologies that we are referring to are things like SCSI and RAID. For years SCSI has been providing a high speed, reliable method for data storage. Over the years, SCSI has evolved through many standards to the point where it is now the storage technology of choice. Related, but not reliant on SCSI, is RAID. RAID (Redundant Array of Independent Disks) is a series of standards which provide improved performance and/or fault tolerance for disk failures. Such protection is necessary as disks account for 50% of all hardware device failures on server systems. Like SCSI, RAID, or the technologies used to implement it, have evolved, developed and matured over the years.
In addition to these mainstays of storage technology, other technologies feature in our network storage picture. One of the most significant of these technologies is Fibre channel (yes, that that's fiber with an 're'). Fibre Channel is a technology used to interconnect storage devices allowing them to communicate at very high speeds (up to 10Gbps in future implementations). As well as being faster than more traditional storage technologies like SCSI, Fibre Channel also allows for devices to be connected over a much greater distance. In fact, Fibre Channel can be used up to six miles. This allows devices in a SAN to be placed in the most appropriate physical location.

Basic Info on Network Racks – Wall Mounted, Floor Standing & Accessories

What is a Network Rack?

A Local Area Network (LAN) is comprised of multiple networking equipments like network switches, routers, UTM appliances, Servers, patch panels, cables, modems, etc. These equipments are generally kept inside a network rack, which is a closed or open enclosure that can hold them. The size occupied by networking hardware equipments follow certain industry standards so that they could fit in to the network racks, which too follow those standards. The common width of a network rack (and the networking equipments) is 19″ (Inches) – most of the racks are made to accommodate any equipment that can fit in to this space. Also, the networking equipments have fixed heights that are mentioned in terms of Rack Units.

1 Rack Unit (RU)  =  1.7 inches / 4.4 cm.

So, if a networking equipment is specified as 2U, then it has a height of 3.4 inches (approx). So, if one has the sizes (In RU) of all the networking equipments that needs to be placed in a rack, the required height of the Rack (in RU) can be easily calculated as the sum of the heights of all the individual equipments – generally slightly more than that, in order to accommodate the networking equipments freely in the rack and also to provide for future expansion.

Why are Network Racks required?

Network Racks are an important component of the structured cabling system.

Network racks are required for neatly, efficiently and safely holding all the networking equipments. If there are no network racks/ patch panels, then the cabling would look cluttered. Network racks can hold many components in a relatively smaller space, which enables one to utilize the available storage space very efficiently. Network racks are required for the physical safety of all the equipments kept within, as most of them could be locked and access denied for unauthorized personnel.

Network racks are also required for improving the health of the networking equipments stored inside. For example, when the cables are taken carefully and neatly through the cable managers in the racks, there is little chance of data loss due to excessive cable bends. Also, the cooling fans in the network racks provide additional cooling to prevent any damage to the networking equipments kept inside them, due to over heating.

Wall Mounted Network Racks:

• Wall Mounted Network Racks are useful for housing edge devices in individual departments with fewer networking equipments.
• Common sizes: 6U, 9U, 12U, 15U.
• The front panel generally has a hardened glass door to view they equipments inside clearly and also has a lock to ensure physical security.
• There are two common types of wall mounted racks – Single Section Racks, which have one glass door in the front, that can be fully opened and the cable entry/exit is via the holes in the top and bottom of the racks & Double Section Racks, which are like the single section racks but have an additional opening behind the rack (actually, a rear panel is fixed to the wall, and the whole rack is fixed to one side of the rear panel firmly, and can be turned front/ back to enable one to open and view the rear side of the rack).
• Network Racks are generally made up with steel body (sometimes with aluminum enclosures) with powder coated paint finishes.
• Network Racks generally have provisions for ventilation in the top/bottom/sides through vents/ holes.
• They contain some accessories as well, which is discussed in the last section of this article.

Floor Standing Network/Server Racks:

• The Floor Standing racks are used to house both network as well as server equipments. These are primarily used in data centers and other places with a large number of equipments.
• Most of the points that are applicable to the above wall mount racks are applicable to floor standing server racks as well, except that these are bigger and kept on the floor (some might even have wheels attached, to enable their movement).
• Common sizes: 24U, 30U, 36U, 42U, 45U.
• The whole front section generally comes with full length doors with hardened glass/ lock. Some might even have rear doors.
• In addition to the normal cable managers, these floor standing racks also offer specialized channels for electrical cabling, network cabling, etc which ensures neat movement of cables in the rear end, along the height of the racks.
• These racks can house more equipments and can handle loads of around 450-500 Kg.
• Floor mount racks are supplied either in CKD (Completely Knocked Down) condition where individual components are shipped to the site and the rack itself is assembled in the site (or) is assembled in the factory and shipped as a whole.

Network Rack – Accessories:

• Fan Housing Units: These are either mounted in the roof (or) in the side plate. Each unit generally consists of 2/4/6 fans that are used for cooling the equipments inside the racks. Some vendors also provide rack mounted fan housing trays that can be mounted along with other equipments in the rack to provide cooling at specialized places.
• AC Distribution Box: Network racks generally consist of a lot of equipments that need AC power. It would be inconvenient if each unit needs to be powered from an external source separately. So, an AC distribution box is used inside the rack to give power to individual equipments using one or two power lines from outside. The AC distribution box generally consists of 5 to 15 sockets (5A/15A).
• Cable Manager: A cable manager is generally an open conduit (with metal holdings) for passing multiple cables across the horizontal section of the rack. This makes the cabling arrangement look neat as well as prevent any excessive bending of the cables.
• Fixed/ Sliding Shelves: Not all the equipments that need to be kept in a network rack are rack mountable. Some of them come in different shapes and sizes. So, a fixed shelf plate is inserted in to the rack and these equipments are kept over it. For example, the standing desktop based servers can be kept over the shelves. There are certain heavy duty shelves to accommodate higher weight equipments. There are some sliding shelves which can be used to pull out equipments placed on them for say, frequent servicing.
• Additional cable channels and conduits enable easier and neat arrangements of cables.
• Modem holders: Some vendors provide special chassis type shelves in order to hold more number of modems vertically, one next to another.  Otherwise, they are kept horizontally and each shelf can hold only a few of them, which results in inefficient usage of rack space.

Using ping for network troubleshooting

Ping which stands for Packet INetrnet Gropper, is a great utility when it comes to troubleshooting network issues. It is part of iputils package. It sends ICMP “echo request” packets to the target system and listen for “echo response” replies. Ping records the round-trip time and records any packet loss. It prints a summary at the end showing number of packets sent and received, percent packet loss and total time. It also prints out minimum, average, maximum and maximum deviation (standard deviation).
After the brief introduction, let’s dig into the nitty-gritty of ping
In its simplest and usual form, ping is used to to see if a host is alive.
We will ping www.google.com and analyze the output, so type

ping  www.google.com
PING www.l.google.com (64.233.169.103) 56(84) bytes of data.
64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=1 ttl=128 time=31.7 ms
64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=2 ttl=128 time=30.9 ms
64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=3 ttl=128 time=32.0 ms
64 bytes from yo-in-f103.google.com (64.233.169.103): icmp_seq=4 ttl=128 time=31.2 ms

— www.l.google.com ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 30.979/31.509/32.093/0.481 ms

Let’s see what we have from the output.
The first line shows that ping is sending ICMP “echo request” to the host www.l.google.com with an IP 64.233.169.103 with 56 bytes of data. This first line proves that our DNS resolution is working so ping can be used as a simple name resolution tool.
The second line states information about the echo response packet. It received 64 bytes (why 64 bytes while it said 56 bytes above? I will explain it later), name of the host with its IP the data was received from, icmp sequence number, time to live value and the the time duration between the packet was sent and then received. Important things to look for in these lines is sequence numbers which should increment by 1 if there are no packet loss and time where a higher value would indicate network latency.
At the end we have summary of pings performed. Here 4 packets were sent, 4 received with 0% packet loss. The whole process, from the time when I start ping to the point when I stopped it, took 3001 milliseconds.
Then we have minimum, average, maximum and standard deviation of round-trip traffic.
ICMP echo request and echo reply contains 8 byes worth of ICMP headers. That’s why we see 8 bytes more than the amount of data (default 56) we sent.
By default all Linux distributions continuously ping the target host until stopped with ctrl+c.
To send a limited number of pings, use -c (for count). The following will send 5 ICMP packets of type echo request

ping -c 5 www.google.com

By default ping waits one second between sending packet. It can be changed with –i (for interval) option. The following will wait 2 second before sending another packet.

ping –i 2 www.google.com

Interval can be made even smaller. For example, to wait half a second before sending a packet, use

ping -i .5 www.google.com

To change the default packet size of 56 bytes, use -s (for size) option. To send 168 bytes, use the following

ping -s 168 www.example.com
PING www.example.com (208.77.188.166) 168(196) bytes of data.
176 bytes from www.example.com (208.77.188.166): icmp_seq=1 ttl=128 time=93.6 ms
176 bytes from www.example.com (208.77.188.166): icmp_seq=2 ttl=128 time=94.3 ms
176 bytes from www.example.com (208.77.188.166): icmp_seq=3 ttl=128 time=95.1 ms

— www.example.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 93.667/94.391/95.167/0.708 ms

Notice the new size 176 bytes because of the addition of 8 bytes header data.
Maximum packet size is 65,535 bytes.
Be careful of sending very large packets to target host.
Different options can be combined as well. For example to send 3 packets of size 200 bytes with .5 sec interval, we would use

ping -i .5 -s 200 -c 3 www.example.com

Another option (can be dangerous) is –f (for flood). It sends a lot packets very fast. If interval is not given, it sets interval to zero and outputs packets as fast as they come back or one hundred times per second, whichever is more. Only the super-user may use this option with zero interval.

ping -f www.host.com