In da Wok ……

http://sites.google.com/site/cubiclejunglestory/

When you have to determine why things went wrong you need to know how they work.

linux helps you do thats

linux helps you use the knowledge you gain by tinkering with it in realtime

my linux laptop can become a router

my linux laptop can become a firewall

my linux laptop can become a ids/ips

my linux laptop can become a access-point

my linux laptop can become a pbx

my linux laptop can do all of the above at the same time

i have done all of the above

iptables is awesome , even when you have not understood it

through linux i realised that learning to script/program ( even just a little bit ) can help you tremondously in your job as a network engineer.

my job is fun again because of linux

linux teaches you patience

it strips away any sense of pride and leaves you a quiet and humble person

linux gives you peace

this post is to remind me why i keep using linux, on the days when i just want to rip apart my laptop and then puke on it

slitaz is awesome.

got the BIRD internet routing daemon, bird, compiled and will package it today and set it up in the repos for slitaz. as far as i know it will be the only routing daemon packaged for slitaz. The reason i got interested in BIRD is that right now among the other daemons in the linux world, this one seems to be the latest in updates. i guess working on it and later making a live cd for the same will benefit BIRD as more people can then get on to it. Im still waiting for the day when i can get a open source, without hassles, mpls/bgp vpn up on linux.

well, somebody has made a very limited implementation of bgp in the ruby programming language, and it available here http://github.com/mc/rubybgp . it would be fun to read and learn again BGP from totally different point of view, i know a little bit of ruby, just enough to make small network monitoring scripts along with bash. so i guess i can start learning a little bit more by reading and trying to make sense of the rubybgp code, there is also another project here http://rubyforge.org/projects/bgp4r/ which i intend to pick apart too.

Oh how i wish i had more time.

slitax linux busybox already has vconfig in it, which if you did’nt know ( i did’nt till an hour back), lets you setup vlan interfaces in your linux box, like sub-interfaces in your cisco router. so you too can make your slitaz laptop a router on a stick very easily with this. the command goes like this, as root type

vconfig add eth0 47

the above command adds a interface eth0.47 which will have encapsulation of 802.1q, if you get any errors when you give the command, most probably it will be that the vlan module has not been loaded, on slitaz we load it like this

modprobe 8021q

then you try again and you should not get any errors, after that all you have to do is

ifconfig eth0.47 up

and confirm that the interface is up with the ifconfig command.

there you have it, slitaz linux router on a stick.

notes: for linux to act as a router , you have type in the following command

echo 1 > /proc/sys/net/ipv4/ip_forward

also i add 8021q to the modules section in /etc/rcS.conf

A nice article on vlans in linux is available here, http://www.linuxjournal.com/article/7268

well not a full blown router yet, but good enough for static routes. So its quite simple to get your slitaz box to act as a router, just install iptables, with the command

tazpkg get-install iptables

and once that is installed just type in the foll. command as root

echo 1 > /proc/sys/net/ipv4/ip_forward

and there you have it, you slitaz box is all ready to forward ip packets (tell you the truth, im not sure if you even need iptables for routing, i still need to learn this stuff on linux).

anyways next work on slitaz is to start a pppoe access authentication server and then hook it up with freeradius, later i’ll start work with quagga, though  i have already compiled it before, i never got to work with it, neither have i packaged it, so hopefully by the end of the month ill finish these three.

nice article by jug suraiya

http://blogs.timesofindia.indiatimes.com/jugglebandhi/entry/let-s-face-it

Im going to moving away from wordpress slowly and try to write my entire site as a bash cgi, ya i know security issue’s might me a concern, but im going to try and be extra careful, read quite a lot on html and css and now i do have a basic idea of css and kind of agree with its concept.

I can say right now that i have completed 95% of the basic idea of automated troubleshooting that i had. Now im going to be doing further additions to it like, trigger the troubleshooting script if a link has more than 15 packet drops, to do that now i intend to write in bash again a ping monitoring script which will give its output in html and hence can be seen through a browser, if a link goes down, it should either begin by first logging a call and then troubleshooting, or first troubleshooting and then logging a call. Also i was thinking about graphing and with that comes to mind rrdtool, but i dont think i will be going that way first, maybe gnuplot first, once i reach a comfort level with graphing, i’ll try figuring out rrd.

So im making a web interface for troubleshooting mpls links for some customers, Im writing the entire thing in bash, and things were going pretty well till yesterday. ( i started on saturday). You see the first page currently has the name one customer currently with a small input form next to and a troubleshoot button next to it, Now for a Mpls vpn customer there are various ways to provide last mile connectivity, im not talking about physical connectivity but the logical PE-CE connectivity, anyways after a few basic steps of automated telnet i will end up on the last mile PE and from there i want to do a source destination ping using vrf , somewhat like this

ping vrf CUSTOMER 20.20.20.2 source 20.20.20.1 repeat 3

or i use a source interface to ping , which is pretty much the same as source ip, now 20.20.20.2 is  a variable which we get when somebody inputs it into the webpage. so actually when i send the commands the ip and interface are basically variables sent across. Which actually works fine. the issue comes up when the last mile connectivity has been temporarly given on a gre tunnel , Now in this case i need to breakdance with cat/grep/sed and get the source and destination ip of the tunnel and then send across those variables to check if that connectivity exists. I know its anal, if the tunnel ip’s dont ping then 99% the tunnel destination from the tunnel source won’t ping, but i wanted to follow proper steps in this automated troubleshooting system i was building. so the command sent across is

ping $destination source $source repeat 3

But it did’nt work, since i was pushing all output to a txt file ,  i could see that command being run on the router was

ping $destination

thats it ! , now since im no programmer, it took me some time to understand whats going on, i figured there’s a new line character being added to the $destination variable which i take after certain cat /grep/cut commands done on the output file.  so i added this to the if else command after reading about the tr -d ‘\n’ command somewhere on the internet

$dest=$(echo $dest | tr -d ‘\n’)

Still didnt work, couldnt figure it out, but then i remembered that there is also a carriage return character \r , what if that also gets added in the variable,  so next step was

$dest=$(echo $dest | tr -d ‘\r\n’)

and this time it worked, perfectly fine.

I feel like i will be never able to understand programming completely, because such kind of problems take me two days, but once i get the solution i dont care, im happy and i move forward. scripting/programming for network troubleshooting, is much more rewarding that plain network troubleshooting.

So continuing with my silly scripts here’s another one to update your status on twitter, drop it in your /usr/bin and then type bwitter and then your update and then enter, thats it. of course edit your username and password for it to work . ctrl-c closes the client. im using in xterm and typing in a lot of useless updates

#!/bin/bash

#Author::deadwait

#name::bwitter

echo type in your update
read update
curl -u username:password -d status=”$update” http://twitter.com/statuses/update.xml | grep ZZ

bwitter