Network


Superfast NFS Tuning

In the past week at work, I’ve had a need to utilize some directly attached boxes working over NFS to share a storage array, the backblaze storage pod actually. This was necessary as the pods don’t have many compute resources to handle the load required to backup our datasets. Looking into this, I realized that optimizing NFS was an easy and surefire way to ensure it wasn’t taking extra resources on my pod.

Continue reading ↦

If you don't enable CDP, there's something wrong with you.

Hmmm….I wonder what switch port this box is connected to??? [~]> apt-get install cdpr Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: cdpr 0 upgraded, 1 newly installed, 0 to remove and 31 not upgraded. Need to get 17.4 kB of archives. After this operation, 102 kB of additional disk space will be used. Get:1 http://us.archive.ubuntu.com/ubuntu/ trusty/universe cdpr amd64 2.

Continue reading ↦

The proper way to configure interfaces on Ubuntu

Discovered that in recent Ubuntu versions, the following is the “official” way to up and down interfaces cleanly. Edit /etc/network/interfaces adding your entry similar to below: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 10.1.24.30 netmask 255.255.254.0 network 10.1.24.0 broadcast 10.1.25.255 gateway 10.1.24.1 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 10.

Continue reading ↦

Handy DNS response filtering with pdns-recursor

In our quest to roll out IPv6 intranet-wide, we ran into a weird issue with how we do VPN requiring us to filter out AAAA records being served to VPN connected clients. At first, this didn’t seem very easy. Then, pdns-recursor to the rescue! On more recent (>=3.1.7 versions), pdns-recursor can take in scripts (in real time, btw) to modify the way it operates. This is super handy and luckily, there is a filter-aaaa script available on github that does exactly what we want!

Continue reading ↦

Configuring network interfaces on RHEL

So I don’t usually use a RHEL based machine, but recently was tasked with deploying one on our network. After the normal install process, which I decided to do text based via adding the following to the boot statement for the default installer option (push “e” when it appears): linux text I decided to setup networking later, after the machine was fully installed. On ubuntu/debian based systems, /etc/network/interfaces defines the configuration for interfaces on the system.

Continue reading ↦

Reverse DNS lookup with Dig

Hmm, I kind of want to play digdug now:( If you have an IP you’d like to perform a reverse lookup on to find the domain associated with it, look no further than the very light and informational dig program: dig +noall +answer -x 199.232.41.10 Note that PTR records are not required for IP addresses. If a PTR record is not defined for an IP address, you cannot do a remote DNS lookup.

Continue reading ↦

Keeping NFS from crashing hard

Recently, it seems my NFS connections have been crashing hard, most recently, a saved file from my browser to my servers’ mount point via NFS which caused the VM I was using to completely lock up:( So I did some quick searching and found these options which you should use when mounting any NFS shares: bg If the first NFS mount attempt times out, retry the mount in the background.

Continue reading ↦

Dealing with VPN on Linux Mint

Setting up VPN via NetworkManager in Linux Mint was actually really simple. But I kept having issues with DNS. I set up my VPN server to push down itself as the dns server to use and a domain-search domain. The domain search domain from vpn was getting mixed in with the other search domains from the local dhcp server when the connection was on eth0. NetworkManager launches dnsmasq when it starts.

Continue reading ↦

Making your client send all traffic through the VPN

This hack will enable your client machines to basically use the internet entirely through the vpn. On the server add the following to your openvpn config file: push "redirect-gateway def1" push "dhcp-option DNS 192.168.1.1" If your vpn is for example your home gateway, you’ll definitely want to use the gateway address. If your vpn server is on a remote server somewhere and it doesn’t run its own dns server or you don’t have a dns server running on the vpn network, you’ll want to just use a public dns server address such as Google’s 8.

Continue reading ↦

Flushing DNS caches

In Linux, there are multiple ways to do this depending on the caching daemon you’re running (nscd, dnsmasq, etc..). I will defer to this askubuntu question for the best explanation of all scenarios but will outline the most common below: sudo /etc/init.d/dns-clean restart OR sudo service dns-clean restart Mac OS X dscacheutil -flushcache Windows (pretty much all of them): ipconfig /flushdns