Fancy Facebook Fan Pages – A Step By Step Guide
View more presentations from Olaf Nitz.
Jan 27
X450a-48t_2.1 # download image 192.168.0.xx summitX-12.3.3.6-ssh.xmod
Do you want to install image after downloading? (y – yes, n – no,– cancel) Yes Downloading to Switch…
Installing to primary partition!Installing to Switch…………………………………………………………………………………………..
SSL will be usable after restart of thttpd process. Restart snmpMaster process to use AES/3DES users for SNMPv3.Image installed successfully
X450a-48t_2.2 # run update
X450a-48t_2.3 # enable ssh2
WARNING: Generating new server host key
This could take approximately 10 minutes and cannot be canceled. Continue? (y/N) Yes
………………………………………………………………………………………………………………………………………..Key Generated
* X450a-48t_2.4 # restart process “exsshd”
Step 1: terminating process exsshd gracefully …
Step 2: starting process exsshd …
Restarted process exsshd successfully
* X450a-48t_2.5 # save
The configuration file primary.cfg already exists.
Do you want to save configuration to primary.cfg and overwrite it? (y/N) Yes
Saving configuration on master ……………………………… done!
Nov 16
這個是一個很常見的問題. 總是會有使用者自己手動設定IP使得別人的電腦造成IP衝突. 當發生IP衝突的時候記得抄一下那個使用者的MAC address. 進去 Cisco Switch 找該網路孔. 用下列指令列出MAC address
3750#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0aaa.bbbc STATIC CPU
All 0100.0aaa.bbbd STATIC CPU
All 0180.cc00.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
2 00e0.812d.xxxx DYNAMIC Gi1/0/16
2 00e0.812d.xxxx DYNAMIC Gi1/0/20
2 00e0.812d.xxxx DYNAMIC Gi1/0/18
5 000c.298d.xxxx DYNAMIC Gi1/0/19
5 000d.93c8.xxxx DYNAMIC Gi1/0/2
5 000e.7fe0.xxxx DYNAMIC Gi1/0/19
5 000e.7fe8.xxxx DYNAMIC Gi1/0/19
Total Mac Addresses for this criterion: xx
在上列的結果比對是否有該使用者的MAC address. 假設使用者的MAC address 出現在 Gi1/0/19 孔上面. 然後就把它關掉.
3750#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 3750(config)#interface Gi1/0/19 3750(config-if)#shutdown
這樣那個使用者就不能用那個孔上網路. 沒多久使用者就會來說他不能上網. 這樣就搞定了.
Jul 05
lacp 全名是 Link Aggregation Control Protocol. 它是 IEEE 標準規格 802.3ad. 可以將上許多不同的實體連接埠(port)邏輯的共同結合在一起, 視為一條線路. 作這樣的設定好處有. 可做到failover, 還有加速. (話雖如此我還沒感受到它加速的威力. 還不知到怎麼測試).
首先你要先組態(config) Cisco Switch.
1. 關掉你要設定的 ports
# configure terminal # interface range GigabitEthernet 1/0/1-2 # shutdown
2. 設定你要合併的 ports, 在這裡我多設定VLAN 500.
# switchport access vlan 500 # switchport trunk encapsulation dot1q # switchport trunk native vlan 500 # switchport trunk allowed vlan 500 # switchport mode trunk # switchport nonegotiate # speed 1000 # channel-group 1 mode active
3. 檢查你剛剛的設定
# show running-config (omit) ! interface Port-channel1 switchport access vlan 500 switchport trunk encapsulation dot1q switchport trunk native vlan 500 switchport trunk allowed vlan 500 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/1 description tonnerre-inside1 switchport access vlan 500 switchport trunk encapsulation dot1q switchport trunk native vlan 500 switchport trunk allowed vlan 500 switchport mode trunk switchport nonegotiate speed 1000 channel-group 1 mode active ! interface GigabitEthernet1/0/2 description tonnerre-inside2 switchport access vlan 500 switchport trunk encapsulation dot1q switchport trunk native vlan 500 switchport trunk allowed vlan 500 switchport mode trunk switchport nonegotiate speed 1000 channel-group 1 mode active ! (omit)
4. 設定spanning-tree 模式為 pvst (這我還不太清楚為什麼?)
# configure terminal # spanning-tree mode pvst
5. 啓用剛剛關掉的那些 ports
# configure terminal # interface range GigabitEthernet 1/0/1-2 # no shutdown
6. 檢查 lacp 狀態
# show lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/0/1 SA bndl 32768 0x1 0x1 0x15 0x3D
Gi1/0/2 SA bndl 32768 0x1 0x1 0x16 0x3D
# show lacp neighbor
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1 neighbors
Partner's information:
LACP port Admin Oper Port Port
Port Flags Priority Dev ID Age key Key Number State
Gi1/0/1 FA 32768 0017.xxxx.xxxx 0s 0x0 0x64 0x15 0x3D
Gi1/0/2 FA 32768 0017.xxxx.xxxx 0s 0x0 0x64 0x16 0x3D
在RHEL5的設定如下 :
1. 編輯 eth0, eth1
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
2. 建立 bond0.
# vi /etc/sysconfig/network-scripts/ifcfg-bond0 DEVICE=bond0 BOOTPROTO=none ONBOOT=yes NETWORK=10.1.0.0 NETMASK=255.255.0.0 IPADDR=10.1.1.241 USERCTL=no
3. 設定 bond0 module
# vi /etc/modprobe.conf alias bond0 bonding options bond0 mode=4 miimon=100 lacp_rate=1
mode=0 (balance-rr)
Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.mode=1 (active-backup)
Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond’s MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.mode=3 (broadcast)
Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.mode=4 (802.3ad)
IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.
4. 重新啓動網路
# service network restart
5. 檢查lacp狀態
# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.2.4 (January 28, 2008)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
802.3ad info
LACP rate: fast
Active Aggregator Info:
Aggregator ID: 1
Number of ports: 2
Actor Key: 17
Partner Key: 2
Partner Mac Address: 00:1c:f9:xx:xx:xx
Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:1e:c9:xx:xx:xx
Aggregator ID: 1
Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:1e:c9:xx:xx:xx
Aggregator ID: 1
這樣就完成了. 我還有很多不懂的地方.還需要慢慢學習. 
Jul 01
- Restart immediately
To restart or reboot a Cisco immediately, in enable mode:
#reload
- Restart in N minutes
#reload in N
Jun 26
Jun 18
買了 liho.tw 網域後, 過一陣子才發現 twbbs.org 可以註冊免費網域. 只好無聊在註冊一個網域. 
叫做 samtseng.twbbs.org. 這個又把它設定導向這個 The Paradiso 的部落格.
台灣寬頻業者幾乎都有提供固定ip. 當然記網域會比記ip還方便. 就去申請 TWBBS.org 自由網域 指向你家的 ip 吧. 架設 ftp 架設網頁也比較方便.
May 22
我家因為離中華電信機房太遠, 所以沒辦法申請高速的網路. 只能申請1M/64K. 雖然他們號稱可以申請2M. 但是實際上用2M的速度與1M的速度差不多慢. 因為我家真的離中華電信太遠了. 下面是中華電信測速的結果 :
算是接近他們宣稱的速度. 可是每個月都要繳. 7~800元. 那麼慢的網路還收費那麼高!?
我打了好多次電話給中華電信. 要求他們來我家附近裝設光纖. 他們只能不理不睬. 隨便打哈哈.敷衍了事.
後來我申請北桃園的電視網路, 他們宣稱可以達到10M/1M.當然實際測試並沒有那麼快. 最快的狀況大約是8M/1M. 算是有點失望. 雖然已經比中華電信好太多了.
這是安裝電視網路第一天的速度 :
將近8M/1M
這是今天晚上測試的速度 :
將近3M/1M.
真是很 Orz. 打電話給客服. 客服說線路有問題大約要一個禮拜後才修復. 一個禮拜那不就是將近1/4個月速度慢. 我相信ISP不會那麼仁慈.因為速度不夠而降價. T_T 我就在一個禮拜後, 看看他們有沒有改進摟.
這是公司網路的速度 9M/5.5M. 我真的是嬌生慣養慣了, 網路慢就會覺得很痛苦.
Nov 04
如何用指令模式設定linux預設閘道器??
在設定 route 之前先顯示一下該機器的 routing table. 可以直接用 route 命令
[USER@Aloha ~]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.5.0 * 255.255.255.0 U 0 0 0 eth1
10.1.1.0 * 255.255.255.0 U 0 0 0 eth0
default 10-1-1-254 0.0.0.0 UG 0 0 0 eth0
也當然可以用 route -n 命令. 直接看各個 ip 位址.
[USER@Aloha ~]$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 10.1.1.254 0.0.0.0 UG 0 0 0 eth0
由上面的 routing table 代表要往 192.168.5/24 的介面由 eth1 走 要往 10.1.1/24 的介面網 eth0走.其他不知道的網段就往 eth0 送. 在最後一筆紀錄的 Flags 與其他介面不太一樣. 那個G代表的是gateway. 所以預設閘道器在 eth0 介面.
如果我要將預設閘道器改為 eth1 介面. 我可以用下面兩個指令改變預設閘道器
route add default gw {IP-ADDRESS} {INTERFACE-NAME}
route del default gw {IP-ADDRESS} {INTERFACE-NAME}
[USER@Aloha ~]$ routea del default gw 10.1.1.254 eth0
[USER@Aloha ~]$ routea add default gw 192.168.5.254 eth1
再次列出目前的路由表.
[USER@Aloha ~]$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.5.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.5.254 0.0.0.0 UG 0 0 0 eth1
這樣就改變了 default gateway.
Oct 06
檢查 interfaces 找看看有哪些異常. 下列斜體字就是基本該檢查的部份. e.g. reliability, Input queue, input / output rate, input errors, and so on..
cisco-3560#show interfaces
GigabitEthernet0/1 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is xxxx.xxxx.xxxx (bia xxxx.xxxx.xxxx)
Description: ‘UPLINK, TO UPLINK-G1/0/1′
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:25, output 00:00:00, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4614000 bits/sec, 676 packets/sec
5 minute output rate 7537000 bits/sec, 732 packets/sec
1390054399 packets input, 3062338575 bytes, 0 no buffer
Received 320051 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 320036 multicast, 0 pause input
0 input packets with dribble condition detected
3713836416 packets output, 2891595501 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
可以清除某個介面重新觀察.
cisco-3560#clear interface GigabitEthernet 0/1
檢查 CPU是否有過載.
cisco-3560#show processes cpu
CPU utilization for five seconds: 7%/2%; one minute: 7%; five minutes: 7%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 16 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 73 1280349 0 0.00% 0.00% 0.00% 0 Load Meter
3 0 1 0 0.00% 0.00% 0.00% 0 CEF IPC Backgrou
檢查是否有異常的logs?
cisco-3560#show logging
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
Recent Comments