預設在 extreme switch 沒辦法使用 ganglia. 必須在 switch 上設定下列指令 :
configure igmp snooping vlan “HPC” ports 1 add static group 239.10.1.2
Posts Tagged ‘Networks’
Assigning Static Multicast Group in Extreme 450a
22
Dec
iPhone 免費連 Hotspot Shield VPN 取得美國 ip
17
Nov
有很多影音內容在非美國本土是沒辦法享受的. 例如, Pandora Radio, Netflix…etc
只要使用 iphone 瀏覽 http://hotspotshield.com/clientless/iphone/ 網頁. 然後按照上面的步驟. 就可以設定撥接美國VPN取得 美國 ip. 如此一來就可以享用 Pandora Radio
按照hotspot shield網頁的說明. 要先把 Wi-Fi 關閉. 到”設定” -> “Wi-Fi” 關掉.
然後到”設定” -> “一般” -> “網路” -> “VPN” -> “新增 VPN 設定…”
# 選擇 IPSec 頁籤
# 描述 : HotspotShield
# 伺服器 : 68.68.107.101
# 帳號 : 輸入在 iphone 上看到的帳號
# 密碼 : 輸入在 iphone 上看到的密碼
# 使用憑證 : 關閉
# 群組名稱: hss
# 密鑰: hss
然後”儲存” 再把 VPN 開啟.
這樣就可以取得美國 IP
這樣就可以慢慢享受 潘朵拉(Pandora Radio)了
載入中…
網路音樂播放中..
終於看到這樣的畫面. 感動阿~~~
帳號資訊
解決使用者手動設定IP造成IP衝突問題
16
Nov
這個是一個很常見的問題. 總是會有使用者自己手動設定IP使得別人的電腦造成IP衝突. 當發生IP衝突的時候記得抄一下那個使用者的MAC address. 進去 Cisco Switch 找該網路孔. 用下列指令列出MAC address
3750#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0aaa.bbbc STATIC CPU
All 0100.0aaa.bbbd STATIC CPU
All 0180.cc00.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
2 00e0.812d.xxxx DYNAMIC Gi1/0/16
2 00e0.812d.xxxx DYNAMIC Gi1/0/20
2 00e0.812d.xxxx DYNAMIC Gi1/0/18
5 000c.298d.xxxx DYNAMIC Gi1/0/19
5 000d.93c8.xxxx DYNAMIC Gi1/0/2
5 000e.7fe0.xxxx DYNAMIC Gi1/0/19
5 000e.7fe8.xxxx DYNAMIC Gi1/0/19
Total Mac Addresses for this criterion: xx
在上列的結果比對是否有該使用者的MAC address. 假設使用者的MAC address 出現在 Gi1/0/19 孔上面. 然後就把它關掉.
3750#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 3750(config)#interface Gi1/0/19 3750(config-if)#shutdown
這樣那個使用者就不能用那個孔上網路. 沒多久使用者就會來說他不能上網. 這樣就搞定了.
日韓寬頻網居冠 台灣有「代」溝
03
Oct
中國時報【江靜玲/倫敦一日電】
根據一項針對全球六十六個國家寬頻網路所做的最新調查顯示,南韓和日本的寬頻網路品質居世界前茅,已為下一代數位化做好準備。台灣的寬頻網路應付當前需求遊刃有餘,但尚未為進入下一代數位化做好準備。
這項由思科(Cisco)公司委託英國牛津大學和西班牙歐維耶道大學(University of Oviedo)所做的研究指出,接受調查的六十六國,有三分之二達到當今使用需求標準,但只有九個已為下一代數位化高品質寬頻網路做好準備。這九個國家分別是:南韓、日本、瑞典、立陶宛、保加利亞、拉脫維亞、荷蘭、羅馬尼亞和丹麥。去年全球只有日本的網路化達到進入下一代標準。報告說,今年的進展令人驚喜。
台灣在這項調查中,位居足以應付當前需求(Comfortable for today),但尚未達到已為下一代網路做好準備的行列。與台灣同屬這一等級的國家包括:瑞士、捷克、挪威、美國、史洛戈克、葡萄牙、芬蘭、法國、德國、匈牙利、俄羅斯、比利時、史洛維尼亞、奧地利以及香港。
至於全力推動數位化的英國,在六十六國中,名列廿五。整體評估為「達到當前需求」。與英國同級的國家包括:冰島、愛莎尼亞、希臘、新加坡、加拿大、澳洲、西班牙、波蘭、紐西蘭、烏克蘭、土耳其、愛爾蘭和義大利。
中國在這項調查中被評估為「低於現今需求」。這個項目中的其它國家還有馬爾他、盧森堡、智利、巴西、卡達、沙烏地阿拉伯、泰國、墨西哥、菲律賓、馬來西亞、越南、印尼、巴基斯坦和南非等。
調查指出,韓國和日本持續在這項調查居於領先的地位,主因在於這兩個國家對高速網路速度的堅持。以南韓為例,政府保證到二○一二年時,網路速度將超過1Gbps。
積極推動數位化的英國在這項調查中的整體評估結果令人意外。委託這項調查的思科公司表示,這項調查主要是依據各國的現狀進行評估,預料英國政府的「數位英國」政策明年之後,將使英國的網路化出現重大發展。
–
看了這個報導真的令人生氣. 台灣的業者說什麼光世代都是騙人的.10Mbps就要號稱光世代. 南韓都要達成1Gbps台灣的業者還在虎爛.台灣不會進步中華電信要負很大的責任.只會剝削人民.還會虎爛.
TWBBS.org 自由網域
18
Jun
買了 liho.tw 網域後, 過一陣子才發現 twbbs.org 可以註冊免費網域. 只好無聊在註冊一個網域. 
叫做 samtseng.twbbs.org. 這個又把它設定導向這個 The Paradiso 的部落格.
台灣寬頻業者幾乎都有提供固定ip. 當然記網域會比記ip還方便. 就去申請 TWBBS.org 自由網域 指向你家的 ip 吧. 架設 ftp 架設網頁也比較方便.
終於申裝了10M/1M的網路了~
22
May
我家因為離中華電信機房太遠, 所以沒辦法申請高速的網路. 只能申請1M/64K. 雖然他們號稱可以申請2M. 但是實際上用2M的速度與1M的速度差不多慢. 因為我家真的離中華電信太遠了. 下面是中華電信測速的結果 :
算是接近他們宣稱的速度. 可是每個月都要繳. 7~800元. 那麼慢的網路還收費那麼高!?
我打了好多次電話給中華電信. 要求他們來我家附近裝設光纖. 他們只能不理不睬. 隨便打哈哈.敷衍了事.
後來我申請北桃園的電視網路, 他們宣稱可以達到10M/1M.當然實際測試並沒有那麼快. 最快的狀況大約是8M/1M. 算是有點失望. 雖然已經比中華電信好太多了.
這是安裝電視網路第一天的速度 :
將近8M/1M
這是今天晚上測試的速度 :
將近3M/1M.
真是很 Orz. 打電話給客服. 客服說線路有問題大約要一個禮拜後才修復. 一個禮拜那不就是將近1/4個月速度慢. 我相信ISP不會那麼仁慈.因為速度不夠而降價. T_T 我就在一個禮拜後, 看看他們有沒有改進摟.
這是公司網路的速度 9M/5.5M. 我真的是嬌生慣養慣了, 網路慢就會覺得很痛苦.
Cisco Switch debugging
06
Oct
檢查 interfaces 找看看有哪些異常. 下列斜體字就是基本該檢查的部份. e.g. reliability, Input queue, input / output rate, input errors, and so on..
cisco-3560#show interfaces
GigabitEthernet0/1 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is xxxx.xxxx.xxxx (bia xxxx.xxxx.xxxx)
Description: ‘UPLINK, TO UPLINK-G1/0/1′
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:25, output 00:00:00, output hang never
Last clearing of “show interface” counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4614000 bits/sec, 676 packets/sec
5 minute output rate 7537000 bits/sec, 732 packets/sec
1390054399 packets input, 3062338575 bytes, 0 no buffer
Received 320051 broadcasts (0 multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 320036 multicast, 0 pause input
0 input packets with dribble condition detected
3713836416 packets output, 2891595501 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
可以清除某個介面重新觀察.
cisco-3560#clear interface GigabitEthernet 0/1
檢查 CPU是否有過載.
cisco-3560#show processes cpu
CPU utilization for five seconds: 7%/2%; one minute: 7%; five minutes: 7%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 16 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 73 1280349 0 0.00% 0.00% 0.00% 0 Load Meter
3 0 1 0 0.00% 0.00% 0.00% 0 CEF IPC Backgrou
檢查是否有異常的logs?
cisco-3560#show logging
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
Howto: Configure Linux Virtual Local Area Network (VLAN)
03
Oct
情境 : 我想組態某台 Linux 的 eth0 網路介面可以帶 VLAN100 and VLAN500 的 tags.
解決方案 :
在 Cisco Switch 上要先設定該 Linux Port.
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 100,500
switchport mode trunk
!
如果要自動載入 VLAN 模組, 可於 /etc/sysconfig/network 檔案內加入下列參數 :
VLAN=yes
而在 Linux 上的 /etc/sysconfig/network-scripts, /etc/sysconfig/networking/devices 和 /etc/sysconfig/networking/profiles/default 目錄內各複製一份 ifcfg-eth0 為 ifcfg-eth0.100 與 ifcfg-eth0.500 檔案
編輯 ifcfg-eth0.100
DEVICE=eth1.100
BOOTPROTO=none
HWADDR=xx:xx:xx:xx:xx:xx
IPADDR=10.1.1.100
NETMASK=255.255.255.0
ONBOOT=yes
GATEWAY=10.1.1.254
TYPE=Ethernet
VLAN=yes
再編輯 ifcfg-eth0.500
DEVICE=eth1.500
BOOTPROTO=none
HWADDR=xx:xx:xx:xx:xx:xx
IPADDR=10.2.2.100
NETMASK=255.255.255.0
ONBOOT=yes
TYPE=Ethernet
VLAN=yes
然後重新起動網路
# /etc/rc.d/init.d/network restart
或是你想用 vconfig 指令設定也是可以, 只是每次重新開機都要再下一次指令. 請注意在使用 VLAN 前不要忘記把 802.1q module掛上去. 用下列指令載入 802.1q module
# modprobe 8021q
然後用下列指令加入 vlan tags :
# vconfig add eth0 100
# vconfig add eth0 500
下列指令設定ip :
# ifconfig eth0.100 10.1.1.100 netmask 255.255.255.0 broadcast 10.1.1.255 up
# ifconfig eth0.500 10.2.2.100 netmask 255.255.255.0 broadcast 10.2.2.255 up
記得下 route 指令查看是否有正確的預設閘道器 :
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.1.0 * 255.255.255.0 U 0 0 0 eth0.100
10.1.1.0 * 255.255.255.0 U 0 0 0 eth0
10.2.2.0 * 255.255.255.0 U 0 0 0 eth0.500
169.254.0.0 * 255.255.255.0 U 0 0 0 eth0
default 10.1.1.254 0.0.0.0 UG 0 0 0 eth0.100
這樣就完成了. 
如果要移除 VLAN100 & VLAN500就用下列命令
# ifconfig eth0.100 down
# ifconfig eth0.500 down
# vconfig rem eth0.100
# vconfig rem eth0.500
參考 :
Cisco – Port Channel (Trunk)
08
Jan
!
interface Port-channel1
description bcbay1
switchport access vlan 500
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet1/0/13
description bcbay1_1
switchport access vlan 500
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
speed 1000
no mdix auto
channel-group 1 mode on
!
interface GigabitEthernet1/0/14
description bcbay1_2
switchport access vlan 500
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
speed 1000
no mdix auto
channel-group 1 mode on
!
Bridge
11
Apr
From : http://linux-net.osdl.org/index.php/Bridge
A bridge is a way to connect two Ethernet segments together in a protocol independent way. Packets are forwarded based on Ethernet address, rather than IP address (like a router). Since forwarding is done at Layer 2, all protocols can go transparently through a bridge.
The Linux bridge code implements a subset of the ANSI/IEEE 802.1d standard. [1]. The original Linux bridging was first done in Linux 2.2, then rewritten by Lennert Buytenhek. The code for bridging has been integrated into 2.4 and 2.6 kernel series.
Bridging and Firewalling
A Linux bridge is more powerful than a pure hardware bridge because it can also filter and shape traffic. The combination of bridging and firewalling is done with the companion project ebtables.
Status
The code is updated as part of the 2.4 and 2.6 kernels available at kernel.org.
Possible future enhancements are:
Document STP filtering
Netlink interface to control bridges (prototype in 2.6.18)
STP should be in user space
Support RSTP and other 802.1d STP extensions
Downloading
Bridging is supported in the current 2.4 (and 2.6) kernels from all the major distributors. The required administration utilities are in the bridge-utils package in most distributions. Package releases are maintained on the Download page.
You can also build your own up to date version by getting the latest kernel from kernel.org and build the utilities based from the source code in bridge-utils GIT repository.
$ git clone git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/bridge-utils.git
$ cd bridge-utils
$ autoconf
$ ./configure
Kernel Configuration
You need to enable bridging in the kernel. Set “networking -> 802.1d Ethernet Bridging” to either yes or module
Creating a bridge device
The command
brctl addbr “bridgename”
creates a logical bridge instance with the name bridgename. You will need at least one logical instance to do any bridging at all. You can interpret the logical bridge as a container for the interfaces taking part in the bridging. Each bridging instance is represented by a new network interface.
The corresponding shutdown command is:
brctl delbr bridgename
Adding devices to a bridge
The command
brctl addif bridgename device
adds the network device device to take part in the bridging of “bridgename.” All the devices contained in a bridge act as one big network. It is not possible to add a device to multiple bridges or bridge a bridge device, because it just wouldn’t make any sense! The bridge will take a short amount of time when a device is added to learn the Ethernet addresses on the segment before starting to forward.
The corresponding command to take an interface out of the bridge is:
brctl delif bridgename device
Showing devices in a bridge
The brctl show command gives you a summary about the overall bridge status, and the instances running as shown below:
# brctl addbr br549
# brctl addif br549 eth0
# brctl addif br549 eth1
# brctl show
bridge name bridge id STP enabled interfaces
br549 8000.00004c9f0bd2 no eth0
eth1
Once a bridge is running the brctl showmacs will show information about network addresses of traffic being forwarded (and the bridge itself).
# brctl showmacs br549
port no mac addr is local? ageing timer
1 00:00:4c:9f:0b:ae no 17.84
1 00:00:4c:9f:0b:d2 yes 0.00
2 00:00:4c:9f:0b:d3 yes 0.00
1 00:02:55:1a:35:09 no 53.84
1 00:02:55:1a:82:87 no 11.53
…
The aging time is the number of seconds a MAC address will be kept in the forwarding database after having received a packet from this MAC address. The entries in the forwarding database are periodically timed out to ensure they won’t stay around forever. Normally there should be no need to modify this parameter, but it can be changed with (time is in seconds).
# brctl setageing bridgename time
Setting ageing time to zero makes all entries permanent.
Spanning Tree Protocol
If you are running multiple or redundant bridges, then you need to enable the Spanning Tree Protocol (STP) to handle multiple hops and avoid cyclic routes.
# brctl stp br549 on
Sample setup
The basic setup of a bridge is done like:
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
# brctl addbr mybridge
# brctl addif mybridge eth0
# brctl addif mybridge eth1
# ifconfig mybridge up
This will set the host up as a pure bridge, it will not have an IP address for itself, so it can not be remotely accessed (or hacked) via TCP/IP.
Optionally you can configure the virtual interface mybridge to take part in your network. It behaves like one interface (like a normal network card). Exactly that way you configure it, replacing the previous command with something like:
# ifconfig mybridge 192.168.100.5 netmask 255.255.255.0
If you want your bridge to automatically get its IP address from the ADSL modem via DHCP (or a similar configuration), do this:
# ifconfig eth0 0.0.0.0
# ifconfig eth1 0.0.0.0
# brctl addbr mybridge
# brctl addif mybridge eth0
# brctl addif mybridge eth1
# dhclient mybridge
If you do this many times, you may end up with lots of dhclient processes. Either kill them impolitely or learn about omshell(1).