Category: Uncategorized

Fun-Day Friday – Book Review – Networking for Systems Administrators chapter 3

This chapter is all about “Layer 3” (or the “Network Layer.”) Where Ethernet requires a MAC address to know where to send frames, Layer 3 in TCP/IP systems is the “IP address” layer. Addressing is either going to be IP version 4, or IP version 6. This is either a 32bit or 128bit number. Lucas mentions the Dynamic Host Configuration Protocol (DHCP) often used by workstations, versus statically setting an IP as you would do on a system that is designed to be a server.

He explains the notations used to represent the addresses. The most common notation for IPv4 is the dotted quad, which is four decimal numbers from 0 to 255, separated by a “dot.” He goes into how applying a “subnet mask” allows us to cut a network into smaller “subnet” networks. All addresses on the same subnet are able to talk to each other directly. Any address that wants to talk to an address outside of its subnet MUST go through a router first.

He covers the Classless Inter-Domain Routing notation, which applies the number of bits in the subnet mask to the end of the address to represent the network, rather than giving the IP and subnet addresses separately. There’s a handy chart for this on page 47.

There is a brief discussion about multi-homing, the loopback, and private networks with network address translations (NAT.) He covers a few tools to inspect, configure, and troubleshoot IP, including traceroute, ping, ifconfig, and netstat.

Next, Lucas introduces IPv6, which are often depicted as a colon separated list of alpha-numeric characters. The address is up to eight sets of four hexadecimal numbers. This represents 16 bits per set between the colons. Because this is cumbersome, shorthand notation may be used. Leading zeros from a hex section may be removed from the notation. This means a section of all zeros may be empty, so you get two colons back to back. Multiple sets of zeros may be “squeezed out” to just a single “double colon” set. Because of this special shorthand notation, only do a double colon ONCE per IP address.

IPv6 has an “autoconfiguration” facility, which allows clients to learn their IP address, as well as the router’s IP address. This facility works for a /64 network, and the protocol is “router discovery.” It doesn’t allow for assigning DNS servers, so DHCPv6 may still be necessary.

The “localhost” address in IPv6 has a special notation. The “::1” shorthand represents this loopback address.

Another special case in IPv6 is the “link-local” address. This is an auto-configured network address that begins with “fe8.” Each interface gets its own link-local, and they can be the same IP, so the OS attaches the interface name to the address. All IPv6 hosts on the same ethernet network can find each other through link-local communications. A link-local address usually appears with a “%” (percent sign) and the interface name or number at the end of the address.

The rest of the chapter includes the same troubleshooting, inspection, and configuration tools as the IPv4 sections, as well as some discussion on IPv6 tunneling (usually used to test IPv6 when your ISP doesn’t offer it yet,) as well as some discussion on how some operating systems decide which addressing to use by default, and when, where, and why you might choose to use IPv4 or IPv6 in your environment.

The next chapter will cover the TCP/IP “transport” layer (Layer 4.)

Fun-Day Friday – Book Review – Networking for Systems Administrators chapter 2

Chapter 2 focuses specifically on how Ethernet works.

From defining broadcast domains to dealing with ethernet frame MAC addressing, he begins with the foundational basics.  He talks about duplex and speed for negotiating the connection, which both sides of the link need to agree upon.

He explains MTU (maximum transmission unit) and why mucking with reducing it below the default is almost certainly going to be problematic.  He also suggests ways to deal with situations where you can’t help but do so.

Lucas follows up with a quick explanation about the differences in category numbering for the wires that handle the transmissions.  The higher the number, the better, but higher costs can be prohibitive.  Work with what you can, but plan for higher when you can.

He moves into a quick explanation for using several troubleshooting tools, such as ping, arp, and “neighborhood discovery” (ND.)

Finally, he covers Virtual LANs (VLANs) to add a tag to an Ethernet Frame.  This allows traffic for multiple networks to flow over a single cable, without confusing where the packet should go.

He sprinkles in some more troubleshooting tools such as netstat, as well as tools to configure the ethernet layer (ifconfig and ethtool,) before closing the chapter out.

This chapter is important for the fundamentals of the “Data Link” layer (and to some extent the Physical Layer.)  Next week’s chapter covers “Layer 3” (Network Layer.)  This is mostly the “IP” layer in “TCP/IP” terms.

Thanks for reading!

Fun-Day Friday – Book Review – Networking for Systems Administrators chapter 1

Continuing our review of “Networking for Systems Administrators” by Michael W. Lucas, we’ll roll right into Chapter 1.

This chapter focuses on thinking in layers.  There are different network layer models, including the 7 layer OSI model, but Lucas says you really only need 5 layers to represent the network.  There’s the 4 layers of the TCP/IP model, but he splits the lowest layer into the Physical and DataLink layers.  This matches the OSI model’s way of presenting those layers.

The OSI Session, Presentation, and Application layers are all lumped under the TCP/IP “Application Layer.”  Lucas calls this the “your stuff” layer, and it’s true.  The Network Admins won’t really care much beyond the Transport Layer when troubleshooting.

Speaking of troubleshooting, identifying the lowest layer that is broken is crucial for this.  Fix that layer first, and most (if not all) of the other layers will likely start working again.  And those that don’t, go with the next lowest layer, and work your way up.

The rest of the chapter covers specific troubleshooting techniques for each of the lower layers, with a promise for more in depth troubleshooting discussion later in the book.

This chapter is short, but critical for laying the ground work.  Understanding these layers is one of the most important things to know for network troubleshooting.

Fun-Day Friday – Book Review – Networking for Systems Administrators chapter 0

The lack of votes has been heard, tallied, and respected.  The winner is “book reviews” each Friday for a while.  I decided to do a chapter by chapter review, though I may include multiple chapters in any given review as we move along.

Our first book will be “Netowrking for Systems Administrators” by (surprise) Michael W. Lucas.

Since this book has a “Chapter 0,” we’ll just cover it, today.

This chapter is an introduction chapter, which addresses whom the book is for (systems administrators, DBAs, web administrators, developers, and other computing professionals.)  It also includes a note to network administrators to explain what will and will not be covered, since the size of the book is limited.

After the niceties are covered, he defines what he means by “server” versus “network device.”  The distinctions are important for the argumentative people that look for ways to nitpick.

Next, he covers a slew of basic network troubleshooting and analysis tools that are common across multiple operating systems to ensure that the reader can go ahead and get comfortable with looking for and trying out these tools if they aren’t already somewhat familiar with them.

Tools that range from basic “host,” “nslookup,” and “netstat” commands to advanced “tcpdump,” and “wireshark” commands are listed for the user to learn.

Finally, he does his best to give a very brief overview of how the remaining chapters break down.  There are two groups of chapters mentioned.  Chapters 1 through 6 cover technologies that systems administrators really should know.  Chapters 7 through 12 cover inspecting network information passively as well as actively probing the network for troubleshooting and analysis.

Lucas’ calculated humor is definitely present, and my initial take on the book (I’ve read the whole thing, just reviewing on chapter today) is that every IT professional should own a copy of this book.

Fun-Day Friday – What to do with the Friday slot

Since I’m in the process of standing up a second site for my “non-tech” hobbies and activities, I’m thinking the Friday post should morph into something else.  I’m leaning toward a book review system where I review one chapter at a time from a book, or just review the entire book.  These would all be technical books on systems administration, programming, information security, etc.

Now is your chance to suggest something different.  If nobody drops a comment / suggestion before next Friday, I’ll probably start the new book review routine right away.

I’ll still post a reminder that I have “other content” pointing to the other site on semi-rare basis, but splitting the content into two sites makes sense to me.

Let me know what you think.  Do you support this direction?  Would you prefer some other type of content?  Are there any topics you’d like to see covered that haven’t been, besides “just finish the SSH series, already?”

Comment here, and I’ll review my strategy.

Thanks for reading!

No content today

Sorry for flaking out on this, again.  I did get to walk the almost 30 acre property on Saturday.  It rained a little while we were walking it.  It also got really cold.  And then Sunday, this thing I wasn’t prepared for happened.  Daylight savings time hit.  Between the walk, the cold, and the loss of an hour in my day, which has my internal clock all jacked up, I did not get anything done toward the Yubikey/GnuPG problem this weekend.  That’s all on me.

I did begin work on separating out the “non tech” stuff from the site a little, though.  I’ll have a site up for the Permaculture and non-tech hobby contents in a week or two, so those of you that are bothered by this won’t get so much of it, moving forward.

Wednesday will definitely have content, though.  I’ll cover the new Hak5 Bash Bunny, share some pics of the device, and talk a bit about configuration and usage.

Fun-Day Friday – On Permaculture and observation

Without going into too many details, my email subscribers got a note about the importance of “knowing your baselines.”  Another way to say this is, “observe your system.”  One of the pinnacle lessons of Permaculture is to observe before you design.  When you are doing a design for someone else, this is more difficult to do, but you can eek out how much the client has observed, and use that as a guide, in most cases.

Observation lets you pick out what looks like minor details that might significantly impact the system design as a whole, especially if overlooked.  For example, a “wet weather stream” may not be obvious unless it is actually raining.  There are signs that indicate that a seasonal stream may be present, but unless you witness the event, you may overlook it.  When you go to design your system, if you accidentally place a structure or earthwork in a manner that disrupts the stream, it may be disastrous in a heavy rainstorm during the Spring flood events.

This weekend, I have the privilege of walking a property for a Permaculture consultation client.  I know there is at least one stream on the property, as well as an established pond.  It is supposed to rain.  I’m hoping it’ll rain near the end of the walk, and that I can observe for a while to see how the water flows.  Water movement is one of the most important things to design to control, and the end goal is (usually) to keep every drop of water on the property as long as possible without disrupting the downstream neighbors.

I’m excited to do a design again, and looking forward to getting back to spending some time just enjoying nature for a bit.

I’m still going to focus on the GnuPG problem, though.  My hope is that I have a working solution by Monday.  We shall see.

Fun-Day Friday – Lab projects summary

I thought I’d just give a brief list of what the priorities are for the Lab in the next week or two.

First and foremost is finishing up the write-up on using GnuPG gpg-agent for ssh from a Yubikey 4 token.  I’ve just about got the details finished up, so this should be ready by Monday.

A Hak5 Bash Bunny has been ordered, and should arrive by Wednesday.  I’ll probably cover a different piece of equipment that day, since it won’t quite be in hand, yet, but the following Wednesday will likely cover this new gadget.

Not tech related, but I have a Permaculture consultation I’ve been approached about.  I’ll be working on the initial few very rough designs for the property.

This weekend is the local HAM Fest.  Unfortunately, I won’t be able to attend this time.  I was going to be in the market for a new radio OR a new APRS TNC, but those will have to wait since we recently had a minor hit to our budget getting everyone over being sick.

We’ll probably do another Family Game Night this weekend, assuming time permits, and people are feeling up for it.

That’s about it.  Whatever you do, I hope it has an element of fun and an element of learning.  Those are what keep life interesting.

Fun-Day Friday – Still sick

So some of you already know that I got sick.  We checked my temps right after I finished up yesterday’s email content for the mail subscribers, and I was running 101.1F, apparently.

The best part about having a large family is the puppy pile of kids you get when you complain about feeling cold.

And I’m going to cut this post short, before I get completely incoherent with it, since I’m still running a low grade as I type, and I’m a touch light headed.  The emonlaid helps.