Consolidated notes on little experiments covering some topcis of my passion including

Internet Routing (BGP, Anycasting), Network Security , Automation and Devops(Python, Ansible, Docker) && *.*

Courtesy to draw.io, Click Here for the network diagram of simple home lab, where I have been trying these out. Link to old/previous lab setup.

Lab research/experiments.

01.
03.

Using EBTables to prevent un-authorized mounts and it's benefits over IPTables

Lab/POC on an un-authorized access on a restricted NFS mount and prevent the same using ebtables.

04.

Basic configuration steps (VLAN/Routing) on Cisco 3560 L3 Switch.

Configuration of Layer-3 Switches

05.

Basics on MTU, PMTU, MSS , ICMP and so on..

IP Fragmentation and PMTU discovery over ICMP

06.
07.

Open Source Project: Oracle RMAN Backup Solution

Oracle RMAN Backup Solution (Open Source)

Quick references

01.

Performance.

top - z (Color) , C (Absoulte Path), x (Highlight Sorted column), b (Highlight Sorted Column ), u (User filter),P ( Sort by CPU),M (Sort by Memory),m (Memory bar), V (Forest Mode), O (%MEM > 1, %CPU >1 etc.), "=" to clear all filters, save this with W, ps , dstat, ss, lsof, fuser, stress

02.

Networking.

traceroute, tracepath, mtr, nmap, nc, ss, netcat, stress, hping3, SlowHTTPTest, curl, wget, hulk, slowloris, nping, thousandeyes, whois, bgpreader.

03.

Troubleshooting

setroubleshootd, gdb, strace, jrcmd, bash -x or bash -v, /usr/sbin/sshd -d -p99 (Trigger sshd on a different port), python -m SimpleHTTPServer 8000 to run a simple HTTP Server, Debug NFS using automountd -f d , Use setcap CAP_NET_BIND_SERVICE=+eip /path/to/binary to bind on low numbered ports.

04.

Protocols

GRE (20 IP + 4 Bytes GRE), TCP/IP (20 + 20 Bytes), QUIC, SPDY, HTTP2, TLS3.

05.

IPv6, RFC's

:: equals ipv4 0.0.0.0 and ::/0 is equal to 0.0.0.0/0 
(Default Route).  2000::/3 is Global Unicast Address, 
fc00::/10 is Unique Local Address 

(RFC4193, like RFC1918), fe80::/64 - Link-Local 
address (Auto configured for every device), 
ff00::/8 - Multicast - equivalent to 224.0.0.0/4. 

There is no broadcast address in IPv6. 

ping6 ff02::1 is a multicast address which will
send packet all local-links.

ff02::1:2 is all-dhcp-servers link-local 
multicast group and ff02::2 is all-routers 
link-local multicast group 

RFC3927
IETF reserved 169.254.0.0/16 as a link
local address and fe80::/10 for IPv6. 

RFC1918
Defines private address space (non-routable)
10.0.0.0/8 , 172.16.0.0/12, 192.168.0.0/16.

RFC6598
Used by IANA to reserve CGN 
(Carrier Grade Network Space): 100.64.0.0/10 

	

Load Average vs CPU Percentage.

Source: Reference
"A four-processor machine can be visualized as a four-lane freeway. Each lane provides the path on which instructions can execute. A vehicle can represent those instructions. Additionally, there are vehicles on the entrance lanes ready to travel down the freeway, and the four lanes either are ready to accommodate that demand or they're not. If all freeway lanes are jammed, the cars entering have to wait for an opening. If we now apply the CPU percentage and CPU load-average measurements to this situation, percentage examines the relative amount of time each vehicle was found occupying a freeway lane, which inherently ignores the pent-up demand for the freeway—that is, the cars lined up on the entrances. So, for example, vehicle license XYZ 123 was found on the freeway 30% of the sampling time. Vehicle license ABC 987 was found on the freeway 14% of the time. That gives a picture of how each vehicle is utilizing the freeway, but it does not indicate demand for the freeway. Moreover, the percentage of time these vehicles are found on the freeway tells us nothing about the overall traffic pattern except, perhaps, that they are taking longer to get to their destination than they would like. Thus, we probably would suspect some sort of a jam, but the CPU percentage would not tell us for sure. The load averages, on the other hand, would. This brings us to the point. It is the overall traffic pattern of the freeway itself that gives us the best picture of the traffic situation, not merely how often cars are found occupying lanes. The load average gives us that view because it includes the cars that are queuing up to get on the freeway. It could be the case that it is a nonrush-hour time of day, and there is little demand for the freeway, but there just happens to be a lot of cars on the road. The CPU percentage shows us how much the cars are using the freeway, but the load averages show us the whole picture, including pent-up demand. Even more interesting, the more recent that pent-up demand is, the more the load-average value reflects it. Taking the discussion back to the machinery at hand, the load averages tell us by increasing duration whether our physical CPUs are over- or under-utilized. The point of perfect utilization, meaning that the CPUs are always busy and, yet, no process ever waits for one, is the average matching the number of CPUs. If there are four CPUs on a machine and the reported one-minute load average is 4.00, the machine has been utilizing its processors perfectly for the last 60 seconds. This understanding can be extrapolated to the 5- and 15-minute averages. "

FAQ


Block Storage vs Disk Storage.

Carriage Return vs Linefeed vs Form Feed.

Carriage return means to return to the beginning of the current line without advancing downward. The name comes from a printer's carriage, as monitors were rare when the name was coined. This is commonly escaped as "\r", abbreviated CR, and has ASCII value 13 or 0x0D.

Linefeed means to advance downward to the next line; however, it has been repurposed and renamed. Used as "newline", it terminates lines (commonly confused with separating lines). This is commonly escaped as "\n", abbreviated LF or NL, and has ASCII value 10 or 0x0A. CRLF (but not CRNL) is used for the pair "\r\n".

Form feed means advance downward to the next "page". It was commonly used as page separators, but now is also used as section separators. (It's uncommonly used in source code to divide logically independent functions or groups of functions.) Text editors can use this character when you "insert a page break". This is commonly escaped as "\f", abbreviated FF, and has ASCII value 12 or 0x0C.

setuid vs setguid vs stickybit

setuid : Set's the users id upon execution, a process is executed with the privileges of the the owner of the process than the user who is executing it. Example is 'su', more can be found using find / -perm -4000. The setuid permission displayed as an “s” in the owner’s execute field and isn't applicable to directories.

setgid : This is similar to setuid, except that when a script/command with setguid bit set is ran, the privilege is elevated to the groups permissions than the user who is executing it. Example : /usr/bin/wall. This is also used for group collabration.

stickybit: chmod 1755, which is used in shared directories for eg. /tmp. where only the owner who created the file can delete the file even if the directory has 777 permissions on it, directory permission will have rwxrwxrwt ( T - means execute permissions are off.)

Paranthesis vs Square Brackets.

#(( double open paranthesis )) for arithmetic, [ square brackets for conditionl expression ], [[ double square paranthesis for regular expressions like =~ ]]

[root@server1 rpm-gpg]# echo $((1+4))
5

[root@server1 rpm-gpg]# [ $(date +%d -d -100days) -le 30 ] && echo "Test passed"
Test passed

[root@server1 rpm-gpg]# if  [[ "xyz" =~ "x" ]]; then echo "True" ; fi
True

#Expressions : == looks for exact string equality vs eq looks for arithmetic equality.

[root@rhce4 ~]#  [ " 1 " == 1 ]  && echo equal || echo not
not

[root@rhce4 ~]#  [ " 1 " -eq 1 ]  && echo equal || echo not
equal

# Schedule a cron to execute on first sunday of every month.
0 2 * * sun  [ $(date +%d) -le 07 ] && /script/script.sh

When you specify */5 in minute field means every 5 minutes.
When you specify 0-10/2 in minute field mean every 2 minutes in the first 10 minute.


ASN, BGP, whois/radb

Quick options to set on ~/.screenrc, ~/.muttrc, ~/.bashrc

vim ex and visual modes


Be ambitious...

Do not believe in anything simply because you have heard it.

Stay curious...

Do not believe in anything simply because it is spoken and rumored by many.

Pursue dreams..

Do not believe in anything simply because it is found written in your religious books.

Stand unique..

Do not believe in anything merely on the authority of your teachers and elders.

Follow your passion..

Do not believe in traditions because they have been handed down for many generations.

Strive for perfection..

But after observation and analysis, when you find that anything agrees with reason and is conducive to the good and benefit of one and all, then accept it and live up to it.

" Buddha "