Wednesday, September 11, 2024

EVE-NG GUI not working

 systemctl restart apache2

systemctl restart tomcat9

at No comments:

Wednesday, September 4, 2024

eve-ng NAT cloud not giving IP via DHCP

 find /etc -type f | xargs grep "172.29.129"

which gave me
/etc/udhcpd.conf:start 172.29.129.1 #default: 192.168.0.20
/etc/udhcpd.conf:end 172.29.129.253 #default: 192.168.0.254
/etc/udhcpd.conf:opt router 172.29.129.254

so now I know that the process is called udhcpd. Then did a
systemctl restart udhcpd

and now I'm getting an IP.



at No comments:

Monday, September 2, 2024

eve-ng c8000v image gives white console after template push

 Issue Cause: When vManage controls the cEdge, it change the CLI from "platform console serial" to "platform console virtual", once it changed, you lost the eve-ng console.

Following is what you need to do:

a) Create a CLI Add-On feature template, add "platform console serial" to the template

b) Associate this add-on template to the device template under the Additional Templates Section

c) Reboot your cEdge, then that fix the issue

at No comments:

Thursday, May 2, 2024

IP Public subnets blocks

All blocks as big as possible except RFC1918

0.0.0.0/5
8.0.0.0/7
11.0.0.0/8
12.0.0.0/6
16.0.0.0/4
32.0.0.0/3
64.0.0.0/2
128.0.0.0/3
160.0.0.0/5
168.0.0.0/6
172.0.0.0/12
172.32.0.0/11
172.64.0.0/10
172.128.0.0/9
173.0.0.0/8
174.0.0.0/7
176.0.0.0/4
192.0.0.0/9
192.128.0.0/11
192.160.0.0/13
192.169.0.0/16
192.170.0.0/15
192.172.0.0/14
192.176.0.0/12
192.192.0.0/10
193.0.0.0/8
194.0.0.0/7
196.0.0.0/6
200.0.0.0/5
208.0.0.0/4

Blocks split in half

0.0.0.0/6
4.0.0.0/6
8.0.0.0/8
9.0.0.0/8
11.0.0.0/9
11.128.0.0/9
12.0.0.0/7
14.0.0.0/7
16.0.0.0/5
24.0.0.0/5
32.0.0.0/4
48.0.0.0/4
64.0.0.0/3
96.0.0.0/3
128.0.0.0/4
144.0.0.0/4
160.0.0.0/6
164.0.0.0/6
168.0.0.0/7
170.0.0.0/7
172.0.0.0/13
172.8.0.0/13
172.32.0.0/12
172.48.0.0/12
172.64.0.0/11
172.96.0.0/11
172.128.0.0/10
172.192.0.0/10
173.0.0.0/9
173.128.0.0/9
174.0.0.0/8
175.0.0.0/8
176.0.0.0/5
184.0.0.0/5
192.0.0.0/10
192.64.0.0/10
192.128.0.0/12
192.144.0.0/12
192.160.0.0/14
192.164.0.0/14
192.169.0.0/17
192.169.128.0/17
192.170.0.0/16
192.171.0.0/16
192.172.0.0/15
192.174.0.0/15
192.176.0.0/13
192.184.0.0/13
192.192.0.0/11
192.224.0.0/11
193.0.0.0/9
193.128.0.0/9
194.0.0.0/8
195.0.0.0/8
196.0.0.0/7
198.0.0.0/7
200.0.0.0/6
204.0.0.0/6
208.0.0.0/5
216.0.0.0/5




ip route vrf 1 0.0.0.0 248.0.0.0 Null0
ip route vrf 1 8.0.0.0 254.0.0.0 Null0
ip route vrf 1 11.0.0.0 255.0.0.0 Null0
ip route vrf 1 12.0.0.0 252.0.0.0 Null0
ip route vrf 1 16.0.0.0 240.0.0.0 Null0
ip route vrf 1 32.0.0.0 224.0.0.0 Null0
ip route vrf 1 64.0.0.0 192.0.0.0 Null0
ip route vrf 1 128.0.0.0 224.0.0.0 Null0
ip route vrf 1 160.0.0.0 248.0.0.0 Null0
ip route vrf 1 168.0.0.0 252.0.0.0 Null0
ip route vrf 1 172.0.0.0 255.240.0.0 Null0
ip route vrf 1 172.32.0.0 255.224.0.0 Null0
ip route vrf 1 172.64.0.0 255.192.0.0 Null0
ip route vrf 1 172.128.0.0 255.128.0.0 Null0
ip route vrf 1 173.0.0.0 255.0.0.0 Null0
ip route vrf 1 174.0.0.0 254.0.0.0 Null0
ip route vrf 1 176.0.0.0 240.0.0.0 Null0
ip route vrf 1 192.0.0.0 255.128.0.0 Null0
ip route vrf 1 192.128.0.0 255.224.0.0 Null0
ip route vrf 1 192.160.0.0 255.248.0.0 Null0
ip route vrf 1 192.169.0.0 255.255.0.0 Null0
ip route vrf 1 192.170.0.0 255.254.0.0 Null0
ip route vrf 1 192.172.0.0 255.252.0.0 Null0
ip route vrf 1 192.176.0.0 255.240.0.0 Null0
ip route vrf 1 192.192.0.0 255.192.0.0 Null0
ip route vrf 1 193.0.0.0 255.0.0.0 Null0
ip route vrf 1 194.0.0.0 254.0.0.0 Null0
ip route vrf 1 196.0.0.0 252.0.0.0 Null0
ip route vrf 1 200.0.0.0 248.0.0.0 Null0
ip route vrf 1 208.0.0.0 240.0.0.0 Null0


ip route vrf 1 0.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 4.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 8.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 9.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 11.0.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 11.128.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 12.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 14.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 16.0.0.0 248.0.0.0 Tunnel100592
ip route vrf 1 24.0.0.0 248.0.0.0 Tunnel100592
ip route vrf 1 32.0.0.0 240.0.0.0 Tunnel100592
ip route vrf 1 48.0.0.0 240.0.0.0 Tunnel100592
ip route vrf 1 64.0.0.0 224.0.0.0 Tunnel100592
ip route vrf 1 96.0.0.0 224.0.0.0 Tunnel100592
ip route vrf 1 128.0.0.0 240.0.0.0 Tunnel100592
ip route vrf 1 144.0.0.0 240.0.0.0 Tunnel100592
ip route vrf 1 160.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 164.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 168.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 170.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 172.0.0.0 255.248.0.0 Tunnel100592
ip route vrf 1 172.8.0.0 255.248.0.0 Tunnel100592
ip route vrf 1 172.32.0.0 255.240.0.0 Tunnel100592
ip route vrf 1 172.48.0.0 255.240.0.0 Tunnel100592
ip route vrf 1 172.64.0.0 255.224.0.0 Tunnel100592
ip route vrf 1 172.96.0.0 255.224.0.0 Tunnel100592
ip route vrf 1 172.128.0.0 255.192.0.0 Tunnel100592
ip route vrf 1 172.192.0.0 255.192.0.0 Tunnel100592
ip route vrf 1 173.0.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 173.128.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 174.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 175.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 176.0.0.0 248.0.0.0 Tunnel100592
ip route vrf 1 184.0.0.0 248.0.0.0 Tunnel100592
ip route vrf 1 192.0.0.0 255.192.0.0 Tunnel100592
ip route vrf 1 192.64.0.0 255.192.0.0 Tunnel100592
ip route vrf 1 192.128.0.0 255.240.0.0 Tunnel100592
ip route vrf 1 192.144.0.0 255.240.0.0 Tunnel100592
ip route vrf 1 192.160.0.0 255.252.0.0 Tunnel100592
ip route vrf 1 192.164.0.0 255.252.0.0 Tunnel100592
ip route vrf 1 192.169.0.0 255.255.128.0 Tunnel100592
ip route vrf 1 192.169.128.0 255.255.128.0 Tunnel100592
ip route vrf 1 192.170.0.0 255.255.0.0 Tunnel100592
ip route vrf 1 192.171.0.0 255.255.0.0 Tunnel100592
ip route vrf 1 192.172.0.0 255.254.0.0 Tunnel100592
ip route vrf 1 192.174.0.0 255.254.0.0 Tunnel100592
ip route vrf 1 192.176.0.0 255.248.0.0 Tunnel100592
ip route vrf 1 192.184.0.0 255.248.0.0 Tunnel100592
ip route vrf 1 192.192.0.0 255.224.0.0 Tunnel100592
ip route vrf 1 192.224.0.0 255.224.0.0 Tunnel100592
ip route vrf 1 193.0.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 193.128.0.0 255.128.0.0 Tunnel100592
ip route vrf 1 194.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 195.0.0.0 255.0.0.0 Tunnel100592
ip route vrf 1 196.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 198.0.0.0 254.0.0.0 Tunnel100592
ip route vrf 1 200.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 204.0.0.0 252.0.0.0 Tunnel100592
ip route vrf 1 208.0.0.0 248.0.0.0 Tunnel100592
ip route vrf 1 216.0.0.0 248.0.0.0 Tunnel100592

ip prefix-list PUBLIC-SUBNETS seq 1 permit 0.0.0.0/5
ip prefix-list PUBLIC-SUBNETS seq 2 permit 8.0.0.0/7
ip prefix-list PUBLIC-SUBNETS seq 3 permit 11.0.0.0/8
ip prefix-list PUBLIC-SUBNETS seq 4 permit 12.0.0.0/6
ip prefix-list PUBLIC-SUBNETS seq 5 permit 16.0.0.0/4
ip prefix-list PUBLIC-SUBNETS seq 6 permit 32.0.0.0/3
ip prefix-list PUBLIC-SUBNETS seq 7 permit 64.0.0.0/2
ip prefix-list PUBLIC-SUBNETS seq 8 permit 128.0.0.0/3
ip prefix-list PUBLIC-SUBNETS seq 9 permit 160.0.0.0/5
ip prefix-list PUBLIC-SUBNETS seq 10 permit 168.0.0.0/6
ip prefix-list PUBLIC-SUBNETS seq 11 permit 172.0.0.0/12
ip prefix-list PUBLIC-SUBNETS seq 12 permit 172.32.0.0/11
ip prefix-list PUBLIC-SUBNETS seq 13 permit 172.64.0.0/10
ip prefix-list PUBLIC-SUBNETS seq 14 permit 172.128.0.0/9
ip prefix-list PUBLIC-SUBNETS seq 15 permit 173.0.0.0/8
ip prefix-list PUBLIC-SUBNETS seq 16 permit 174.0.0.0/7
ip prefix-list PUBLIC-SUBNETS seq 17 permit 176.0.0.0/4
ip prefix-list PUBLIC-SUBNETS seq 18 permit 192.0.0.0/9
ip prefix-list PUBLIC-SUBNETS seq 19 permit 192.128.0.0/11
ip prefix-list PUBLIC-SUBNETS seq 20 permit 192.160.0.0/13
ip prefix-list PUBLIC-SUBNETS seq 21 permit 192.169.0.0/16
ip prefix-list PUBLIC-SUBNETS seq 22 permit 192.170.0.0/15
ip prefix-list PUBLIC-SUBNETS seq 23 permit 192.172.0.0/14
ip prefix-list PUBLIC-SUBNETS seq 24 permit 192.176.0.0/12
ip prefix-list PUBLIC-SUBNETS seq 25 permit 192.192.0.0/10
ip prefix-list PUBLIC-SUBNETS seq 26 permit 193.0.0.0/8
ip prefix-list PUBLIC-SUBNETS seq 27 permit 194.0.0.0/7
ip prefix-list PUBLIC-SUBNETS seq 28 permit 196.0.0.0/6
ip prefix-list PUBLIC-SUBNETS seq 29 permit 200.0.0.0/5
ip prefix-list PUBLIC-SUBNETS seq 30 permit 208.0.0.0/4

at No comments:

Tuesday, April 23, 2024

IP Fragmentation

Some basic info

Ethernet header is 14bytes
TCP header is 40byes
standard IP MTU is 1500bytes



DF is not set 

find MTU of source

powershell to see max MTU of win11:

netsh interface ipv4 show interfaces 


Send some test traffic that is bigger than the MTU of the source

ping -l 1600 <destination>


Check with wireshark at destination

fragmented in 2 packets

first packet


second packet


DF is set


Send some test traffic that is bigger than the MTU of the source 

ping -l 1600 -f <destination>

packet will be dropped at the laptop




at No comments:

Tuesday, March 26, 2024

Wireshark display GRE packets

 

display filter ip.proto == 47

Add colummn with the following details:






at No comments:

Friday, February 23, 2024

VRF Route leaking via static routes

R1
10.170.138.14
|
|
Gi1/9-10.170.138.13
SW001(VRF INTERNET)
|
SW001(GLOBAL)
|
SW001(VRF ATT)
Gi1/2-10.170.137.2
|
|
Gi1/1-10.170.137.1
Router
|
|
network
|
|
10.0.29.3

To achieve this, we do vrf route leaking via static routes. It is not possible to leak directly between to vrfs, but it is possible between vrf and global in both directions.

On SW001:
VRF INTERNET (leak destination to global)
ip route vrf INTERNET 10.0.29.3 255.255.255.255 10.170.137.1 global

VRF ATT (leak source to global)
ip route vrf ATT 10.170.138.14 255.255.255.255 10.170.138.14 global

GLOBAL (static route to next-hops defined in static routes above)
ip route 10.170.137.1 255.255.255.255 GigabitEthernet1/2
ip route 10.170.138.14 255.255.255.255 GigabitEthernet1/9


at No comments:

Wednesday, February 21, 2024

NAT and PAT on ASA

 Best reference

https://www.practicalnetworking.net/stand-alone/cisco-asa-nat/

at No comments:

Saturday, February 3, 2024

mac securecrt send cisco break to rommon

 in securecrt configure session with VT220 keyboard mapping and press F5 continuously when the router boots.

at No comments:

Wednesday, January 31, 2024

OpenWRT linksys with TC and NETEM

 

install openwrt on e4200v2 

Open ssh and http on the WAN (disable firewall)

Via GUI of openwrt (LuCi) install tc-full and kmod-netem

Inject some delay:

tc qdisc add dev internet root netem delay 10ms

Disable delay:

tc qdisc del dev internet root

tc -s qdisc ls dev internet

at No comments:

Sunday, January 7, 2024

vmware esxi letsencrypt certificate

 Good info on how to install ssl certificate on esxi

(note that I run 6.5 which only seems to work with w2c 1.0.0)

https://github.com/w2c/letsencrypt-esxi/wiki/Installation-via-Web-UI

https://www.it-connect.fr/vmware-esxi-lets-encrypt-la-solution-pour-obtenir-un-certificat-ssl-gratuit/

at No comments:
Subscribe to: Comments (Atom)

YAML Files for ESP32

 Gree Versati III https://gist.github.com/slanckma/3bad4ff49545488a3719766bdf0cdc76 TUF-2000M Water flow sensor https://gist.github.com/slan...

  • eve-ng : When a node won't start
      /var/log/syslog shows: Jun 18 11:21:18 labusraeveng01 iol_wrapper[105334]: 18/5 15:21:18.639 ERR#011Error while connecting local AF_UNIX: ...
  • OpenWRT linksys with TC and NETEM
      install openwrt on e4200v2  Open ssh and http on the WAN (disable firewall) Via GUI of openwrt (LuCi) install tc-full and kmod-netem Injec...
  • Arista Zero Touch Provisioning
    zerotouch cancel -> only for current uptime (reload will start ZTP again) zerotouch disable -> forever to reenable zerotouch do: ...