вторник, 12 июля 2011 г.

Performance Monitoring on Solaris

Очень часто господа системные администраторы сталкиваются с проблемой просмотра загрузки операционной системы, и если большинству в общем то знакомы системы мониторинга на стандартных операционных системах, то в системе Solaris - это часто вызывает много вопросов и сомнений, особенно в выводах команд пугающих своими цифрами. Сегодня попробуем немного в этом разобраться.
Первоначально нас интересует три вопроса, рассмотрим их по порядку:
1. Что влияет на производительность системы?
  • Память 
  • Процессор
  • Диск
  • Сеть
2. Общие случаи возникновения проблем с производительностью
  • Недостаточные нагрузочные тесты производительности приводит к нерасчитанным нагрузкам на существующую систему
  • Появление недостатка системных ресурсов в результате увеличения нагрузки на существующее приложение
  • Проблемы программно-аппаратного комплекса
3. Какие концепции используются во время сбора данных?
Обязательно иметь два вида данных, первый собранный в момент когда система испытвает критические нагрузки, второй во время стабильного функционирования системы.
4. Ну и наконец какие же у нас есть средства в нашей системе, и за что они отвечают?
  • vmstat - память, процессор, I/O
  • mpstat - CPU
  • iostat - I/O
  • netstat - сеть
  • lockstat - системные вызовы, блокировки
  • sar - утилита многоплановая, все зависит от опций.
Постараюсь рассказать об этих и некоторых других утилитах, варианты выводов, и чтение этих выводов.
Анализируем использование памяти:
Первое, нам необходимо узнать сколько памяти занимается ядрос, а сколько пользователем, от этого будет зависить наши последующие шаги:
root@T1000-spare # echo "::memstat" | mdb -k
Page Summary                Pages                MB  %Tot
------------     ----------------  ----------------  ----
Kernel                      54267               423    5%
Anon                        25457               198    3%
Exec and libs                4346                33    0%
Page cache                   9650                75    1%
Free (cachelist)            10775                84    1%
Free (freelist)            908455              7097   90%

Total                     1012950              7913
Physical                  1007634              7872

Использование памяти пользователя: показывает процессы использующие память больше всего: 
root@T1000-spare # prstat -s rss
PID  USERNAME  SIZE   RSS STATE  PRI NICE      TIME  CPU PROCESS/NLWP       
  1238 noaccess  155M  117M sleep   59    0   0:01:01 0.0% java/18
   662  root       18M   15M sleep   59    0   0:00:05 0.0% fmd/26
     7    root       16M   13M sleep   59    0   0:00:09 0.0% svc.startd/12
     9    root       12M   11M sleep   59    0   0:00:34 0.0% svc.configd/17
   697 root       10M 8304K sleep   59    0   0:00:00 0.0% snmpd/1
   489 root       50M 8048K sleep   59    0   0:00:00 0.0% gdm-binary/1
   446 root     9744K 6352K sleep   59    0   0:00:01 0.0% inetd/4
  1773 root     7464K 6152K sleep   59    0   0:00:00 0.0% sshd/1
   184 root     6704K 4728K sleep   59    0   0:00:00 0.0% nscd/31
   187 root     5536K 4720K sleep   59    0   0:00:00 0.0% picld/9
  1772 root     5680K 4312K sleep   59    0   0:00:00 0.0% sshd/1
   667 root     9608K 4184K sleep   59    0   0:00:00 0.0% sendmail/1
   142 root     6832K 3784K sleep   59    0   0:00:00 0.0% syseventd/15
   664 smmsp    9672K 3744K sleep   59    0   0:00:00 0.0% sendmail/1
   202 daemon   4984K 3728K sleep   59    0   0:00:00 0.0% kcfd/5
  2019 oracle   3880K 3600K cpu17   59    0   0:00:00 0.0% prstat/1
==================================================
Следующая команда показывает вывод общей памяти и "семафоров":
root@T1000-spare # ipcs -a (к сожалению данный сервер тестовый и только-только поднятый, нагрузку продемонстироровать не смогу)
Следующая команда продемонстрирует нам использование пользовательской памяти всеми процессами, исключая (PID 0,2,3):
root@T1000-spare # egrep "[0-9]:|^total" /var/tmp/pmap-x
1: /sbin/init
total Kb    3024    2712     312       -
1112: /usr/dt/bin/dtlogin -daemon
total Kb    6576    4536     304       -
1238: /usr/java/bin/java -server -Xmx128m -XX:+UseParallelGC -XX:ParallelGCT
total Kb  158552  120040  103304       -
142: /usr/lib/sysevent/syseventd
total Kb    6832    5832    1096       -
146: /usr/lib/ldoms/drd
total Kb    2600    2320     408       -
1539: /home/OracleDB/11.2/ccr/bin/nmz -cron -silent
total Kb    3936    3152     264       -
1772: /usr/lib/ssh/sshd
total Kb    5680    5352     728       -
1773: /usr/lib/ssh/sshd
total Kb    7464    6928     408       -
======================================================
Следующим шагом будет проверка использования файловой системы /tmp:
root@T1000-spare # df -kl /tmp/
Filesystem            kbytes    used   avail capacity  Mounted on
swap                 14380920     104 14380816     1%    /tmp
=========================================================
root@T1000-spare # du -akd /tmp | sort -n | tail -5   - а эта команда отобразит 5 файлов большого размера внутри данной файловой системы.
Общее использование памяти в системе:
root@T1000-spare # vmstat -p 3
     memory           page          executable      anonymous      filesystem 
   swap  free  re  mf  fr  de  sr  epi  epo  epf  api  apo  apf  fpi  fpo  fpf
 14314224 7375848 26 67 1   0  13   23    0    0    0    0    0   40    1    1
 14381608 7361752 3 6   0   0   0    0    0    0    0    0    0    0    0    0
 14381288 7361616 0 0   0   0   0    0    0    0    0    0    0    0    0    0
=============================================
Данная команда будет отображать информацию раз в три секунды.
Конечно же необходимо проверить использование SWAP системой:
root@T1000-spare # swap -s
total: 193424k bytes allocated + 47176k reserved = 240600k used, 14381936k available
root@T1000-spare # swap -l
swapfile             dev  swaplo blocks   free
/dev/dsk/c0t0d0s1   32,9      16 16387600 16387600
======================================================
В данном разделе финальной комнадой будет проверка статистики ядра:
очень хорошая утилита kstat, имеет большое разнообразие дополнительных ключей, также можно использовать команду которую я указал ниже:

root@T1000-spare # echo "::kmastat"| mdb -k > /var/tmp/kmastat
root@T1000-spare # more /var/tmp/kmastat 
cache                        buf    buf    buf    memory     alloc alloc 
name                        size in use  total    in use   succeed  fail 
------------------------- ------ ------ ------ --------- --------- ----- 
kmem_magazine_1               16   1161   1524     24576      1161     0 
kmem_magazine_3               32   2184   2540     81920      2805     0 
kmem_magazine_7               64   1730   2413    155648      3043     0 
kmem_magazine_15             128   2701   2772    360448      3401     0 
kmem_magazine_31             256    337    341     90112       337     0 
kmem_magazine_47             384      0      0         0         0     0 

В данной таблице нужно смотреть на столбец "memory in use"  и на любую строку в которой "alloc fail" больше нуля.

Ну я думаю для одной статьи пока достаточно, не хочется нагружать Вас большим полотном надеюсь вскоре смогу продолжить свой обзор по наблюдению за питомцами на солярисе. 

понедельник, 27 июня 2011 г.

Level UP

Hello, dear readers, today I want to share my new joy. On July 23 I passed Cisco CCNP 642-902. I scored 836 points from 1000. It was not easy, but achievable. I've got some problems with D&D questions, and one lab which has metric-types and redistributing routes from different protocols.
Next step is to gain CCNP Switching certificate. I hope that I can do this without big problems.

вторник, 24 мая 2011 г.

Chapter 6. Lab 6-5, BGP Case Study

Today I'm starting to describe some labs from CCNP ROUTE 6.0 course. Today I will describe to you BGP case study Lab. I hope later I will describe to you all case study labs from routing course and later from switching course. So let's start.
First in PDF manual we see some network topology with IP adresses. As written in PDF we must:
1. Configure the addressing scheme shown in the diagram.
I think there is no big interesting actions, that's why I decided do not write about this.
2. Configure the ITA network to be in EIGRP AS 65001.
R1 configuration:
R1(config)#router eigrp 65001 
R1(config-router)#net 10.1.1.1 0.0.0.255       
R1(config-router)#net 192.168.14.0 0.0.0.3
R1(config-router)#net 10.1.103.0 0.0.0.7
R1(config-router)#net 10.1.102.0 0.0.0.7
R2 configuration:
R2(config)#router eigrp 65001
R2(config-router)#net 10.2.2.2 0.0.0.255   
R2(config-router)#net 10.20.0.0 0.0.7.255
R2(config-router)#net 10.1.203.0 0.0.0.7
R2(config-router)#net 10.1.102.0 0.0.0.7
R3 configuration:
R3(config)#router eigrp 65001
R3(config-router)#net 10.3.3.0 0.0.0.255
R3(config-router)#net 10.1.203.0 0.0.0.7
R3(config-router)#net 192.168.34.0 0.0.0.3
R3(config-router)#net 10.1.103.0 0.0.0.7 
After this configuration we must check routing tables on all three routers, after this we must see all routes except routes from R4 router.
3.Configure the TDP network to be in EIGRP AS 65002.
R4 configuration:
R4(config)#router eigrp 65002
R4(config-router)#net 172.16.0.0 0.0.15.255
R4(config-router)#net 192.168.14.0 0.0.0.3
R4(config-router)#net 192.168.34.0 0.0.0.3
4.Disable automatic summarization in both EIGRP domains. On all router in router eigrp section we must execute no auto-summary command.
R(1-4)(config-router):no auto-summary
5.Configure the ITA network to be in BGP AS 65001, and the TDP network to be in BGP AS 65002.
R1(config)#router bgp 65001
R1(config-router)#neighbor 10.1.102.2 remote-as 65001
R1(config-router)#neighbor 10.1.103.3 remote-as 65001
R1(config-router)#neighbor 192.168.14.2 remote-as 65002

R1(config-router)#net 192.168.14.0 mask 255.255.255.252

R1(config-router)#net 10.1.103.0 mask 255.255.255.248
R1(config-router)#net 10.1.102.0 mask 255.255.255.248
R1(config-router)#net 10.1.1.0 mask 255.255.255.0

###############################################################
R2(config)#router bgp 65001
R2(config-router)#neigh 10.1.102.1 remote-as 65001
R2(config-router)#neigh 10.1.203.3 remote-as 65001


R2(config-router)#net 10.1.102.0 mask 255.255.255.248
R2(config-router)#net 10.1.203.0 mask 255.255.255.248

R2(config-router)#net 10.2.2.0 mask 255.255.255.0

R2(config-router)#net 10.20.0.0 mask 255.255.255.0
R2(config-router)#net 10.20.1.0 mask 255.255.255.0
R2(config-router)#net 10.20.2.0 mask 255.255.255.0
R2(config-router)#net 10.20.3.0 mask 255.255.255.0

###############################################################
R3(config)#router bgp 65001
R3(config-router)#neigh 10.1.103.1 remote-as 65001
R3(config-router)#neigh 10.1.203.2 remote-as 65001
R3(config-router)#neighbor 192.168.34.2 remote-as 65002

R3(config-router)#net 10.3.3.0 mask 255.255.255.0

R3(config-router)#net 192.168.34.0 mask 255.255.255.252
R3(config-router)#net 10.1.103.0 mask 255.255.255.248
R3(config-router)#net 10.1.203.0 mask 255.255.255.248
###############################################################
R4(config)#router bgp 65002
R4(config-router)#neigh 192.168.14.1 remote-as 65001
R4(config-router)#neigh 192.168.34.1 remote-as 65001

R4(config-router)#net 192.168.14.0 mask 255.255.255.252
R4(config-router)#net 192.168.34.0 mask 255.255.255.252
R4(config-router)#net 172.16.0.0 mask 255.255.252.0
R4(config-router)#net 172.16.4.0 mask 255.255.252.0
R4(config-router)#net 172.16.8.0 mask 255.255.252.0
R4(config-router)#net 172.16.12.0 mask 255.255.252.0
6.Advertise the 192.168.14.0/30 and 192.168.34.0/30 networks in both EIGRP autonomous systems.
We already added this networks in advertising process.
7.Configure the interfaces on the border routers between the two EIGRP autonomous systems, so they
do not send EIGRP packets.
Here we should configure interfaces on all border routers as passive interface in eigrp process.
8.All routers will be participating in BGP. Configure all routers for a full mesh of IBGP peers in each
system.
This point is also ready, we configured this when we pointed all neighbors on each router.
9.Peer R1 and R2 using loopback addresses, not their directly connected interfaces.
R1(config)#router bgp 65001
R1(config-router)#neighbor 10.2.2.2 remote-as 65001
R1(config-router)#neigh 10.2.2.2 update-source lo1
############################################################
R2(config)#router bgp 65001
R2(config-router)#neigh 10.1.1.1 remote-as 65001
R2(config-router)#neighbor 10.1.1.1 update-source lo2

10.Advertise all loopback interfaces into the BGP process, except on R2, where the only loopback
advertised should be loopback 2.
We described this configuration above except specially R2 configuration, that's why we must configure only R2:
R2(config-router)#no net 10.20.0.0 mask 255.255.255.0
R2(config-router)#no net 10.20.1.0 mask 255.255.255.0
R2(config-router)#no net 10.20.2.0 mask 255.255.255.0
R2(config-router)#no net 10.20.3.0 mask 255.255.255.0
11.On R2, create a static summary route for the rest of its loopback interfaces and advertise this static
route in BGP.
R2(config)#ip route 10.20.0.0 255.255.252.0 null0
R2(config)#router bgp 65001
R2(config-router)#redi
R2(config-router)#redistribute static
12.R4 should send a summary route to ITA representing all the R4 loopback interfaces.
R4(config)#router bgp 65002
R4(config-router)#aggregate-address 172.16.0.0 255.255.240.0 summary-only
R4(config-router)#net 172.16.0.0 mask 255.255.240.0
R4(config-router)#no net 172.16.0.0 mask 255.255.252.0
R4(config-router)#no net 172.16.4.0 mask 255.255.252.0
R4(config-router)#no net 172.16.8.0 mask 255.255.252.0
R4(config-router)#no net 172.16.12.0 mask 255.255.252.0
13.R4 should prefer the path to ITA networks via the Ethernet link between R1 and R4. Accomplish this
by modifying the MED advertised to TDP.
R1(config-route-map)#access-list 1 permit any
R1(config)#route-map INJECTION-R4 permit 10
R1(config-route-map)#match ip add  
R1(config-route-map)#match ip address 1
R1(config-route-map)#set metric 100
R1(config)#router bgp 65001
R1(config-router)#neigh 192.168.14.2 route-map INJECTION-R4 out
##############################################################################
R3(config)#router bgp 65001
R3(config-router)#neigh 192.168.34.2 route-map INJECTION-R4 out
R3(config-router)#route-map INJECTION-R4 permit 10
R3(config-route-map)#set metric 100
14.Routers in the ITA AS should prefer the path to TDP networks via the Ethernet link between R1 and
R4. Accomplish this by modifying the local preference of routes being advertised in from TDP.
R1(config)#router bgp 65001
R1(config-router)#neigh 192.168.14.2 route-map IBGP_PEERS in
R1(config-router)#route-map IBGP_PEERS permit 10
R1(config-route-map)#set local-preference 160

That's all, but I suggest to you, complete all labs in bgp section for better bgp understanding.Good luck!!!



четверг, 19 мая 2011 г.

Mail-ru агент в Linux

Это уже довольно избитый вопрос в сети интернет, но я решил добавить его к себе в блог потому что сегодня обнаружил для себя хорошую альтернативу всем существующим вариантам связанным с маил.ру. Ни qutim, ни mdc, ни сам mail.ru на qt не дал необходимой стабильности и функционала. И я с горя решил вернуться на всеми забытый, но далеко не плохой pidgin, и оказалось вуаля!!!, пилить ничего не надо, все уже готово.
В общем установка банальна до ужаса. Но описать ее будет полезным:
В общем по умолчанию в убунте, у меня 10.04 стоит pidgin 2.6. Нам нужен pidgin 2.7 его мы можем установить из ppa репозитория, в консоли:

maximka@maxbuntu:~$ sudo apt-add-repository ppa:pidgin-developers/ppa

maximka@maxbuntu:~$ sudo apt-get update
maximka@maxbuntu:~$ sudo apt-get install pidgin
maximka@maxbuntu:~$ pidgin -v
Pidgin 2.7.11 (libpurple 2.7.11)

Вот как-то так, после этого необходимо докачать плагин с сайта сторонних разработчиков, таковых у нас два, мы воспользуемся первым попавшимся:


Скачиваем свой деб пакет,устанавливаем его двойным кликом, перезапускаем pidgin, и в списках протоклов, где подключаются учетные записи мы можем наблюдать "рыжую собачку". Радуйтесь Вы снова можете общаться со своими блондинистыми подружками с винды и мобильного агента ))) Удачи!!!


суббота, 7 мая 2011 г.

Обзор файловых систем от Google

Опубликована видеозапись доклада Майкла Рубина (Michael Rubin), занимающегося системами хранения данных в Google, о причинах миграции с файловой системы Ext2 на Ext4. В докладе показаны результаты исследования производительности EXT2, достоинства и недостатки различных файловых систем, доступных в Linux, причины выбора файловой системы Ext4 для использования на серверах Google.
Некоторые тезисы:
  • Файловая система Ext2 очень надежна, но имеет проблемы с производительностью при высокой интенсивности ввода/вывода. Из всех дисковых операций 40% было связано с обработкой мета-данных и только 60% с самими данными (после перехода на Ext4 это соотношение удалось свести к 4% для мета-данных и 96% для данных, общая производительность при этом возросла, в зависимости от областей применения, в полтора-два раза). При высокой нагрузке удаление 8 Мб файла иногда длилось до 800 секунд, наблюдались проблемы с фрагментацией. Как вариант решения проблемы все мета-данные можно было кэшировать, но это потребовало бы больших затрат оперативной памяти. Еще один недостаток Ext2 - очень долгое выполнение восстановления при помощи fsck - для диска 1 Тб восстановление занимало 85 минут;
  • Ext3 - проблемы с долгим выполнение fsck решены за счет поддержки журналирования, но производительность осталась на уровне Ext2. Дополнительные плюсы - простота управления и лёгкость миграции с Ext2;
  • Ext4 - кроме унаследованных у Ext3 плюсов в Ext4 частично решены проблемы с производительностью. Производительность не самая высокая среди доступных ФС, но вполне достаточная;
  • В Btrfs реализованы очень интересные возможности, но код еще не готов для промышленного применения;
  • XFS - отличная производительность, но большая усложнённость реализации;
  • ZFS - отличная производительность, высокая надежность и богатые возможности с одной стороны, но с другой стороны несовместимая с GPL лицензия на код;
  • ReiserFS и JFS не рассматривались в Google как варианты для миграции из-за недостаточной поддержки кодовой базы;
  • В Google не используют журналирование - потери производительности оказались слишком большими (накладные расходы понизили производительность на 23%-33% в зависимости от типа журнала). Конфигурация без журнала также продемонстрировала большую предсказуемость.

пятница, 6 мая 2011 г.

Installing Oracle 11.2 on Solaris SPARC

First, let me speak about preparation to installation. For this installation I prepared new SPARC server with clean install  of Solaris 10, I put all necessary patches as SUN engineer. Downloaded appropriate Oracle DB software from http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
After booting my server I saw:
root@T1000-spare # uname -a
SunOS T1000-spare 5.10 Generic_142909-17 sun4v sparc SUNW,Sun-Fire-T1000

And now we are ready to install!
In my server I have 1xUltraSPARC T1, 4x2Gb RAM and one 160Gb HDD. It's more than enough for running test DB.
To starting installation we must verify all Oracle requirements:
root@T1000-spare # pkginfo -i SUNWarc SUNWbtool SUNWhea SUNWlibC SUNWlibms SUNWsprot SUNWtoo SUNWi1of SUNWi1cs SUNWi15cs SUNWxwfnt
system      SUNWarc   Lint Libraries (usr)
system      SUNWbtool CCS tools bundled with SunOS
system      SUNWhea   SunOS Header Files
system      SUNWi15cs X11 ISO8859-15 Codeset Support
system      SUNWi1cs  X11 ISO8859-1 Codeset Support
system      SUNWi1of  ISO-8859-1 (Latin-1) Optional Fonts
system      SUNWlibC  Sun Workshop Compilers Bundled libC
system      SUNWlibms Math & Microtasking Libraries (Usr)
system      SUNWsprot Solaris Bundled tools
system      SUNWtoo   Programming Tools
system      SUNWxwfnt X Window System platform required fonts
If you don't have some packages, you must find and install them, pkgadd command.
1. Creating Oracle user:
root@T1000-spare #groupadd oinstall
root@T1000-spare #groupadd dba
root@T1000-spare #useradd -d /home/oracle -g oinstall -G dba -m -s /bin/bash oracle
root@T1000-spare #passwd oracle

2.Configuring new user's profile,
root@T1000-spare # vi /home/oracle/.profile
umask=022
TMP=/tmp
TMPDIR=$TMP
DISPLAY=localhost:11.0 #this parameter depends on your system
export TMP TMPDIR DISPLAY
ORACLE_BASE=/home/OracleDB  #this parameter also depends on you, this is not Oracle recommendation
ORACLE_HOME=/home/OracleDB/11.2/
ORACLE_SID=sol10
PATH=$ORACLE_HOME/bin:$PATH
export ORACLE_BASE ORACLE_HOME ORACLE_SID PATH

Save this file and check all variables:

bash-3.00$ env
TERM=xterm
SHELL=/bin/bash
TMPDIR=/tmp
SSH_CLIENT=192.168.0.28 46952 22
SSH_TTY=/dev/pts/1
USER=oracle
ORACLE_SID=sol10
ORACLE_BASE=/home/OracleDB
MAIL=/usr/mail/oracle
PATH=/home/OracleDB/11.2//bin:/usr/bin
PWD=/home/OracleDB/unpack/database
TZ=Asia/Tashkent
SHLVL=1
HOME=/home/oracle
TMP=/tmp
LOGNAME=oracle
SSH_CONNECTION=192.168.0.28 46952 192.168.0.191 22
DISPLAY=localhost:11.0
ORACLE_HOME=/home/OracleDB/11.2/
_=/usr/bin/env
OLDPWD=/home

3.Creating catalogs tree:
I already had mounted partition to catalog /home/OracleDB - this is my ORACLE_BASE. In it I just created catalog with full path /home/OracleDB/11.2/
After I must change owner of parent catalog and add special permissions for all files for user oracle.
root@T1000-spare # chown -R oracle:oinstall /home/OracleDB/
root@T1000-spare # chmod -r 775 /home/OracleDB/
4. Unpacking downloaded software, for any directory except your new created.
5. Installing kernel parameters:
root@T1000-spare # projadd oracle
We must make some changes to /etc/user_attr file, by adding in the end of this file this string: oracle::::project=oracle
From root we must run the command below, for adding additional memory blocks to our new project
prctl -n project.max-shm-memory -v 4gb -r -i project oracle
This parameter must be permanent, for this from root we must enter:
projmod -s -K "project.max-shm-memory=(priv,4gb,deny)" oracle 
6. From terminal window enter: ssh -X oracle@<ip address of your server>
Running installer from the catalog in which you unpack your install files:
-bash-3.00$ sh runInstaller
Starting Oracle Universal Installer...

Checking Temp space: must be greater than 180 MB.   Actual 10680 MB    Passed
Checking swap space: must be greater than 150 MB.   Actual 14173 MB    Passed
Checking monitor: must be configured to display at least 256 colors.    Actual 16777216    Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2011-05-06_10-27-47AM. Please wait ...



AND NOW YOU MUST ANSWER ON ALL QUESTIONS IN STEP-BY-STEP JAVA INSTALLER.
BE PATIENT!!!
GOOD LUCK!!!

понедельник, 2 мая 2011 г.

Upgrading firmware on SF T1000

Today we will discuss small but very important procedure, upgrading firmware on your Sun server. In my lab I  used SF T1000, the procedure is same for almost T-series products.
There are two supported methods for flash updating Sun System Firmware.
    Method 1:  From the System Controller console
    Method 2:  From the Solaris console

The first method has been supported in all revisions of Sun System Firmware, while the second method was added starting with version 6.1.10 and requires a separate Solaris utility (sysfwdownload) which is now bundled in the release with the Sun System Firmware binary.
In first action we must check current firmware version:
From the System Controller CLI use the output from the following commands to determine the current Sun System Firmware revisions;
 sc> showsc version -v
Advanced Lights Out Manager CMT v1.3.8
SC Firmware version: CMT 1.3.8
SC Bootmon version: CMT 1.3.8

VBSC 1.3.5
VBSC firmware built Apr  6 2008, 15:09:33

SC Bootmon Build Release: 01
SC bootmon checksum: 13AA267E
SC Bootmon built Apr  6 2008, 15:17:23

SC Build Release: 01
SC firmware checksum: 94B4D458

SC firmware built Apr  6 2008, 15:19:10
SC firmware flashupdate SAT JAN 10 01:23:28 2009

SC System Memory Size: 32 MB
SC NVRAM Version = 12
SC hardware type: 4

FPGA Version: 5.1.5.7

sc> showhost
Sun-Fire-T1000 System Firmware 6.3.12  2008/04/06 15:50

Host flash versions:
   Hypervisor 1.3.4 2007/03/28 06:03
   OBP 4.25.12 2008/03/23 13:27
   POST 4.25.12 2008/03/23 13:53


Compare output from this commands with latest firmware release. Verify that upgrade is necessary. I choosed the simplest method for me, it's updating firmware through SC.We must check that our system is powered off:
sc> poweroff
Host system power is already off


So, before running the flashupdate utility, you must have already downloaded the new Sun System Firmware image from the SunSolve site to a local FTP server accessible by the platform whose firmware you are upgrading.
Then, to run the utility, you need to know the following things:
- IP address of the local FTP server mentioned above.
- Path at which the Sun System Firmware image is stored on the FTP server.
- Username and password of your account on the FTP server to enter at the prompts
Start process:
sc> showkeyswitch      Keyswitch is in the NORMAL position.
If the virtual key switch is in LOCKED position you can change that with the following command:
sc> setkeyswitch -y normal 

At the sc> prompt, type the flashupdate command. Substitute the IP address of the FTP server mentioned above for "ipaddr", and the path name to the image on that server for "pathname".sc> flashupdate -s <ipaddr> -f <pathname>
sc> flashupdate -s 192.168.0.28 -f /home/maximka/T1000.bin
Username: maximka
Password: *************
SC Alert: System poweron is disabled.
When the download process is finished, ALOM displays the message:
Update complete. Reset device to use new software.
The Sun System Firmware has now been updated. For the system to use the new firmware you must reset the System Controller.  Type the resetsc command to reset ALOM.
sc> resetsc
User Requested SC Shutdown

Verify that the update was successful. Once the System Controller has reset, login as the user admin and verify the Sun System Firmware versions match those identified under the Latest Sun System Firmware: using the "showsc version -v" and "showhost" commands.
sc> showhost
Sun-Fire-T1000 System Firmware 6.7.11  2010/10/12 12:34
Host flash versions:
   OBP 4.30.4.b 2010/07/09 13:43
   Hypervisor 1.7.3.c 2010/07/09 15:14
   POST 4.30.4.b 2010/07/09 14:25 


After verifying version of firmware you may continue to use you server. Good luck!

пятница, 29 апреля 2011 г.

I want to get a job!!! Part-2


This is a second part of questions:

 51. What are the data units at different layers of the TCP / IP protocol suite
The data unit created at the application layer is called a message, at the transport layer the data unit created is called either a segment or an user datagram, at the network layer the data unit created is called the datagram, at the data link layer the datagram is encapsulated in to a frame and finally transmitted as signals along the transmission media.

52. What is Project 802
It is a project started by IEEE to set standards that enable intercommunication between equipment from a variety of
manufacturers. It is a way for specifying functions of the physical layer, the data link layer and to some extent the network layer to allow for interconnectivity of major LAN protocols.
It consists of the following:
802.1 is an internetworking standard for compatibility of different LANs and MANs across protocols.
802.2 Logical link control (LLC) is the upper sublayer of the data link layer which is non-architecture-specific, that is
remains the same for all IEEE-defined LANs.
Media access control (MAC) is the lower sublayer of the data link layer that contains some distinct modules each
carrying proprietary information specific to the LAN product being used. The modules are Ethernet LAN (802.3), Token ring LAN (802.4), Token bus LAN (802.5).
802.6 is distributed queue dual bus (DQDB) designed to be used in MANs.

53. What is Bandwidth
Every line has an upper limit and a lower limit on the frequency of signals it can carry. This limited range is called the
bandwidth.

54. Difference between bit rate and baud rate.
Bit rate is the number of bits transmitted during one second whereas baud rate refers to the number of signal units per
second that are required to represent those bits. baud rate = bit rate / N where N is no-of-bits represented by each signal shift.

55. What is MAC address
The address for a device as it is identified at the Media Access Control (MAC) layer in the network architecture. MAC
address is usually stored in ROM on the network adapter card and is unique.

56. What is attenuation
The degeneration of a signal over distance on a network cable is called attenuation.

57. What is cladding
A layer of a glass surrounding the center fiber of glass inside a fiber-optic cable.

58. What is RAID
A method for providing fault tolerance by using multiple hard disk drives.

59. What is NETBIOS and NETBEUI
NETBIOS is a programming interface that allows I/O requests to be sent to and received from a remote computer and it
hides the networking hardware from applications.
NETBEUI is NetBIOS extended user interface. A transport protocol designed by microsoft and IBM for the use on small
subnets.

60. What is redirector
Redirector is software that intercepts file or prints I/O requests and translates them into network requests. This comes under presentation layer.

61. What is Beaconing
The process that allows a network to self-repair networks problems. The stations on the network notify the other stations on the ring when they are not receiving the transmissions. Beaconing is used in Token ring and FDDI networks.

62. What is terminal emulation, in which layer it comes
Telnet is also called as terminal emulation. It belongs to application layer.

63. What is frame relay, in which layer it comes
Frame relay is a packet switching technology. It will operate in the data link layer.

64. What do you meant by "triple X" in Networks
The function of PAD (Packet Assembler Disassembler) is described in a document known as X.3. The standard protocol has been defined between the terminal and the PAD, called X.28; another standard protocol exists between hte PAD and the network, called X.29. Together, these three recommendations are often called "triple X"

65. What is SAP
Series of interface points that allow other computers to communicate with the other layers of network protocol stack.

66. What is subnet
A generic term for section of a large networks usually separated by a bridge or router.

67. What is Brouter
Hybrid devices that combine the features of both bridges and routers.

68. How Gateway is different from Routers
A gateway operates at the upper levels of the OSI model and translates information between two completely different network architectures or data formats.

69. What are the different type of networking / internetworking devices
Repeater: Also called a regenerator, it is an electronic device that operates only at physical layer. It receives the signal in the network before it becomes weak, regenerates the original bit pattern and puts the refreshed copy back in to the link.
Bridges: These operate both in the physical and data link layers of LANs of same type. They divide a larger network in to smaller segments. They contain logic that allow them to keep the traffic for each segment separate and thus are repeaters that relay a frame only the side of the segment containing the intended recipent and control congestion. 
Routers: They relay packets among multiple interconnected networks (i.e. LANs of different type). They operate in the physical, data link and network layers. They contain software that enable them to determine which of the several possible paths is the best for a particular transmission.Gateways:They relay packets among networks that have different protocols (e.g. between a LAN and a WAN). They accept a packet formatted for one protocol and convert it to a packet formatted for another protocol before forwarding it. They operate in all seven layers of the OSI model.
70. What is mesh network
A network in which there are multiple network links between computers to provide multiple paths for data to travel.

71. What is passive topology
When the computers on the network simply listen and receive the signal, they are referred to as passive because they don’t amplify the signal in any way. Example for passive topology - linear bus.

72. What are the important topologies for networks
BUS topology: In this each computer is directly connected to primary network cable in a single line.
Advantages:Inexpensive, easy to install, simple to understand, easy to extend.
STAR topology: In this all computers are connected using a central hub.
Advantages: Can be inexpensive, easy to install and reconfigure and easy to trouble shoot physical problems.
RING topology: In this all computers are connected in loop.
Advantages: All computers have equal access to network media, installation can be simple, and signal does not degrade as much as in other topologies because each computer regenerates it.
 

73. What are major types of networks and explain
Server-based network
Peer-to-peer network
Peer-to-peer network, computers can act as both servers sharing resources and as clients using the resources.
Server-based networks provide centralized control of network resources and rely on server computers to provide
security and network administration

74. What is Protocol Data Unit
The data unit in the LLC level is called the protocol data unit (PDU). The PDU contains of four fields a destination
service access point (DSAP), a source service access point (SSAP), a control field and an information field. DSAP, SSAP are addresses used by the LLC to identify the protocol stacks on the receiving and sending machines that are generating and using the data. The control field specifies whether the PDU frame is a information frame (I -
frame) or a supervisory frame (S - frame) or a unnumbered frame (U - frame).

75. What is difference between baseband and broadband transmission
In a baseband transmission, the entire bandwidth of the cable is consumed by a single signal. In broadband transmission, signals are sent on multiple frequencies, allowing multiple signals to be sent simultaneously.

76. What are the possible ways of data exchange
(i) Simplex (ii) Half-duplex (iii) Full-duplex.

77. What are the types of Transmission media
Signals are usually transmitted over some transmission media that are broadly classified in to two categories.
Guided Media:These are those that provide a conduit from one device to another that include twisted-pair, coaxial cable and fiber-optic cable. A signal traveling along any of these media is directed and is contained by the physical limits of the medium. Twisted-pair and coaxial cable use metallic that accept and transport signals in the form of electrical current. Optical fiber is a glass or plastic cable that accepts and transports signals in the form of light.
Unguided Media: This is the wireless media that transport electromagnetic waves without using a physical conductor. Signals are broadcast either through air. This is done through radio communication, satellite communication and cellular telephony.

78. Difference between the communication and transmission.
Transmission is a physical movement of information and concern issues like bit polarity, synchronization, clock etc.
Communication means the meaning full exchange of information between two communication media.

79.The Internet Control Message Protocol occurs at what layer of the seven layer model?
Network

80.Which protocol resolves an IP address to a MAC address?
ARP

81.MIDI and MPEG are examples of what layer of the OSI seven layer model?
Presentation

82.What is the protocol number for UDP?
17

83.Which protocol is used for booting diskless workstations?
RARP

84.Which layer is responsible for putting 1s and 0s into a logical group?
Physical

85.What does 'P' mean when running a Trace?
Protocol unreachable

86.UDP works at which layer of the DOD model?
Host to Host

87.What is the default encapsulation of Netware 3.12?
802.2

88.Ping uses which Internet layer protocol?
ICMP

89.Which switching technology can reduce the size of a broadcast domain?
VLAN

90.What is the first step in data encapsulation?
User information is converted into data.

91.What is the protocol number for TCP?
6

92.What do you use the Aux port for?
Modem

93.Repeaters work at which layer of the OSI model?
Physical

94.WAN stands for which of the following?
Wide Area Network

 95.LAN stands for which of the following?
Local Are Network

96.DHCP stands for
Dynamic Host Configuration Protocol

97.What does the acronym ARP stand for?
Address Resolution Protocol

98.Which layer is responsible for identifying and establishing the availability of the intended communication partner?
Application.

99.Which OSI layer provides mechanical, electrical, procedural for activating, maintaining physical link?
Physical

100. Do you want to work in our company?
Yes :))
Good Luck!!!

среда, 27 апреля 2011 г.

I want to get a job!!! Part-1

Today I decided to share with the internet community a little experience accumulated during my short life, various campaigns in order to get a job, talking with HR managers, employers surfing sites. This experience is matched by me in hundred of frequently asked questions at the interview, when you try to get into the IT company as simple (beginner) network administrator. Please be patient ... and the first 50 questions: 


1. What are 10Base2, 10Base5 and 10BaseT Ethernet LANs
10Base2—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses baseband
signaling, with a contiguous cable segment length of 100 meters and a maximum of 2 segments.
10Base5—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses baseband
signaling, with 5 continuous segments not exceeding 100 meters per segment.
10BaseT—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses baseband
signaling and twisted pair cabling.

2. What is the difference between an unspecified passive open and a fully specified passive open
An unspecified passive open has the server waiting for a connection request from a client. A fully specified passive open has the server waiting for a connection from a specific client.

3. Explain the function of Transmission Control Block
A TCB is a complex data structure that contains a considerable amount of information about each connection.

4. What is a Management Information Base (MIB)
A Management Information Base is part of every SNMP-managed device. Each SNMP agent has the MIB database that contains information about the device's status, its performance, connections, and configuration. The MIB is queried by SNMP.

5. What is anonymous FTP and why would you use it
Anonymous FTP enables users to connect to a host without using a valid login and password. Usually, anonymous FTP uses a login called anonymous or guest, with the password usually requesting the user's ID for tracking purposes only. Anonymous FTP is used to enable a large number of users to access files on the host without having to go to the trouble of setting up logins for them all. Anonymous FTP systems usually have strict controls over the areas an anonymous user can access.

6. What is a pseudo tty
A pseudo tty or false terminal enables external machines to connect through Telnet or rlogin. Without a pseudo tty, no connection can take place.

7. Which layer of the 7 layer model provides services to the Application layer over the Session layer connection?
Presentation.

8. What does the Mount protocol do ?
The Mount protocol returns a file handle and the name of the file system in which a requested file resides. The message is sent to the client from the server after reception of a client's request.

9. What is External Data Representation
External Data Representation is a method of encoding data within an RPC message, used to ensure that the data is not system-dependent.

10. Which OSI Reference Layer controls application to application communication?
Session

11. BOOTP helps a diskless workstation boot. How does it get a message to the network looking for its IP address and the location of its operating system boot files ?
BOOTP sends a UDP message with a subnetwork broadcast address and waits for a reply from a server that gives it the IP address. The same message might contain the
name of the machine that has the boot files on it. If the boot image location is not specified, the workstation sends another UDP message to query the server.

12. What is a DNS resource record
A resource record is an entry in a name server's database. There are several types of resource records used, including name-to-address resolution information. Resource records are maintained as ASCII files.

13. What protocol is used by DNS name servers
DNS uses UDP for communication between servers. It is a better choice than TCP because of the improved speed a connectionless protocol offers. Of course, transmission reliability suffers with UDP.

14. What is the difference between interior and exterior neighbor gateways
Interior gateways connect LANs of one organization, whereas exterior gateways connect the organization to the outside world.

15. What is the HELLO protocol used for
The HELLO protocol uses time instead of distance to determine optimal routing. It is an alternative to the Routing Information Protocol.

16. What are the advantages and disadvantages of the three types of routing tables
The three types of routing tables are fixed, dynamic, and fixed central. The fixed table must be manually modified every time there is a change. A dynamic table changes its information based on network traffic, reducing the amount of manual maintenance. A fixed central table lets a manager
modify only one table, which is then read by other devices. The fixed central table reduces the need to update each machine's table, as with the fixed table. Usually a dynamic table causes the fewest problems for a network administrator, although the table's contents can change without the administrator being aware of the change.

17. What is a characteristic of Store and Forward switches?
They read the entire frame and check CRC before forwarding.

18. What is source route
It is a sequence of IP addresses identifying the route a datagram must follow. A source route may optionally be included in an IP datagram header.

19. What is RIP (Routing Information Protocol)
It is a simple protocol used to exchange information between the routers.

20. What is SLIP (Serial Line Interface Protocol)
It is a very simple protocol used for transmission of IP datagrams across a serial line.

21. What is Proxy ARP
It is using a router to answer ARP requests. This will be done when the originating host believes that a destination is local, when in fact is lies beyond router.

22. What is OSPF
It is an Internet routing protocol that scales well, can route traffic along multiple paths, and uses knowledge of an Internet's topology to make accurate routing decisions.

23. What is Kerberos
It is an authentication service developed at the Massachusetts Institute of Technology. Kerberos uses encryption to prevent intruders from discovering passwords and gaining unauthorized access to files.

24. What is a Multi-homed Host
It is a host that has a multiple network interfaces and that requires multiple IP addresses is called as a Multi-homed Host.

25. What is NVT (Network Virtual Terminal)
It is a set of rules defining a very simple virtual terminal interaction. The NVT is used in the start of a Telnet session.

26. What is Gateway-to-Gateway protocol
It is a protocol formerly used to exchange routing information between Internet core routers.

27. What is BGP (Border Gateway Protocol)
It is a protocol used to advertise the set of networks that can be reached with in an autonomous system. BGP enables this information to be shared with the autonomous system. This is newer than EGP (Exterior Gateway Protocol).

28. What is autonomous system

It is a collection of routers under the control of a single administrative authority and that uses a common Interior Gateway Protocol.

29. What is EGP (Exterior Gateway Protocol)
It is the protocol the routers in neighboring autonomous systems use to identify the set of networks that can be reached within or via each autonomous system.

30. What is IGP (Interior Gateway Protocol)
It is any routing protocol used within an autonomous system.

31. What is Mail Gateway
It is a system that performs a protocol translation between different electronic mail delivery protocols.

32. What is wide-mouth frog
Wide-mouth frog is the simplest known key distribution center (KDC) authentication protocol.

33. What are Digrams and Trigrams
The most common two letter combinations are called as digrams. e.g. th, in, er, re and an. The most common three letter combinations are called as trigrams. e.g. the, ing,
and, and ion.

34. What is silly window syndrome
It is a problem that can ruin TCP performance. This problem occurs when data are passed to the sending TCP entity in large blocks, but an interactive application on the
receiving side reads 1 byte at a time.

35. What is region
When hierarchical routing is used, the routers are divided into what we call regions, with each router knowing all the details about how to route packets to destinations
within its own region, but knowing nothing about the internal structure of other regions.

36. What is multicast routing
Sending a message to a group is called multicasting, and its routing algorithm is called multicast routing.

37. What is traffic shaping
One of the main causes of congestion is that traffic is often busy. If hosts could be made to transmit at a uniform rate,congestion would be less common. Another open loop
method to help manage congestion is forcing the packet to be transmitted at a more predictable rate. This is called traffic shaping.

38. What is packet filter

Packet filter is a standard router equipped with some extra functionality. The extra functionality allows every incoming or outgoing packet to be inspected. Packets meeting
some criterion are forwarded normally. Those that fail the test are dropped.

39. What is virtual path
Along any transmission path from a given source to a given destination, a group of virtual circuits can be grouped together into what is called path.

40. What is virtual channel
Virtual channel is normally a connection from one source to one destination, although multicast connections are also permitted. The other name for virtual channel is virtual circuit.

41. What is logical link control
One of two sublayers of the data link layer of OSI reference model, as defined by the IEEE 802 standard. This sublayer is responsible for maintaining the link between computers when they are sending data across the physical network connection.

42. Why should you care about the OSI Reference Model
It provides a framework for discussing network operations and design.

43. What is the difference between routable and non- routable protocols
Routable protocols can work with a router and can be used to build large networks. Non-Routable protocols are designed to work on small, local networks and cannot be used with a router.

44. What is MAU
In token Ring , hub is called Multistation Access Unit(MAU).

45. Explain 5-4-3 rule
In a Ethernet network, between any two points on the network, there can be no more than five network segments or four repeaters, and of those five segments only three of
segments can be populated.

46. What is the difference between TFTP and FTP application layer protocols
The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP. The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offered by TCP and so is
reliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.

47. What is the range of addresses in the classes of internet addresses
Class A 0.0.0.0 - 127.255.255.255
Class B 128.0.0.0 - 191.255.255.255
Class C 192.0.0.0 - 223.255.255.255
Class D 224.0.0.0 - 239.255.255.255
Class E 240.0.0.0 - 247.255.255.255

48. What is the minimum and maximum length of the header in the TCP segment and IP datagram
The header should have a minimum length of 20 bytes and can have a maximum length of 60 bytes.

49. What is difference between ARP and RARP
The address resolution protocol (ARP) is used to associate the 32 bit IP address with the 48 bit physical address, used by a host or a router to find the physical address of
another host on its network by sending a ARP query packet that includes the IP address of the receiver. The reverse address resolution protocol (RARP) allows a host to discover its Internet address when it knows only its physical address.

50. What is ICMP
ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by hosts and gateways to send notification of datagram problems back to the sender. It uses the echo test / reply to test whether a destination is reachable and responding. It also handles both control and error messages.

вторник, 22 февраля 2011 г.

Solaris 10 Jumpstart Server

This installation was made from SF T2000 server for SF T1000 client


1.First preparations.
We must have or download new Solaris image or DVD disk for creating source directories for client installation.
Also we must have configured network on server which will be base install server for clients.
Now we can start, first of all we create two directories for our install and conf files and we share them through NFS. It's very simple.
# mkdir /export/install/5.10u3-sparc
# mkdir /export/jumpstart
# vi /etc/dfs/dfstab
share -F nfs -o ro,anon=0 /export/install/5.10u9-sparc
share -F nfs -o ro,anon=0 /export/jumpstart

Finally to share (and verify) these directories, use the following command:
# shareall

2.Installing Jumpstart Server
Assuming that we have DVD inserted into DVD Drive, we start to create core for jumpstart server
# cd /cdrom/cdrom0/s0/Solaris_10/Tools
# ./setup_install_server /export/install/5.10u3-sparc

This is a long process, that I suggest to you to be patient.
After compliting this job we start to create bootserver.
# cd /cdrom/cdrom0/s0/Solaris_10/Tools
# ./setup_install_server -b /export/install/5.10u3-sparc/sun4v

3. Jumpstart conf. files
As usual in Unix/Linux systems we may find sample files, and so we do.
# cp -r /cdrom/cdrom0/s0/Solaris_10/Misc/jumpstart_sample/* /export/jumpstart

/export/jumpstart/rules
This file is mandatory and helps to define some rules to specify what (type of) clients are allowed to use this install server and what to do before and after the installation. I created a single rule as follows:
network XX.XX.XX.0 && arch sparc - myT1000 -

which says that only SPARC systems in the XX.XX.XX.0 network are allowed to use this server and when they do, the settings in the myT1000 file should be used to specify how those systems should be configured.


/export/jumpstart/myT1000
This file specifies how a given system should be configured by allowing you to predefine what type of installation you want, which software packages you want (and do not want) and how to lay out your file systems etc.Here is the profile file that I used:

install_type initial_install
system_type server
partitioning explicit
filesys c0t0d0s0 15000 /
filesys c0t0d0s1 8000 swap
filesys c0t0d0s3 10240 /var
filesys c0t0d0s4 10240 /home
cluster SUNWXall add

/export/jumpstart/sysidcfg
This is an optional file that essentially allows you to specify extra settings for your installation. In summary, the more settings you specify here, the less questions you are asked during the network installation and the more automated the process becomes. Here is the sysidcfg file that I used:

system_locale=C
install_locale=C
timezone=Asia/Tashkent
terminal=vt100
timeserver=localhost
name_service=DNS { domain_name=XXX.XX name_server=XXX.XXX.XXX.XXX search=XXX.XX }
network_interface=bge0 {netmask=255.255.255.0 default_route=XXX.XXX.XXX.XXX protocol_ipv6=no}
security_policy=NONE

Once you have all of these files in place, you need to verify that they are syntactically correct. This is done using the check tool as follows:

# cd /export/jumpstart
# ./check
Validating rules...
Validating profile myT1000...
The custom JumpStart configuration is ok.

4. Telling the server about a client

Before you can commence an installation from a client, you need to tell the install server about that client. Since I was not using DHCP and already had a DNS server with a valid entry for my client, this stage was a little easier for me. Of course you also need to ensure that your server is running a TFTP Boot Server.
To tell the server about a client, you need to know the MAC address of the primary network adapter of the client and the intended hostname of the client. Once you know this, use the following command:

# cd /export/install/5.10u9-sparc/Solaris_10/Tools
# ./add_install_client -e 11:22:33:44:55:66 -s 192.168.0.240:/export/install/5.10u3-sparc -c 192.168.0.240:/export/jumpstart -p 192.168.0.240:/export/jumpstart T1000-spare sun4v

The name of my client was T1000-spare (it was a sun4v system) the IP of my server was 192.168.0.240. Clearly, you will need to use your own values for the parameters as well as the correct MAC address. The result of this command is some new files in the TFTP Boot area as well an a new entry in the /etc/ethers file.

5. Starting the Client Installation
This is actually the simplest part of the exercise and involves one command. However, you do need to ensure that the Network Management port of your client has been configured with a valid IP address. Anyway, to start the client installation, use the following command from the boot prompt of your client:

boot net - install

The system should then start installing the new version of Solaris. It will do things like request an IP address from the network, attempt to configure the network interfaces in the client and ultimately follow pretty much the same procedure as if you were installing from a CD or DVD. The more configuration files you provided on the server, the fewer questions you will be asked during the installation.
When the installation has completed, you will be dropped back to the (root) command prompt. You should now reboot the system after which you will be asked to provide a password for the root user. Upon completion of this task, you should finally be presented with the console login prompt and, you’re done!

четверг, 17 февраля 2011 г.

Task 3: Configure Static and Dynamic NAT on HQ

Step 1. Configure NAT.
Use the following requirements:

Allow all addresses for the 10.0.0.0/8 address space to be translated.
XYZ Corporation owns the 209.165.200.240/29 address space. The pool, XYZCORP, uses addresses .241 through .245 with a /29 mask.
The www.xyzcorp.com website at 10.0.1.2 is registered with the public DNS system at IP address 209.165.200.246.

First we must specify new access-list for using NAT:

HQ(config)#ip access-list standard NAT_LIST
HQ(config-std-nacl)#permit 10.0.0.0 0.255.255.255 
HQ(config-std-nacl)#exit

Second action is enabling dynamic NAT translation on HQ.For this action follow the requirements we must create NAT Pool:

HQ(config)#ip nat pool XYZCORP 209.165.200.241 209.165.200.245 net 255.255.255.248
HQ(config)#ip nat inside source list NAT_LIST pool XYZCORP overload

And last action is enabling static NAT:

HQ(config)#ip nat inside source static 10.0.1.2 209.165.200.246

Also we must activate NAT mode on all interfaces include each subinteface on HQ router.
For all interfaces exclude serial 0/1/0 NAT mode must be configured as inside, for example:

HQ(config)#interface serial 0/0/0.41
HQ(config-subif)#ip nat inside 

For serial 0/1/0 it must be:

HQ(config)#interface serial 0/1/0
HQ(config-subif)#ip nat outside

After completion your percentage must be 11%

четверг, 10 февраля 2011 г.

CCNA Skills Integration Challenge - Task 2

Task 2: Configure PPP with CHAP and PAP Authentication

Step 1. Configure the WAN link from HQ to ISP using PPP encapsulation and CHAP authentication.

The CHAP password is ciscochap.

We open console on HQ again and begin...

HQ>enable 
HQ#conf t
Enter configuration commands, one per line. End with CNTL/Z.
HQ(config)#interface serial 0/1/0
HQ(config-if)#ip address 209.165.201.1 255.255.255.252
HQ(config-if)#no shutdown 
%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up
HQ(config-if)#encapsulation ppp 
HQ(config-if)#ppp authentication chap 
HQ(config-if)#exit
HQ(config)#username ISP password ciscochap 
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up
do ping 209.165.201.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.165.201.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/8/14 ms
HQ(config)#do copy r s
Destination filename [startup-config]? 
Building configuration...
[OK]

Step 2. Configure the WAN link from HQ to NewB using PPP encapsulation and PAP authentication.
You need to connect a cable to the correct interfaces. HQ is the DCE side of the link. You choose the clock rate. The PAP password is ciscopap.
First of all we have to choose the cable for connecting. This job is easy enough. In the bottom of the PT we choose cable with clock label.
First we connect it to DCE side of the link (HQ Serial 0/0/1), and the second connection will be serial 0/0/0 on NewB router.
And now start to configure PPP using PAP authentification on HQ.

HQ(config)#interface serial 0/0/1
HQ(config-if)#ip address 10.255.255.253 255.255.255.252
HQ(config-if)#no shutdown 
%LINK-5-CHANGED: Interface Serial0/0/1, changed state to up
HQ(config-if)#encapsulation ppp
HQ(config-if)#ppp authentication pap 
HQ(config-if)#ppp pap sent-username HQ password ciscopap 
HQ(config-if)#exit
HQ(config)#username NewB password ciscopap
HQ(config)#interface serial 0/0/1
HQ(config-if)#clock rate 64000
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to up
HQ(config-if)#do copy r s
Destination filename [startup-config]? 
Building configuration...
[OK]
HQ(config-if)#

And last thing that we need to do is adding new username and password on NewB for successful connection between routers.

NewB#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NewB(config)#username HQ password ciscopap
NewB(config)#do copy r s
Destination filename [startup-config]? 
Building configuration...
[OK]

After veryfing pinging between HQ and ISP, HQ and NewB, you may start Task 3. On your Acrivity progress you will see 8% Completion.