Apache Web Server (FreeBSD-7.2_Release_i386)

2010 оны 10-р сарын 28 Нийтэлсэн Namjil

Apache WWW

# cd /usr/ports/www/apache22 --> (Version: httpd-2.2.11)

# make config

# make install ---> энэ нь default-р apache22-г /usr/local дотор суулгана. Өөр газар суулгах бол:

# make prefix=/mywebsite/apache2 install

# ee /etc/rc.conf

apache22_enable=”YES”

эсвэл доорх коммандаар оруулна:

 # echo 'apache22_enable="YES"' >> /etc/rc.conf

Default HTTP port: 80

Default HTTPS (SSL) port: 443

Default DocumentRoot directory: /usr/local/www/apache22/data/

Default cgi-bin directory: /usr/local/www/apache22/cgi-bin/

Default Error Log File: /var/log/httpd-error.log

Default Access Log File: /var/log/httpd-access.log

Default suexec log (if compiled with suexec): /var/log/httpd-suexec.log

Default configuration file directory:/usr/local/etc/apache22/ and /usr/local/etc/apache22/extra/

Default configuration file: /usr/local/etc/apache22/httpd.conf

# cp /usr/local/etc/apache22/httpd.conf /root/httpd.conf.bak

# ee /usr/local/etc/apache22/httpd.conf

Apache-г эхлүүлэхээс урьдаар accf_module-г ажиллалуулахгүй бол httpready error гэсэн алдаа гарах ба kldload command-аар ажиллалуулна.

# kldload accf_data

# kldload accf_http

# ee /boot/defaults/loader.conf

accf_data_load=”NO” ---> “YES”

accf_http_load=”NO” ---> “YES” болгож өөрчлөх хэрэгтэй.

# /usr/local/etc/rc.d/apache22 start|stop|restart

# apachectl start|stop|restart|graceful

.htaccess aшиглаж байгаа бол /usr/local/etc/apache2/httpd.conf file-н 201 мөрөнд

AllowOverride None ---> AllowOverride All болгож өөрчлөх хэрэгтэй.

WEB Холбоосууд:

http://www.freebsdmadeeasy.com/tutorials/web-server/configure-apache-web-server-on-freebsd.php

http://www.cyberciti.biz/faq/freebsd-apache-web-server-tutorial/

http://www.freebsdforums.org/how-to-install-apache-for-freebsd/

MySql

# cd /usr/ports/databases/mysql50-server ---> (Version: mysql-5.0.77)

# setenv BUILD_OPTIMIZED yes
# setenv WITH_OPENSSL yes
# setenv WITH_CHARSET utf8
# make install clean

# cd /usr/ports/databases/mysql50-scripts

# make config & install

# echo 'mysql_enable="YES"' >> /etc/rc.conf
# cp /usr/local/share/mysql/my-large.cnf /etc/my.cnf
# ee /etc/my.cnf – д доорхыг хуулж
өгнө.

log=/var/log/mysql.log
bind-address=127.0.0.1

# touch /var/log/mysql.log
# chown mysql:mysql /var/log/mysql.log
# /usr/local/etc/rc.d/mysql-server start

# mysqladmin -u root password newpassword

Mysql-n Password solih

mysql> use mysql;
mysql> update user set password=PASSWORD("NEWPASSWORD") where User='username';
mysql> flush privileges;
mysql> quit

MYSQL-hee root password-g martsan bol:

1. /usr/local/etc/rc.d/mysql-server stop

2. /usr/local/bin/mysqld_safe --user=mysql --skip-grant-tables > /dev/null & && echo -n ' mysqld'  - command-g ajillaluulna

3. mysql - command-r mysql server-tee holbogdood root password-aa solino. 

Database ustgah:

1. drop database databasename; 

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

[root@sylesh ~]# mysql -u root ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) >>disabling password authentication

service mysql stop

wait until MySQL shuts down. Then run

mysqld_safe --skip-grant-tables &

then you will be able to login as root with no password.

mysql -uroot mysql

In MySQL command line prompt issue the following command:

use databasename;

UPDATE user SET password=PASSWORD("abcd") WHERE user="root";

FLUSH PRIVILEGES;

EXIT

/etc/init.d/mysqld restart

At this time your root password is reset to "abcd" and MySQL will now know the privileges and you'll be able to login with your new password:

mysql -uroot -p mysql 

WEB Холбоосууд:

http://www.freebsdmadeeasy.com/tutorials/web-server/install-mysql-server-on-freebsd.php

http://www.cyberciti.biz/faq/mysql-change-root-password/

http://fixerfrasse.blogspot.com/2008/03/installing-freebsd-70-apache-22-mysql.html

http://www.freebsddiary.org/mysql.php

PHP5

# cd /usr/ports/lang/php5 ---> (Version: php-5.2.9)

# make confi

# make install

Мөн доорх багцуудыг суулгах хэрэгтэй:

# cd /usr/ports/databases/php5-mysql

# cd /usr/ports/databases/php5-pdo

# cd /usr/ports/databases/php5-pdo_mysql

# cd /usr/ports/www/php5-session

# cd /usr/ports/graphics/php5-gd

# cd /usr/ports/lang/php5-extensions

Үүний дараа httpd.conf файлд php-г нэмж өгөх хэрэгтэй.

# ee /usr/localhost/etc/apache22/httpd.conf

DirectoryIndex index.php index.html

AddType application/x-httpd-php .php .htm .html

AddType application/x-httpd-php-source .phps

# cp /usr/local/etc/php.ini-dist /usr/local/etc/php.ini

# echo “” >> /usr/local/www/apache22/data/test.php

Browser-оо нээгээд http://localhost/test.php

WEB Холбоосууд:

http://www.freebsdmadeeasy.com/tutorials/web-server/install-php-5-for-web-hosting.php

PhpMyAdmin

# cd /usr/ports/databases/phpmyadmin ---> (Version: phpMyAdmin-3.1.3.2-all-language)

# make config

# make install

# ln -s /usr/local/www/phpMyAdmin /usr/local/www/apache22/data/duriinnereeogchbolno

# cd /usr/local/www/phpMyAdmin

# cp config.sample.inc.php config.inc.php

# ee config.inc.php ---> дотор mysql-хээ user, password-г өгнө.

# ee httpd.conf

Alias /phpMyAdmin/ "/usr/local/www/phpMyAdmin"

    Options none

    AllowOverride Limit

    Order Deny,Allow

    Allow from 127.0.0.1.example.com


Browser-оо нээгээд http://localhost/phpMyAdmin эсвэл таны өгсөн нэр.

WEB Холбоосууд:

http://www.freebsdmadeeasy.com/tutorials/web-server/use-phpmyadmin-to-manage-mysql-on-freebsd.php

http://www.youtube.com/watch?v=Q3rEwVK18fI

http://www.somacon.com/p519.php

https://www.freebsd.uwaterloo.ca/twiki/bin/view/Freebsd/PhpMyAdmin

error: mod_auth_digest:

http://forums.freebsd.org/showthread.php?t=26566


Cacti

2010 оны 10-р сарын 27 Нийтэлсэн Namjil

FreeBSD

1. Download Package from www.cacti.net into /usr/local/www/apache22/data/cacti

2.  cd cacti/include/

3. ee config.php

$database_type = "mysql";

$database_default = "cacti";

$database_hostname = "localhost";

$database_username = "cactiuser";

$database_password = "cactibase";

$database_port = "3306";

4. ee /etc/crontab

 */5 * * * * cacti /usr/local/bin/php /usr/local/www/apache22/data/cacti/poller.php > /dev/null 2>&1

5. mysqladmin --user=root create cacti

6. cd /usr/local/www/apache22/data/cacti

7. mysql -u root -p cacti < cacti.sql 

8. required packages: php52-snmp, rrdtool

Ubuntu

1. apt-get install cacti 

Package-s suulgah uyd: (sudo crontab -e

Add the following line ans save you can change the time whenever you want.

*/5 * * * * cactiuser php /var/www/cacti/poller.php > /dev/null 2>&1

https://help.ubuntu.com/community/Cacti

http://www.ubuntugeek.com/install-and-configure-cacti-monitoring-tool-in-ubuntu-9-10-karmic-server.html

http://library.linode.com/server-monitoring/cacti/ubuntu-10.04-lucid

http://www.installationwiki.org/Installing_Cacti

Ubuntu Server-10.04 deer FreeRadius, DaloRadius, MySQL

2010 оны 09-р сарын 14 Нийтэлсэн Namjil

 

lsof -i:1812

netstat -unpl


https://help.ubuntu.com/community/CategoryNetworking/daloRADIUS

http://www.8021xhelp.com/node/5

http://ubuntuforums.org/showthread.php?t=1169178

Syslog-NG on Freebsd

2010 оны 09-р сарын 07 Нийтэлсэн Namjil

http://www.freebsdwiki.net/index.php/Syslog-NG_Installation

http://sial.org/howto/logging/syslog-ng/

http://joe-ma-how-to.blogspot.com/2008/05/logging-to-syslog-ng-on-freebsd.html

MRTG, nTOP on Linux

2010 оны 08-р сарын 26 Нийтэлсэн Namjil
http://www.aboutdebian.com/monitor.htm

Cisco WCCP (Web Cache Control Protocol) and Squid on FreeBSD-8.0

2010 оны 06-р сарын 29 Нийтэлсэн Namjil

http://teklimbu.wordpress.com/2007/10/10/configuring-wccp2-on-a-cisco-36207206-router-with-squid-2616-running-on-freebsd-6x/

http://wiki.squid-cache.org/SquidFaq/InterceptionProxy

http://www.boisseau.co.uk/transparent-proxy

http://www.digitalnerds.net/linux/transparent-squid-with-wccp/

http://www.mustnofee.com/tutorials/37-tutorials/67-setting-up-squid-on-freebsd

http://www.softwareprojects.com/resources/programming/t-how-to-install-basic-squid-on-freebsd-1874.html

http://www.bsdguides.org/guides/openbsd/networking/install_squid

http://plone.org/documentation/kb/freebsdploneapache

http://anakmelayupening.blogspot.com/2010/01/set-up-squid-proxy-transparent-in.html

Cisco IOS

2010 оны 06-р сарын 03 Нийтэлсэн Namjil

http://en.wikipedia.org/wiki/Cisco_IOS

http://www.cisco.com/web/about/security/intelligence/ios-ref.html

http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=268438303

https://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps5460/prod_bulletin0900aecd80281b17.html


MRTG under FreeBSD

2010 оны 05-р сарын 24 Нийтэлсэн Namjil
Install MRTG , FreeBSD

It's work on FreeBSD 5.3 - 5.4

By : ton@212cafe.com
http://ton.212cafe.com/
E-mail : ton at 212cafe.com
Date : 2005-03-16

Install SNMP using Ports

# cd /usr/ports/net-mgmt/net-snmp
# make && make install && make clean

Add Two Lines into /etc/rc.conf
# vi /etc/rc.conf
Insert

snmpd_enable="YES"
snmpd_flags="-a -Lsd -p /var/run/snmpd.pid"

# chmod 444 /usr/local/etc/rc.d/snmptrapd.sh

Configure snmpd.conf

# /usr/local/bin/snmpconf -i

a. Edit snmpd.conf
b. Choose : System Information Setup
c. You will get
1: The [typically physical] location of the system.
2: The contact information for the administrator
3: The proper value for the sysServices object.
d. Fill up 1 and 2. Please pay attention to option 3
e. When finish, back to main menu and choose 2.
f. Choose 3, a SNMPv1/SNMPv2c read-only access community name
h. Put in community name such as, foo
i. In hostname and network mask we enter 127.0.0.1
j. Setup OID , leave blank
k. Back to menu
l. The IP address and port number that the agent will listen on.

Finish generate configuration file.

# /usr/local/etc/rc.d/snmpd.sh start

Install MRTG using ports

Load for fix problem in version 5.3
# cd /usr/ports/distfiles/
# ftp http://ftp.de.sinuspl.net/pub/FreeBSD/distfiles/SNMP_Session-1.05.tar.gz

# cd /usr/ports/net-mgmt/mrtg
# make && make install && make clean

Configure file for MRTG
# /usr/local/bin/cfgmaker foo@127.0.0.1 > /usr/local/etc/mrtg/mrtg.cfg

Make Directory
# mkdir /usr/local/apache/htdocs/mrtg

Edit /usr/local/etc/mrtg/mrtg.cfg , put in Apache Directory
# vi /usr/local/etc/mrtg/mrtg.cfg
Insert
workdir: /usr/local/apache/htdocs/mrtg

Make index.html
# /usr/local/bin/indexmaker --column=1 --output=/usr/local/apache/htdocs/mrtg/index.html
/usr/local/etc/mrtg/mrtg.cfg

Adding Cron Jon
# crontab -e
Insert
*/5 * * * * /usr/local/bin/mrtg /usr/local/etc/mrtg/mrtg.cfg

Edit httpd.conf
# vi /usr/local/apache/conf/httpd.conf
Insert
Alias /mrtg/ "/usr/local/apache/htdocs/mrtg/"


Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all


Stop - Start Apache
# /usr/local/apache/bin/apachectl stop
# /usr/local/apache/bin/apachectl start

Launch Brower and view the file.

http://www.meelink.com/webboard/data/3/0113-1.html

Cisco Router Interfaces

2010 оны 05-р сарын 05 Нийтэлсэн Namjil
www.opennet.ru/soft/cisco-configuration.html#interface-cards

Online Calculators for IP Address & Traffic Bandwidth

2010 оны 04-р сарын 07 Нийтэлсэн Namjil

 IP Address

http://www.tuxgraphics.org/toolbox/network_address_calculator_add.html

http://www.managedhosting.de/tools/subnets_en.php

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f33.shtml

Bandwidth

kilobit - megabit - gigabit

Definition: In computer networking, a kilobit normally represents 1000 bits of data. A megabit represents 1000 kilobits and a gigabit represents 1000 megabits (equal to one million kilobits).

Kilobits, megabits and gigabits traveling over a computer network are typically measured per second. One kilobit per second equals 1 Kbps or kbps (these are equivalent), one megabit 1 Mbps, and one gigabit 1 Gbps. Slow network connections such as modem links are measured in kilobits, faster links such as WiFi wireless in megabits, and very fast connections like high-speed Ethernet in gigabits.

Many people less familiar with computer networking believe one kilobit equals 1024 bits. This is generally untrue in networking but may be true in other contexts. Specifications for today's adapters, routers and other networking equipment always use 1000-bit kilobits as the basis of their quoted data rates. The confusion arises as computer memory and disk drive manufacturers often use 1024-byte kilobytes as the basis of their quoted capacities. 

kilobyte, megabyte, gigabyte

Definition: A kilobyte equals 1024 (or 210) bytes. Likewise, a megabyte (MB) equals 1024 KB or 220 bytes and a gigabyte (GB) equals 1024 MB or 230 bytes.

The meaning of the words kilobyte, megabyte, and gigabyte change when they are used in the context of network data rates. A rate of one kilobyte per second (KBps) equals 1000 (not 1024) bytes per second. One megabyte per second (MBps) equals one million (106, not 220) bytes per second. One gigabyte per second (GBps) equals one billion (109, not 230) bytes per second.

To avoid some of this confusion, networkers typically measure data rates in bits per second (bps) rather than bytes per second (Bps) and use the terms kilobyte, megabyte, and gigabyte only when referring to disk space.

Examples: "This eight gigabyte disk only has 200 megabytes of free space left."

Also Known As: K, KB, M, MB, "meg," G, GB, "gig"

http://www.ibeast.com/content/tools/band-calc.asp

Creating and Configuring Loopback Interfaces

2010 оны 04-р сарын 06 Нийтэлсэн Namjil

A loopback interface is a virtual interface that resides on a router. It is not connected to any other device. Loopback interfaces are very useful because they will never go down, unless the entire router goes down. This helps in managing routers because there will always be at least one active interface on the routers, the loopback interface.

To create a loopback interface, all you need to do is enter configuration mode for the interface:

Router(config)interface loopback {number}

The only option on this command is to specify a number between 0 and 2,147,483,647. Cisco IOS Software gives you plenty of loopback interfaces, if you want to use all of them. When entering this command, Cisco IOS Software automatically creates the loopback interface, places you into interface configuration mode, and removes the interface from shutdown mode. When that is complete, you only need to assign an IP address to the interface. The criteria for the IP addresses of the loopback interfaces is as follows:

  • Create loopback interfaces on all routers using IP address 192.169.X. X/24 (where X is the router number). So, R1 would have a loopback address of 192.169.1.1/24, R2 would be 192.169.2.2/24, and so on.

Because you are already on R6, create and configure the loopback interface on R6; then go to R1, R2, and so on, and create and configure all the loopback interfaces and assign appropriate IP addresses. Example 7-42 takes you through the process on R6.

Example 7-42. R6 Loopback Interfaces Configuration

R6(config)#interface loopback 0
R6(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R6(config-if)#ip address 192.169.6.6 255.255.255.0

Because the router automatically removes the loopback from shutdown state, you receive the console message indicating that the interface is up.

Now configure the rest of the routers, starting with R1. Don't forget to save the running-config to NVRAM (startup-config) before leaving the routers. See Example 7-43.

Example 7-43. Loopback Interface Configuration

R6#
    Termserver#1
[Resuming connection 1 to r1 ... ]
[OK]
__________________________________________________________________

R1#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback 0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R1(config-if)#ip address 192.169.1.1 255.255.255.0
R1(config-if)#end
%SYS-5-CONFIG_I: Configured from console by console
R1#copy running-config startup-config
Building configuration...
[OK]
R1#
Termserver#2
 [Resuming connection 2 to r2 ... ]
____________________________________________________________________

R2#
R2#config t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface loopback 0
R2(config-if)#ip address 192.169.2.2 255.255.255.0
R2(config-if)#end
R2#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R2#
    Termserver#3
[Resuming connection 3 to r3 ... ]
[OK]
____________________________________________________________________

R3#config t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface loopback 0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R3(config-if)#ip address 192.169.3.3 255.255.255.0
R3(config-if)#end
R3#copy running-config startup-config
Building configuration...
[OK]
R3#
    Termserver#4
[Resuming connection 4 to r4 ... ]
____________________________________________________________________

R4#config t
R4(config)#interface loopback 0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R4(config-if)#ip address 192.169.4.4 255.255.255.0
R4(config-if)#end
R4#copy running-config startup-config
Building configuration...
[OK]
R4#
Termserver#5
[Resuming connection 5 to r5 ... ]
____________________________________________________________________

R5#config t
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface loopback 0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R5(config-if)#ip address 192.169.5.5 255.255.255.0
R5(config-if)#end
R5#copy running-config startup-config
Building configuration...
[OK]
R5#

Everything looks okay. A router interface description is not necessary here because no other type of device can connect to a loopback interface. Now that you have configured all the interfaces and have IP connectivity, you should familiarize yourself with the Cisco Discovery Protocol (CDP). CDP is an information-gathering tool that enables you to discover directly connected Cisco devices and their network layer addresses.

WEB: http://www.informit.com/library/content.aspx?b=CCNA_Practical_Studies&seqNum=45

http://routersimulator.certexams.com/router-labs/configuring-and-testing-loopback-interface.html

BGP&Routing

2010 оны 04-р сарын 06 Нийтэлсэн Namjil

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfbgp1.html

http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_i2gt.html

http://www.ciscosystems.com/en/US/tech/tk365/technologies_tech_note09186a00801310cb.shtml

IP prefix-list

2010 оны 04-р сарын 06 Нийтэлсэн Namjil

ip prefix-list provides the most powerful prefix based filtering mechanism

Here is a quick little tutorial on Prefix-lists for you.

A normal access-list CANNOT check the subnet mask of a network. It can only check bits to make sure they match, nothing more. A prefix-list has an advantage over an access-list in that it CAN check BOTH bits and subnet mask - both would have to match for the network to be either permitted or denied.

For checking bits a prefix list ALWAYS goes from left to right and CANNOT skip any bits. A basic example would be this:

172.16.8.0/24

If there is only a / after the network (no le or ge) then the number after the / is BOTH bits checked and subnet mask. So in this case it will check the 24 bits from left to right (won't care about the last 8
bits) AND it will make sure that it has a 24 bit mask. BOTH the 24 bits checked and the 24 bit subnet mask must match for the network to be permitted or denied.

No we can do a range of subnet masks also that could be permitted or
denyed:

172.16.8.0/24 ge 25

If we use either the le or ge (or both le and ge) after the /, then the number directly after the / becomes ONLY bits checked and the number after the ge or le (or both) is the subnet mask. So in this case we are still going to check the first 24 bits of the network from left to right. If those match we are then going to check the subnet mask, which in this case can be GREATER THAN OR EQUAL TO 25 bits - meaning that as long as the first 24 bits of the network match the subnet mask could be 25,26,27,28,29,30,31,or 32 bits. They would all match.

We can also do:

172.16.8.0/24 le 28

Again this will check the first 24 bits of the network to make sure that they match. Then it will check to make sure that the subnet mask is LESS THAN OR EQUAL TO 28 bits. Now this isn't going to be 28 bits down to 0 bits, the subnet mask can't be any lower than the bits we are checking. So the valid range of subnet masks for this one would be 28 bits down to 24 bits (24,25,26,27,and 28). All of those would match.

We can also do both ge and le:

172.16.8.0/24 ge 25 le 27

Here again we are checking the first 24 bits to make sure they match.
Then our subnet mask must be GREATER THAN OR EQUAL TO 25 bits LESS THAN OR EQUAL TO 27 bits. Meaning that 25,26,and 27 bit subnet masks would match.

Now for a couple of examples:

If we have the following networks:

172.16.8.0/28
172.16.8.16/28
172.16.8.32/28
172.16.8.48/28
172.16.8.64/28

We could permit all of these networks with on prefix-list statement:

172.16.8.0/24 ge 28 le 28

This will check the first 24 bits to make sure they match. All of these networks have 172.16.8 as the first 24 bits, and it won't care what is in the last 8 bits. Then it will check to make sure that the subnet mask is GREATER THAN OR EQUAL TO 28 bits LESS THAN OR EQUAL TO 28 bits - the only number that works for this is 28 bits. So the first 24 bits in the network must match and it has to have a 28 bit subnet mask. All 5 of our networks would match for this.

We could be even more precise with this and use:

172.16.8.0/25 ge 28 le 28

If we take a look at our 4th octects we will see that for all of them the 128 bit is off so we can check that bit also (25 bits total we are checking).

0 -- 0 0 0 0 0 0 0 0
16 - 0 0 0 1 0 0 0 0
32 - 0 0 1 0 0 0 0 0
48 - 0 0 1 1 0 0 0 0
64 - 0 1 0 0 0 0 0 0

This would be closer to permitting the 5 networks that we have.

We could also permit only the classful networks. The first thing that we need to do is figure out exactly what a classful network is.

For a class A network we know that it has to have an 8 bit mask and must be between 0 and 127 in the first octect. If we break down 0 and 127 we
get:

0 --- 0 0 0 0 0 0 0 0
127 - 0 1 1 1 1 1 1 1

For the first octect of a class A network the first bit has to be a 0, it must be off. So we can do a prefix-list like this:

0.0.0.0/1 ge 8 le 8

In our first octet the first bit is a 0 (which is what it would need to be to be class A), with the /1 we have we are ONLY checking the first bit to make sure it's a 0 (meaning it would be a class A network 0 - 127). We are then making sure that this class A network actually has a class A subnet mask of 8 bits, and only 8 bits would match.

For the class B's we need to make sure that they have a 16 bit subnet mask and that they are in the range of 128 - 191 in the first octet. If we break down 128 and 191 we get:

128 - 1 0 0 0 0 0 0 0
191 - 1 0 1 1 1 1 1 1

The first two bits are what we are going to care about. We need to make sure that the first two bits in the first octet are 1 0 . The first number that we can use as our standard we are checking against is 128 -
128 has a 1 0 as the first two bits in its first octet.

128.0.0.0/2 ge 16 le 16

So we are checking the first two bits to make sure the network has a 1 0, meaning that it must be in the range of 128 - 191. We are then going to check to make sure that it has the classful 16 bit mask, and ONLY a
16 bit mask.

Finally we have the class C networks. Class C networks are in the range of 192 - 223 and they must have a 24 bit mask. If we break down 192 and
223 we get:

192 - 1 1 0 0 0 0 0 0
223 - 1 1 0 1 1 1 1 1

The first 3 bits in the first octet are what we care about. 192 would be the first number we can put in that first octect that will have 1 1 0 as its first 3 bits.

192.0.0.0/3 ge 24 le 24

We are going to check the first 3 bits of the octet and make sure that its 1 1 0 meaning that it has to be in the range of 192 - 223 being class C, then we are going to check to make sure it has a class C classful subnet of 24 bits.

Finally how to permit or deny any could be very helpful since a Prefix-list just like an Access-list has an implicit deny at the end:

0.0.0.0/0 le 32

This is 'any' for a prefix-list. It says check 0 bits; I don't care what any of the bits are. It also says that the subnet mask can be 32 bits or less (down to the number of bits we are checking) down to 0. So we aren't going to check any bits and the network can have a subnet mask of anything between 0 and 32 bits. This would be 'any'.

Now for your Prefix-list:

In the 3rd Octet we have 1, 4, and 5. We'll break these down to binary to see if we can summarize these into one line:

1 - 0 0 0 0 0 0 0 1
4 - 0 0 0 0 0 1 0 0
5 - 0 0 0 0 0 1 0 1

For a Prefix-list we need to go from the left to the right and we can't skip bits. So for these three networks we would need to stop at the 8 bit since it is the last bit from left to right that is the same. This would give us 3 bits that are different, or 8 possible networks. We only have 3 of the 8 possible networks and we should not permit or deny more than we actually have. We should be as specific as possible.

If we leave the 91.86.1.0/24 alone by itself it will give us a Prefix-list of:

91.86.1.0/24

This will check the first 24 bits from left to right to make sure that they match, and it will also check to make sure that it has a 24-bit subnet mask.

For the 4 and 5 networks we can permit or deny both of those with one line. If we take a look at 4 and 5 again we can see that all of the bit's match down to the 2 bit. This would leave 1 bit that doesn't match, which would give us 2 possible networks, both of which we have.
The Prefix-list to permit or deny both 4 and 5 would be:

91.86.4.0/23 ge 24 le 24

This will check the first 23 bits from left to right. The 24th bit could either be off, which would give us 4, or it could be on which would give us 5. Since we have the ge and le involved the /23 is only bits checked. The ge and le specify that our subnet mask must be greater than or equal to 24-bits and less than or equal to 24-bits which means that the subnet mask must be 24-bits for both possible networks.

WEB: http://ccienotes.blogspot.com/2007/08/ip-prefix-list.html

http://blog.sazza.de/?p=430

http://www.juniper.net/techpubs/software/erx/junose60/swconfig-routing-vol1/html/routing-policy-config8.html

Windows Server 2003 дээр RRA ашиглан NAT хийх

2010 оны 03-р сарын 19 Нийтэлсэн Namjil






CIDR (CISCO)

2010 оны 02-р сарын 26 Нийтэлсэн Namjil

IP version 4

IP address is logical address of Host or Pc IP version4 is divided into 4 octates and each octate is separeted by dot or decmal. The length of IP version4 is 32bit.

class

Subnet mask

Raunge

A

255.0.0.0

1-126

B

255.255.0.0

128-191

C

255.255.255.0

192-223

D

224-239

E

240-255

22=4 26=64 210=1024

23=16 27=128 211 =2048

24=16 28=256 20=1

25=32 29=512 21=1

Жишээ нь :

Network address: 192.168.0.0

Default s/mask: 255.255.255.0

11111111.11111111.11111111.00000000

1 1 1 1 1 1 1 1=8 bit

128 + 64 + 32+ 16+ 8+ 4+ 2+ 1= 255

Host per Subnets: 50 =2 6- 2=64

Дэд сүлжээ бүр 50 host-t байх хэрэгтэй. 50-ийн ойролцоо тоог 26-2=62 гэж олж болно. Өөрөөр : 26 =64 гэхээр: 128 + 64+ 32+ 16+ 8+ 4+ 2+ 1

1 1 0 0 0 0 0 0

s/ mask нь : 11111111.11111111.11111111.11000000 болно.

0-off bit , 1-on bit

128,64 хоёр onbit : 128+ 64 = 192

11111111.11111111.11111111.11000000

26 ширхэг 1 байна

255.255.255.192

Network address: 192.168.0.0/26 гэж товчилж бичдэг. 26 ширхэг 1 байна.

Одоо хэдэн дэд сүлжээ байхыг олно.

No of Host : = 2offbit- 2= 26 – 2 = 62 хостын тоо (дэд сүлжээ бүр дэхь)

No of Subnet : = 2onbit= 22= 4 гэхээр 4 дэд сүлжээ үүсэх ёстой гэсэн үг.

Тэдгээр нь : valid subnets = 256- 192= 64

Subnets : 0, 64, 128, 192

63 127 191

3 нь broadcast хаягууд болно .

‘0’ subnet :

192.168.0.0block and subnet - 192.168.0.63broadcast

192.168.0.1 - 192.168.0.62 (host-д өгөх хаяг)

Дээрх нь 192.168.0.0/26 гэсэн дэд сүлжээ нь 192.168.0.1-62 хүртэлх хаягыг хостууддаа өгнө гэсэн үг.

‘64’ subnet:

192.168.0.64block and subnet -192.168.0.127broadcast

192.168.0.65 -192.168.0.126

192.168.0.64/26 гэсэн дэд сүлжээ нь 192.168.0.65-126-н хоорондох хаягуудыг хостууддаа тараана гэсэн үг.

‘128’ subnet : 192.168.0.128/26

192.168.0.128block & subnet- 192.168.0.191broadcast

192.168.0.129 - 192.168.0.190

‘192’ subnet : 192.168.0.192/26

192.168.0.192block & subnet-192.168.0.255broadcast

192.168.0.193 -192.168.0.254

Жишээ нь :

Network address : 172.16.0.

Subnet mask : 255.255.255.00

Required Host : 30 ширхэг (дэд сүлжээ бүрт)

No of Host : 25- 2 =30

s/mask : 11111111.11111111.11111111.11100000

128+ 64+ 32 =224

255.255.255.224

N/a : 172.16.0.0/ 27

No of subnets : = 2onbit

=23 =8

Valid Subnet : 256-224=32

0, 32, 64, 96, 128, 160, 192, 224

Гэсэн 8 дэд сүлжээ үүсэх ёстой.

0, 32-р эхэлж байгаа нь : 11100000- offbit-н тоо нь 5.

25 =32 гээд дараа дараагын дэд сүлжээгээ олохын тулд 32-г нэмээд явна.

32+ 32= 64+ 32= 96+ 32= 128.......

Тэгээд дэд сүлжээнд дээрх хэлбэртэй байна.

‘0’ – (172.16.0.0/ 27)

172.16.0.0- 172.16.0.31

172.16.0.1- 172.16.0.30

‘32’ – (172.16.0.32/ 27)

172.16.0.32- 172.16.0.63

172.16.0.33- 172.16.0.62

‘64’ – (172.16.0.64/ 27)

172.16.0.64 – 172.16.0.95

172.16.0.65 – 172.16.0.94

‘961’ – (172.16.0.96/27)

172.16.0.96 – 172.16.0.127

172.16.0.97 – 172.16.0.126 .........

‘224’ – (172.16.0.224/ 27)

172.16.0.224- 172.16.0.255

172.16.0.225- 172.16.0.224

Жишээ нь:

N/a : 20.0.0.0

s/mask : 255.255.255.0

Required host : 1500

No of host : 211-2= 2024 (ойролцоо утга)

s/mask : 11111111.11111111.11111000.00000000

128+ 64+ 32+ 16+ 8=248

255.255.248.0

N/a : 20.0.0.0/ 21

no of subnets : =2onbit

=25 =32 гэхээр 32 дэд сүлжээ үүсэх болж байна .

Одоо дэд сүлжээнүүдийг олохын тулд : 11111000.00000000-offbit нь 3 буюу сүлжээнйи bit-ээс 3 bit зээлсэн 2offbit 23=8

Subnets : 0= 0+ 8=8+8 =16+ 8= 2224= 8 =32+ 8...гэх мэтчилэн дэд сүлжээнүүдийг олно.

0, 8, 16, 24, 32, 40, 48, 56, 64, 72, 80, 88, 96, 104, 112, 120, 128, 136, 144, 152, 160, 168, 176, 184, 192, 200, 208, 216, 224, 232, 240, 248

CompizFusion (Ubuntu-9.10_Desktop)

2010 оны 02-р сарын 24 Нийтэлсэн Namjil
http://www.ubuntugeek.com/how-to-install-and-configure-compiz-fusion-in-ubuntu-9-10karmic.html

https://help.ubuntu.com/community/CompositeManager/CompizFusion

Install MS Office2007&Drupal6Ubuntu-9.10

2010 оны 01-р сарын 27 Нийтэлсэн Namjil

http://www.wepoca.net/blog/2009/nov/state-drupal-ubuntu-910-karmic-koala

http://www.wine-reviews.net/wine-reviews/microsoft/office-2007-in-ubuntu-910-with-wine-1132.html