FranGarcia.me (Posts about dns)https://www.frangarcia.me/categories/dns.atom2024-03-15T13:54:14ZFran GarciaNikolaConfiguring proxy settings in lftphttps://www.frangarcia.me/posts/configuring-proxy-settings-in-lftp/2017-11-06T08:25:44+01:002017-11-06T08:25:44+01:00Fran Garcia<p>I sometimes need to upload data to Red Hat's <code>dropbox</code> service, and most of the
times I need to go through a proxy of some sort. Here's a quick note on how to
configure lftp to use such a proxy.</p>
<div class="code"><pre class="code literal-block"><span class="c1"># lftp</span>
lftp<span class="w"> </span>:~><span class="w"> </span><span class="nb">set</span><span class="w"> </span>ftp:proxy<span class="w"> </span>http://USER:password@yourproxy:8080
lftp<span class="w"> </span>:~><span class="w"> </span>open<span class="w"> </span><span class="m">209</span>.132.183.100
lftp<span class="w"> </span><span class="m">209</span>.132.183.100:~><span class="w"> </span>user<span class="w"> </span>anonymous
Password:<span class="w"> </span>
lftp<span class="w"> </span>anonymous@209.132.183.100:~><span class="w"> </span><span class="nb">cd</span><span class="w"> </span>/incoming
<span class="nb">cd</span><span class="w"> </span>ok,<span class="w"> </span><span class="nv">cwd</span><span class="o">=</span>/incoming
lftp<span class="w"> </span>anonymous@209.132.183.100:/incoming><span class="w"> </span>put<span class="w"> </span>yourfile.tar.gz<span class="w"> </span>-o<span class="w"> </span>YOURCASENUMBER-yourfile.tar.gz
</pre></div>
<p>As you can see:</p>
<ul>
<li>I used the <code>set ftp:proxy</code> command to configure the proxy.</li>
<li>Then I used <code>209.132.183.100</code> rather than <code>dropbox.redhat.com</code> . Some proxies
<strong>do not work if using the DNS hostname</strong>, for some reason.</li>
<li>After that, I blindy changed into /incoming . It's the only directory with
allowed wrting permissions </li>
<li>Finally I used <code>put -o</code> to specify the destination filename.</li>
</ul>
<p>Additional notes on configuring lftp to upload information to Red Hat can be found in <a href="https://access.redhat.com/solutions/2112">KCS 2112</a> .</p>
<p>Happy hacking!</p>First steps with Infobloxhttps://www.frangarcia.me/posts/first-steps-with-infoblox/2017-09-28T10:54:56+02:002017-09-28T10:54:56+02:00Fran Garcia<p>Infoblox produces some appliances that do DNS/DHCP management, full network IPAM
management and so on. Since I needed to so some usage of their APIs I've had to
set up an infoblox appliance and here I'm jotting down some of the steps I took
for easier reference.</p>
<p>The overall steps are:</p>
<ul>
<li>Download the appliance from <a href="https://www.infoblox.com">www.infoblox.com</a></li>
<li>Deploy on your favourite virtualization system, ej KVM.</li>
<li>Start the VM, and ensure the cpu and memory prerequisites are set.</li>
</ul>
<p>If you use Vmware/vCloud and the OVA you'll probably have most network
and password details prompted upon when deploying the appliance so in that
regard is a bit more straight forward to deploy.</p>
<p>Once your VM is started, you can log in with :</p>
<div class="code"><pre class="code literal-block"><span class="n">user</span><span class="o">:</span><span class="w"> </span><span class="n">admin</span>
<span class="n">pass</span><span class="o">:</span><span class="w"> </span><span class="n">infoblox</span>
</pre></div>
<p>The first step is configure the network, which can be done with:</p>
<div class="code"><pre class="code literal-block"><span class="nx">Infoblox</span><span class="w"> </span><span class="p">></span><span class="w"> </span><span class="nx">set</span><span class="w"> </span><span class="nx">network</span>
<span class="nx">Enter</span><span class="w"> </span><span class="nx">IPv4</span><span class="w"> </span><span class="nx">address</span><span class="w"> </span><span class="p">[</span><span class="nx">Default</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">172.16.16.102</span><span class="p">]:</span><span class="w"> </span>
<span class="nx">Enter</span><span class="w"> </span><span class="nx">netmask</span><span class="w"> </span><span class="p">[</span><span class="nx">Default</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">255.255.255.0</span><span class="p">]:</span><span class="w"> </span>
<span class="nx">Enter</span><span class="w"> </span><span class="nx">gateway</span><span class="w"> </span><span class="nx">address</span><span class="w"> </span><span class="p">[</span><span class="nx">Default</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">172.16.16.1</span><span class="p">]:</span><span class="w"> </span>
<span class="nx">NOTICE</span><span class="p">:</span><span class="w"> </span><span class="nx">Additional</span><span class="w"> </span><span class="nx">IPv6</span><span class="w"> </span><span class="kd">interface</span><span class="w"> </span><span class="nx">can</span><span class="w"> </span><span class="nx">be</span><span class="w"> </span><span class="nx">configured</span><span class="w"> </span><span class="nx">only</span><span class="w"> </span><span class="nx">via</span><span class="w"> </span><span class="nx">GUI</span><span class="p">.</span>
<span class="nx">Become</span><span class="w"> </span><span class="nx">grid</span><span class="w"> </span><span class="nx">member</span><span class="p">?</span><span class="w"> </span><span class="p">(</span><span class="nx">y</span><span class="w"> </span><span class="k">or</span><span class="w"> </span><span class="nx">n</span><span class="p">):</span><span class="w"> </span><span class="nx">n</span>
<span class="w"> </span><span class="nx">New</span><span class="w"> </span><span class="nx">Network</span><span class="w"> </span><span class="nx">Settings</span><span class="p">:</span>
<span class="w"> </span><span class="nx">IPv4</span><span class="w"> </span><span class="nx">address</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">172.16.16.102</span>
<span class="w"> </span><span class="nx">IPv4</span><span class="w"> </span><span class="nx">Netmask</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">255.255.255.0</span>
<span class="w"> </span><span class="nx">IPv4</span><span class="w"> </span><span class="nx">Gateway</span><span class="w"> </span><span class="nx">address</span><span class="p">:</span><span class="w"> </span><span class="m m-Double">172.16.16.1</span>
<span class="w"> </span><span class="nx">Is</span><span class="w"> </span><span class="nx">this</span><span class="w"> </span><span class="nx">correct</span><span class="p">?</span><span class="w"> </span><span class="p">(</span><span class="nx">y</span><span class="w"> </span><span class="k">or</span><span class="w"> </span><span class="nx">n</span><span class="p">):</span><span class="w"> </span><span class="nx">y</span>
</pre></div>
<p>And now the most confusing thing for new starters is getting your licenses right.
If you're using an evaluation license, you don't need to register in the infoblox
website, but rather have the appliance generate some 60-day evaluation licenses.</p>
<p>You'll need more than one. They can be checked as below :</p>
<div class="code"><pre class="code literal-block"><span class="nv">Infoblox</span><span class="w"> </span><span class="o">></span><span class="w"> </span><span class="k">show</span><span class="w"> </span><span class="nv">license</span><span class="w"> </span><span class="nv">all</span>
<span class="nv">Public</span><span class="w"> </span><span class="nv">IP</span><span class="w"> </span><span class="nv">License</span><span class="w"> </span><span class="nv">Type</span><span class="w"> </span><span class="nv">Kind</span><span class="w"> </span><span class="nv">Exp</span><span class="w"> </span><span class="nv">Date</span><span class="w"> </span><span class="nv">Replaced</span><span class="w"> </span><span class="nv">Hardware</span><span class="w"> </span><span class="nv">ID</span><span class="w"> </span><span class="nv">License</span><span class="w"> </span><span class="nv">String</span>
</pre></div>
<p>To generate the evaluation licenses:</p>
<div class="code"><pre class="code literal-block">Infoblox > set temp_license
1. DNSone (DNS, DHCP)
2. DNSone with Grid (DNS, DHCP, Grid)
3. Network Services for Voice (DHCP, Grid)
4. Add DNS Server license
5. Add DHCP Server license
6. Add Grid license
7. Add Microsoft management license
8. Add vNIOS license
9. Add Multi-Grid Management license
10. Add Query Redirection license
11. Add Response Policy Zones license
12. Add FireEye license
13. Add DNS Traffic Control license
14. Add Cloud Network Automation license
15. Add Security Ecosystem license
16. Add Flex Grid Activation license
Select license (1-16) or q to quit: 1
This action will generate a temporary 60-day DNSone license.
Are you sure you want to do this? (y or n): y
DNS temporary license installed.
DHCP temporary license installed.
Temporary license is installed.
The UI needs to be restarted in order to reflect license changes.
Restart UI now, this will log out all UI users? (y or n):y
</pre></div>
<p>You will need to repeat this process a bunch of times until all required licenses
are in place. As a guideline, this are the licneses I needed to build a working
appliance :</p>
<div class="code"><pre class="code literal-block"><span class="n">Infoblox</span><span class="w"> </span><span class="o">></span><span class="w"> </span><span class="n">show</span><span class="w"> </span><span class="n">license</span>
<span class="nl">Version</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="mf">8.1.2</span><span class="mi">-356916</span>
<span class="n">Hardware</span><span class="w"> </span><span class="n">ID</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="mf">42140354685089f</span><span class="mi">1</span><span class="n">cdccff04ff9cec5d</span>
<span class="n">License</span><span class="w"> </span><span class="n">Type</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">DNS</span>
<span class="n">Expiration</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="mi">11</span><span class="o">/</span><span class="mi">27</span><span class="o">/</span><span class="mi">2017</span>
<span class="n">License</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">EwAAAEdPGOmqWmv1aFgZbs</span><span class="o">+</span><span class="n">JuxsU6WM</span><span class="o">=</span>
<span class="n">License</span><span class="w"> </span><span class="n">Type</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">DHCP</span>
<span class="n">Expiration</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="mi">11</span><span class="o">/</span><span class="mi">27</span><span class="o">/</span><span class="mi">2017</span>
<span class="n">License</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">FAAAAEdJCOXkWyS7bRNXbM6P8ARA7mYv</span>
<span class="n">License</span><span class="w"> </span><span class="n">Type</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">vNIOS</span><span class="w"> </span><span class="p">(</span><span class="n">model</span><span class="w"> </span><span class="n">IB</span><span class="o">-</span><span class="n">VM</span><span class="mi">-820</span><span class="p">)</span>
<span class="n">Expiration</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="mi">11</span><span class="o">/</span><span class="mi">27</span><span class="o">/</span><span class="mi">2017</span>
<span class="n">License</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">GgAAAFVPAvrrFSX0IxYcIsyO9k8K7nUvmR1TaVew</span>
<span class="nl">vNIOS</span><span class="p">:</span><span class="w"> </span><span class="n">CPU</span><span class="w"> </span><span class="n">cores</span><span class="w"> </span><span class="n">detected</span><span class="o">:</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="p">[</span><span class="n">License</span><span class="w"> </span><span class="n">allows</span><span class="o">:</span><span class="w"> </span><span class="mi">2</span><span class="p">]</span>
<span class="nl">vNIOS</span><span class="p">:</span><span class="w"> </span><span class="n">System</span><span class="w"> </span><span class="n">memory</span><span class="w"> </span><span class="n">detected</span><span class="o">:</span><span class="w"> </span><span class="mi">4096</span><span class="n">MB</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="p">[</span><span class="n">License</span><span class="w"> </span><span class="n">allows</span><span class="o">:</span><span class="w"> </span><span class="mi">7168</span><span class="n">MB</span><span class="p">]</span>
<span class="n">License</span><span class="w"> </span><span class="n">Type</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">Grid</span>
<span class="n">Expiration</span><span class="w"> </span><span class="n">Date</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="mi">11</span><span class="o">/</span><span class="mi">27</span><span class="o">/</span><span class="mi">2017</span>
<span class="n">License</span><span class="w"> </span><span class="n">String</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="n">GgAAAEZPH</span><span class="o">/</span><span class="n">DqGWWuLEFXbM3C9U8K7WEsnEUFal64</span>
</pre></div>
<p><strong>Only once your subscriptions are properly attached</strong> your web interface will
become available under <a href="https://www.frangarcia.me/posts/first-steps-with-infoblox/">https://your.appliance.ip</a> . </p>
<p>For the Cisco-oriented people, the appliance CLI is somewhat similar to some
Cisco devices. Is specially useful the <code>show tech-support</code> command that will
show all low-level configuration and status.</p>
<p>Happy hacking!</p>Configurar mDNS en RHEL6https://www.frangarcia.me/posts/configurar-mdns-en-rhel6/2012-08-05T23:03:00+02:002012-08-05T23:03:00+02:00Fran Garcia<p>Por alguna razón que no alcanzo a comprender, RHEL6 no incluye de forma
predeterminada el paquete nss-mDNS necesario para que el DNS multicast
funcione (Avahi/Zeroconf et al).</p>
<p>Aquí va una pequeña guía de instalación y configuración, incluyendo el
repositorio externo EPEL:</p>
<div class="code"><pre class="code literal-block"><span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># yum install -y avahi avahi-tools </span>
<span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># yum install -y --nogpgcheck http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm </span>
<span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># yum install -y nss-mdns</span>
</pre></div>
<p>Modificar en el /etc/nsswitch.conf :</p>
<div class="code"><pre class="code literal-block"><span class="c1"># grep hosts /etc/nsswitch.conf </span>
hosts:<span class="w"> </span>files<span class="w"> </span>dns4_minimal<span class="w"> </span><span class="o">[</span><span class="nv">NOTFOUND</span><span class="o">=</span><span class="k">return</span><span class="o">]</span><span class="w"> </span>mdns4_minimal<span class="w"> </span><span class="o">[</span><span class="nv">NOTFOUND</span><span class="o">=</span><span class="k">return</span><span class="o">]</span><span class="w"> </span>dns
</pre></div>
<p>Y finalmente reiniciar DBus y Avahi-daemon:</p>
<div class="code"><pre class="code literal-block"><span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># chkconfig messagebus on </span>
<span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># chkconfig avahi-daemon on </span>
<span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># service messagebus restart </span>
Stopping<span class="w"> </span>system<span class="w"> </span>message<span class="w"> </span>bus:<span class="w"> </span><span class="o">[</span>FAILED<span class="o">]</span><span class="w"> </span>
Starting<span class="w"> </span>system<span class="w"> </span>message<span class="w"> </span>bus:<span class="w"> </span><span class="o">[</span><span class="w"> </span>OK<span class="w"> </span><span class="o">]</span><span class="w"> </span>
<span class="o">[</span>root@rhel6<span class="w"> </span>~<span class="o">]</span><span class="c1"># /etc/init.d/avahi-daemon restart </span>
Shutting<span class="w"> </span>down<span class="w"> </span>Avahi<span class="w"> </span>daemon:<span class="w"> </span><span class="o">[</span>FAILED<span class="o">]</span><span class="w"> </span>
Starting<span class="w"> </span>Avahi<span class="w"> </span>daemon...<span class="w"> </span><span class="o">[</span><span class="w"> </span>OK<span class="w"> </span><span class="o">]</span>
</pre></div>
<p>De esta forma, todos los dispositivos que estén directamente conectados
en nuestra red local (VLAN) serán capaces de conocernos bajo el nombre
<code>rhel6.local</code> , o el hostname que tengamos configurado y <code>.local</code> . Muy
cómodo si no tenemos ningún servidor DNS en nuestra red o para
dispositivos itinerantes :-)</p>