Category Archives: Networking

use nmap to port scan / find free IPS

Posted on by No Comments ↓

I use angry IP scanner in windows, linux has a good util for port scanning an ip range called nmap;

Grab nmap from usual repositories

sudo nmap -sP 192.168.9.0/24 (will show hosts up and resolve mac addresses to vendors)

sudo nmap -v -sT 192.168.9.0/24 (will show hosts up and the various open ports)

sudo nmap -v -sT 192.168.9.104 (will show particular host and the various open ports)

Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-12 11:48 NZST
Initiating ARP Ping Scan at 11:48
Scanning 192.168.9.104 [1 port]
Completed ARP Ping Scan at 11:48, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 11:48
Completed Parallel DNS resolution of 1 host. at 11:48, 0.00s elapsed
Initiating Connect Scan at 11:48
Scanning win2012-veeam.fritz.box (192.168.9.104) [1000 ports]
Discovered open port 111/tcp on 192.168.9.104
Discovered open port 445/tcp on 192.168.9.104
Discovered open port 3389/tcp on 192.168.9.104
Discovered open port 135/tcp on 192.168.9.104
Discovered open port 139/tcp on 192.168.9.104
Discovered open port 49155/tcp on 192.168.9.104
Discovered open port 1063/tcp on 192.168.9.104
Discovered open port 2049/tcp on 192.168.9.104
Discovered open port 3260/tcp on 192.168.9.104
Completed Connect Scan at 11:48, 4.21s elapsed (1000 total ports)
Nmap scan report for win2012-veeam.fritz.box (192.168.9.104)
Host is up (0.00059s latency).
Not shown: 991 filtered ports
PORT STATE SERVICE
111/tcp open rpcbind
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1063/tcp open kyoceranetdev
2049/tcp open nfs
3260/tcp open iscsi
3389/tcp open ms-wbt-server
49155/tcp open unknown
MAC Address: 00:50:56:9C:68:FA (VMware)

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.25 seconds
Raw packets sent: 1 (28B) | Rcvd: 1 (28B)

nsswitch.conf SMF config

Posted on by No Comments ↓

# svccfg
svc:> select dns/client
svc:/network/dns/client> setprop config/search = astring: \
(“us.company.com” “eu.company.com” “companya.com” “companyb.com” “company.com” )
svc:/network/dns/client> setprop config/nameserver = net_address: \
( 138.2.202.15 138.2.202.25 )
svc:/network/dns/client> select dns/client:default
svc:/network/dns/client:default> refresh
svc:/network/dns/client:default> validate
svc:/network/dns/client:default> select name-service/switch
svc:/system/name-service/switch> setprop config/host = astring: “files dns”
svc:/system/name-service/switch> select system/name-service/switch:default
svc:/system/name-service/switch:default> refresh
svc:/system/name-service/switch:default> validate
svc:/system/name-service/switch:default>
# svcadm enable dns/client
# svcadm refresh name-service/switch
# grep host /etc/nsswitch.conf
hosts: files dns
# cat /etc/resolv.conf
#
# opyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
#

#
# _AUTOGENERATED_FROM_SMF_V1_
#
# WARNING: THIS FILE GENERATED FROM SMF DATA.
# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.
# See resolv.conf(4) for details.

search us.company.com eu.company.com companya.com companyb.com company.com
nameserver 138.2.202.15
nameserver 138.2.202.25

zfs share for Time machine backups

Posted on by No Comments ↓

I’ve tried using a share for time machine before, but due to the nature of how time machine works it eventually consumed all the spare space that is available on that particular share.

bring on zfs quotas… (my drive on my mini mac is 100GB, so 200GB should be enough for a few variations)

zfs set quota=200G unprotected/timemachine

This adds a artificial limit to your zfs filesystem, making sure that time machine does not consume more than 200 gigabytes of space.

NFS is your best bet, i’ve created a NFS share like so…

zfs create unprotected/timemachine

zfs set sharenfs=on unprotected/timemachine



HP Gen 8 servers and networking issues – TG3 driver

Posted on by No Comments ↓

There is a bug in the tg3 driver on the ESXi hosts (1gbit broadcom cards in the new hosts). If the network card is put under load and netqueue is enabled it will sometimes decide to drop all traffic. Essentially i’ve disabled netqueue and the problems have gone away…. as per this vm kb :

http://kb.vmware.com/kb/2035701

The isues will present themselves as log entires like so;

2012-11-19T18:58:52.137Z cpu17:4155)<6>tg3 : vmnic8: RX NetQ allocated on 1
2012-11-19T18:58:52.138Z cpu17:4155)<6>tg3 : vmnic8: NetQ set RX Filter: 1 [00:50:56:71:46:87 0]
2012-11-19T18:58:52.138Z cpu17:4155)<6>tg3 : vmnic7: RX NetQ allocated on 1
2012-11-19T18:58:52.138Z cpu17:4155)<6>tg3 : vmnic7: NetQ set RX Filter: 1 [00:50:56:71:46:87 0]
2012-11-19T18:59:12.139Z cpu21:4155)<6>tg3 : vmnic4: NetQ remove RX filter: 1
2012-11-19T18:59:12.139Z cpu21:4155)<6>tg3 : vmnic4: Free NetQ RX Queue: 1
2012-11-19T18:59:22.137Z cpu24:4155)<6>tg3 : vmnic4: RX NetQ allocated on 1
2012-11-19T18:59:22.138Z cpu24:4155)<6>tg3 : vmnic4: NetQ set RX Filter: 1 [00:50:56:71:46:87 0]
2012-11-19T18:59:42.138Z cpu21:4155)<6>tg3 : vmnic7: NetQ remove RX filter: 1
2012-11-19T18:59:42.138Z cpu21:4155)<6>tg3 : vmnic7: Free NetQ RX Queue: 1
2012-11-19T18:59:42.140Z cpu21:4155)<6>tg3 : vmnic4: NetQ remove RX filter: 1
2012-11-19T18:59:42.140Z cpu21:4155)<6>tg3 : vmnic4: Free NetQ RX Queue: 1
2012-11-19T19:00:02.139Z cpu28:4155)<6>tg3 : vmnic8: NetQ remove RX filter: 1

vmware – copy networking port groups to another host

Posted on by No Comments ↓

You might be able to do this via “host profiles” but if you do not have the licensing for it, this is the alternative. Very handy if you have over 50 or so port groups. It can be re-run to add to additional hosts as needed.

Install powercli, run the following to obtain your current list of virtual port groups off existing host;

Get-VirtualPortGroup -VirtualSwitch vSwitch0 -VMHost esx-01

Grab the output and place into CSV file or copy straght into Excel…

Following the formatting of the following “esx_switching-generic.csv” import the required data from aboves output. Note : the top line is the headers and should always be at the top of the CSV file.

Type,HostName,SwitchName,NIC,PortGroupName,VLAN,IP,Subnet,KernelGW
Portgroup,esx-02,vSwitch0,,Test_Network1,510,,,
Portgroup,esx-02,vSwitch0,,Test_Network2,511,,,

 

Place this file in a location that is called by this script —

#This script is designed to allow you to configure switches on multiple hosts by
#importing information from a prepopulated .csv file. vMotion switch created based
#on Mike Laverick's posting http://www.rtfm-ed.co.uk/?p=1514
#!!!!!!!Values passed for Type are Case sensitive since comparisons are being made.!!!!!!!

$getinfo = Import-Csv "D:\esx_switching-generic.csv" #need to input locatin of .CSV file

#Connect-VIServer -Server #Need to input appropriate vCenter Server

$getinfo | % {
$Type = $_.Type #!!!! Case Sensitive !!!!!!
$gethost = Get-VMHost -Name $_.HostName
$SwitchName = $_.SwitchName
$PortGroup = $_.PortGroupName
$Nic = $_.NIC
$VLAN = $_.VLAN
$IP = $_.IP
$Subnet = $_.Subnet
$kernelGW = $_.KernelGW

If ($Type -eq "Switch") {
$gethost | New-VirtualSwitch -Name $SwitchName -Nic $Nic
}

#Gets Switch object based on the value for SwitchName (required for several cmd-lets that do not accept Strings)
#'If' statement is used since a vMotion type does not already have a switch configured which will throw up an error.
If ($Type -ne "vMotion") {
$getswitch = Get-VirtualSwitch -VMHost $gethost -Name $SwitchName
}

#Add additional NIC to vSwitch to create a Team
If ($Type -eq "Team"){
$getswitch | Set-VirtualSwitch -Nic $Nic
}

#Add Portgroup to existing switch with VLAN
IF ($Type -eq "Portgroup") {
$getswitch | New-VirtualPortGroup $PortGroup -VLanId $VLAN
}

#Creates vMotion switch and configures vmkernel gateway (located under DNS and Routing in configuration tab)
IF ($Type -eq "vMotion") {

$newvswitch = New-VirtualSwitch -VMHost $gethost -Name $SwitchName -Nic $Nic
$vmotion = New-VirtualPortGroup -VirtualSwitch $newvswitch -Name $PortGroup
New-VMHostNetworkAdapter -VMHost $gethost -PortGroup $PortGroup -VirtualSwitch $newvswitch -IP $IP -SubnetMask $subnet -VMotionEnabled: $true

$vmhostnetwork = get-vmhostnetwork $gethost
set-vmhostnetwork -network $vmhostnetwork -vmkernelgateway $kernelGW
}
}