Category Archives: Routing

Cisco CCNA – ICDN1 – Study notes

IPV6

  • Global Unicast
    • Public IPV6 address – equivalent to public IPV4
  • Link-Local
    • Local network only IPV6 address (within one subnet) – FE80::/10 to FEBF::00/10
    • if not given an address, device will autogenerate one based on the MAC address of the interface
    • Generally used as the def-gw for most devices.
  • Unique local
    • Like private IPv4 addresses. Will not be forwarded by routers
    • FC00::/7 to FDFF::/7
  • IPv6 Multicast
    • Assigned
      • FF02::1 – All nodes multicast – all devices with ipv6 enabled will join the group. Used for RA and RS messages.
      • FF02::2 – All routers multicast –  All routers with “ipv6 unicast-routing” will join the group.
    • Sollicited node
      • Based on ethernet MAC NIC to be received by all hosts but only processed by the one with the matching MAC address.
  • SLAAC – RA message option 1
    • Stateless Address Autoconfiguration.
    • Router RA – Router Advertisement –  message broadcast – every 200 seconds – Also when receiving Router Solicitation message.
    • Contains network prefix and length, Def GW, DNS address and domain name.
  • SLAAC and DHCPv6 – RA message option 2
    • Same as just SLAAC but suggests a DHCPv6 server that feeds the DNS server and domain name information only.
  • DHCPv6 only – RA message option 3
    • Link-local for def GW.
    • DHCPv6 server for Global Unicast, DNS and domain name and everything else.
    • Cannot provide def-gw.
  • EUI64
    • Option 1 and option 2 RA.
    • Uses the MAC address to create a interface address.
    • FF:FE in the middle portion of the IPv6 address.
    • DAD – Duplicate Address Detection – Send NS if no NA received, the address is free to be used.
  • IPv6 Neighbor Solicitation – NS
    • When you know the ipv6 unicast but don’t know the MAC address of the end device.
  • Ipv6 Neighbor Advertisement – NA
    • Message replied when receiving a NS. Contains the MAC address of the sending device.
Tagged , ,

Raspberry Pi 2 – NTP server | Stratum 1

Well, it’s done! I have a small RP2 acting as a Stratum 1 NTP Server using a GPS module with the GPIO input.

It’s been added the canadian pool.ntp.org cluster of NTP servers and has begun answering queries. The process was relatively simple with a few things to keep in mind :

  • The default repository do not hold a recent image of the NTPD image. You are better off downloading and compiling the archive yourselves.
  • Here is the GPS module for the Raspberry Pi A+/B+/2 : Link
  • If you have an older Raspberry Pi : Link
  • You might need an antenna to lock on to the GPS signal. Especially true if you are indoors. Depending if a GPS repeater is present, it might be impossible to get a lock anywhere else than the top floor of a building or a room with windows.
  • I made the mistake of ordering the old style of GPS module for the RP2. It does fit, but it’s a bit awkward and I need to get a GPIO riser so that the antenna isn’t hitting the USB/Ethernet connectors. For now, the GPS module is just not fully connected to the GPIO board. There might be 3 centimeters of the connectors exposed. Everything seems to be working fine but doesn’t look very clean.

Here is a small taste of what kind of devices seem to be hitting my server :

tcpdump_ntp

 

stjhnbsu1kw-047055188012.dhcp-dynamic.FibreOp.nb.bellaliant.net
hlfxns016cw-156057136226.dhcp-dynamic.FibreOp.ns.bellaliant.net
216-211-57-239.dynamic.tbaytel.net
hlfxns016cw-156057150054.dhcp-dynamic.FibreOp.ns.bellaliant.net
hlfxns0187w-047055119103.dhcp-dynamic.FibreOp.ns.bellaliant.net
hlfxns0187w-142177064089.pppoe-dynamic.High-Speed.ns.bellaliant.net
stjhnbsu1kw-047054246090.dhcp-dynamic.FibreOP.nb.bellaliant.net
hlfxns0188w-099192087052.pppoe-dynamic.High-Speed.ns.bellaliant.net
dsl.198.58.171.47.ebox.ca
stjhnbsu0ww-142134156121.dhcp-dynamic.FibreOP.nb.bellaliant.net
192-0-170-198.cpe.teksavvy.com
216-211-115-4.dynamic.tbaytel.net
hlfxns0187w-047055097081.dhcp-dynamic.FibreOp.ns.bellaliant.net
fctnnbsc38w-207179184024.dhcp-dynamic.FibreOp.nb.bellaliant.net
hlfxns0169w-142068218193.pppoe-dynamic.High-Speed.ns.bellaliant.net
stjhnbsu1kw-047055177028.dhcp-dynamic.FibreOp.nb.bellaliant.net
24.114.221.2
S010674d02b6711ee.ca.shawcable.net
216-211-71-83.dynamic.tbaytel.net
hlfxns0187w-047055122041.dhcp-dynamic.FibreOp.ns.bellaliant.net
stjhnbsu1kw-099192014064.dhcp-dynamic.FibreOp.nb.bellaliant.net
stjhnbsu0nw-156034190005.dhcp-dynamic.FibreOp.nb.bellaliant.net
stjhnbsu1kw-047055179184.dhcp-dynamic.FibreOp.nb.bellaliant.net
HLFXNS016CW-142134092016.dhcp-dynamic.FibreOp.ns.bellaliant.net
stjhnbsu0ww-142134158198.dhcp-dynamic.FibreOP.nb.bellaliant.net
184.66.68.82
hlfxns0163w-142068001198.dhcp-dynamic.FibreOp.ns.bellaliant.net
stjhnbsu0ww-142134152181.dhcp-dynamic.FibreOP.nb.bellaliant.net
hlfxns016cw-156034028230.dhcp-dynamic.FibreOP.ns.bellaliant.net
dsl.198.58.150.186.ebox.ca
stjhnbsu0ww-047054187034.dhcp-dynamic.FibreOP.nb.bellaliant.net
173.239.175.242
stjhnbsu1kw-047054018211.dhcp-dynamic.FibreOP.nb.bellaliant.net
stjhnbsu1kw-047055183093.dhcp-dynamic.FibreOp.nb.bellaliant.net
stjhnbsu1kw-047054018159.dhcp-dynamic.FibreOP.nb.bellaliant.net
199.168.250.156 (ip-199.168.250.156.reverse.skycomp.ca)
216-211-95-251.dynamic.tbaytel.net
216-211-44-86.dynamic.tbaytel.net

That’s a lot of cable modem/CPE devices. I wonder why ISP are not using internal servers. Seems like time is something you would want full control over.

 

Cisco – ASA 5510 – Basic SNMP (V2 and V3) configuration.

SNMP V2 : 

 SNMP V3 : 

Troubleshooting SNMP : 

 

CentOS 6.5 – Create a Certificate Authority

yum install easy-rsa
Default Directory : /usr/share/easy-rsa/2.0/