Sunday, April 13, 2014

IPv4 Martian Addresses

Martian addresses are the blocks of IPv4 addresses that are reserved for special use by the Internet Assigned Numbers Authority (IANA), and are NOT meant to be reached over the Internet. The following are the IANA reserved category addresses which are generally considered as Martian addresses:

Address block Use
0.0.0.0/8 "This" network
100.64.0.0/10 Carrier-grade NAT
127.0.0.0/8 Loopback
169.254.0.0/16 Link local
192.0.0.0/24 IETF protocol assignments
192.0.2.0/24 TEST-NET-1
198.18.0.0/15 Network interconnect device benchmark testing
198.51.100.0/24 TEST-NET-2
203.0.113.0/24 TEST-NET-3
224.0.0.0/4 Multicast
240.0.0.0/4 Reserved for future use

Depending on the manufacturer of routers used at the customer premises or at the network service providers end these Martian addresses may also be blocked within Layer 3 Virtual Private Networks (IP VPNs) or Local Area Networks (LANs). E.g., Juniper Network routers block Martian addresses within IP VPNs.

Private Network IP Address Blocks

IP address blocks that are dedicated for private LANs are also included within the Martian Address blocks according to some definitions.

Subnet Address block Use
10.0.0.0/8 Class A private networks (used as /8 subnets)
172.16.0.0/12 Class B private networks (used as /16 subnets)
192.168.0.0/16 Class C private networks (used as /24 subnets)

Bogon IP Address Blocks

IP address blocks that are yet to be allocated to any user or delegated to any regulator agency by the IANA are called Bogon IP addresses. These blocks change with time.
Posted by at No comments:
Labels: , ,

Thursday, April 10, 2014

Unix - SSH/SCP

  • Check SSH server running:
    # cat /etc/rc.conf | grep ssh
sshd_enable="YES"

  • SSH access to a remote machine:
    #/$ ssh username@remoteMachine

    'remoteMachine' is the DNS resolvable hostname of the remote host. IP address can also be used instead of the remote machine's hostname.

  • Securely transfer file over SSH:
    #/$ scp -q -C -l 80000 username@remoteMachine:/home/username/test.txt \
    /home/username/.

  • Enable root access over SSH (only if it is essential):
    # vi /etc/ssh/sshd_config
PermitRootLogin yes

# service sshd restart  (or, # /etc/rc.d/sshd restart)

  • Generate and copy SSH keys:
    #/$ cd ~
#/$ ssh-keygen -t rsa
#/$ scp ~/.ssh/id_rsa.pub remoteMachine:.ssh/authorized_keys

    'RSA' is used here as authentication mechanism. Similarly 'DSA' can also be used.

  • Verify whether SSH key is working:
    #/$ ssh remoteMachine hostname

    Displays remote machine's hostname without a password prompt.

  • Monitoring/tracing SSH/SCP activities:
    # cat /var/log/auth.log
    Displays detailed log.


Note: Unix commands and file locations used here have been tested on FreeBSD systems.
Posted by at No comments:
Labels: , , , ,

Tuesday, April 8, 2014

Crimping an Ethernet LAN cable

Steps:
  1. Insert the cat 5e/6 cable into the boot/cap.
  2. Remove approximately 1 inch of the sleeve of the wire.
  3. Straighten the wires (ie, untwist the twisted pairs).
  4. Arrange the wires in the right order as shown below. Choose either (EIA/TIA 568) A or B type, and if it is a straight cable follow the colour sequence of the first image on both the ends of the cable.
  5. Cutoff excess length of the wire (to make it levelled inside the RJ-45 clip).
  6. Insert the wire into the RJ-45 clip while maintaining the order of the wires all the way in until you can see all the wires touching on the right side wall of the clip as shown by the red line (ie, you have to insert the beyond the end of arrows shown here.)
  7. Crimp the RJ-45 clip firmly with the crimping tool.
  8. Fix the boot.



Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)