Networking


While Intel and Atheros are doing a great job writing wireless drivers for linux, there are still other wireless cards, specifically Broadcom, who do not have linux drivers or who do not have good linux drivers.

The purpose of this article is to explain how to configure ndiswrapper in SUSE Linux Enterprise Desktop 10 SP1. On my end I am using an old dell c640 (with the embedded wireless card turned off in BIOS) and a Linksys wusb54gc usb wireless device.

1: Go into Yast and install ndiswrapper and the appropriate ndiswrapper kernel module.
– hit alt+f2 enter yast2.
– open the software management module.
– search for ndiswrapper
– determine which version of the kernel you are running(bigsmp, default, smp) by opening a terminal and entering uname -r
– check off the “ndiswrapper” package as well as “ndiswrapper-kmp-<kernel version>” in yast and click accept to install.

2. Setup ndiswrapper
-Determine which chipset your wireless device is using. To do this enter:
hwinfo
or
lspci
or
lsusb
You can grep the results for wireless ex. hwinfo | grep -i wireless or just manually scroll through the output and search for something that looks like your wireless device.

In the case of my Linksys device it uses a Ralink chipset. I found the windows driver (rt73.inf) on the cd that came with the device. Find the .inf file for your card on your manufacturer’s website and download it. (Often times you will have to unzip the .exe driver installer to find the .inf).

-enter the following commands:
ndiswrapper -i /path/to/driver.inf #to install the driver
modprobe ndiswrapper #to load the module
ndiswrapper -m #To ensure that ndiswrapper will always use the same network interface name

3. Configure the wireless device in yast
– You should already have yast open from when you installed the ndiswrapper packages
– This time go into the “network card” module
– Verify that “NetworkManager” is selected and click next
– Click “Add”
– For Device Type choose “wireless”
– Configuration Name “0”
– Moduel Name “ndiswrapper”
– Click next then finish etc. to finish.

I have based this article off of the documentation that can be found in /usr/share/doc/packages/ndiswrapper/README.SUSE after installing ndiswraper

Advertisements

Yes!  NetWare can be virtualized using Xen on SUSE Linux Enterprise Server 10 SP1.  It’s part of the feature set of Open Enterprise Server 2 — more info:  product home page, audio podcast, Novell CTO blog, press release, workgroup blog

A couple of related news articles

One great thing about the way that OES 2 was designed is that it is simply an add-on to SLES 10.  That means, all the hardware that is officially certified for SLES 10, is now officially certified to run virtualized NetWare (OES 2).  Get a list of the certified hardware on the Novell site here, and don’t forget to check your favorite hardware vendor’s own website for the latest info.

In my palatial estate in scenic Waltham, Massachusetts, aka my apartment, I have several computers. My two favorite computers to use are my Lenovo X60 (running SUSE Linux Enterprise Desktop 10 SP1) and my Apple Macbook Pro running OS X (10.4.10). I also have a whitebox machine from Intel that I use as my server running SLES 10 SP1.

The thought came across my mind the other day that I would like a central way to store and access my music. This way I can save room on my laptop hard drive for “business” items and utilize the larger disk on my server to store higher bit rate songs. (true audiophiles will really appreciate this)

To achieve this I scp’d all of my music files from my my Mac over to my SLES server using OS X’s terminal application located in /Applications/Utilities/terminal. In this example the ip address of my server is 192.168.2.5.

scp -r /Users/username/music 192.168.2.5:/music
The ‘-r’ stands for recursive and allows me to copy over a directory.

Next I setup a NFS server on my SLES machine. NFS is a network file system protocol that allows a user on a client computer to access files over a network as easily as if the network devices were attached to its local disks. This is perfect for our purposes.

To setup a NFS server:

  • Open up YaST: Alt+f2, enter yast2
  • Filter for “nfs server”
  • Check off “Start” under the NFS server section
  • Check off “open port in firewall” if you have a local firewall enabled
  • Hit next
  • Go to “Add directory”
  • Enter the path to your music folder.

Next you need to mount the NFS volume on your local machine

  • On Linux enter (in a terminal as root): mount 192.168.5:/Music /music
  • On OS X enter (in a terminal): sudo /sbin/mount_nfs -P linux:/install /music
  • I had to use the ‘-P’ option to get around an error that said something to the effect of “mount_nfs: Operation not permitted”

At this point you need to configure your desired music players to point to the appropriate directories.

On SLED 10 if you are using Banshee:

  • Open up Banshee
  • Go to Edit>Preferences
  • Make sure that “copy files to music folder when importing” is unchecked
  • Go to Music>Import Music
  • Choose Local folder and navigate to where you mounted the NFS share. (in this example in /music)

On OS X, if you are using iTunes:

  • Open up iTunes
  • Go to iTunes>Preferences
  • Go to the “Advanced” tab.
  • Make sure that the “Copy files to iTunes Music folder when adding to library” option is unchecked
  • Go to File>Import and browse to the location of your NFS mount (in this example /music).

In this example I do not set the machines to automatically mount the NFS share. Each time you reboot you will have to remount the NFS volume, but you shouldn’t have to re-import the music.

Imagine if You Will…

You’re in the server room, listening to the sound of a babbling brook, when suddenly the sound of a fish splashing back in the water causes you to look at your network monitor application, where you see a traffic spike that needs your attention.

Some sort of weird Ridley Scott remake of Hackers? No, one of several system monitoring tools that lets you use your hearing senses to determine what’s going on with your systems and network. The visual side of things has been done to death, it makes sense to use your other senses to relay and receive information.

We already use our sense of smell to monitor equipment, right? I mean, who doesn’t know the smell of toasted motherboard, burned wiring and overheated circuitry? What is more horrifying than walking into the server room and smelling something burned?

How Cool is This?

Around 2000, a project called Peep set out the following goals:

Administering a network means keeping track of copious amounts of information. Today’s network monitoring tools are “log-based”; they produce large logs of information through which the system administrator is expected to sift and discover problems.

The PEEP approach is to eliminate the need to search through large amounts of text by representing network information in real-time. PEEP uses sound to represent the vast amount of available information about network status.

With PEEP, a system administrator can tell what activity is occurring in his network in real-time and isolate where the problem lies.

Peep is pretty old and nothing much has happened with it for quite a while, but I found an article that takes a different approach to all of this using a package called FluidSynth. A continuation of the work done with Peep, there’s a set of programs and scripts comprised of:

  • Fluidsynth
  • Sound font packages
  • Perl
  • Chordstats

All of this isn’t hard to get running and pretty soon I had the sound of hammered dulcimers plinking away in my office. The program monitors vmstat in it’s simplest configuration, the output of which contains a lot of constantly changing stats about your processes, swap, cache and buffers, input/output, interrupts etc.

When you get this running there is a constant backbeat of a particular note, metronomically binging along, and when something changes on your machine other notes are inserted from different octaves and ranges to make a counterpoint to the backbeat.

But Can You Get it in Blue?

Oh boy, can you have fun with the different system tasks and configuring the noises they trigger!  I found that by twirling the 3D desktop cube, scp’ing a file from the machine and using Bittorrent I could make a noise that sounded like someone dropped the entire minstrel section from a Renaissance Festival from a great height onto a grand piano.

Note: You will want to experiment with these tools either A) when everyone else is gone B) Only the cleaning staff is there vacuuming. Regardless, you will rapidly have people leaning in your office door and using interrogative expletives (“What the ____ are you doing?”, “What is that bombastic blast?”, and my favorite “Who’s torturing a ____’ing piano in here?”).

There is a great article on the IBM Developerworks site about chordstats, with lots of resources to get other chord packages and some good explanations of what other commands you can monitor the output of (strace is another favorite of mine), and don’t forget to look at the Sourceforge site for Peep, and read the original presentation, it’s fascinating.

Enjoy, (I know I did, and now I know that my dog can howl in High C).

RossB

Pre-eXecution Environment (PXE) is a method of booting computers off of a network card independent of local storage devices such as a hard drive or a DVD. PXE is very useful in thin client environments or as a quick way to deploy a new operating system to any computer. PXE is dependent on several network protocols:

  • IP: A network layer protocol in the Internet Protocol Suite. IP provides the service of communicable unique global addressing amongst computers.
  • UDP: A core of protocol of the Internet Protocol Suit. UDP allows programs to send short messages sometimes know as datagrams.
  • DHCP: A method for networked computers to obtain IP addresses and other necessary networking parameters.
  • TFTP: A simple file transfer protocol that can be implement in a very small amount of memory

Setting up a TFTP server will allow you to easily deploy operating systems to machines without having to boot them from a CD or a DVD. Since most, if not all, laptops have an auto-sensing NICs these days, it is very convenient to setup a TFTP server on your machine. This will allow you to connect your laptop to another machine by a standard Ethernet cable and deploy a new operating system. If your machine doesn’t have an auto-sensing nic you can use a ethernet crossover cable or a switch/hub.

All of the components required for setting up a TFTP server are included in SUSE Linux Enterprise Server (SLES). While unsupported, you can install the necessary component packages from SLES on a SUSE Linux Enterprise Desktop (SLED).

A TFTP server requires the following things:

  • A dhcp server
  • Atftp (I prefer atftp because of advanced features and support for KIWI)
  • An installation source. This can either be an image that you created using KIWI or in the case of this article a SLED DVD or ISO.
  • A method of serving the installation source, in this case Apache.

DHCP. Before a PXE booted machine can do anything it needs to get an an IP address. This means you must setup a DCHP server. Go into the YaST Software Management module and install the “DHCP and DNS Server” pattern. This includes dhcp, dhcp6, dhcp-relay, dhcp-server, dhcp-tools. Next configure your /etc/dhcpd.conf file. Here is what mine looks like:
default-lease-time 14400;
ddns-update-style none;
subnet 192.168.2.0 netmask 255.255.255.0 {
option domain-name-servers 192.168.2.50;
default-lease-time 14400;
filename "pxelinux.0";
next-server 192.168.2.50;
max-lease-time 172800;
range 192.168.2.51 192.168.2.160;
}

The key values for PXE booting are “filename” and “next-server”. Pxelinux.0 is a SYSLINUX derivative, for booting Linux off a network server, using a network ROM conforming to the Intel PXE specification. We will discuss more in a bit. For more information visit here. Next-server defines the ip address of the TFTP boot server. In this case the DHCP server and TFTP server are running on the same machine. Next we will have to configure a static IP address on our machine so that it matches the next-server value. In this example that address is 192.168.2.50 and the subnet mask is 255.255.255.0. To setup a static IP address go into yast and choose the “network card” module. Restart or start your dhcp server by running rcdhcpd start or rcdhcpd restart

ATFP: There isn’t much that needs to be configured beyond the defaults. Here is my /etc/sysconfig/atftpd file:

## Path: Network/FTP/Atftpd
## Description: ATFTP Configuration
## Type: string
## Default: "--daemon "
#
# atftpd options
#
ATFTPD_OPTIONS="--daemon --no-multicast" #I use --no-multicast to increase reliability of blasting down KIWI images, but it is not necessary

## Type: yesno
## Default: no
#
# Use inetd instead of daemon
#
ATFTPD_USE_INETD="no"
## Type: string
## Default: "/tftpboot"
#
# TFTP directory must be a world readable/writable directory.
# By default /tftpboot is assumed.
#
ATFTPD_DIRECTORY="/tftpboot"
## Type: string
## Default: ""
#
# Whitespace seperated list of IP addresses which ATFTPD binds to.
# One instance of the service is started on each IP address.
# By default atftpd will listen on all available IP addresses/interfaces.
#
ATFTPD_BIND_ADDRESSES=""

Note that the default location of of the ATFTP directory is /tftpboot. Start/restart ATFTP by entering atftpd start or atftpd restart

/tftptpboot is the directory where you store all the files necessary for PXE booting a machine. My /tftpboot directory contains the following files and directories:

-rw-r--r-- 1 root root 13148 Jul 11 06:35 pxelinux.0
drwxr-xr-x 2 root root 4096 Sep 24 16:33 pxelinux.cfg/
drwxr-xr-x 2 root root 4096 Jul 11 06:36 sled10x86/

Let’s address each of these files and directories individually.

pxelinux.0: We addressed this file previously in the dhcp section. You can get this file from /usr/share/syslinux/pxelinux.0

pxelinux.cfg: This directory contains a file named “default”. Here is the contents of my default file:
prompt 1 #this will bring up a boot prompt on the PXE booted machine and force the user to enter the label of the system they want to boot into. This a a good way to prevent people from accidentally blowing away their computer.
# sled10
label sled10 #enter this label (sled10) into the boot prompt
kernel /sled10x86/linux
append initrd=/sled10x86/initrd install=http://192.168.2.50/install/sled10x86 splash=silent showopts

By utilizing “prompt 1” you can setup several different installation environments (SLES, SLED, openSUSE, SLE ThinClient etc.) To do this add multiple enteries. Each entry should point to the correct initrd, linux and installation source for that system. Each label should be unique.

sled10x86: This directory contains two files:

  • initrd
  • linux

You can get these files off of the SLED or SLES installation dvd in /media/boot/i386/loader/. Simply copy over the initrd and linux files to your /tftpboot/sled10x86 directory.

Installation source: As seen in the /tftpboot/pxelinux.cfg/default file we point to an installation source hosted on the same machine (install=http://192.168.2.50/install/sled10x86 splash=silent showopts)

  • Open up the “installation Server” yast module
  • Choose the appropriate protocol (in this case http)
  • Select a directory where you want to keep your installation source (in this case /install/).
  • Choose an alias for your directory (install)
  • Click Finish
  • Copy over the contents of SLED or SLES iso or dvd to the directory you just specified.
  • Check and make sure you can browse to your source through firefox

At this point you should be able to pxe boot a machine off of your laptop or desktop. Make sure that the machine to be PXE booted supports PXE and has it enabled in the BIOS. Some computers will refer to it as “network boot”. On most machines hitting F12 after powering on will force the machine to PXE boot. After the machine PXE boots enter “sled10” at the boot prompt, hit enter, and then go forward with your installation.

Go Phillies!

While investigating spyware and virus blocking options for Open Source customers, I discovered the Untangle product, from untangle.com.  Untangle’s Open Source Network Gateway is a combination of OSS projects, custom Untangle scanning engines and lots of enhancements to the interfaces to the products.  While a commercial company, they have a OSS version that’s to download and evaluate, and if you want a throat to choke, there is the Professional option, which includes support, directory support, policy management etc.

Untangle is intended to be a lower or no-cost alternative to SonicWALL and/or Watchguard, and looking at the product and site, they have attracted quite a community of users and developers, so keep an eye on them, maybe they’ll get bought by someone with deep pockets and really take off.

Untangle includes the following products:

  • Virus/Spyware Blockers – ClamAV and Global Hauri
  • Web Filter –  Untangle scanning engine + URLBlacklist.com
  • Protocol Control – Untangle scanning engine + Layer 7 Netfilters
  • SPAM Blocker – Customized SpamAssassin with additional rules
  • Phish Blocker – ClamAV + phish signature databases
  • Intrusion Detection – Untangle scanning engine + Snort signatures
  • Attack Blocker – Proprietary Untangle DDOS and DOS application
  • Firewall – Proprietary Untangle rules-based firewall application
  • Remote Access Portal – Local LDAP and tun/tap servers + rules and SSL
  • OpenVPN – OpenVPN + tools to configure access
  • Custom Reports – Various OSS and Untangle custom components
  • Router – Uses OSS router code and Untangle enhancements

You can download a copy of the Untangle OSS version without any registration or delay, or you can visit the Untangle site, the Untangle Wiki or their Forums for more information.  Also check out their pre-configured VMWare appliance, modesty and being a XEN guy prohibits me from just linking to it, but it’s hard to miss it on the Wiki site.

I’m running it now in a VM to see how well it works for my purposes, let me know if you try this product, and your experiences.

Enjoy,

RossB

Oh boy, Cisco has just put it’s hat into the virtualization and orchestration game with it’s VFrame technology, described as:

…. a data center automation tool that provides flexibility to industry-standard server environments and their associated I/O interfaces.

Effectively your server instances will become virtual servers that boot from the storage cloud and are easily reconfigurable to serve any purpose, either manually decided or automatically determined.

This solution requires Infiniband, Cisco Multi-fabric switches and of course the Cisco VFrame software. I think it’s safe to say that this will not be the low-cost leader for this type of solution.

More here.

RossB

Next Page »