My Appliance Now on VMware Appliances

VMware Have just published my appliance on the VMware Appliance Marketplace...

http://www.vmware.com/appliances/directory/383813


Enjoy!

Google Chrome OS on USB

***Link removed as it is no longer actively maintained***
Download it here:

Link removed

This one has been rolled by myself, use winimage (or tool of your choice) to image this on to your thumb drive...Enjoy!

If Security Is Obscurity...

Then these companies need help:

http://shodan.surtri.com/?q=cisco-IOS


Shodan is a cool new search engine that takes google-hacking to the next level.

Windows Server 2008 R2

For those out there playing around with (or supporting) Windows 2008
have a read of this ebook:
MS Press Windows 2008 R2

Then once your done have ago at my labs here:

How to Setup Small Windows 2008 R2 Lab

and here:


Setting up File and Folder Permissions and Automagically Mapping Network Drives

Enjoy!

Vyatta VC 6 VMware Appliance!

**This is now outdated check here for new appliance**

Hi all,


Vyatta hasnt yet released a VMware Appliance for VC6 therefore...

VyattaVC6-Alpha.zip


It comes complete with VMware Tools not open-vm tools and is ready to be dropped into ESX!

VMware are in the process of approving this appliance, so until then grab it from the above link.

Enjoy

Vyatta VC 6 Netflow and Solarwinds

Quick demo of Netflow with Vyatta

Vyatta VC 6 Netflow from Richard Vimeo on Vimeo.

VMware ESXi on USB

My quickest video yet:

How to place VMware's ESXi on to a USB drive:

VMware ESXi on USB from Richard Vimeo on Vimeo.

Load Balancing with Vyatta VC 6

Here is a diagram of the setup, we are dealing with the router to the far left of the diagram "R10" : diagram

This is the video of me configuring load balancing and testing it:

Vyatta Load Balancing from Richard Vimeo on Vimeo.

Here is the configuration:
Setting up the interfaces:
R10:

interfaces {
ethernet eth0 {
address 10.0.0.27/24
description ISP1
}
ethernet eth1 {
address 192.168.0.181/24
description ISP2
}
ethernet eth2 {
address 10.0.10.10/24
description R10TOR1
}
loopback lo {
address 10.10.10.10/32
}

Setting up the IGP:

protocols {
ospf {
area 10 {
network 10.0.10.0/24
network 10.10.10.10/32
}
default-information {
originate {
always
metric-type 2
}
}
}



Setting up Load Balancing

static {
route 0.0.0.0/0 {
next-hop 10.0.0.126 {
}
next-hop 192.168.0.1 {
}
}
}

load-balancing {
wan {
flush-connections
interface-health eth0 {
failure-count 2
nexthop 10.0.0.126
success-count 1
test 10 {
ping
resp-time 5
target 192.168.0.1
}
}
interface-health eth1 {
failure-count 2
nexthop 192.168.0.1
success-count 1
test 10 {
ping
resp-time 5
target 192.168.0.1
}
}
rule 10 {
inbound-interface eth2
interface eth0 {
weight 1
}
interface eth1 {
weight 1
}
protocol all
}
}
}




Good luck and Enjoy!

Testing Vyatta with QoS and Asterisk(Elastix) - Howto

The Setup:

First setting up the Interfaces:
R1:

interfaces {
ethernet eth0 {
address 10.0.12.1/24
description R1TOR2
}
ethernet eth1 {
address 192.168.10.254/24
description LAN1
}
ethernet eth2 {
address 10.0.10.1/24
description R1TOR10
}
ethernet eth3 {
address 10.0.13.1/24
description R1TOR3
}
loopback lo {
address 1.1.1.1/32
}

R2:

interfaces {
ethernet eth0 {
address 10.0.12.2/24
description R1TOR2
}
ethernet eth1 {
address 192.168.2.254/24
description LAN2
}
loopback lo {
address 2.2.2.2/32
}

R3

interfaces {
ethernet eth0 {
address 10.0.13.3/24
description R1TOR3
speed auto
}
ethernet eth1 {
address 192.168.3.254/24
description LAN3

}
loopback lo {
address 3.3.3.3/32
}
}


Setting up the IGP:
R1:

protocols {
ospf {
area 0 {
network 10.0.12.0/24
network 10.0.13.0/24
}
area 1 {
network 1.1.1.1/32
network 192.168.10.0/24
}
area 10 {
network 10.0.10.0/24
}
parameters {
router-id 1.1.1.1
}
}

R2:

protocols {
ospf {
area 0 {
network 10.0.12.0/24
}
area 2 {
network 2.2.2.2/32
network 192.168.2.0/24
}
parameters {
router-id 2.2.2.2
}
}
}

R3:

protocols {
ospf {
area 0 {
network 10.0.13.0/24
}
area 3 {
network 192.168.3.0/24
network 3.3.3.3/32
}
}
}


Setting up the QoS Policy:
R1:

qos-policy {
traffic-shaper SITE1 {
bandwidth 125kbit
class 10 {
bandwidth 85Kbit
match VOIP-RTP {
ip {
dscp 46
}
}
}
class 20 {
bandwidth 15kbit
match VOIP-CONTROL {
ip {
protocol udp
source {
port 5060
}
}
}
}
class 30 {
bandwidth 10kbit
match OSPF {
ip {
protocol ospf
}
}
queue-type fair-queue
}
default {
bandwidth 10kbit
}
description QOS_for_SITE1
}



The applying it:
R1:

interfaces {
ethernet eth0 {
address 10.0.12.1/24
description R1TOR2
qos-policy {
out SITE1
}




Here is the video where I configure and test it:

Testing Quality Of Service (QOS) with Vyatta and Asterisk from Richard Vimeo on Vimeo.

Testing Vyatta with QoS and Asterisk(Elastix)

Well, we have done something every simular here


However this time we are going all opensource :)

VMware Vsphere Lab-How to Part 3

Part 3 covers:
1)OpenFiler Setup for ESX server
2)iSCSI HBA setup (ESX)
3)Vconverter
4)Vmotion setup
5)Live Vmotion!

Vsphere within VMware Workstation 7 Part 3 from Richard Vimeo on Vimeo.

VMware Vsphere Lab-How to Part 2

Part 2 covers:
1)Installing a Second ESX server
2)Installing VCenter Server
3)Installing Openfiler
4)Setup DataCenter
5)Adding ESX Hosts

Vsphere within VMware Workstation 7 Part 2 from Richard Vimeo on Vimeo.

VMware Vsphere Lab-How to Part 1

Vsphere within VMware Workstation 7 Part 1 from Richard Vimeo on Vimeo.

This video includes intial Lab Setup,installing ESX 4 and installing VSphere Client.

Here are the links from the presentation:
DotNet 2.0 SP1
XML Shared
DotNet 3.0
DotNet 3.0 SP1

VMware Vsphere Lab

I like to mix things up a little :)

So here is a VMware lab using the new VMware Workstation 7:



This lab will go through pretty much everything, to setup a working Vsphere enviroment for your lab.

Testing QoS with Cisco Call Manager and SIP,RTP - How To

This is the practical to this lab: here


Setting up basic IP connectivity:
R1

!
interface FastEthernet0/0
description ToLan
ip address 192.168.10.254 255.255.255.0
duplex auto
speed auto
!
!
interface Serial0/0.123 multipoint
bandwidth 110
ip address 192.168.0.1 255.255.255.0
ip ospf network point-to-multipoint
snmp trap link-status
frame-relay map ip 192.168.0.2 122 broadcast
frame-relay map ip 192.168.0.3 123 broadcast
no frame-relay inverse-arp
!
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 1
network 192.168.0.0 0.0.0.255 area 0
network 192.168.10.0 0.0.0.255 area 1
!



R2

!
interface FastEthernet0/0
description ToLan
ip address 192.168.10.254 255.255.255.0
duplex auto
speed auto
!
!
interface Serial0/0.123 multipoint
bandwidth 110
ip address 192.168.0.1 255.255.255.0
ip ospf network point-to-multipoint
snmp trap link-status
frame-relay map ip 192.168.0.2 122 broadcast
frame-relay map ip 192.168.0.3 123 broadcast
no frame-relay inverse-arp
!
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 1
network 192.168.0.0 0.0.0.255 area 0
network 192.168.10.0 0.0.0.255 area 1
!


R3

!
interface FastEthernet0/0
ip address 192.168.3.254 255.255.255.0
duplex auto
speed auto
!
!
interface Serial0/0.321 multipoint
bandwidth 110
ip address 192.168.0.3 255.255.255.0
ip ospf network point-to-multipoint
frame-relay map ip 192.168.0.1 321 broadcast
frame-relay map ip 192.168.0.2 321 broadcast
!
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 3
network 192.168.0.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 3
!


Set up DHCP for Call Manager/TFTP
R1

ip dhcp excluded-address 192.168.10.1
ip dhcp excluded-address 192.168.10.100
ip dhcp excluded-address 192.168.10.254
!
ip dhcp pool POOL1
network 192.168.10.0 255.255.255.0
option 66 ip 192.168.10.100
default-router 192.168.10.254
!


(Pretty much the same on each router)


Now the important Stuff - QoS for SIP and RTP...

First the ACLs:

!
!Control is for SIP messages
ip access-list extended VOIP-CONTROL-ACL
permit tcp any any eq 5060
permit tcp any eq 5060 any
permit tcp any any eq 6970
permit tcp any eq 6970 any
! RTP is for the actual voices going down the line
ip access-list extended VOIP-RTP-ACL
permit udp any any eq 5060
permit udp any eq 5060 any
permit udp any any range 16384 32767
permit ip any any dscp ef
!


Now the Class Maps:

!
class-map match-any VOIP-CONTROL-CLASS
match access-group name VOIP-CONTROL-ACL
class-map match-any VOIP-RTP-CLASS
match access-group name VOIP-RTP-ACL
!



Now the Policy Maps:

!
policy-map VOIP
class VOIP-RTP-CLASS
priority 70
class VOIP-CONTROL-CLASS
bandwidth 8
class class-default
fair-queue
!


Map Class - Frame Relay:

!
map-class frame-relay FRAME-CLASS
!Provided by ISP
frame-relay cir 110000
!Set Tc to 10ms or 0.01 sec
frame-relay bc 1100
frame-relay be 0
!If you get a BECN set to this rate
frame-relay mincir 110000
!Remember to place this on both ends
frame-relay fragment 120
!Policy map
service-policy output VOIP
!





A few little extras(needed):

!
interface Serial0/0
bandwidth 400
no ip address
encapsulation frame-relay
frame-relay traffic-shaping
no frame-relay inverse-arp
frame-relay ip rtp header-compression
!
!
interface Serial0/0.123 multipoint
bandwidth 110
ip address 192.168.0.1 255.255.255.0
ip ospf network point-to-multipoint
snmp trap link-status
frame-relay class FRAME-CLASS
frame-relay map ip 192.168.0.2 122 broadcast
frame-relay map ip 192.168.0.3 123 broadcast
no frame-relay inverse-arp
!




Here is a video of the lab set up and me trying to break it!

Testing Quality of Service with Cisco Call Manager,VoIP from Richard Vimeo on Vimeo.

Here are the iPerf options I am using:
Server UDP:

iperf.exe -us -n 128m -i5

Client UDP:

iperf.exe -uc 192.168.2.3 -b256k -n 1G -i5 -d


*Remember if you wish to test DSCP tags try the "-s" options to tag the packets for example: "-s ef"

Testing QoS with Cisco Call Manager and SIP,RTP

Hello again all,

Created a nice little lab here:



I plan to not only get up QoS but really stress test it using iperf to see if it works!