APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed


Wrong DNS causes interesting glitch

I had an interesting call a few days back. Old customer, old SCO box overdue for the graveyard but still in use. Customer needed to renumber his ip scheme and ran into a confusing situation after changing from 192.168.2.x to 10.126.10.x.



Title Last Comment
Everything needs RFID  
- RFID would improve my life if every single thing I own were tagged so that I could always hunt it down. -

Web Dummies  
- Why do so many companies avoid web technology? Why do so many insist upon postal mail when email would be immediate? -

Router down  
- Network down and then again.. and again.. Normally I don't like to see WiFi in a business environment, and if it must be there, I like to see it locked down very securely: -

One Smart Rabbit  
- wired communication device is definitely early AI interface -

The 700 MHz Spectrum  
- The coming bandwidth auction could mean good news for all of us, but it will likely be ruined by squabbling and greed. -

Gmail vs. in-house Mail Server   2011/07/06 TonyLawrence
- Well, in fact I can recommend this for some cases. It may not be for everyone - there are some disadvantages - but it can make a lot of sense and the price is reasonable, especially for very small organizations. -

DNS troubleshooting  
- DNS errors or misconfiguration causes all sorts of strange network behavior, including slow logins. -

Vulnerability Scanning  
- Vulnerability scanners return information that the vendors think are important. The problem is that many of the vulnerabilities found and ranked as high, medium or low priority may not really apply to your environment. A glitzy report containing security weaknesses looks good, but it is likely not in your organization's best interest. I will sometimes come across issues that are flagged as "Level 5" or "Critical Priority", that really have no immediate impact in the environment that I am performing the test. -

HP's CloudPrint  
- My neighbor mentioned this in passing the other day. He had the details wrong; he thought this sent documents to your cell phone for storage and later printing. No, that's not quite it, but it's almost as silly. -

The Practice of System and Network Administration (second edition)  
- How to be a Systems Administrator in 900 pages: The broad coverage is a bit unexpected: there's a chapter on Being Happy, chapters on hiring and firing - I'm surprised that there isn't a chapter on being fired, though I suppose if you religiously followed the advice here, maybe you needn't worry about that. -

Do you really need a domain controller?   2013/02/09 Matt
- There are advantages to a Microsoft Domain Controller model. Centralized user control, fine grained resource access control: these are often useful and very helpful. -

Network Warrior  
- In depth networking: Regular readers of these reviews know that I get excited when a book teaches me things I didn't know. If the author can do that and also write well and be entertaining, I tend to fall over in a swoon. Well, yes, this book knocked me out. The subtitle is "Everything you need to know that wasn't on the CCNA Exam" and it's all that and so much more. -

Wireless print servers  
- Wireless print servers - why? I suppose it's useful but I have my reservations still. -

Fortinet Firewall Transparent Mode  
- Using Fortinet firewall in transparent mode to pass through external IP to an existing router. -

Fortinet Firewall Virtual IP's  
- Using Fortinet firewall virtual ip's to forward services to intrnal machines. -

Fortinet Routers  
- For those of you who don't know, Fortinet makes a line of firewall routers that optionally include subscription services for antivirus, spam, intrusion protection and more. Those services complement existing antivirus and spam filtering - I still recommend both email server scanning and scanning at the individual PC for best protection. Forttinet is the leading UTM (unified threat management) vendor in the industry and also the fastest growing security company worldwide. -

The vpn that wouldn't  
- More vpn users than expected of course leads to unexpected problems - that makes sense! -

Zeroconf  
- Zeroconf for the grumpy old techs: I liked the last paragraph of Carla Schroder's "Run Zeroconf for Linux in a Snap" -

ssh forwarding  
- Let's say we have a machine that our firewall will send traffic to, but we actually want to ssh to another internal machine. -

 
 
 
 
Bad routers  
- Scaled windows, ECN disagreements cause lost packets -

Loose cables  
- 'The cable fell off'. I had been asking the person at the other end of the line to hook his computer directly to the Comcast modem, so I naturally assumed he meant the CAT-5 cable. I asked if the locking tab was broken off the end. -

Load Balancing  
- Large web sites need to be able to handle a huge number of requests - often more than a single web server can handle. -

Linksys WAP  
- Linksys WAP54G wireless access point review. Call it whatever you want, but it's a bridge to me. -

Can't connect to Internet   2011/02/01 TonyLawrence
- Causes of lost internet connectivity, unable to connect to internet, troubleshooting advice. If Windows, is it really that you can't access the Internet or only that Internet Explorer cannot? Microsoft's IE is a fragile and rather brain-dead thing, easily confused and easily broken. -

Who said that?  
- This comes up fairly frequently. It also happens sometimes with remote TCP printers: if you haven't given them a gateway address, they can't communicate back to you. Packets need routes. -

Fallure to resolve  
- A common distress call I get is something like 'Help! Our Internet is down!': Sometimes it really is. There's not much I can do if a router in Connecticut went up in flames or a backhoe in Cambridge just cut through a major data line. If it is a dead or malfunctioning router the problem will probably correct itself very quickly, but a cable break can sometimes cause fairly long outages. -

Charging for email  
- Yahoo and AOL have the courage to start charging for mail: Yahoo and AOL plan to introduce a paid service that lets mass mailers skip their spam filters and go right to the users mailbox. While a lot of people are up in arms about this, I think we all know that something has to be done about junk mail. I think there are adjustments that will need to be made (AOL has already said that they'll waive the fee for non-profits, for example) and the pricing might need some creativity (a flat rate option could be helpful), but I think the basic concept is good. -

Keep in touch (tcp keepalives etc.)  
- This is one of those areas where the cure can be worse than the disease and where discussions by tcp programmers can get acrid and heated. -

Why you need a true secondary DNS server   2010/01/04 anonymous
- Some people may wonder why secondary MX records, or DNS servers are necessary, and until you have had an equipment failure, or outage, you might still be wondering. Most shared hosting out there will give you DNS servers (primary and secondary) since your registrar requires this. -

New Dell machine kills server  
- A new machine kills an old server (network problem). Her email said the machine was getting an ip address, but just wasn't accessing network resources. -

SCO unixware 2.1.3  
- ftp from win 98 m/c to SCO unixware 2.1.3 server: when iam doing ftp from win 98 m/c to SCO unixware 2.1.3 server, server network card stop responding it doesn't ping.finally i have to restart the server,then network card start working. -

An Annotated Guide To Samba Configuration   2010/06/20 anonymous
- Samba is the Open Source Software package that allows a UNIX or Linux server to participate in a Windows network, and even become the Windows primary domain controller (PDC). -

What is a router?  
- A friend of my wife wanted to know what the router I provided her, but have not yet installed, actually does. What follows is my reply. -

Print copies problem  
- multiple copies with lpr: When attempt to remote print several copies of a document with the command 'lp -n2 -d printer file', leaves printed one copies. -

Control your domain registration data  
- Your domain registration is critically important. It's easy to get lazy about this stuff. Control your Domain Registration Data or risk losing it! -

Mighty Sockets  
- Sockets are indeed the window to networking and networking drives the whole world some way or other, that's why the name Mighty Sockets. In simple terms, a socket is an endpoint of communication. And a connection is represented by a socket pair. Remember, not all communication is connection oriented. So, you can have a single socket also doing most of the job for you (e.g. UDP sockets). A process deals with the socket in the same way as it deals with files. We'll see more of this similarity in coming sections. -

MAC Address  
- A MAC address (media access control address) is a serial number in one sense, but it's actually much more and yet also much less. -

PoE (Power over Ethernet)  
- Isn't this just looking for trouble? Won't this induce noise -

host, dig  
- dig does have more power than host, but the need for that power doesn't come up all that often and host is both easier to use and more direct with its output. -

IP spoofing and automatic blocking  
- For this to make sense our hacker has to first come in with a real ip address and fail to login the magic number of times. -

Netgear card won't relink  
- The card is: NetGear, 32 bit, PCI Adapter FA311, 10/100 Mbps Fast Ethernet. It appears to install and configure okay. It says it's been modified, etc. It's just when I go to relink the kernel, I get an >error message. It says "kslgen: cannot determine major/minor number for /dev/mdi/ngr1 - Unix relink failed". -

Map network drive, connect as different user to same Server   2011/11/02 anonymous
- How to map an XP network drive more than once even though XP doesn't want you to do that. -

Samba problems  
- Common samba problems: adding passwords for Windows clients and adding or mapping Windows user names. -

Internet Sharing using a Linux box  
- Since the Internet is a large network composed of smaller networks, it made sense to break the address space into smaller chunks. Network classes enable us to break down this address space. -

Transferring mail to a new mail server  
- Your current mail server may just not be meeting your needs, so you've put up something new. But what about old mail? -

ProFTPd, wu-ftpd, and general ftp security  
- FTP in general has a long and sad history of security problems. If you need to run an ftp server, you need to keep careful track of vulnerabilites and exploits that may make for a very unhappy da -

Testing for network connectivity in a script   2013/01/30 TonyLawrence
- Testing for network connectivity in a script. Sometimes a script needs to know if it has network or internet connectivity before it continues, or perhaps its whole purpose is the report a loss of connectivity or inability to reach specific services. -

Why are in-addr.arpa addresses backwards?  
- An 'in-addr.arpa address' is a reverse DNS record, stored in a strange format. If we are considering ip 1.2.3.4, then '4.3.2.1.in-addr.arpa' is the reverse DNS record. -

Determining clients IP address by service and PID  
- I wrote this thing several years ago for use with a program where I needed to know a client's IP address, given the TCP service on which they were connected and the program's PID -

Inetd environment variables  
- Most Linuxes now run xinetd, which lets you specify "env" in its xinetd.conf; those values are just added to whatever it gets from its startup heritage. -

 
 
LOD Communications, Inc.
 
 
unison: Tech Words the Day  
- Unison is similar to rsync, and has a Windows version. There are binaries and ports available, but if you need or want to build this, you need an Objective Caml compiler -

Notes on Digiboard Terminal Servers TS/8 TS/16  
- Replacing serial boxes using Frame Relay with Digiboard Port Servers over a VPN. -

Finally solved FACTS crashing issue  
- BBX Facts config.bbx is a weak point. Terminal definitions are required for every pseudo tty that might be used - there is no default. -

Debugging Facetwin Remote Printing Connections  
- I got a call today from one of my customers complaining that their remote printer was no longer printing. 'What changed?', I asked. 'Nothing at all!', she replied in her charming southern drawl, 'It just stopped printing!'. -

Using rsync for machine replication?  
- Yesterday I was at a client site where they explained they wanted to keep a stand-by server up to date and ready to take over in case of main system failure. Fine, lots of people do that, and currently they are doing it by restoring backups every morning. What they were asking about was using rsync or some other mechanism to keep the machines more current. -

Setting up a new firewall  
- I double checked my work, didn't see anything wrong. Checked it again, power cycled this hardware and the DSL device. Still couldn't ping the gateway. -

Switches damaged by UPS?  
- He heard a longish beep and everything stopped. UPS's protect, but they can also damage equipment. -

Setting up Mozilla Roaming Profiles  
- How to setup Mozilla Roaming Profiles. Profiles, which first appeared in the Netscape 4.x family, allow multiple users of a standalone PC to customize the browser's look and feel to suit individual tastes, as well as maintain separate bookmarks, cookies, mail, and so forth. -

ARIN, APNIC, LAPNIC, RIPE: Tech Words the Day  
- Internet registries. ARIN hands out addresses for North America, a portion of the Caribbean and sub-Saharan Afric (strange, isn't it?); RIPE handles Europe, the Middle East and parts of Africa and Asia; LACNIC is Latin America and the rest of the Caribbean; -



More Networking articles

Previous Networking articles