Configuring private vlans on Cisco switches

Rate this post

433 views

cisco

Overview

Private VLANs are used to provide layer 2 isolation between members of the same broadcast domain. Private VLANs are documented in RFC 5517. In a standard VLAN environment traffic between members of the same VLAN can flow without restrictions. We can think of private VLANs like a segmentation of a normal VLAN in multiple subdomains. This feature is available only on layer 3 Catalyst 3560s and higher switches. Private VLANs can be used to address two issues found in service provider networks. First using normal VLANs an ISP must assign one VLAN per customer and thus a scalability problem would arise if the ISP needs to support more than 4094 clients which is the maximum number of supported VLANs by a device. Secondly when using IP routing each VLAN requires a separate subnet, which can lead to IP address management problems by wasting unused IP addresses.

Continue reading…

How to configure Port Address Translation (PAT) on Cisco routers

4 (80%) 1 vote

182 views

cisco

Overview

Port Address Translation (PAT), is an extension to the well known Network Address Translation (NAT) protocol that allows multiple devices on a local area network (LAN) to access Internet resources using a single public IP address. NAT is defined in RFC 1631 and the main purpose of using it was to slow the depletion of public IP address space. A practical use of PAT is for example when an ISP allocates a public IP address for an organization which has many devices which need Internet access. PAT uses private IP address classes defined in RFC 1918 for all inside devices and also uses port numbers to identify the connection. When an internal host wants to communicate with the outside it sends a datagram with its private source address and a random port. The NAT router will then rewrite the source address and port with its public IP and sends the datagram to the requested resource. The response will come back to this same public address and port combination (called a socket) and can be translated back again.

Continue reading…

Understanding file permissions and ownership on Linux

Rate this post

75 views

bash

Overview

The Linux filesystem is based on a hierarchical directory structure where the root mount point is defined by the ‘/’ symbol. In fact everything is a collection of files (files, directories, partitions, pipes, sockets, and hardware devices). Directories are used as containers that list other files. Most Linux distributions follow the Filesystem Hierarchy Standard (FHS) for organizing the filesystem structure. Permissions are used to control who can read, write and execute the contents of a file, and ownership indicates to which username and group a file belongs. If you are working as a system administrator, assigning incorrect permissions or ownership can have serious consequences in terms of security. In this article I will explain the theory and show you how to manipulate them using some practical examples.

Continue reading…

Configuring OpenDKIM to sign Postfix emails

5 (100%) 1 vote

361 views

mail

Overview

DomainKeys Identified Mail (DKIM) is a method used by modern MTAs which allows an organization to sign own emails before delivery. The main purpose of DKIM is to help fight spam by associating a domain name with an mail message. DKIM uses public-key cryptography which allows the sender to electronically sign his emails in a way that can be verified by recipients. The DKIM public key is stored in DNS in order to let receivers verify both the origin and integrity of a message and the private key is used to sign each outgoing message. The DKIM signature is added as a field to the message’s header before delivery. In this article we will implement mail signing using OpenDKIM on Debian Wheezy although this configuration should run fine on any Linux distribution.

Continue reading…

Creating and using swap partitions on Linux

Rate this post

71 views

Linux

Overview

Swap space represents an area on the physical disk (usually a dedicated partition) which holds temporarily a process memory image. This area is often called virtual memory because it allows processes to use memory beyond the physical RAM available on your computer. Swapping and paging algorithms allow processes or portions of processes to move between physical memory and a mass storage device. This frees up space in physical memory.

As the swap space is stored on the disk the access times tend to be slow compared to the RAM. In Linux we can have two types of swap space: a dedicated partition on the physical disk or a swap file which resides among other files on the filesystem. Linux kernels newer that 2.4.10 allow 32 swap areas.

Continue reading…

Page 2 of 4123...Last »