I'm working on SAN topology. Using SMI-s server I have discovered Clariion storage and I have LUN and ESXi server relationship but I need on which switch these are connected. How to find the storage FC is connected in which switch.
You need to log into FC-switches to get list of WWNs registered on ports, zoning information, nameserver data. For Brocade switches you can use SSH or HTTPS to log into the switches or interact with Brocade Network Advisor (BNA).
Related
I want to use R Server constructed on a Ubuntu system on the Alibaba Cloud to do some elastic computing. The data is on the office computer, which has a firewall to prevent information leaking. I want to update the data to the cloud server for analysis.
I tried WINscp. It won't connect to the server (Connection timeout). I also tried PuTTY, which didn't work, either.
Could this be because of the Firewall?
Since you mentioned that your office has firewall rules in place to prevent data leaking, it is possible that your office firewall has blocked outbound traffic to port 22 (SSH), which is required to connect to your Ubuntu ECS instance running on Alibaba Cloud.
You should try to connect to your Ubuntu ECS instance from other locations without your office's firewall and see if it works.
Alibaba Cloud's ECS instance allows in-bound traffic access to port 22 by default based on their product page as below.
Source: Default security group rules
The security group created by
the system has only rules for access over all ICMP ports, TCP Port 22,
and TCP Port 3389, of which,
All ICMP ports are used by network devices, including routers, to send
error messages and operational information.
TCP Port 22 is used to connect to a Linux instance using SSH.
TCP Port 3389 is used to remotely connect to a Windows instance using Windows Remote Desktop.
I want to install a number of raspberry pis at remote locations and be able to log in to them remotely. (Will begin with 30-40 boxes and hopefully grow to 1000 individual raspberry pis soon.)
I need to be able to remotely manage these boxes. Going the easier route, forwarding a port on the router and setting a DHCP reservation, requires either IT support from the company we'll be doing the install for (many of which don't have IT), or it will require one of our IT people physically installing each box.
My tentative solution is to have each box create a reverse SSH tunnel to our server. My question is: How feasible would this be? How easy would it be to manage that many connections? Would it be an issue for a small local server to have 1000+ concurrent SSH connections? Is there an easier solution to this problem?
My end goal is to be able to ship someone a box, have them plug it in, and be able to access it.
Thanks,
w
An alternate solution would be to:
Install OpenVPN server on your server machine. How to install OpenVPN Server on the PI. Additionally, add firewall rules that block everything but traffic directed for the client's ssh and other services ports (if desired), from administrating machine(s).
Run OpenVPN clients on your Raspberry PI client machines. They will connect back to your VPN server. On a side note, the VPN server and administrating machine(s) need not be the same machine if resources are limited on the VPN server. How to install OpenVPN on the client Raspberry PIs.
SSH from administrating machine(s) to each client machine. Optionally, you could use RSA authentication to simplify authentication.
Benefits include encryption for the tunnel including ssh encryption for administrating, as well as being able to monitor other services on their respective ports.
I made a WebApp to manage this exact same setting in about 60 minutes with my java web template. All I can share are some scripts that I use to list the connection and info about them. You can use those to build your own app, it is really simple to display this in some fancy way in a fast web.
Take a look at my scripts: https://unix.stackexchange.com/a/625771/332669
Those will allow you to get the listening port, as well as the public IPs they're binded from. With that you can easilly plan a system where everything is easilly identificable with a simple BBDD.
You might find this docker container useful https://hub.docker.com/r/logicethos/revssh/
I'm new to Google Compute Engine and I just setup a new instance that will eventually become a web server. All the firewall rules were left at default when the instance was created, which leaves open a few ports (RDP, SSH, etc) for administration. No software was installed or DNS records pointing to the server were created and I left the instance running.
After a couple weeks, I looked at the billing and there were over 300 mebibytes of data billed due to egress traffic to China and America. I'm wondering if this is a normal.
Is there any particular reason hundreds of megs of traffic went out on a brand new, firewalled instance? Does the Google cloud service offer some kind of network analysis tool to breakdown traffic by type/destination?
Thanks for any advice.
You can use Google Cloud Stackdriver monitoring to see the history of your ingress and egress traffic of your VM instances. However to get more information of traffic (like IPs, packets, requests, etc..) you will need to install a third party monitoring tool or to use a packet capturing tool (Wireshark, tcpdump,...) to analyze your traffics.
I have a cluster of computers and I am using one of them as a kickstart server.
I configured DHCP/TFTP/FTP on it and it worked fine. When you boot any box in the cluster and choose to boot from network, it will reach out to that kickstart server, lease an IP, install OS..etc. However, using one box dedicated for kickstart is such a waste of resource and I am wondering is it possible to use some level of virtualization to achieve that, so you end up with a image that is a fully functional ks server and can be running on any box with the virtuallization tool set up?
I have used VirtualBox, Vagrant and Docker before but I am not sure will these tools be powerful enought to do it? Can anyone give some directional guidance or resource to help me get started.
Just virtualize the kickstart server;
Use the virtual environment DHCP Server facility and set the Kickstart Server DHCP module as "proxyDHCP"
When a PXE client boots up will get its IP from the virtual environment DHCP Server and the PXE booting information from the instance of the kickstart proxyDHCP server.
Next the PXE client will know where the TFTP and the rest of the kickstart facilities are located and will continue the boot/install.
Yep I always run kickstart on a VM, A good way to do things is have a bunch of VM's and share them across hosts. Pretty much every site I build out I have the following VM's
Build: running Kickstart/Cobbler, DHCP, TFTP
Provision: running Puppet or Chef
Monitoring: Zenoss or Nagios
The VM's disks all live on iscsi and create the VM's with libvirt KVM. Everything can easily live on one server. I usually have a second server that is prepared for the VM's and if there is ever an outage I just bring them up on the second server.
I have my Openbravo appliance running by VMWare workstation on top of Win7 which is in a LAN connected to internet by router.
When I start the appliance. I can access ERP web console by typing in the address it gave at the end of the process (for example, 192.168.1.107). All computer in the LAN can access this address as well which is fine for now.
However, in the future, I need to access this console from my home pc running Win7 (which is, of course, connected to the internet). How do i set this up?. I have try the method given in http://planet.openbravo.com/?p=8612 (see case 3 - Expose my local ERP into a remote network)
I tried (in Openbravo Appliance console running in VMWare)
ssh -R :9999:localhost:80 myhomepc#101.108.70.128
(where 101.108.70.128 is the ip of my home pc read from whatismyip.org)
but it give the following error:
ssh: connect to host 101.108.78.128 port 22: connection timed out
Do I missed any step required?
What should i do the successfully connect to my Openbravo instance?
Best is to ask those questions directly in the Openbravo ERP forums over there: http://forge.openbravo.com
The case 3 from the blog-post you are referring to makes 2 implicit assumptions.
a.) the remote computer runs an ssh-server
b.) This ssh-server can be connected to from the erp instance
One of the two assumptions seems to not hold in your case either your win7 box does not run an ssh server and/or the router of your home network does not forward port 22 from the outside to your win7 box.
Without further information i assume both items are not done.
Let me propose another solution instead. As you want to connct to the commandline of the erp appliance from home you could do the following:
Configure the router of the network with the erp appliance to connect some external port (i.e. 2222) to the ip of the appliance, destination port 22.
This will allow you to access it from the home network (or any other system from the internet knowing the ip/port).
Using an external port different from 22 some simple ssh brute-force passwords scans.
As the appliance by default does not allow login by password but only allows authentication by public-key this is secure to not allow unauthorized access to your system.
After this either use case 1 from the blog-post or an normal ssh tunnel like (ssh -p external-port user#externalipoferplan -L 9999:localhost:22' and then access the ERP via 'http://localhost' from your win7 box.
If that is too complicated and you want to just make the ERP webinterface available from the internet without having the extra ssh security in the middle then you can just configure the router of the erp lan instead to forward port 80 or 443 (http or https) to the erp-instance and access the system directly from anymore as if it would be on some public server in the internet.