Pages

Saturday, July 4, 2015

Mikrotik Router BGP Configuration

Today we will learn how to configure BGP routing protocol to ensure auto failover of multiple links from your ISP. Let me describe the scenario first.

Platform: Mikrotik Router
Primary Link IP: 172.17.176.4/27
Secondary Link IP: 172.17.160.6/27
Usable Subnet: 172.17.161.0/30
My ASN: 65503
Remote [ISP] ASN: 203


Here is the connectivity diagram:





So, Let's start the configuration. At first we will assign the primary IP address in ether1, Secondary IP address in ether2 and my usable subnet IP address ether3 interfaces.




Primary IP address assign:



Secondary IP address assign:


My usable IP subnet:


Now we need to create filters to configure BGP. Here is how to do that.





In this case my ISP should send the default route to my router and all other routes should be discarded. Let's see how to create those filters.



A BGP attribute named "local preference" can be used to mark the primary link. Usually BGP uses the default value "local preference = 100" if we don't mention any value for this attribute.



The rule is "Higher local preference will get higher priority". So we set the value to 200 to make a link as Primary link in our configuration.






To discard all other incoming routes do the following.





Do the same thing for Secondary link as well.







We have already finished the configuration of incoming filters. Now we should mention the outgoing filters as well. My ISP should receive the given IP subnet [172.17.161.0/30] from me.

We need to create outgoing filters for Primary and Secondary links as well.










Now start with BGP. Follow the steps below to configure it.















 The final checking for our BGP configuration.







We are done.

 
Posted by at 3 comments:
Labels: ,

Saturday, May 30, 2015

Live file synchronization across multiple Linux servers using LSYNC

At first please take note I have implemented this in Debian Server.
Perform SSH Login Without Password from Master Server to Slave Server
Master Server:
#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/root/.ssh/id_rsa):[Just press Enter key]
Enter passphrase (empty for no passphrase): [Just Press enter key]
Enter same passphrase again: [Just Pess enter key]
Your identification has been saved in /home/root/.ssh/id_rsa.

#ssh-copy-id -i ~/.ssh/id_rsa.pub remote-ip

Now test from master server,
# ssh remote-ip
[It will not ask for password and take you to the remote server]


Now Install Lsync on Master Server:
#apt-get update
#apt-get install -y lua5.1 liblua5.1-dev pkg-config rsync asciidoc

# vim /etc/lsyncd/lsyncd.conf.lua
settings {
logfile = "/var/log/lsyncd/lsyncd.log",
statusFile = "/var/log/lsyncd/lsyncd-status.log",
statusInterval = 10
}
sync {
default.rsync,
source="/home/",
target="remote-ip:/home/",
rsync = {
compress = true,
verbose = true,
owner = true,
group = true,
perms = true,
acls = true,
rsh = "/usr/bin/ssh -p 22 -o StrictHostKeyChecking=no"}
}

sync {
default.rsync,
source="/var/mail/",
target="remote-ip:/var/mail/",
rsync = {
compress = true,
verbose = true,
owner = true,
group = true,
perms = true,
acls = true,
rsh = "/usr/bin/ssh -p 22 -o StrictHostKeyChecking=no"}
}
[Save and Exit]

#mkdir /var/log/lsyncd/

#touch /var/log/lsyncd/lsyncd.log

#touch /var/log/lsyncd/lsyncd-status.log

#service lsyncd start


Slave Server:
#apt-get install rsync



Now test from Master Server:
#cd /home/

#touch test-file


Slave Server:
#cd /home/

#ls -lah


############# End of Lsync Configuration #############




*** Keep in mind if you want to backup a mail server to a secondary one you have to move a copy of /etc/passwd, /etc/shadow, /etc/group file from master server to backup server. Follow below steps to do that once in a day ***



Slave server:
#mkdir /root/user-backup-from-master-server

Master server:
#vim /usr/local/src/backup-users
scp /etc/passwd /etc/group /etc/shadow root@remote-ip:/root/user-backup-from-master-server
[Save and Exit]


#chmod 755 /usr/local/src/backup-users


#vim /etc/crontab
01 15 * * *    root    /usr/local/src/backup-users
[Save and Exit]


#/etc/init.d/cron restart


** This procedure will transfer a copy of /etc/passwd, /etc/group, /etc/shadow files everyday at 3:01PM from Master server to Slave server.
Posted by at 1 comment:
Labels: , ,

Tuesday, March 24, 2015

Multiple page redirection from single Linux Server using Apache2

I have a Linux server with Apache2 as its web service. I want to redirect two sites pointed to that server to other two websites. At first I was confused how to do that as I work in networking section. Later I got help anyway and I am going to share the solution with you.

First I have to change default page 'index.html' to 'index.php'.


Then I have given below code to redirect those to two sites to another two websites.


##################################
<?php
 $actual_link = "$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
if($actual_link == "www.xyz.com/")
    $redirect_page = "http://www.anotherone.com/";
if($actual_link == "web2.xyz.com/")
    $redirect_page = http://www.anothertwo.com/;
?>
<html>
    <head>
        <meta http-equiv="refresh" content="3;url=<?php echo $redirect_page ?>" />
    </head>
    <body>
        <h1>Please wait, You are redirecting... </h1>
    </body>
</html>
#################################


I am happy with this simple solution. You??
Posted by at No comments:
Labels: , ,
Subscribe to: Comments (Atom)