F.I.V's questions -server

F.I.V

Asked: 2023-08-19 12:49:56 +0800 CST

Behavior of longest prefix matching in Windows routing

4

Description

I face a scenario in which longest prefix matching does not occur.

Setup

On my lab machine, I have a virtual nic VMnet11 (VMWare) with the ip address 181.0.0.10/8. I have a physical nic with ip address 192.168.4.110/24 that routes traffic to 192.168.4.84 as the default gateway (can access the internet).

Issue

Although the metrics are the same (291), when I ping 181.0.0.1, the traffic is routed via the default gateway to the internet (0.0.0.0 prefix is matched) instead of the traffic flow being tried via VMnet11. (The 255.0.0.0 prefix is not matched)

Notes When pinging the 181.0.0.10 (the locally assigned IPto VMnet11), the correct behavior is observed. (That is 255.255.255.255 prefix is matched on local interface)

Outputs

Here are relevant parts of the 'route print':

===========================================================================
Interface List
 26...00 e0 4c 62 16 05 ......Realtek RTL8139/810x Family Fast Ethernet NIC
  7...00 50 56 c0 00 0b ......VMware Virtual Ethernet Adapter for VMnet11

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.4.84    192.168.4.110    291
        181.0.0.0        255.0.0.0         On-link        181.0.0.10    291
       181.0.0.10  255.255.255.255         On-link        181.0.0.10    291
  255.255.255.255  255.255.255.255         On-link        181.0.0.10    291

===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0     192.168.4.84  Default
===========================================================================

Here is the relevant output of the 'ipconfig':

C:\Users\user>ipconfig
Ethernet adapter PCI:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.4.110
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.4.84

Ethernet adapter VMware Network Adapter VMnet11:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::a2e7:a501:ffd5:ccac%7
   IPv4 Address. . . . . . . . . . . : 181.0.0.10
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . :

Here is the relevant output of the 'traceroute':

C:\Users\user>tracert -d  181.0.0.1

Tracing route to 181.0.0.1 over a maximum of 30 hops

  1    <1 ms     1 ms    <1 ms  192.168.4.84
  2     1 ms     1 ms    <1 ms  <public ip>
  ...

Question

What prevents the longest prefix matching from occurring?

Update

The reddit link was informative (thanks). Also mentioning ARP was useful (thanks).

I now suspect that it is a Microsoft's (by-design) issue (reverting to def gw on ARP miss that is not a router's expected behavior, hence why the reddit guy calls Microsoft's OS the worse router). Below find some more outputs for ping and ARP.

This is something that I expected that happens when I ping 181.0.0.2

C:\Users\user>ping 181.0.0.2

Pinging 181.0.0.2 with 32 bytes of data:
Reply from 181.0.0.10: Destination host unreachable.
Request timed out.
Request timed out.

But this is the unwanted behavior that happens when pining 181.0.0.1:

C:\Users\user>ping 181.0.0.1

Pinging 181.0.0.1 with 32 bytes of data:
Reply from 181.0.0.1: bytes=32 time=478ms TTL=43
Reply from 181.0.0.1: bytes=32 time=454ms TTL=43

There is no arp entry

C:\Users\user>arp -a 181.0.0.1
No ARP Entries Found.

C:\Users\user>arp -a 181.0.0.2
No ARP Entries Found.

(apparently such IP do not exist on my lab network, and I expected else than a echo reply via icmp responses)

F.I.V

Asked: 2016-07-27 20:31:16 +0800 CST

serve the root zone with bind and utilize RPZ

1

I have some problems with configuring BIND as my private server at root zone.

I have tried the dot "." (had read somewhere) and an empty string "" (my bad guess) as for the root zone identifier (which both have syntax errors)

zone "." { ; sorry 
    ... 
};

also

zone "" { ;sorry 
    ... 
};

Do you have any hint how to server the root zone?

(My Note: Serving the root zone might possibly be different from being a root-server!)

Update

The problem actually lies within the response policy zone at root ("."):

options {
    #response-policy {zone "com"; }; #it is OK (before commenting)
    response-policy {zone "."; }; #it makes error when loading the config
};  


zone "."{
    type master; 
    file "db/zone.root.db"; 
};

zone "com"{ #just for syntax test/check
    type master; 
    file "db/zone.root.db"; 
};

named-checkconf -zj named.conf

  zone ./IN: NS 'LOCALHOST' has no address records (A or AAAA)
  zone ./IN: not loaded due to errors.
  _default/./IN: bad zone
  zone com/IN: loaded serial 1

NOTE: In both configurations : the one that the service loads and the other that terminates, the output is the same

dig www.google.com @127.0.0.1

01     ; <<>> DiG 9.10.4-P2 <<>> www.google.com @127.0.0.1
02     ;; global options: +cmd
03     ;; Got answer:
04     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58406
05     ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
06     
07     ;; OPT PSEUDOSECTION:
08     ; EDNS: version: 0, flags:; udp: 4096
09     ;; QUESTION SECTION:
10     ;www.google.com.                        IN      A
11     
12     ;; ANSWER SECTION:
13     www.google.com.         5       IN      CNAME   nosslsearch.google.com.rpz.zone.
14     nosslsearch.google.com.rpz.zone. 3600 IN A      216.239.32.20
15     
16     ;; AUTHORITY SECTION:
17     rpz.zone.               3600    IN      NS      LOCALHOST.
18     
19     ;; Query time: 44 msec
20     ;; SERVER: 127.0.0.1#53(127.0.0.1)
21     ;; WHEN: Mon Aug 01 17:07:14 Daylight Time 2016
22     ;; MSG SIZE  rcvd: 127

Note : See Line 13 and the trailing ".rpz.zone."

nslookup

01     > server 127.0.0.1
02     Default server: 127.0.0.1
03     Address: 127.0.0.1#53
04     > www.google.com
05     Server:         127.0.0.1
06     Address:        127.0.0.1#53
07     
08     Non-authoritative answer:
09     www.google.com  canonical name = nosslsearch.google.com.rpz.zone.
10     Name:   nosslsearch.google.com.rpz.zone
11     Address: 216.239.32.20

ping www.google.com -n 1

1     Pinging nosslsearch.google.com.rpz.zone [216.239.32.20] with 32 bytes of data:
2     Reply from 216.239.32.20: bytes=32 time=149ms TTL=45
3     
4     Ping statistics for 216.239.32.20:
5         Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
6     Approximate round trip times in milli-seconds:
7         Minimum = 149ms, Maximum = 149ms, Average = 149ms

Summary of above output snippets: the rpz.zone gets added everywhere, that's why I thought of moving to root area.

And this is my

zone.root.db file

01     $TTL 1H
02     @                       SOA LOCALHOST. named-mgr.example.com (1 1h 15m 30d 2h)
03                             NS  LOCALHOST.
04     
05     nosslsearch.google.com       A     216.239.32.20
06     google.com                   CNAME nosslsearch.google.com
07     www.google.com               CNAME nosslsearch.google.com
08

I just want to get rid of the rp.zone being appended to the responses!, how?

F.I.V

Asked: 2016-02-21 03:53:19 +0800 CST

Sharing internal storage of ESXi host via fiber channel protocol

-1

Imagine a pair of servers with fiber channel adapters. Normally each one can connect to the shared SAN storage using its HBA and fiber cords,

Now, eliminating the SAN, is it possible to interconnect these two ESXi servers directly with fiber cord and mount each others LUN in a shared manner?

In other words [I think!] : Can we publish the internal storage of an ESXi server with a given World Wide Name to the other directly attached ESXi? (If not, what about iSCSI?)

Anyway I want the storage traffic travel through the fiber.

F.I.V

Asked: 2014-07-20 23:04:17 +0800 CST

Windows DHCP MAC-Range to Scope allocation

1

I wonder if there is any options to map a specific Range of MAC addresses to a specific DHCP address scope.

The thing is, I want a specific scope for address allocation to bridged Virtual Machines (Hyper-V , VMWare).

eg :

MAC="0015d5*" => Scope="192.168.254.0/24"

F.I.V

Asked: 2013-11-28 03:05:01 +0800 CST

Shared resource permission management (minimum required permission)

0

I want to grant a "tech" group access for managing the shared resources.

Problem: The sharing tab is not shown to them. Moreover they can not even access the shared folder list via management console.

Diagnosis: Obviously some user rights are missing for them. What permissions should I grant, to enable this access for that group?

NOTE: I have already that "tech" group on my AD domain to whom I have granted access to login locally or via RDP to the domain controller machines. This enables them to perform minor administration and monitoring tasks and this part has been working fine. Now I want to add the ability to manage shared folders as well without elevating them to Domain-Admin.

F.I.V

Asked: 2013-07-31 03:15:05 +0800 CST

Windows Pagefile placement

0

Is it possible to reserve a desired region of a given hard disk drive for placement of the pagefile.sys before enabling the page file on that drive?

F.I.V

Asked: 2012-12-24 04:16:21 +0800 CST

sysRestart Billion ADSL router (SNMP v2 or HTTP)

1

Background

I am used to restart my servers on a scheduled basis. Now I want the same for my ADSL router.

This is my reason: When a random failure occurs, I am used to normally try to reboot the servers , interfaces and related equipments (if possible) as the first step before any other troubleshooting (e.g: changing configurations, etc). In fact there are times that this corrects the problem (The service starts working as expected). This may be because when a system is long time up (sometimes, depending on the software and services), it may become unresponsive or faulty. May be the software fails to release some memory, unlock some resources , etc

Now for some services which scheduled down time is acceptable during non-work hours, I schedule the automatic restart. This way, such type of problems appear less frequently. And now if a problem occurs during work-hours, I don't need to restart the whole service, instead I will resume troubleshooting like after I had restarted them.

What we have

This is a Billion 5000 Series router and supports TELNET, HTTP and SNMP for management.

Telnet method (Updated)

This is possible to reboot the router via telnet command:

C:\>telnet 192.168.1.1
    Password:********
    router>set reboot

So near, just need a script that automatically telnets, pushes password characters and issues the 'set reboot' command. [The approach of using expect suggested by SvenW]

HTTP method

Good to mention that I utilize a software[1] application for monitoring my ADSL connection speed and noise margin via HTTP interface (the software itself, instead of a browser application, connects, logs in unattendedly and reads the values from HTTP interface and display them in a graph!).

I wonder if it is possible to achieve the SysRestart with similar approach (A script that automatically logs in and clicks the SysRestart button!)

The restart page:

Picture of the page:

The source HTML of the page:

<html><head>
<meta http-equiv=Content-Script-Type content=text/javascript>
<meta http-equiv=Content-Style-Type content=text/css>
<meta http-equiv=Content-Type content="text/html; charset=
iso-8859-1">
<link rel="stylesheet" href="../css/style.css" type="text/css">
<script language="JavaScript"> 
function doRefresh()
{
    alert("Reboot Complete");   parent.navigation.location.href = "/navigation-status.html";
    window.location.href = "../status/status_deviceinfo.htm";
}

function doLoad()
{

     }

</script>
</head><body onload="doLoad()">
<FORM METHOD="POST" ACTION="/Forms/tools_system_1" name="System_Restore">
<table width="760" border="0" align=center cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
  <tr>
      <td height="5" class="light-orange" colspan="5">&nbsp;</td></tr><tr>
    <td width="150" height="30" class="title-main">
    <font color="#FFFFFF">System Restart</font>    </td><td width="10" class="black">&nbsp;</td><td width="150"></td><td width="10"> </td><td width="440"></td></tr><tr>
    <td class="light-orange">&nbsp;</td><td class="light-orange"></td><td class="tabdata"><div align=right>
    <font color="#000000">System Restart with</font>    </div></td><td class="tabdata"><div align=center>:</div></td><td class="tabdata">
        <INPUT TYPE="RADIO" NAME="restoreFlag" VALUE="0" CHECKED>       <font color="#000000">Current Settings</font>       </td></tr><tr>
    <td class="light-orange">&nbsp;</td><td class="light-orange"></td><td class="tabdata">&nbsp;</td><td class="tabdata">&nbsp;</td><td class="tabdata">
        <INPUT TYPE="RADIO" NAME="restoreFlag" VALUE="1">       <font color="#000000">Factory Default Settings</font>       </td></tr><tr>
    <td class="light-orange">&nbsp;</td><td class="light-orange"></td><td width="150">&nbsp;</td><td width="10">&nbsp;</td><td width="440">&nbsp;</td></tr></table><table width="760" border="0" align=center cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
  <tr>
    <td width="160" class="black" height="42" >&nbsp;</td><td width="160" class="orange">&nbsp;</td><td width="440" class="orange">
        <INPUT TYPE="SUBMIT" NAME="Restart" VALUE="RESTART">    </td></tr></table></div></form>
</body></html>

SNMP Method

The router also has support for SNMP v2 read and write communities. I thought it might be possible to perform it this way.

In fact, by some search I found[2] that some people use SNMP to restart their devices (But I can't find an OID for my router to pass for performing a reset)

For example it appear that those who have one of these devices can reboot them using these OIDs:

'.1.3.6.1.4.1.207.8.4.4.3.2.0',    # Allied Telesyn restart
'.1.3.6.1.4.1.11.2.14.11.1.4.1.0', # Hewlett-Packard hpicfReset
'.1.3.6.1.4.1.9.5.1.1.9.0',        # Cisco CatOS sysReset
'.1.3.6.1.4.1.9.2.9.9.0',          # Cisco IOS tsMsgSend
'.1.3.6.1.4.1.529.9.8.0.0'         # Ascend sysReset

SNMP Walk

Using SNMP walk I could get a list of more than five hundred OIDs such as:

.1.3.6.1.4.1.16972.5.1.1.0
.1.3.6.1.4.1.16972.4.10.0
...etc (568 more)...

But I have currently no idea how can I pick one among them (specially afraid to test snmp-write on them!).

Some more info

Some other (walked) OID and values that might help:

.1.3.6.1.4.1.16972.1.3.0; Trendchip TC3162 T14F7_3.0
.1.3.6.1.4.1.16972.5.1.1.0; www.huawei.com
.1.3.6.1.4.1.16972.1.6.0; Ras Ver:2.10.4.0(UE0.C2C)3.6.0.0   DMT Ver:3.6.0.0

How can you help ?

Suggesting a way to script a restart via SNMP (Requires finding the OID first!?)
Suggesting a way to script a restart via HTTP
Suggesting a way to script a restart via telnet
Suggesting a way to script a restart (any other ways!)

FootNotes:

Behavior of longest prefix matching in Windows routing

serve the root zone with bind and utilize RPZ

Sharing internal storage of ESXi host via fiber channel protocol

Windows DHCP MAC-Range to Scope allocation

Shared resource permission management (minimum required permission)

Windows Pagefile placement

sysRestart Billion ADSL router (SNMP v2 or HTTP)

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?