1 tgif: netdb for power users april 11, 2003 sunia yang [email protected] networking...
TRANSCRIPT
![Page 2: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/2.jpg)
2
Topics
• What's NetDB for
• Help and Report Pages
• Node Configurations– Wireless, roaming, laptops, etc
• Full and log searches
• Questions
![Page 3: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/3.jpg)
3
Purpose of NetDB- Review
• Data feed to DNS and DHCP
• Node record keeping for LNAs
• Network record keeping for Networking
• Reports for LNAs and Networking
![Page 4: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/4.jpg)
4
DNS• External DNS servers = 3As
– argus, avallone, atalante
• Internal DNS servers = 3Cs– caribou, cassandra, cilantro
• DNS updates every 4 hours except midnight– 4am, 8am, noon, 4pm, 8pm
• ".Local" domain not resolved externally– security through obscurity
• ".NoDomain" domain- no DNS resolution
![Page 5: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/5.jpg)
5
DHCP
• Updates every 10 minutes from NetDB
• DHCP logs under SUNet reports
![Page 6: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/6.jpg)
6
Help and Reports
• NetDB help:– http://www.stanford.edu/group/networking/netdb/
help/html/helpnetdb.html
• SUNet reports- generated from NetDB and "reality"– http://www.stanford.edu/group/networking/dist/
sunet.reports
![Page 7: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/7.jpg)
7
Managing Multiple Nets/Depts
• User profile settings– 3 default settings inherited by new nodes
• group, address space, domain
• "Use Node as Template" or Template Node – inherits fields:
• dept, location, room, make/model, OS, admin, user, ip address range, group, domain, custom field name, expiration date
![Page 8: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/8.jpg)
8
Node Types
• Simple (default)
• Router Node- for NetDB access control
• Template node- already discussed
• Advanced node- requires extra access – allows DNS names for IP addresses and
interfaces– allows multiple names
![Page 9: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/9.jpg)
9
Advanced Node
• DNS preferences on name– closest name is returned first. i.e., in this order:
• ip address name, interface name, name (random)
• DNS preference on IP addresses– all addresses returned in random order– if request from same net, that address returned
first in list– future option to set preferences in order
![Page 10: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/10.jpg)
10
Name1: alpha.stanford.eduName2: bravo.stanford.eduInterface1: charlie.stanford.edu
171.64.20.10 www-judo.stanford.edu171.64.30.10
Interface2:171.64.40.10
1. IP for alpha? 171.64.20.10, 171.64.30.10, 171.64.40.10 in random order2. Name for 171.64.30.10? charlie, (alpha, bravo) random order for last two3. Name for 171.64.40.10? alpha and bravo4. Name for 171.64.20.10? www-judo, charlie, (alpha, bravo) random order for last two
Advanced node- example
![Page 11: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/11.jpg)
11
Node Configurations- Laptops
• Laptop with multiple network cards
• Laptop in multiple campus networks
• Laptop between dorms and campus nets
• Laptop between off-campus and campus
![Page 12: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/12.jpg)
12
Node Configurations- Considerations
• Conserving roaming addresses– use fixed address whenever possible
• Accountability– use fixed address, register hardware address
• DHCP lease times– 2 days for fixed IP, 42 minutes for roaming
• DNS resolution – if multiple IPs, random list of IPs returned
![Page 13: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/13.jpg)
13
1. Computer with Multiple NICs
• Examples:– Laptop with docking station– Laptop with wired and wireless card
• Create node with an interface per NIC– Separate hardware address with DHCP– Assign IP per interface (including wireless!) – Laptop will get appropriate IP associated with
interface
![Page 14: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/14.jpg)
14
1. Computer with multiple NICs- Example
Name: mylaptop.stanford.eduInterface 1: Hardware address: 0000.0000.1111 DHCP IP address: 171.64.20.10Interface 2: Hardware address: 0000.0000.2222 DHCP IP address: 171.64.30.20
![Page 15: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/15.jpg)
15
2. Laptop in multiple campus nets• Two offices: assign two IP addresses with
DHCP to one interface. DHCP will hand out IP address based on network location
• One office and Stanford DSL: assign as above. HelpSU request to enable DHCP on DSL router.
• One office and roaming: assign one IP with roaming DHCP. DHCP will give fixed IP if on that net and will give roaming DHCP address otherwise
![Page 16: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/16.jpg)
16
2. Laptop in multiple campus netsExampleName: mylaptop.stanford.eduInterface1: Hardware address: 0000.0000.1111 DHCP Roam IP address1: 171.64.20.10 IP address 2: 171.64.30.10
![Page 17: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/17.jpg)
17
3. Laptop- dorm and campus nets
• Student should register laptop in the dorms– fees pay for support staff and equipment
• LNA requests access to that record through HelpSU (by adding group).
• LNA adds IP address to record
• Same if user has Stanford West connection since fee is involved
![Page 18: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/18.jpg)
18
3. Laptop- dorm and campus netsExample
Name: shakespeare.stanford.eduInterface: Hardware address: 0000.0000.1111 DHCP IP address 1: 128.12.40.7 IP address 2: 171.64.20.10Groups: Residential Computing English
![Page 19: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/19.jpg)
19
4. Laptop between off-campus & on-campus• User only roams on campus (wireless, library)
– Create NetDB record with hardware address and roaming and no IP address
• User uses other ISP or dial-up at home and has office on campus– Create NetDB record with hardware address,
DHCP and fixed IP address
![Page 20: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/20.jpg)
20
Node Power Searches
• How many machines did I register this year?
• What machines on my network are supposedly running Solaris?
• What machines were added to my net by someone else?
![Page 21: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/21.jpg)
21
Log Power Searches
• Who deleted my node?
• Who took my IP address?
![Page 22: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/22.jpg)
22
ipm (IP management)
• Checks "theoretical" info in NetDB with "real" info from routers
• Routers polled every 4 hours for arp tables
• Printers and local devices may not show up
• /usr/pubsw/sbin/ipm -h
• Only for folks with NetDB accounts
![Page 23: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/23.jpg)
23
ipm examples• Has this stolen laptop been seen elsewhere
on campus in the last 100 days?– "ipm mylaptop.stanford.edu"
Result: 171.64.20.10 0000.0000.0001
– "ipm -d 100 0000.0000.0001" Result: 171.64.20.10, 171.64.30.1
• Machine 171.64.20.10 hacked– "ipm 171.64.20.10" Result: 0000.0000.0001
– Look in forwarding (i.e. mac table) on switches for hardware address
![Page 24: 1 TGIF: NetDB for Power Users April 11, 2003 Sunia Yang sunia@networking.stanford.edu Networking Systems](https://reader035.vdocument.in/reader035/viewer/2022062517/56649e8a5503460f94b8fa0f/html5/thumbnails/24.jpg)
24
Questions?