Tuesday, January 17, 2012

Custom Commercial Home Video Streaming

A colleague of mine came to me and asked me "How can I stream my home videos or any digital video I have to the big screen in a way that doesn't require me to be an expert on computers."  So I wanted to share with a simple setup outline that I have tried as well who have tested this and worked for them.


Here is what you need at the minimum:
Hardware
- HDTV (Any will do)
- Apple TV 2 (IOS 4.3 or above)
- iPod or iPAD or iPhone (IOS v4.3 and up). 
- PC / MAC with at least 200GB of storage with decent processor (a good comparison is 2011 Mac Book Pro which has enough computing power)


**Software
- Air Video Server
- Air Video Mobile (For the iPod/iPAD/iPhone)


With these components you can stream pretty much any video to the big screen.


Here is the basic setup:


Assumption: You need a home wifi that is supporting 802.11n (5Ghz) .  You will need dual band wifi (802.11g/n) if your iPod or iPhone only supports 802.11g


1. Setup your AppleTV hooked up to your home Wifi on 802.11n and AirPlay turned on.
2. Next you will need a PC/MAC where you store your video.  You download AirVideo server (http://www.inmethod.com/air-video/download.html).  You install, run the software and point to the directory where you store you video.
3. You download Air Video Mobile on your iPod. (You can download this http://www.inmethod.com/air-video/index.html)
NOTE: Your iPOD will use the 2Ghz frequency for wireless hookup. Why?


From this point on you can view the video on the iPod through Air Video App.  When you want to view this on your HDTV then you use Airplay to point the stream to the Apple TV (You can view use or Airplay here http://support.apple.com/kb/HT4437).   


A couple of things you need to keep in mind:
- You can also control forwarding, skip, rewind through your iPod which essentially services as your remote control for streaming your video.
- Transcoding is done at the PC/MAC that contains the AirVideo server

This is it in a nutshell. I haven't seen any of my other collegues really have issues with this setup. In most cast they already had the hardware, but only needed the Air Video software.

I hope this little outline helps



Monday, January 16, 2012

REFERENCES: F5 TCPDUMP for Dummies

This month I received about 2 or 3 requests from my clients to educate them on TCPDUMP with respect to the F5.  There are plenty of TCPDUMP HOW-TO's (a popular one can be found here).   This is slightly the same concept as a Dummies book, but more or less a FAQ.
I hope you like the article

What is TCPDUMP?
The tcpdump utility is a command line packet sniffer with many features and options. For a full description, refer to the tcpdump man pages by typing the following command:
man tcpdump


Q: What devices use TCPDUMP?
A: It is available on the F5 BIGIP Devices as well Linux devices.
Q: Selecting an interface or VLAN?
A: The tcpdump utility is able to sniff for packets on only one interface or VLAN. By default, it will select the lowest numbered interface.
To select an interface, use the -i flag as follows:
tcpdump -i <interface>
Examples:
tcpdump -i exp1
tcpdump -i 1.10
tcpdump -i internal

Q: How do you disable name resolution?
A:By default, tcpdump will attempt to look up IP addresses and use names, rather than numbers, in the output. BIG-IP must wait for a response from the DNS server, so the lookups can be time consuming and the output may be confusing.
To disable name resolution, use the -n flag as in the following examples:
tcpdump -n
tcpdump -ni internal
Q: How do you save TCPDUMP output to a file?
You can save the tcpdump data to one of the following file formats:
  • A binary file that contains all the information collected by the tcpdump and is readable by the tcpdump utility as well as many other traffic analysis packages.
  • A text file that contains a subset of the full tcpdump data, but is readable only as plain text.
Binary file
To save the tcpdump output to a binary file, type the following command:
tcpdump -w <filename>
For example:
tcpdump -w dump1.bin
Note: The tcpdump utility will not print data to the screen while it is capturing to a file. To stop the capture, press CTRL-C.
Text file
To save the tcpdump output to a text file, type the following command:
tcpdump > filename.txt
For example:
tcpdump > dump1.txt

Q: How do you read binary file output?
A:To read data from a binary tcpdump file (that you saved by using the tcpdump -w command), type the following command:
tcpdump -r <filename>
For example:
tcpdump -r dump1.bin
In this mode, the tcpdump utility reads stored packets from the file, but otherwise operates just as it would reading from the network interface. As a result, you can use formatting commands and filters.
Q: How do I do filtering?
A:The tcpdump utility allows you to use filters to, among other things, restrict the output to specified addresses and ports and specified tcp flags.
Filtering on a host address
  • To view all packets that are traveling to or from a specific IP address, type the following command:
tcpdump host IP_ADDRESS
For example:
tcpdump host 10.90.100.1
  • To view all packets that are traveling from a specific IP address, type the following command:
tcpdump src host IP_ADDRESS
For example:
tcpdump src host 10.90.100.1
  • To view all packets that are traveling to a particular IP address, type the following command:
tcpdump dst host IP_ADDRESS
For example:
tcpdump dst host 10.90.100.1
Filtering on a port
  • To view all packets that are traveling through the BIG-IP system and are either sourced from or destined to a specific port, type the following command:
tcpdump port PORT_NUM
For example:
tcpdump port 80
  • To view all packets that are traveling through the BIG-IP system and sourced from a specific port, type the following command:
tcpdump src port PORT_NUM
For example:
tcpdump src port 80
  • To view all packets that are traveling through the BIG-IP system and destined to a specific port, type the following command:
tcpdump dst port PORT_NUM
For example:
tcpdump dst port 80
Filtering on a tcp flag
  • To view all packets that are traveling through the BIG-IP system that contain the SYN flag, type the following command:
tcpdump 'tcp[tcpflags] & (tcp-syn) != 0'
  • To view all packets that are traveling through the BIG-IP system that contain the RST flag, type the following command:
tcpdump 'tcp[tcpflags] & (tcp-rst) != 0'
Combining filters with the and operator
You can use the and operator to filter for a mixture of output.
Following are some examples of useful combinations:
tcpdump host 10.90.100.1 and port 80
tcpdump src host 172.16.101.20 and dst port 80
tcpdump src host 172.16.101.20 and dst host 10.90.100.

Q: How do I combine TCPDUMP options?
A: This Solution contains the most essential tcpdump options. You will generally need to use most of the options in combination.
Following are examples of how to combine the tcpdump options to provide the most meaningful output:
tcpdump -ni internal -w dump1.bin
tcpdump -ni internal -r dump1.bin host 10.90.100.1
tcpdump -ni exp1 host 10.90.100.1 and port 80
tcpdump -ni 1.10 src host 172.16.101.20 and dst port 80 >dump1.txt

COMMANDS: SSH, not so obvious uses

SSH is used practically every day by various types of administrators and applications. SSH is one of the the most documented commands.  So what I have done is looked for commands that use SSH for some not so obvious uses.  Hopefully this help or inspire you to use it for whatever solution you want to provide

1) Copy ssh keys to user@host to enable password-less ssh logins.
ssh-copy-id user@host
To generate the keys use the command ssh-keygen


2) Start a tunnel from some machine’s port 80 to your local post 2001
ssh -N -L2001:localhost:80 somemachine
Now you can acces the website by going to http://localhost:2001/


3) Output your microphone to a remote computer’s speaker
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
This will output the sound from your microphone port to the ssh target computer’s speaker port. The sound quality is very bad, so you will hear a lot of hissing.

4) Compare a remote file with a local file
ssh user@host cat /path/to/remotefile | diff /path/to/localfile
Useful for checking if there are differences between local and remote files.


5) Mount folder/filesystem through SSH
sshfs name@server:/path/to/folder /path/to/mount/point
Install SSHFS from http://fuse.sourceforge.net/sshfs.html
Will allow you to mount a folder security over a network.


6) SSH connection through host in the middle
ssh -t reachable_host ssh unreachable_host
Unreachable_host is unavailable from local network, but it’s available from reachable_host’s network. This command creates a connection to unreachable_host through “hidden” connection to reachable_host.


7) Copy from host1 to host2, through your host
ssh root@host1 “cd /somedir/tocopy/ && tar -cf – .” | ssh root@host2 “cd /samedir/tocopyto/ && tar -xf -”
Good if only you have access to host1 and host2, but they have no access to your host (so ncat won’t work) and they have no direct access to each other.


8) Run any GUI program remotely
ssh -fX <user>@<host> <program>
The SSH server configuration requires:
X11Forwarding yes # this is default in Debian
And it’s convenient too:
Compression delayed

9) Create a persistent connection to a machine
ssh -MNf <user>@<host>
Create a persistent SSH connection to the host in the background. Combine this with settings in your ~/.ssh/config:
Host host
ControlPath ~/.ssh/master-%r@%h:%p
ControlMaster no
All the SSH connections to the machine will then go through the persisten SSH socket. This is very useful if you are using SSH to synchronize files (using rsync/sftp/cvs/svn) on a regular basis because it won’t create a new socket each time to open an ssh connection.


10) Attach screen over ssh
ssh -t remote_host screen -r
Directly attach a remote screen session (saves a useless parent bash process)


11) Port Knocking!
knock <host> 3000 4000 5000 && ssh -p <port> user@host && knock <host> 5000 4000 3000
Knock on ports to open a port to a service (ssh for example) and knock again to close the port. You have to install knockd.
See example config file below.
[options]
logfile = /var/log/knockd.log
[openSSH]
sequence = 3000,4000,5000
seq_timeout = 5
command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT
tcpflags = syn
[closeSSH]
sequence = 5000,4000,3000
seq_timeout = 5
command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp –dport 22 -j ACCEPT
tcpflags = syn


12) Remove a line in a text file. Useful to fix
ssh-keygen -R <the_offending_host>
In this case it’s better do to use the dedicated tool


13) Run complex remote shell cmds over ssh, without escaping quotes
ssh host -l user $(<cmd.txt)
Much simpler method. More portable version: ssh host -l user “`cat cmd.txt`”


14) Copy a MySQL Database to a new Server via SSH with one command
mysqldump –add-drop-table –extended-insert –force –log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost “mysql -uUSER -pPASS NEW_DB_NAME”
Dumps a MySQL database over a compressed SSH tunnel and uses it as input to mysql – i think that is the fastest and best way to migrate a DB to a new server!


15) Remove a line in a text file. Useful to fix “ssh host key change” warnings
sed -i 8d ~/.ssh/known_hosts


16) Copy your ssh public key to a server from a machine that doesn’t have ssh-copy-id
cat ~/.ssh/id_rsa.pub | ssh user@machine “mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys”
If you use Mac OS X or some other *nix variant that doesn’t come with ssh-copy-id, this one-liner will allow you to add your public key to a remote machine so you can subsequently ssh to that machine without a password.


17) Live ssh network throughput test
yes | pv | ssh $host “cat > /dev/null”
connects to host via ssh and displays the live transfer speed, directing all transferred data to /dev/null
needs pv installed
Debian: ‘apt-get install pv’
Fedora: ‘yum install pv’ (may need the ‘extras’ repository enabled)


18) How to establish a remote Gnu screen session that you can re-connect to
ssh -t user@some.domain.com /usr/bin/screen -xRR
Long before tabbed terminals existed, people have been using Gnu screen to open many shells-  a single text terminal. Combined with ssh, it gives you the ability to have many open shells with a single remote connection using the above options. If you detach with “Ctrl-a d” or if the ssh session is accidentally terminated, all processes running in your remote shells remain undisturbed, ready for you to reconnect. Other useful screen commands are “Ctrl-a c” (open new shell) and “Ctrl-a a” (alternate between shells). Read this quick reference for more screen commands: http://aperiodic.net/screen/quick_reference


19) Resume scp of a big file
rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file
It can resume a failed secure copy ( usefull when you transfer big files like db dumps through vpn ) using rsync.
It requires rsync installed in both hosts.
rsync –partial –progress –rsh=ssh $file_source $user@$host:$destination_file local -> remote
or
rsync –partial –progress –rsh=ssh $user@$host:$remote_file $destination_file remote -> local


20) Analyze traffic remotely over ssh w/ wireshark
ssh root@server.com ‘tshark -f “port !22″ -w -’ | wireshark -k -i
This captures traffic on a remote machine with tshark, sends the raw pcap data over the ssh link, and displays it in wireshark. Hitting ctrl+C will stop the capture and unfortunately close your wireshark window. This can be worked-around by passing -c # to tshark to only capture a certain # of packets, or redirecting the data through a named pipe rather than piping directly from ssh to wireshark. I recommend filtering as much as you can in the tshark command to conserve bandwidth. tshark can be replaced with tcpdump thusly:
ssh root@example.com tcpdump -w – ‘port !22′ | wireshark -k -i


21) Have an ssh session open forever
autossh -M50000 -t server.example.com ‘screen -raAd mysession’
Open a ssh session opened forever, great on laptops losing Internet connectivity when switching WIFI spots.


22) Harder, Faster, Stronger SSH clients
ssh -4 -C -c blowfish-cbc
We force IPv4, compress the stream, specify the cypher stream to be Blowfish. I suppose you could use aes256-ctr as well for cypher spec. I’m of course leaving out things like master control sessions and such as that may not be available on your shell although that would speed things up as well.


23) Throttle bandwidth with cstream
tar -cj /backup | cstream -t 777k | ssh host ‘tar -xj -C /backup’
this bzips a folder and transfers it over the network to “host” at 777k bit/s.
cstream can do a lot more, have a look http://www.cons.org/cracauer/cstream.html#usage
for example:
echo w00t, i’m 733+ | cstream -b1 -t2


24) Transfer SSH public key to another machine in one step
ssh-keygen; ssh-copy-id user@host; ssh user@host
This command sequence allows simple setup of (gasp!) password-less SSH logins. Be careful, as if you already have an SSH keypair in your ~/.ssh directory on the local machine, there is a possibility ssh-keygen may overwrite them. ssh-copy-id copies the public key to the remote host and appends it to the remote account’s ~/.ssh/authorized_keys file. When trying ssh, if you used no passphrase for your key, the remote shell appears soon after invoking ssh user@host.


25) Copy stdin to your X11 buffer
ssh user@host cat /path/to/some/file | xclip
Have you ever had to scp a file to your work machine in order to copy its contents to a mail? xclip can help you with that. It copies its stdin to the X11 buffer, so all you have to do is middle-click to paste the content of that looong file :)

COMMANDS: A Primer on Some of the Differences Between IOS and NX-OS

NX-OS is starting to be my favorite OS from Cisco.  However, dealing with IOS for so long I find myself typing the wrong commands in NX-OS and IOS.  So I thought of posting up the NX-OS v4.x commands with the IOS counterpart commands for all to see.



NX-OS Smart Call-Home IOS Smart Call-Home Command Description
show callhome show call-home Displays global Call-Home configuration
show callhome destination-profile show call-home profile Displays Call-Home profiles
show callhome transport-email show call-home mail-server Displays destination Call-Home mail server
show callhome user-def-cmds N/A Displays user defined "show" commands for output



NX-OS Cisco Discovery Protocol (CDP) IOS Cisco Discovery Protocol (CDP) Command Description
show cdp all N/A Displays all interfaces with CDP enabled
show cdp entry all show cdp entry * Displays the CDP database entries
show cdp global show cdp Displays Global Parameters (Enabled, Timers, etc…)
show cdp interface show cdp interface Displays interface specific information
show cdp neighbors show cdp neighbors Displays a summer list of neighbors
show cdp neighbors detail show cdp neighbors detail Displays detailed information per neighbor
show cdp neighbors interface show cdp neighbors interface-type Displays CDP neighbor for a specified interface
show cdp traffic interface  N/A - "show cdp traffic" is only global Provides statistics on a per interface basis



NX-OS Command Scheduler IOS Command Scheduler Command Description
show scheduler config N/A Displays the scheduler configuration
show scheduler job N/A Displays the Jobs configured in the scheduler
show scheduler logfile N/A Displays the contents of the execution log file
show scheduler name N/A Displays the schedules configured



NX-OS Embedded Event Manager (EEM) IOS Embedded Event Manager (EEM) Command Description
show event manager environment show event manager environment Displays EEM environment variables
show event manager event-type N/A Displays registered event types
show event manager history show event manager history Displays information on history and past events
show event manager policy N/A Displays applets or script policies
show event manager policy-state N/A Displays the state of a policy
show event manager script N/A Displays information about a script
show event manager system-policy show event manager policy Displays information on system default entries



NX-OS Generic Online Diagnostics (GOLD) IOS Generic Online Diagnostics (GOLD) Command Description
show diagnostics bootup level show diagnostics bootup level Displays current bootup level
show diagnostics content module  show diagnostics content module  Displays test contents for a specified module
show diagnostics description module  show diagnostics description module  Displays description for a specified diagnostic test
show diagnostic results module show diagnostic results module Displays information and result of a diagnostic
show diagnostic status module  show diagnostic status Displays test status for all tests on a module



NX-OS Netflow IOS Netflow Command Description
show flow exporter show mls nde Displays information about configured exporter maps
show flow interface N/A Displays interfaces configured for Netflow
show flow monitor N/A Displays information about monitor maps
show flow record N/A Displays information about record maps
show flow timeout N/A Displays the Netflow timeout value
show hardware flow aging show mls netflow aging Displays the Netflow table aging timeout value
show hardware flow entry show mls netflow ip flow Displays flow specific information
show hardware flow ip show mls netflow ip  Displays the IP Netflow Table
show hardware flow sampler show mls sampling Displays the Netflow Sampling Configuration
show hardware flow utilization module show mls netflow table summary Displays Netflow table utilization per module
show sampler show flow-sampler Displays information about sampler maps



NX-OS Onboard Fault Logging (OBFL) IOS Onboard Fault Logging (OBFL) Command Description
show logging onboard module # boot-uptime    show logging onboard module # uptime Displays OBFL boot and uptime information per module
show logging onboard module # counter-stats        N/A Displays OBFL counter statistics per module
show logging onboard module # device-version          N/A Displays OBFL device version information per module
show logging onboard module # endtime                 show logging onboard module # end Displays OBFL logs till end time mm/dd/yy-HH:MM:SS per module
show logging onboard module # environmental-history   show logging onboard module # temperature Displays OBFL environmental history per module
show logging onboard module # error-stats            N/A Displays OBFL error statistics per module
show logging onboard module # exception-log          N/A Displays OBFL exception log per module
show logging onboard module # interrupt-stats         show logging onboard module # interrupt Displays OBFL interrupt statistics per module
show logging onboard module # kernel-trace           N/A Displays OBFL Kernel Trace per module
show logging onboard module # module                N/A Displays OBFL information for Module per module
show logging onboard module # obfl-history          N/A Displays OBFL history information per module
show logging onboard module # stack-trace          N/A Displays OBFL kernel stack trace per module
show logging onboard module # starttime        show logging onboard module # start Displays OBFL logs from start time mm/dd/yy-HH:MM:SS per module
show logging onboard module # status              show logging onboard module # status Displays OBFL status enable/disable per module



NX-OS RMON IOS RMON Command Description
show rmon alarms show rmon alarms Displays configured RMON alarms
show rmon events show rmon events Displays configured RMON Events
show rmon hcalarms N/A Displays information for 64 bit alarms
show rmon logs show rmon history Displays RMON log messages



NX-OS SNMP IOS SNMP Command Description
show snmp show snmp Displays SNMP Counters, Users, Community Strings, etc...
show snmp community show snmp community Displays the SNMP community strings
show snmp context show snmp context Displays the SNMP Context mapping
show snmp engineID show snmp engineID Displays Hex and Decimal SNMP Engine ID
show snmp group show snmp group Displays configured SNMP groups/roles
show snmp host show snmp host Displays Host specific information
show snmp sessions show snmp sessions Displays active SNMP sessions
show snmp trap N/A Displays what traps are enabled
show snmp user show snmp user Displays SNMP users and notification targets (v3)



NX-OS Switch Port Analyzer (SPAN) IOS Switch Port Analyzer (SPAN) Command Description
show monitor session # show monitor session # Displays a specific sSPAN session
show monitor session all show monitor session all Displays all SPAN sessions
show monitor range #-# show monitor range #-# Displays a range of specified SPAN sessions



NX-OS Logging (Syslog) IOS Logging (Syslog) Command Description
show logging show logging Displays how logging is configured with log
show logging info N/A Displays how logging is configured without log
show logging last # N/A Displays the last "#" of log messages
show logging level N/A Displays the Facility, Default Severity, and Configured Severity
show logging logfile N/A Displays all of the Syslog information
show logging module N/A Displays the module logging configuration
show logging monitor N/A Displays the monitor logging configuration
show logging nvram N/A Displays the Severity 0, 1, and 2 message stored in NVRAM
show logging server N/A Displays information for each configured syslog server
show logging timestamp N/A Displays the configured timestamp for log messages



NX-OS NTP IOS NTP Command Description
show ntp peers show ntp associations Displays what NTP peers are configured
show ntp peer-status show ntp status (not on a peer basis) Shows the status of each NTP peer
show ntp source N/A Displays the source IP address for the NTP service
show ntp statistics peer ipaddr x.x.x.x N/A Show statistics for each NTP peer
show ntp timestamp-status N/A Displays if the timestamp check is enabled



NX-OS XML IOS XML Command Description
show xml server logging N/A Displays XML Logging
show xml server status N/A Displays XML Server Status



You can also find the same kind of material on the following link
http://docwiki.cisco.com/wiki/Cisco_Nexus_7000_NX-OS/IOS_Comparison_Tech_Notes

COMMANDS: CISCO IOS Enabling Top N Utility Report Creation


One of the hardest things to remember is using the TOP N uility on some IOS based devices.  The following are some commands that help me.


Enabling Top N Utility Report Creation

This examples shows how to enable Top N Utility report creation for an interval of 76 seconds for the four ports with the highest utilization:

collect top 4 counters interface all sort-by utilization interval 76


collect top counters interface all sort-by utilization interval 76 


collect top counters interface all interface 76

Displaying all the Top N Utility Reports
show top counters interface report

This example shows how to display a specific Top N Utility report
show top counters interface report 1

Clearing Top N Utility Reports (All)
clear top counters interface report

Clearing Top N Utility Report 4
clear top counters interface report 4

CONFIGURATION: CISCO NETFLOW

After going through a sea of documentation regarding Netflow, I wanted to come up with the basic guide of how to turn it on and apply it.

The first rule of netflow is that you can ONLY collect information on a routed interface

! Lock the SNMP ifIndex - prevents ifIndex drift after router reboot
snmp-server ifindex persist

! Make sure you have the correct community string
! This is mostly a NetQoS requirement; but it's usually required
! by any NetFlow collecting device that needs to verify the device
! it's collecting from.
snmp-server community community_name RO


! Enable NetFlow export globally
! Using loopback
ip flow-export version 5
ip flow-export source lo0
ip flow-cache timeout active 1

! Set export destination  and port to closest Netflow Collector. The port
! listed below is based on NetQOS product
! other Netflow collectors might use a different port
ip flow-export destination IP_ADDRESS 9995


! MLS commands are required for Sup720 running Native IOS ONLY
mls nde sender version 5
mls flow ip interface-full
mls nde interface
mls aging long 64
mls aging fast threshold 1 time 64


Now that Netflow is turned on we need to apply the commands to a routed interface.  The following are examples of interfaces where netflow is applied on:

int fa3/1
ip route-cache flow
int s2/0/0
ip route-cache flow
int gig4/0
ip route-cache flow
int vlan123
ip route-cache flow

Sunday, January 15, 2012

COMMAND REFERENCE: CISCO IOS FTP and TFTP

I don't know how many times someone has forgotten the following set of commands.


------------------------------
FTP

config t
ip ftp username
ip ftp password
ip ftp source-interface loopback0


# You need to run this the first time if the command has never been used.  Performing the statements below insures that passive is turned off.

ip ftp passive
no ip ftp passive  



Examples of commands:
copy ftp://ip_address_of_ftp_server/filename.bin bootflash:filename.bin

copy ftp://ip_address_of_ftp_server/filename.bin sup-bootflash:filename.bin



----------------
TFTP

config t
ip ftp source-interface loopback0


Examples of commands:
copy tftp://ip_address_of_tftp_server/filename.bin bootflash:filename.bin

copy tftp://ip_address_of_tftp_server/filename.bin sup-bootflash:filename.bin