Category: Network

VMware ESXi 6.7 – View the ARP Table

Recently, I needed to select the Internet Protocol (IP) addresses for various VMkernel adapters. In selecting IP addresses you must be certain that the IP address is not already in use to avoid an IP address conflict. One way to determine this is to ping the IP address in question. However, what do you do if ICMP traffic is filtered?

In that case, you can ping the IP address in question from another host on the subnet and view it’s Address Resolution Protocol (ARP) table. The command below may be used to view the ARP table of a VMware ESXi 6.7 host.

esxcli network ip neighbor list


Integrated Dell Remote Access Controller 8 – Get IP Address

Have you ever connected to a remote server but didn’t know what it’s Integrated Dell Remote Access Controller 8 (iDRAC8) Internet Protocol (IP) address was?

Well, you may use the following command to get the IP address of an iDRAC8.

racadm getniccfg

Additionally, more information may be found here.


Microsoft Windows PowerShell – Get DHCP IPv4 Scope Details

The Windows PowerShell cmdlet below will query a remote Dynamic Host Configuration Protocol (DHCP) server and provide the lease duration of each IPv4 scope.

Get-DhcpServerv4Scope -ComputerName HOSTNAME | Select ScopeID, LeaseDuration


Microsoft Windows 10 – False Duplicate IP Address Detected

At my existing employer, it was brought to my attention that a number of VMware virtual machines running the Microsoft Windows 10 operating system were randomly dropping off the network, upon reboot. Viewing the properties of the network adapter confirmed that they were assigned static IP addresses. However, running ipconfig from the command prompt showed that they were assigned 169.254.x.x IP addresses.

Upon reviewing the logs I found the following error message: “The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address XX-XX-XX-XX-XX-XX. Network operations on this system may be disrupted as a result.” The XX-XX-XX-XX-XX-XX is the MAC address of a Cisco switch.

In summary, the root cause of this is Windows 10 performing an ARP probe at the time as the Cisco switch performing an ARP probe in order to maintain the IP device-tracking cache during IP device tracking. The Windows 10 host believes another node on the network is probing the address it’s assigned and must treat it as an IP address conflict.

The solution is to disable gratuitous ARPs on the switch or in the Windows 10 operating system. We chose to disable the gratuitous ARP in the Windows 10 operating system.

Additionally, more information may be found using the links below.


Microsoft Windows PowerShell – DHCP Logs

You may use the following Microsoft Windows PowerShell cmdlet to view the last one hundred lines of a Microsoft Windows Server DHCP server log for a particular Internet Protocol (IP) address. This may be useful when you are troubleshooting DHCP errors in Microsoft Windows Server.

Get-Content DhcpSrvLog-Mon.log | Select -Last 100 | Select-String -Pattern “X.X.X.X” -encoding ASCII


Domain Name System – Propagation

I recently decided to test a Domain Name System (DNS) provider expansion with GoDaddy and  ClouDNS (link here) for a proof of concept using the domain name noelalvarez.org. The initial configuration and testing were successful. However, after I made the decision to host all DNS service with GoDaddy (again, it was a proof of concept) I found a large quantify of name server around the globe contained name server (NS) records for noelalvarez.org with entries pointing to ClouDNS name servers (ns21.cloudns.net, ns22.cloudns.net, ns23.cloudns.net, and ns24.cloudns.net) using Whats My DNS? (link here). I found this odd due to the fact that the GoDaddy DNS management interface only contained (2) NS records (ns57.domaincontrol.com and ns58.domaincontrol.com) which are the authoritative for the domain noelalvarez.org and the ClouDNS name servers are no longer hosting zone files or responding to DNS queries for noelalvarez.org. Additionally, the Time to Live (TTL) was a maximum of (1) hours. So, I didn’t expect to find inconsistencies days later.

So, what could be causing the lack of synchronization in the NS records (remember, DNS is a distributed and hierarchial system by nature)? Upon basic troubleshooting I found that the GoDaddy name servers ns57.domaincontrol.com and ns58.domaincontrol.com did not contain the same NS records for noelalvarez.org using the nslookup utility (please see the screen shots below). I have contacted GoDaddy support and they have provided me with assurance that they will manually delete the NS records of ns21.cloudns.net, ns22.cloudns.net, ns23.cloudns.net, and ns24.cloudns.net from ns57.domaincontrol.com.


Microsoft Windows PowerShell – nslookup Configuration

You may use the following commands at a Microsoft Windows PowerShell to configure a default domain name system (DNS) server, for that instance, as well specify the type(s) of DNS records to resolve. This may be used for daily support of DNS.

  1. nslookup
  2. server <<<IP ADDRESS>>>
  3. set type=<<<DNS RECORD>>>
  4. domain.com

For example, if you wanted to configure the nslookup session to utilize a Google public DNS server (google-public-dns-a.google.com) and query the domain google.com for all DNS records you would enter the following commands.

  1. nslookup
  2. server 8.8.8.8
  3. set type=all
  4. google.com

Additionally, more information may be found using this link.


Red Hat Enterprise Linux 7 – BIND Installation and Configuration

Domain Name System (DNS) is an integral component of any Information Technology (IT) infrastructure. This is a step by step guide for configuring a Red Hat Enterprise Linux 7 public facing DNS server using the BIND software package. Additionally, I would like to add that, for the purposes of this demonstration the zone file created for noelalvarez.net is not pointing to the genuine Internet Protocol (IP) address of the website.

  1. Enter the command yum update -y to update the server.01
  2. Enter the command yum install bind-chroot bind-utils -y to install bind and DNS utilities.02-0102-0202-03
  3. Enter the command systemctl start named-chroot to start the DNS server.03
  4. Enter the command systemctl status named-chroot to verify the DNS server is running.04
  5. Enter the command rndc status to verify the name server control utility is running (i.e. server is up and running).05
  6. Enter the command journalctl -u named-chroot to verify there are no errors.06-0106-02
  7. Enter the command systemctl enable named-chroot to configure BIND to start automatically after a reboot.07
  8. Enter the command cd /etc to navigate to the etc directory.08
  9. Enter the command cp named.conf named.conf.2016111700 to create a copy of the named.conf file.09
  10. Using a text editor, edit the following fields in the name.conf file.
    1. listen-on port 53 { 127.0.0.1; }; NOTE: Add the Internet Protocl (IP) address of the host.10-01
    2. allow-query     { localhost; }; NOTE: delete localhost; and add any;.10-01
    3. Add a forward lookup zone.10-02
    4. Add a reverse lookup zone.10-02
  11. Enter the command named-checkconf to verify the named.conf file has not syntax errors.11
  12. Enter the command cd /var/named/chroot/var/named/ to navigate to the named directory.12
  13. Using a text editor create the zone file for a forward lookup. In this example it is noelalvarez.net.13
  14. Using a text editor create the zone file for reverse lookup. In this example it is the 67.205.160.0/24 IP address range.14
  15. Enter the command rndc reload to read the changes made to the named.conf and zone files.15
  16. Enter the command cd /etc to navigate to the etc directory.16
  17. Using a text editor, edit the resolv.conf file by adding configuring the server to use it’s IP address for name resolution.17
  18. Enter the command dig noelalvarez.net to query the name server for the A record of noelalvarez.net.18
  19. Additionally, you may use nslookup to query the name server for the various records that were created.19
  20. Lastly, you may query the name server from a host on an external network to verify it is a public facing DNS server.20

Microsoft Windows Server 2012 R2 – Verify Network Interface Card Status

You may use the Microsoft Windows PowerShell script below to verify the network interface card (NIC) status on servers running the Microsoft Windows Server 2012 R2 operating system. Additionally, the output of the script will be displayed in a graphical user interface (GUI).

<#
.SYNOPSIS
This script will verify the network interface card status of the selected servers.
.DESCRIPTION
This script will automate the process of verifying the network interface card status of the selected servers.
.EXAMPLE
N/A.
.AUTHOR
Written by Noel Enrique Alvarez on Thursday, August 05, 2016.
#>

#Verify the network adapter status of the branch servers
Get-NetAdapter -CimSession (Get-Content “C:\Scripts\Branch Servers.txt”) -Name NIC1, NIC2 | select SystemName, Status, MediaConnectionState | Out-GridView -Title “Network Adapters”

#End of script

 


Telnet – Testing Network Ports

You may use the command below, in the Windows command prompt or Windows PowerShell, to verify network ports are open on a specific host in your network. The example below is verifying that port Transmission Control Protocol (TCP) port 80 is open on Internet Protocol (IP) address 192.168.1.1.

Syntax: telnet <<<HOST>>> <<<PORT>>>
Example: telnet 192.168.1.1 80