Archive for the ‘ Networking ’ Category

Cisco Unified IP Phone 7912G – SIP to SCCP

As stated in my last post, I received my CCNP Lab Kit in the post last week.

In my excitement, I decided to switch my IP Phones from the SCCP firmware (which was the software originally on the phones) to the SIP firmware so that I could connect to VoIPTalk.

Now that the excitement has died down a little, I wanted to switch back to SCCP as, from what I can tell, it provides more features than SIP.

As I’m not too familiar with Cisco IP Phones, I started Googling for instructions on how to switch back, but I couldn’t really find any instructions on how to do so.

In the end I tried the same way I had originally upgraded to the SIP firmware. I edited my gkdefault.txt which originally contained the following line:

upgradecode:3,0x601,0x0400,0x0100,0.0.0.0,69,0x060111a,CP7912080000SIP060111A.sbin

And replaced it with:

upgradecode:3,0x601,0x0400,0x0100,0.0.0.0,69,0x070409a,CP7912080003SCCP070409A.sbin

You can read what the values mean on the Cisco site, but all I had to change was two last values of the line:

0x060111a -> 0x070409a

CP7912080000SIP060111A.sbin -> CP7912080003SCCP070409A.sbin

The first value I had to change was the build ID/date, which is (from what I can tell) the last few characters in the file name after the “SIP” or “SCCP” bit.

The second value is pretty self explanatory, its just the file name of the firmware file you have.

Next, I used cfgfmt to convert the file into a .cfg file compatible with the phones, and put it on my TFTP server.

I then restarted the phones, and behold! They were downloading the SCCP firmware image. :)

I’m not sure if this is the “correct” way to switch back to the SCCP firmware, but it worked for me and I don’t see why it wouldn’t be correct, it seems pretty obvious. The only reason I am a little confused is the fact that while searching for instructions to switch back, I found a lot of people having difficulties switching back and even some companies offering a “recovery” service for people in this situation.

Hopefully my post will help other people who are in this situation.

Now I just need to figure out how to get the CTU ringtone onto the phone. :D

2010
02/05
CATEGORY
Cisco
Networking
1 comment

RHEL5 iSCSI Target/Initiator

iSCSI is a protocol that allows you to use a disk in a remote machine, locally as a block device. It is a very popular SAN protocol, which allows the consolidation of storage into one large storage pool.

In iSCSI terminology, a target is a storage resource located on an iSCSI server and an initiator is a client which will be connecting to a target.

In this post I will demonstrate how to setup an iSCSI target and initiator on RedHat Enterprise Linux 5.

Target

RHEL5 has the stgt target daemon included with it. This is the server which allows initiators (clients) to connect to the disks using the iSCSI protocol. It is installable using yum:

yum install scsi-target-utils

To share a disk over iSCSI, you can either use a disk image, or a block device. I prefer to use LVM logical volumes as LVM allows easy management of free space.

Stgt’s configuration file lives in /etc/tgt/targets.conf, although most configuration can be done using the command line (although this is not persistant across reboots, so I prefer to use the configuration file).

To create a target, just add the following lines:

backing-store /dev/DiskArray/Archive1

Please note that you must replace iqn.2009-02.com.hamzahkhan:archive1 with your own domain name, and resource name. It must be in the iSCSI Qualified Name (IQN) format, iqn.yyyy-mm.{reversed domain name}:an_easy_to_remember_lablel.

The second line, backing-store /dev/DiskArray/Archive1 specifies the disk/disk image that is to become the target, I am using LVM logical volume although the procedure is exactly the same for disk images, and real physical disks.

By default, stgt will allow all IPs to connect to the target, which is highly insecure! To change this behaviour, it is possible to specify IP addresses which are allowed to use the targets. To do this, just place the following line under backing-store:

initiator-address 10.1.0.4

This will allow 10.1.0.4 to access the target.

Now, use chkconfig to make stgt start at boot, and start up the daemon.

/etc/init.d/tgtd start

chkconfig tgtd on

Thats all there is to it on the server side! All done :)

You can now connect to the target using any initiator, such as the one built into Windows Vista (although I have never tried using Windows).

Initiator

RedHat have included an iSCSI daemon which is also installable using yum:

yum install iscsi-initiator-utils

To connect to the target, edit /etc/iscsi/initiatorname.iscsi and change InitiatorName to something you prefer (Remember! it must be in the IQN format, iqn.yyyy-mm.{reversed domain name}:an_easy_to_remember_lablel. I usually use iqn.2009-02.com.hamzahkhan:hostname_of_box). Next start up iSCSId:

/etc/init.d/iscsid start

and use iSCSI target descovery to find the targets on the server:

iscsiadm -m discovery -t st -p $SERVERS_IP

If all is well, it should output the names of all the targets that the initiator is allowed to connect to!

Next, we need to create the disk nodes. To do this, RedHat have provided a nice start up script. This script will login to all the targets that the iSCSI daemon knows about. We have already used the iscsiadm command to tell the iSCSI daemon which targets exist on the server, so using the script is all that is left:

/etc/init.d/iscsi start

Thats all there is to it! :)

You should have a new disk node in /dev/. You can use lsscsi (yum install lsscsi) to find the exact name if you have a lot of USB/SATA/SCSI drives connected to the machine already.

Now all you have to do is partition the disk, and dump your files onto it :)

Please remember, you must NEVER mount a partition on two machines at the same time. Doing so will cause data loss!

It IS possible to mount the same disk on multiple machines, but this requires a special clustered filesystem such as GFS.

2009
05/17
CATEGORY
Linux
Networking
Operating Systems
TAGS


Write comment

OpenSWAN

Lately I’ve been playing with OpenSWAN and IPSec in general.

For the last few years I’ve been using OpenVPN as my home VPN server, but recently I bought a few Intel PRO/100 S Server Ethernet adaptors. From looking on the Intel site the only big difference I could see between these and regular Intel PRO/100 cards was that it has IPSec offloading, which I also remembered seeing IPSec support on my iPhone. So that got me looking into replacing OpenVPN with OpenSWAN on my home router.

In the past, I have come across IPSec quite often, but I never really looked into it. After a bit of reading, I decided to buy “Building And Integrating Virtual Private Networks With OpenSWAN“. I haven’t finished reading the book, but I can say that it is a very well written book for people looking to get started with IPSec. It has quite a nice introduction on the internet and why encryption is so important on the internet. It also explains how encryption was originally only used by the military and how governments around the world tried to stop encryption being used widely across the internet.

On Linux, there are two IPSec stacks, NETKEY and KLIPS. KLIPS is currently the more stable one, and from what I understand, the one which is easier to use. NETKEY on the other hand, is quite a new stack, but due to various reasons, KLIPS was not allowed to be included in the Linux kernel by default, where as NETKEY is.

Since my router machine is running RedHat Enterprise Linux 5, which only includes support for NETKEY, I have been using the NETKEY IPSec stack. So far, the only problem with the NETKEY stack is that creating firewall rules for encrypted packets is much more difficult than it would be using KLIPS, although I was not too disapointed by this since the KLIPS does not have IPv6 support, which, since I like IPv6 so much, is a must for me! :)

Although I had a bit of a problem with the OVH kernel, after a bit of tweaking and compiling and a lot of rebooting, I was able to create an encryted tunnel between my OVH RPS and my home router. If it had not been for all the trouble I had with the OVH kernel (it took quite a while to get the RPS to boot from the iSCSI disk using my custom kernel, rather than use netboot to fetch an OVH kernel), the tunnel would have been set up within a few minutes, which I found amazing as it takes a bit more time and effort to do with OpenVPN.

So far, I haven’t managed to figure out how to use the IPSec offloading feature of my ethernet cards, but I don’t think thats is really a problem considering my router machine is powerful enough to handle the few IPSec connections that I  have setup (Its a 2.4GHz Pentium 4 machine with 1GB ECC Reg RAM).

After a bit more reading, I decided it would be fun to try and get my iPhone connected to my IPSec Server, so over the next few days, hopefully thats what I will be doing! :)

2009
04/16
CATEGORY
Internet
Networking
TAGS



6 comments

Facebook!

After three or four quite useless posts, I thought it might be time for a “real” post, so here it goes! :)

As everyone might know, Facebook have rolled out the new layout and have removed the old one. In a final “fight” to use the old one, A LOT of facebook users joined the Facebook developers group, only to find that the old layout has been removed completely (as far as I know).

A lot of people think that there was not any “real” problem with the old facebook but the issue with the old layout that triggered the need for a new layout was the fact applications were shown on one page. This meant that some pages became VERY cluttered for the users who seemed to add every application available!

In my opinion, the main reason Facebook is such a sucessful site compared to other social networking sites is that it is neat. If you look at Hi5, MySpace, BeBo, they all use quite flat pages (very little to no AJAX!) which the user can modify the layout of through the use of CSS.

Most normal users would tell you they would LOVE to be able to customise the look of their profiles on Facebook, but most geeks would probably cringe at this idea. Why? Most people who use such social networking sites don’t really know much CSS or HTML, so they write bad CSS and create horrid pages which take way too long to render and sometimes even crash the browser.

Users who add too many applications are in effect doing the same thing. There are too many things to render (images, text, colours, sometimes even flash!), and so your over all Facebook “experience” is brought down to something which is not so plesurable.

Although most people may be thinking that the new layout gives them a worse experience, I’m pretty certain, it is much better than having cluttered profile pages which sometimes crash your browser :) .

I will accept that the new layout COULD be better, but there is no doubt about it, the new layout beats the old one overall.

2008
10/11
CATEGORY
Internet
TAGS
2 comments

BT!

BT finally fixed my telephone line! :D

Apparently there was a faulty cable going from the “cab” to the poll that provides the overhead cable into my house, so the guy just switched that, and now its all working great :D . My SNR is a lot more stable, and my connection hasn’t dropped since Monday :D . Another thing I noticed was that my
attenuation is lower than what it was :) .

Total Available Bandwidth           Cells/s           kbit/s
Downstream                 :     19308             8187
Upstream                   :      3125             1325

Bearer Generic Info               Downstream        Upstream
INP          (DMT)           :         6.23             0.00
Delay        (ms)            :         6.03             0.24
R                            :        16                0
Margin       (dB)            :        18.0              7.0
Attenuation  (dB)            :        14.0              6.0
OutputPower  (dBm)           :        18.0             12.0

2008
10/01
CATEGORY
Internet
Networking
TAGS


Write comment

Switching to O2 Broadband

As some of you might know, I recently switched from VirginMedia (Cable) to O2 Broadband (ADSL).

To do this, I had to get my BT Telephone line enabled, and my VirginMedia Telephone line canceled.

Although this seemed like an easy task, it was actually more difficult than I had expected.

I wanted to keep my old telephone number that I was using on my VirginMedia line, so BT had to do some number porting things which they said should take 1 week or so. So I waited, and after 1 week, it had not been done! In the end I had to wait 1 month for it to be done.

When the number had finally been ported, there was something strange up with the actual line, and I couldn’t get a dial tone, so a BT engineer had to come around and check it out. He fixed it, but he noticed that there was a lot of noise on the line (crackling sounds). After a bit of tweeking, the noise was bareable, but I wasn’t really fully pleased with that, as it would cause a problem with my ADSL connection once it was activated. Funnily, the noise isn’t there all the time, it is there very faintly at some times of the day, and VERY heavy at other times.

Anyway, I called up O2 and ordered the connection, and after a few days my line was activated and ready to go! BUT, I soon found out that everything was not as good as it seemed.

Whenever the phone rings, or the noise is high on the telephone line, my internet connection dropped and the modem had to re-sync, which takes a while. This sucks since I am an IRC user and I also host an IRC server. Every time the connection dropped, I pingout from all the servers I am connected to, and so does everyone who is connected to mine.

So after a bit of investigation (testing in the master test socket, changing filters, trying a different phone etc), I came to the conclusion that the noise on the line is the only thing that could be causing the disconnections. So I called up BT, and they sent an engineer to check it out, BUT the noise was VERY faint at that time, so he had to leave without doing much, (he checked all the connections where he could etc, but understandably that was all he could really do if the noise wasn’t there at the time).

Even after his checks, the noise is still currently there, so I am having to call BT up again. They told me they will send another engineer around who will check it out and hopefully the noise will be there when he gets here. I don’t know how long this will keep going on for, (an engineer coming to check it out, then leaving cause its not there at that time etc).

Hopefully this problem will be resolved soon as it is driving me insane!

Until then, if anyone has any ideas that may help, please comment! :)

2008
09/21
CATEGORY
Internet
Networking
TAGS





Write comment

Back from the dead!

I finally decided to put my blog back up!

Well, its not actually back up really. As some of you might know, I’m learning Ruby and I will re-create my site completly in Ruby on Rails! So for now, this blog is temporary, and I will attempt to “import” all the posts from here, into my new Ruby on Rails blog once it is ready. :D

So far I LOVE Ruby/RoR! I managed to get a fully functional Photo gallery within 15mins!

I’ve also been playing with various RedHat products and also been learning various things needed to take the Cisco CCNA exam :) .

I’m trying to learn how to set up RADIUS, LDAP and Kerberos and thought it would be a good idea to try out RedHat Directory Server :) . Although I would like to understand how to set up OpenLDAP manually, I think RedHat have done a really good job at creating a LDAP server which does everything by its self :D . It would be really handy in a large organisation.

From looking around the RedHat site, I also found RedHat Enterprise IPA, which seems like a very interesting project. So I will be trying that out later too! :)

I’m also playing with Active Directory 2003 (Microsoft are giving Windows Server 2003 away for free to students!), and I will try to “connect” RedHat Directory Server and Enterprise IPA, from what I understand, it can be done :o .

Hopefully I’ll be taking Cisco CCNA exam soon, so I’ve been reading various books that “teach” the stuff that I need to know to pass the exam :O.

2008
09/05
CATEGORY
Cisco
General
Linux
Networking
Operating Systems
Programming
Ruby on Rails
Windows
TAGS








3 comments