Architecture Change

Well since moving into the house I have had a little time to tinker with the home lab setup. I have made some drastic changes, as usual, the most drastic here. I am afraid my ESXi box is going by the way side. Here is the issue we face:

As you can see my ESXi is clearly having a problem with my means of storage. I used to have another box in my lab, the iSCSI Fedora box that I wrote about earlier. This is not feasable as I need that machine for other things, and it is kind of defeating the purpose of having an all-in-one virtualization platform. I have decided to make the switch to Windows Server 2008 R2 Server Core with Hyper-V. A tough decision but I am tired of worrying about driver compatability, and I usually do not have to worry about this with Microsoft Operating systems. I have also used the other big two, Xen and ESXi, so I feel I have to be fair, and I might even decide I like this option the best.

Update: things simply are not working with me. I started out by installing a Server Core system, thinking, "a challenge will be nice," and things immediately go sour. I have problems connecting to the remote core system with RSAT, even after enabling winRM and taking all the appropriate steps (setting IP address, host name, etc.) - Microsoft suggests (or perhaps requires is a better word) that you have both the server and the client (in this instance my Windows 7 workstation) joined to a domain. I have no pre-existing domain in my environment. My domain server I have always wanted to virtualize, but since this is structured this way it almost seems like you should always have a MS box over there in the corner running AD/DNS - providing LDAP function essentially; a way to organize and provide central [database-centered] management for your network. (Perhaps I should order another 1U server like my IBM x series 306 for pfSense and run OpenLDAP? Another day...)
 
My idea was to have a one-box-do-all Virtualization solution. With VMware I am not going to get around this issue until I decide to buy a RAID card, and decent one's are pricy. I uninstalled server core and installed the GUI, and more problems. Active directory probably took 4 hours to install. Then, the server takes 10-12 minutes to start up. All the server has running is DNS and ADDS. This is impossible to manage.

I have pretty much scrapped this idea and decided to take a stab at another hypervisor. Another big one I have heard mentioned with great fervor but less commonly, is KVM and Proxmox has this ability. I am not too familiar with KVM but I have used Proxmox before and it looked interesting. We will see how things work out, such as storage hardware/Realtek NIC ability, etc.

Configuring Fedora as an iSCSI target for VMware ESXi

My Experience:

After much extensive testing, head scratching, and late nights I have figured it out. You would not think setting up an iSCSI target in linux would be that big of a thing, but I was fortunate to have nearly every problem in the book. The frustration started out with a box that for some reason would not let me install things on it. NOTHING. I was originally going to go with OpenFiler, to make things simple. I needed to configure iSCSI because ESXi 5 was not seeing my hard drive. In retrospect, the controller was being seen, just not the hard drive, which leads me to believe with some tweaking I could have made it work, but I guess I just took it as an opportunity to set up iSCSI.

Anyway, this box hated openfiler. The first disk I used had corrupted tar files, others would not get back the initial screen. Installs would fail and drop to intramfs, etc. So I decided to try Ubuntu. Ubuntu was the same story. This machine hated it as well. Dropped to intramfs, wouldn't install (referenced here)

Eventually I got Ubuntu 11.04 server installed and followed the iSCSI setup procedure here but to no avail. In retrospect, it might have been a firewall issue, since I could not get ESXi to see my Fedora iSCSI volumes until turning the firewall completely OFF, but in the end it didn't work and I decided to see whether Fedora 15 would install. I am more familiar with Red Hat anyway since I had a class on it.

Fedora 15 xfce desktop installed beautifully without a hitch. Now to getting iSCSI set up. Note I always update on new installs. (yum update)

Procedure:

 Foreword: It is important to understand the LVM. LVM stands for Linux Logical Volume manager and is composed of

• PV's (Physical Volumes) - unused partitions on hard disks the LVM can use to store information.
• VG's (Volume Groups) - contains one or more physical volumes. Represents a pool of hard disk storage space that is available to the LVM for creating volumes. Additional physical volumes can be added to a volume group after creation.
• LV's (Logical Volumes) - useable volumes that are created by the LVM from the available space in the volume group. They contain a filesystem and are mounted to a directory in the Linux filesystem hierarchy. Logical volumes can be re-sized to use more or less space.

Step 1: Create a physical volume. In this instance we are creating a physical volume out of the second SATA drives first partition. I usually use CFDISK (cfdisk /dev/sdb) to partition the disk to the appropriate size I need. Note that you can list physical volumes with pvdisplay.

pvcreate /dev/sdb1  

Step 2: Create the volume group:

vgcreate -s 32M vg_target00 /dev/sdb1

This command creates a volume group. The -s tack denotes physical extent size (PE). A large PE size results in larger write operations and larger max filesystem size for the logical volumes. In this example we have chosen 32MB which will allow for a max logical volume size of 2TB, which should be sufficient for most users.

vg_target00 is simply the name of the volume group and /dev/sdb1 is the target physical volume.

Step 3: Create the logical volume:

lvcreate -L 100G -n lv_target00 vg_target00

This command creates a logical volume of 100G with the name of lv_target00 (once again, you can make this whatever you want as long as you reflect that in your config files) in the volume group of vg_target00 we created earlier.

Step 4: Install the iSCSI target program:

yum -y install scsi-target-utils

Step 5: Edit the config file:

nano /etc/tgt/targets.conf

There is a lot of garbage in this file, worth reading if you are clueless, but all you really need to look for is the part that starts with #<target and un-comment it. It should look like this:

<target iqn.2011-10.local.iscsi:target00>

backing-store /dev/vg_target00/lv_target00

initiator-address 192.168.1.1

</target>

iqn looks complicated but it is really just iqn.year-month.domain name reversed:pick a name

Save and exit..

Step 6: Start your server

/etc/rc.d/init.d/tgtd start

Step 7: Configure iscsi service to start at boot

chkconfig tgtd on

Note: You can check the status with:

tgtadm --mode target --op show

# make sure status

Note: You may have to disable Fedora's Firewall. If you are in a command line environment issue: 

service iptables stop

Now all you have to do is set it up on the ESXi server: 

 And that's it! Hope this post was helpful.

SSH on CISCO Router

Here are the steps required to install SSH on a Cisco Router:

First you need to determine if you have the required IOS - IOS images with "K9" in the name will do. Not all routers support SSH. I am using the 2600 series.

Second log into your router and give it a host name with:

hostname R1

You will also need to configure a domain name:

ip domain name your-domain.com

Then use ip ssh to change the version to 2 if possible. You will not always be able to rely on ssh v2, but even version 1 will provide substantially better protection then telnet:

ip ssh version 2

Once you have that done go ahead and enter:

crypto key generate rsa

Then you have the option to choose how many bits the keys will be anywhere between 360 and 2048, I choose 1024 since it is very secure and the router can create the key quickly. The default is 512.

Then the final step. Create a user for ssh login and secure the vty lines:

user username privilege level 15 password yoursupersecrepassword

R1(config)#line vty 0 ?

  <1-181>  Last Line number

  <cr>

R1(config)#line vty 0 181

R1(config-line)#login local

R1(config-line)#trans

R1(config-line)#transport input ssh

R1(config-line)#exit

R1(config)#exit

That is pretty much it! You can now login through putty or other ssh clients.

Transfer to XenServer

I have transferred to XenServer for the time being. Hardware is better supported. I don't have to shell out 30$ per NIC to simply get it installed. I am finding that it simply does not work as well as ESXi, or rather there is more "hacking" to get things working correctly.

Converted my "gaming" rig (Gigabyte 890FX-UD5 Phenom X6 1100T, 16GB RAM, HD 6870) into the XenServer, and my old ESXi server (Nvidia 680i SLI, Intel Core 2 E6600, 8GB RAM, HD5670) into my workstation. Eventually I plan on upgrading this to a QuadCore and swap the videocards (no need to have such a beefy card in the XenServer), but the Q8300, even being 5 years old is STILL over 100$ (damn you Intel - I wont buy your stuff anymore!). 

Anyway, as you can see, the Phenom X6 and 16GB are just laughing at my VMs. This is what I like to see:

Once I get the VM's installed I want for this Lab I am going to add one of these I have laying around:

I am hoping XenServer likes them that way I can give each client XP VM it's own NIC and test restricting inter VLAN routing with PFSENSE. Still have to get a decent PFSENSE box up and running as well. Looking at maybe buying an old 1U P4 server with a gig of RAM off Ebay, since I want everything rack mounted eventually anyway.

Dynamips/Dynagen Update

Hello again. I decided to ditch the poweredge 2650. Dynamips/dynagen was simply not running well on it. I am not sure why. I was not having any luck configuring the loopback interface and terminal server either. My goal was to be able to use a tabbed terminal emulator/SSH/Telnet program to telnet into my virtual access server. For some reason Dynagen would not load the routers all the way whenever I un-commented the NIO_gen_eth:tap0 line in my .net file. Additionally, I could not ping the local loopback tap0 on the server from my LAN, meaning telnet was obviously not going to work.

You can see CPU/memory usage is minimal, even on the Ubuntu VM with only 2GB RAM. Granted I am only running 2 routers and have no active routing, but with the right idlepc values, it shouldn't be a problem. The tabbed console for routers is very nice, and I will list the command for this when I write my HOWTO on this lab setup. 

My Current Lab Setup

I just wanted to post a couple pictures of my current lab setup. I was working with physical routers, but I decided to move to Dynamips/Dynagen to save money and time. I HIGHLY recommend to anybody that is looking to study for the CCNA and especially higher level-certifications to invest the time and money in a dedicated Dynamips/Dynagen server, such as the one I have pictured below. It is a Dell Poweredge 2650 server that I grabbed off Ebay for oh, probably 150$ a couple years back. It has been largely unused since I bought it, and I even bought 4x74GB SCSI hard drives for it a while back as well. The problem with it is that is it VERY LOUD, and having this in my living room here has been a royal pain. 

The reason I put it here in the first place was primarily because remote desktop into Ubuntu is painfully slow, even over a gigabit connection. I have not tried it with my gigabit Pfsense router to see if this improves the connection, but I plan to in the future. It would probably help to put a PCI video-card into the poweredge as well, but the object here is to save money. 

The plan is to run a Terminal Server inside Dynamips, ssh into Ubuntu, and then Telnet into the Terminal server. May sound like an overly-complicated way to do things, but it is working very well so far. I worked on it about 4 hours yesterday and I have only to tweak the terminal server and everything should be working perfectly. Then I can move the beast into the closet and give my ears a break!

Note: I HIGHLY recommend you take the time and effort to set up Dynagen/Dynamips WITHOUT GNS3, AND on a Linux Distribution. I was working with GNS3 over Packet Tracer to take advantage of some of the extra functionality, but GNS3 just kept crashing on me! Now that I have this running, on Ubuntu (much less resource intensive then Windows): http://youtu.be/-6SB-F_5Ce0 and everything is stable and barely touching the Poweredge 2650 (2x Intel Single cores w/Hyperthreading and 4gb RAM). You could build a small desktop with this kind of power for probably less then 400-500$.

About this Blog

Hello and welcome to Bits and Bytes. This Blog is going to be an ongoing work in progress, but I thought I would share with everyone my journey through the digital world. I am a 21 year old computer guru from Minnesota currently working on my CCNA, and MCSE ( as well as an AAS in computer network technology that has currently been put on hold). 


This blog will simply be a collection of my work and information that I hope some may find helpful. This will also be comparable to a cloud storage for useful information that I can refer back to in the future. I hope those that may stumble upon it find it useful and informative; if it gains any popularity I will put more work into it, but for now I will just work on it as time permits. Happy reading!