본문 바로가기
Take configure for Loadbalancer on Ubuntu Ubuntu에 nginx를 설치하고, Loadbalancer가 되는 ubuntu server는 192.168.177.129 입니다. Backend Server 2대를 만듭니다. backend server는 192.168.177.131, 192.168.177.132 로 구성하였고 2대입니다. 외부 client가 LB의 VIP 192.168.177.129:80 or https://192.168.177.129:443 으로 접근을 하면, backend server로 LB를 할수 있게 구성하였습니다. kkeunuk@kkeunuk-virtual-machine:~$ cat -n /etc/nginx/sites-enabled/default 1 ## 2 # You should look at the following URL..
default configure of web server 1. install ssh server - sudo apt install openssh-server kkeunuk-virtual-machine:~$ sudo apt install openssh-server [sudo] password for kkeunuk: Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required: libflashrom1 libftdi1-2 libllvm13 Use 'sudo apt autoremove' to remove them. T..
Describe shared-tree / shortest path on Multicast Routing https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-networking-admin/ip-multicast/pim/shortest-path-shared-path-trees#:~:text=A%20shared%20tree%20is%20annotated,the%20RP%20to%20the%20receivers.
Regarding IKEv2 , How toTroubleshooting ## IPSEC_STATUS_DOWN, error: Authentication failed ## IPSEC_STATUS_DOWN, error: Authentication failed 2024-01-02T01:48:26.198Z pb1be07-be001-sam NSX 1921349 VPN [nsx@6876 comp="nsx-edge" subcomp="iked" s2comp="ike-stack" level="INFO"] IKEv2 packet S(123.41.124.13:500 -> 61.43.208.114:500): len= 256, mID=1, HDR(5cda6aab983534c3_i, ea917dff2c8aa9b6_r), IDi, IDr, AUTH, SA, TSi, TSr, N(HTTP_CERT_LOO..
Analysis releate to IPSEC VPN grep 'IKEv2 packet' syslog.* Down Reason Meaning Remedy Session disabled Admin has disabled the session Admin has disabled the session, enable the same IPSec service not active Status of VPN service used for the session is not active. Check for IPsec service admin status. Authentication Failure Edge failed to authenticate the peer, during IKE SA setup. Check for mismatch in IDs/auth credentials ..
DNS resolve 해보기. naver.com의 IP는 nslookup을 통해 알수 있다. kkeunuk@kkeunukD6W96 ~ % nslookup naver.com Server: 10.217.194.19 Address: 10.217.194.19#53 Non-authoritative answer: Name: naver.com Address: 223.130.195.200 Name: naver.com Address: 223.130.200.104 Name: naver.com Address: 223.130.195.95 Name: naver.com Address: 223.130.200.107 full resolver가 권한있는 DNS 서버에 질의하여 얻는 과정을 확인해보았다. TLD부터 2nd, 3rd domain 까지 확인 방법 1. ..
quagga bgp [root@bb-cent-78 ~]# cat /usr/share/doc/quagga-0.99.22.4/bgpd.conf.sample ! -*- bgp -*- ! ! BGPd sample configuratin file ! ! $Id: bgpd.conf.sample,v 1.1 2002/12/13 20:15:29 paul Exp $ ! hostname bgpd password zebra !enable password please-set-at-here ! !bgp mulitple-instance ! router bgp 7675 ! bgp router-id 10.0.0.1 ! network 10.0.0.0/8 ! neighbor 10.0.0.2 remote-as 7675 ! neighbor 10.0.0.2 ro..
libreswan으로 host간 IPSec VPN 구성 3\Test VMConAWS to SDDC 같은 NSX끼리는 VPN 연결구성 가능합니다. VMConAWS to TGW on VPN(AWS)도 VPN 가능합니다. https://www.gilles.cloud/2019/03/deploy-vmc-route-based-vpn-with-api.html 별로 VGW나 Tier GW없어도 host간 VPN설정이 가능합니다. libreswan으로 ipsec vpn site to site 구성 (policy base vpn, without vti) A Site / B site ipsec status [root@bb-cent-78 ~]# ipsec status 000 using kernel interface: netkey 000 interface lo/lo ::1@500 ..

티스토리툴바