Solved

linux adding network ranges

Posted on 2008-10-26
7
446 Views
Last Modified: 2010-03-18
i have ISA, internal interface is 192.168.10.1
i can add 192.168.20.0/24
192.168.30.0/24 to ISA configuration, and i can create policy for users to have internet at those ranges

how can i add different ranges to a linux firewall?
0
Comment
Question by:ammadeyy2020
  • 4
  • 3
7 Comments
 
LVL 23

Expert Comment

by:Mysidia
ID: 22807973
Are you asking how to create iptables rules that will allow ranges of addresses access from inside?
Normally typing "iptables-save"   will show your current ruleset.

What do your rules look like right now?


Your Linux firewall will need an IP alias configured for each ip range you want to use on the inside.  Which is normally done by ethernet aliasing, i.e.

If say on a Redhat firewall,  eth1  is your internal private network interface
vi /etc/sysconfig/network-scripts/ifcfg-eth1:0
DEVICE=eth1:0
IPADDR=(second range's ip address)
NETMASK=(second internal mask)


normally one might add a range to be allowed with something like
iptables -A FORWARD -i eth1 -s 192.168.20.0/24 -j ACCEPT

But more changes might be needed, depending on how the NAT tables are setup..

A common practice would be to have

-t nat -A POSTROUTING  -j MASQUERADE

Essentially;  rules that allow the NAT, so long as forwarding is permitted.
Which may in fact sometimes be done with something like

iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

(In that case, the firewall only needs to have a gateway IP for each IP range that you want to add)

But most actual firewall appliances will likely have a stricter configuration.

And adding more ranges is a matter of editing that config in a way appropriate to the config you have already built.



0
 

Author Comment

by:ammadeyy2020
ID: 22810091
i want to give internet to the following ip ranges
192.168.10.0/24
192.168.20.0/24
192.168.30.0/24
192.168.40.0/24
192.168.50.0/24
192.168.60.0/24
192.168.70.0/24
192.168.80.0/24

im using clarkconnect as a firewall, which is running on redhat 3.4
0
 
LVL 23

Expert Comment

by:Mysidia
ID: 22810230
In the clarkconnect webconfig add a virtual IP  on each network you want to connect from the LAN
See here
http://www.clarkconnect.com/docs/Network_Settings_-_IP_Settings#Virtual_IPs

So you might add these virtual IPs as the LAN role
192.168.10.1   netmask=255.255.255.0
192.168.20.1   netmask=255.255.255.0
192.168.30.1   netmask=255.255.255.0
192.168.40.1   netmask=255.255.255.0
192.168.50.1   netmask=255.255.255.0
192.168.60.1   netmask=255.255.255.0
192.168.70.1   netmask=255.255.255.0
192.168.80.1   netmask=255.255.255.0





0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:ammadeyy2020
ID: 22811021
i tried that
im able to get internet from 192.168.10.0/24
because by 10 range address is assigned to NIC

virtual IP networks im unable to browse internet

i have done this setup in ISA 2006, im thinkin how to do it on linux
0
 
LVL 23

Expert Comment

by:Mysidia
ID: 22811840
Ok, add the virtual IPs.. make sure they're in a LAN role.

Login to the clarkconnect server using SSH
make sure you can ping its own virtual IPs from the box itself.
If not, then the virtual ips are probably not actually operational.


Run the  "iptables-save"    command  to display  the list of iptables rules
and paste the results,  so we can see what clarkconnect is doing...
0
 

Author Comment

by:ammadeyy2020
ID: 22812066
i can ping from firewall to 192.168.50.80
but from other pc's i cant ping
here is iptables-save

-A OUTPUT -o pptp+ -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
-A OUTPUT -o eth2 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 68 --dport 67 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 110 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 25 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 1875 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p gre -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 1723 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p udp -m udp --sport 500 --dport 500 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p ipv6-crypt -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p ipv6-auth -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j DROP
-A drop-lan -j DROP
COMMIT
# Completed on Mon Oct 27 17:50:35 2008
[root@gateway ~]#
[root@gateway ~]# clear
[root@gateway ~]# iptables-save
# Generated by iptables-save v1.3.5 on Mon Oct 27 17:53:20 2008
*nat
:PREROUTING ACCEPT [61245:3738980]
:POSTROUTING ACCEPT [1979:170280]
:OUTPUT ACCEPT [12805:785058]
-A PREROUTING -s ! 127.0.0.1 -p tcp -m tcp --dport 3128 -j REDIRECT --to-ports 82
-A PREROUTING -s 192.168.50.80 -d xxx.xxx.xxx.xxx -j DNAT --to-destination 192.168.10.10
-A PREROUTING -s 192.160.50.200 -d xxx.xxx.xxx.xxx -j DNAT --to-destination xxx.xxx.xxx.xx1
-A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 110 -j DNAT --to-destination 192.168.0.2:110
-A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.0.2:25
-A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 3000 -j DNAT --to-destination 192.168.0.2:3000
-A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.xx1:80
-A PREROUTING -d 192.168.10.10 -p tcp -m tcp --dport 80 -j ACCEPT
-A PREROUTING -d 172.30.143.100 -p tcp -m tcp --dport 80 -j ACCEPT
-A PREROUTING -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 80 -j ACCEPT
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -i eth2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 192.168.10.10 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d 192.168.10.10 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d xxx.xxx.xxx.xx1 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d xxx.xxx.xxx.xx1 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -o eth0 -p ipv6-crypt -j ACCEPT
-A POSTROUTING -o eth0 -p ipv6-auth -j ACCEPT
-A POSTROUTING -o tun+ -j ACCEPT
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 110 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 110 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 25 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 25 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 3000 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d 192.168.0.2 -p tcp -m tcp --dport 3000 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -d xxx.xxx.xxx.xx1 -p tcp -m tcp --dport 80 -j SNAT --to-source 192.168.10.10
-A POSTROUTING -s 172.30.143.0/255.255.255.0 -d xxx.xxx.xxx.xx1 -p tcp -m tcp --dport 80 -j SNAT --to-source 172.30.143.100
-A POSTROUTING -o eth0 -j MASQUERADE
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Oct 27 17:53:20 2008
# Generated by iptables-save v1.3.5 on Mon Oct 27 17:53:20 2008
*mangle
:PREROUTING ACCEPT [421429:89398775]
:INPUT ACCEPT [260482:71643795]
:FORWARD ACCEPT [160586:17704114]
:OUTPUT ACCEPT [216907:62479666]
:POSTROUTING ACCEPT [378010:80308526]
-A PREROUTING -p ipv6-crypt -j MARK --set-mark 0x64
-A PREROUTING -p tcp -m mark ! --mark 0x0 -j ACCEPT
-A PREROUTING -p tcp -j CONNMARK --restore-mark
COMMIT
# Completed on Mon Oct 27 17:53:20 2008
# Generated by iptables-save v1.3.5 on Mon Oct 27 17:53:20 2008
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:drop-lan - [0:0]
-A INPUT -s 64.39.104.38 -i eth0 -j DROP
-A INPUT -s 202.232.235.70 -i eth0 -j DROP
-A INPUT -s 221.239.1.58 -i eth0 -j DROP
-A INPUT -s 190.2.32.27 -i eth0 -j DROP
-A INPUT -s 219.136.252.243 -i eth0 -j DROP
-A INPUT -s 69.60.111.193 -i eth0 -j DROP
-A INPUT -s 211.244.224.3 -i eth0 -j DROP
-A INPUT -s 221.130.183.185 -i eth0 -j DROP
-A INPUT -s 218.23.37.51 -i eth0 -j DROP
-A INPUT -s 221.224.161.102 -i eth0 -j DROP
-A INPUT -s 218.22.88.59 -i eth0 -j DROP
-A INPUT -s 202.99.11.99 -i eth0 -j DROP
-A INPUT -s 193.227.116.16 -i eth0 -j DROP
-A INPUT -s 129.111.112.98 -i eth0 -j DROP
-A INPUT -s 203.142.195.92 -i eth0 -j DROP
-A INPUT -s 200.7.198.162 -i eth0 -j DROP
-A INPUT -s 218.53.97.7 -i eth0 -j DROP
-A INPUT -s 218.22.229.124 -i eth0 -j DROP
-A INPUT -s 218.22.244.45 -i eth0 -j DROP
-A INPUT -s 192.168.0.140 -i eth1 -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -s 167.216.252.1 -i eth0 -j ACCEPT
-A INPUT -m state --state INVALID -j DROP
-A INPUT -p tcp -m tcp --tcp-flags SYN,ACK SYN,ACK -m state --state NEW -j REJECT --reject-with tcp-reset
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -s 127.0.0.0/255.0.0.0 -i eth0 -j DROP
-A INPUT -s 169.254.0.0/255.255.0.0 -i eth0 -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -i pptp+ -j ACCEPT
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i eth2 -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -i eth0 -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 67 --dport 68 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 1875 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p gre -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p udp -m udp --sport 500 --dport 500 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p ipv6-crypt -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -p ipv6-auth -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -m mark --mark 0x64 -j ACCEPT
-A INPUT -d 192.168.10.10 -m mark --mark 0x64 -j ACCEPT
-A INPUT -d 172.30.143.100 -m mark --mark 0x64 -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -i eth0 -p udp -m udp --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -d xxx.xxx.xxx.xxx -i eth0 -p tcp -m tcp --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -j DROP
-A FORWARD -s 64.39.104.38 -i eth0 -j DROP
-A FORWARD -s 202.232.235.70 -i eth0 -j DROP
-A FORWARD -s 221.239.1.58 -i eth0 -j DROP
-A FORWARD -s 190.2.32.27 -i eth0 -j DROP
-A FORWARD -s 219.136.252.243 -i eth0 -j DROP
-A FORWARD -s 69.60.111.193 -i eth0 -j DROP
-A FORWARD -s 211.244.224.3 -i eth0 -j DROP
-A FORWARD -s 221.130.183.185 -i eth0 -j DROP
-A FORWARD -s 218.23.37.51 -i eth0 -j DROP
-A FORWARD -s 221.224.161.102 -i eth0 -j DROP
-A FORWARD -s 218.22.88.59 -i eth0 -j DROP
-A FORWARD -s 202.99.11.99 -i eth0 -j DROP
-A FORWARD -s 193.227.116.16 -i eth0 -j DROP
-A FORWARD -s 129.111.112.98 -i eth0 -j DROP
-A FORWARD -s 203.142.195.92 -i eth0 -j DROP
-A FORWARD -s 200.7.198.162 -i eth0 -j DROP
-A FORWARD -s 218.53.97.7 -i eth0 -j DROP
-A FORWARD -s 218.22.229.124 -i eth0 -j DROP
-A FORWARD -s 218.22.244.45 -i eth0 -j DROP
-A FORWARD -s 192.168.0.73 -j DROP
-A FORWARD -s 192.168.50.80 -d 192.168.10.10 -o eth1 -j ACCEPT
-A FORWARD -s 192.168.50.80 -d 192.168.10.10 -o eth2 -j ACCEPT
-A FORWARD -s 192.160.50.200 -d xxx.xxx.xxx.xx1 -o eth1 -j ACCEPT
-A FORWARD -s 192.160.50.200 -d xxx.xxx.xxx.xx1 -o eth2 -j ACCEPT
-A FORWARD -m ipp2p --kazaa --apple --winmx -j DROP
-A FORWARD -m mark --mark 0x64 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth1 -p tcp -m tcp --dport 110 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth2 -p tcp -m tcp --dport 110 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth1 -p tcp -m tcp --dport 25 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth2 -p tcp -m tcp --dport 25 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth1 -p tcp -m tcp --dport 3000 -j ACCEPT
-A FORWARD -d 192.168.0.2 -o eth2 -p tcp -m tcp --dport 3000 -j ACCEPT
-A FORWARD -d xxx.xxx.xxx.xx1 -o eth1 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -d xxx.xxx.xxx.xx1 -o eth2 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.10 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.10 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.4 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.4 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -p tcp -m tcp --dport 1863 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -p tcp -m tcp --dport 1863 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.178 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.178 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.195 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.195 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.199 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.199 -j DROP
-A FORWARD -s 192.168.10.0/255.255.255.0 -d 192.168.0.73 -j DROP
-A FORWARD -s 172.30.143.0/255.255.255.0 -d 192.168.0.73 -j DROP
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -i eth2 -j ACCEPT
-A FORWARD -i pptp+ -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -j DROP
-A OUTPUT -d 167.216.252.1 -o eth0 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o pptp+ -j ACCEPT
-A OUTPUT -o tun+ -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
-A OUTPUT -o eth2 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 68 --dport 67 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 68 --dport 67 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 110 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 25 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 1875 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p gre -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p tcp -m tcp --sport 1723 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p udp -m udp --sport 500 --dport 500 -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p ipv6-crypt -j ACCEPT
-A OUTPUT -s xxx.xxx.xxx.xxx -o eth0 -p ipv6-auth -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j DROP
-A drop-lan -j DROP
COMMIT
# Completed on Mon Oct 27 17:53:20 2008
[root@gateway ~]#
0
 
LVL 23

Accepted Solution

by:
Mysidia earned 500 total points
ID: 22818992
Well, this is a long and complicated ruleset. It's not trivial to find which entry is breaking internet access, short of analyzing every single table entry.    I suggest   on your own starting with zero counters, and using  iptables-save in a manner that checks counters, i.e.  iptables-save -c
The counters of the rule that is executed when attempting to create a connection should increase, which may give you a hint....hrm


I see the right entries in there for multiple ranges to work,  but I think some of these rules that appear to be intended to firewall traffic are interfering
and denying what would otherwise work.




Ok.. I take it  eth1  and eth2  are your LAN interfaces?
I see in the filter table...
-A FORWARD -i eth1 -j ACCEPT
-A FORWARD -i eth2 -j ACCEPT
As the applicable match..

But in your  NAT prerouting table there is:

-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -i eth2 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080

This redirects traffic from  port 80  on other hosts  to port 8080 on the local host.
I.e.  diverts internet traffic
You need a service running on port 8080 and forward + input  table rules to accept the traffic you are redirecting.


It seems likely that this transparent redirection of HTTP is partly a culprit.

You now have potentially, not only your iptables  ruleset  that can cause problems, but  whatever service is running on port 8080  to handle and forward the HTTP requests.



0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA Troubleshooting: Easy way to determine an interface's next hop 18 93
centos linux 65 155
Linux script delete files 3 47
parallel rsync issues with Ubuntu 1 24
Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question