networking – Attempting to drop packets to simulate a network failure

I have a switch running Linux with multiple devices on it.
I’m attempting to simulate a network outage on one of the devices.

I’ve attempted to drop the packets with both netem and iptables using either one of the commands:

tc qdisc add dev <interface> root netem loss 100%

or

iptables -A INPUT -i <interface> -p all -j DROP

However, the device stays connected.

Any ideas?

router – forwarding packets between two openvpn tunnel networks on the same host

I have two p2p tunnels to two different servers on a host, tun1 and tun2:

(Server 1: IP1) <–> (Host: IP0) <–> (Server 2: IP2)

For tun1 to server 1 I have:

proto       udp
mode        p2p
remote      IP1
rport       4856
local       IP0
lport       4856
dev-type    tun
tun-ipv6
resolv-retry infinite
dev  tun1
comp-lzo
persist-key
persist-tun
cipher aes-256-cbc
ifconfig 192.168.76.2  192.168.76.3
secret /etc/openvpn/key.key

for tun2 to server 2 I have:

proto       udp
mode        p2p
remote      IP2
rport       4857
local       IP0
lport       4857
dev-type    tun
tun-ipv6
resolv-retry infinite
dev  tun2
comp-lzo
persist-key
persist-tun
cipher aes-256-cbc
ifconfig 192.168.77.2  192.168.77.3
secret /etc/openvpn/key.key

I want to forward packets received on tun1 with dst=IP4 to tun2 so I added a static route:

ip route add IP4/32 via 192.168.77.3

All tunnel interfaces are connected to their corresponding servers and up.
When I send packets from Server 1 with dst=IP4 to the tunnel, packets are received in host but they are not forwarded to tun2 and I cannot see them in Server 2 using tcpdump.
Any idea?

networking – is it normal to have udp packets loss with mtr to 8.8.8.8?

networking – is it normal to have udp packets loss with mtr to 8.8.8.8? – Super User

Detecting Ethernet over power by packets

If someone could plug an Ethernet over power (EOP, Homeplug) into the switch and then connect elsewhere in the building, can i detect this device by sniffing the packets with tools like wireshark or tcpdump?

How to tag IPv4 and IPv6 packets with different VLAN tags on a Linux router?

I want to tag incoming IPv4 and IPv6 packets from a dual stack enabled connection with different VLAN tags, e.g. IPv4 packets should go to VLAN4 and IPv6 packets should go to VLAN6.

                         Linux Box
                      Debian Bullseye
       untagged         ┏━━━━━━━━━━┓      tagged (trunk)
════════════════════════┫eth0  eth1┣════════════════════════
     IPv4 and IPv6      ┃  router  ┃    IPv4 with VLAN4 tag
      dual stack        ┗━━━━━━━━━━┛    IPv6 with VLAN6 tag

I had a look at the Linux bridge and at nftables but wasn’t able to find a solution. How can I achieve this selective tagging?

Cisco Router with FastEthernet 0/0 and 0/1 enabled with IPs on different subnets – but does not route IP packets between interfaces

Experts, I recently stood up a Cisco 2600 Router in my home lab for self-training purposes. It currently has a configuration in place which allows me to ping and remote into from anywhere on my 192.168.1.0/24 network. When I reach it from my network, I hit FastEthernet 0/1 with a configured IP of 192.168.1.250. I then configured the FastEthernet 0/1 port with IP of 10.1.12.1/24, and that port is up, but even while remoted into the router itself, I cannnot ping 10.1.12.1. This occurred even after I entered ip routing into the configuration. I don’t get it, why can’t the router ping its own 10.1.12.1 (FA 0/1) interface but ping 192.168.1.250 (FA 0/0) just fine? The configuration is so simple and small, not even any VLANs, that I have pasted it down below in hopes that someone might give an answer. I want to do only static routing at this point, for training purposes. I will move up to RIP and OSPF routing later once I get this part working.

!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco2600
!
boot-start-marker
boot system flash flash:c2600-advipservicesk9-mz.123-11.T5.bin
boot-end-marker
!
enable password szcv7297845sldhv
!
username szcv7297845sldhv password 0 szcv7297845sldhv
no network-clock-participate slot 1 
no network-clock-participate wic 0 
no aaa new-model
ip subnet-zero
!
!
ip cef
ip domain name alpha.local
ip ips po max-events 100
ip ssh source-interface FastEthernet0/0
no ftp-server write-enable
voice-card 1
!
!
!
interface Loopback0
 description This is the loopback
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.1.250 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 ip address 10.1.12.1 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 10.0.0.0
 network 192.168.1.0
 no auto-summary
!
ip classless
!
!
no ip http server
no ip http secure-server
!
logging 192.168.1.10
access-list 33 permit 192.168.1.0 0.0.0.255
snmp-server community szcv7297845sldhv RW
!
!
!
control-plane
!
!
!
voice-port 1/0/0
!
voice-port 1/0/1
!
!
!
!
!
!
!
line con 0
 logging synchronous
line aux 0
line vty 0 4
 password szcv7297845sldhv
 login
 transport input telnet ssh
!
!
end

networking – How to capture wireless packets over Ethernet port along with Wired

I am trying to capture and analyze my network traffic. We have a wireless router and it have clients as both wired and wireless.

My Kali computer which is connected to the router over Ethernet port and with Promiscuous mode ON.

While the packets are captured and analyzed in wireshark, I noticed in Wireshark, the Wired clients traffic is captured with all protocols but for wireless clients only MDNS protocol packets, but not any TCP or UDP packets.

I am trying to understand, what is the reason, behind not getting Wireless clients packets along with wired when packet capture is running on Ethernet Promiscuous mode?

Is there any other way to accomplish this – capture both wired and wireless packets on Ethernet Promiscuous mode?

Thanks

wifi – How to capture wireless packets

I am trying to analyze my own network traffic. I have a wireless router and its clients are both wired and wireless.

On my Kali computer which is connected to the router over Ethernet port and with Promiscuous mode, captured the packets in wireshark, but I noticed in Wireshark for wireless clients only MDNS protocol packets are appearing but not any TCP or UDP.

What is the reason, behind not getting all the packets that router is processing over Ethernet port in my case?

Is there any other way to accomplish this?

wifi – Does my wireless adapter support the packet injection if I it can send deauth packets?

So, I want to know a little bit about wifi security and I am interested on some questions. So, I want to know when somebody sends the deauth packets does it mean that the deauth packets are the packet injection proccess? Does my wireless adapter support the packet injection if I it can send deauth packets?

performance – mariadb: Aborted connection .. Got timeout reading communication packets

What is the typical cause of warnings such as this? They appear periodically, sometimes multiple times per day then not for a day or so.

2021-01-08 13:20:46 203939 (Warning) Aborted connection 203939 to db: ‘lsv’ user: ‘finder’ host: ‘23.227.111.186’ (Got timeout reading communication packets)

This database server is only queried by a few hosts, and it seems to happen with all hosts and all databases on the host. This server is connected by a 1gbit link to the Internet as well as a 10gbit local link to a web server.

This is a mariadb-10.4.17 server on fedora33 with a 5.9.16 kernel and 128GB of RAM. It’s the only function of this box. It’s been happening for quite some time. It doesn’t seem to matter How do I troubleshoot this? Could this be a networking problem?

I would appreciate any ideas you might have. Here is the contents of the my.cnf.

# cat my.cnf |grep -Ev '^$|^#'
(client)
port            = 3306
socket          = /var/lib/mysql/mysql.sock
default-character-set = utf8mb4

(mysqld)
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
max_connections=600
replicate_do_db='txrepdb'
replicate_do_db='sqlgrey'
replicate_do_db='sbclient'
port            = 3306
socket          = /var/lib/mysql/mysql.sock
skip-external-locking
key_buffer_size = 256M
max_allowed_packet = 512M
join_buffer_size = 2M 
read_rnd_buffer_size = 4M
myisam_sort_buffer_size = 64M
query_cache_size = 0
query_cache_type = 0
relay_log_space_limit = 500M
relay_log_purge = 1
log-slave-updates = 1
local_infile = OFF
binlog_format = ROW
max_heap_table_size = 1024M 
tmp_table_size = 1024M 
performance_schema=ON
performance-schema-instrument='stage/%=ON'
performance-schema-consumer-events-stages-current=ON
performance-schema-consumer-events-stages-history=ON
performance-schema-consumer-events-stages-history-long=ON
relay-log=havoc-relay-bin
log_bin                 = /var/log/mariadb/mysql-bin.log
expire_logs_days        = 2
max_binlog_size         = 500M
plugin_load=server_audit=server_audit.so
plugin_load_add = query_response_time
server_audit_events=connect,query
server_audit_file_path                  = /var/log/mariadb/server_audit.log
server_audit_file_rotate_size           = 1G
server_audit_file_rotations             = 1
slow-query-log = 1
slow-query-log-file = /var/log/mariadb/mariadb-slow.log
long_query_time = 1
log_error = /var/log/mariadb/mariadb-error.log
binlog_format=mixed
server-id       = 590
report-host=havoc.example.com
innodb_data_home_dir = /var/lib/mysql
innodb_defragment=1
innodb_file_per_table
innodb_data_file_path = ibdata1:10M:autoextend:max:500M
innodb_buffer_pool_size=60G
innodb_log_file_size = 1G
innodb_flush_log_at_trx_commit = 2
innodb_flush_method=O_DIRECT
innodb_lock_wait_timeout = 50
innodb_buffer_pool_instances = 40
open_files_limit=30000  # from 1222 for ~ 50% of planned ulimit -a Open Files of 65536
innodb_open_files=10000  # from 512 to match table_open_cache
innodb_log_buffer_size=64M  # from 8M for ~ 30 minutes log buffered in RAM
innodb_page_cleaners=15  # from 4 to expedite page cleaning
innodb_purge_threads=15  # from 4 to expedite purge processing
innodb_write_io_threads=64  # from 4 to expedite multi core write processing SE5666 Rolando
innodb_read_io_threads=64  # from 4 to expedite multi core read processing SE5666 9/12/11
read_rnd_buffer_size=262144  # from 4M to reduce handler_read_rnd_next of 124,386 RPS
innodb_io_capacity=2100  # from 1100 to allow higher SSD iops
innodb_lru_scan_depth=100  # from 1024 to conserve CPU cycles every SECOND
max_connect_errors=10
table_open_cache=10000  # from 512 to reduce opened_tables RPS of 1
read_buffer_size=1572864 # from 1M to reduce handler_read_next of 32,317 RPS
table_definition_cache=10000  # from 400 to reduce opened table_definitions RPS of 1
log_slow_verbosity=explain  # from nothing or ADD ,explain to enhance SLOW QUERY log
query_prealloc_size=32768 # from 24K to reduce CPU malloc frequency
query_alloc_block_size=32768 # from 16K to reduce CPU malloc frequency
transaction_prealloc_size=32768 # from 4K to reduce CPU malloc frequency
transaction_alloc_block_size=32768 # from 8K to reduce CPU malloc frequency
innodb_fast_shutdown=0
aria_pagecache_division_limit=50  # from 100 for WARM blocks percentage
aria_pagecache_age_threshold=900
innodb_adaptive_max_sleep_delay=20000  # from 150000 ms (15 sec to 2 sec) delay when busy
innodb_flushing_avg_loops=5  # from 30 to minimize innodb_buffer_pool_pages_dirty count
max_seeks_for_key=64  # from ~ 4 Billion to conserve CPU
max_write_lock_count=16  # from ~ 4 Billion to allow RD after nn lck requests
optimizer_search_depth=0  # from 62 to allow OPTIMIZER autocalc of reasonable limit
innodb_print_all_deadlocks=ON  # from OFF to log event in error log for DAILY awareness
wait_timeout=7200
innodb_flush_neighbors=0 # from ON to conserve CPU cycles when you have SSD/NVME
interactive_timeout=7200
innodb_buffer_pool_dump_pct=90  # from 25 to minimize WARM time on STOP / START or RESTART
innodb_fill_factor=93
innodb_read_ahead_threshold=8  # from 56 to reduce delays by ReaDing next EXTENT earlier
sort_buffer_size=1572864 # from 1M to reduce sort_merge_passes RPS of 1
innodb_stats_sample_pages=32  # from 8 for optimizer to use more accurate cardinality
min_examined_row_limit=1  # from 0 to reduce clutter in slow query log
query_cache_limit=0  # from 2M to conserve RAM because your QC is OFF, as it should be.
query_cache_min_res_unit=512  # from 4096 to increase QC capacity, if EVER used

(mysqldump)
quick
max_allowed_packet = 16M

(mysql)
no-auto-rehash
default-character-set = utf8mb4

(myisamchk)
key_buffer_size = 128M
sort_buffer_size = 128M
read_buffer = 2M
write_buffer = 2M

(mysqlhotcopy)
interactive-timeout

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123