Self Learner | Information Technology Enthusiast | Hamba Allah

My photo
Pribadi yang berdzikir itu : kalau bicara, bicaranya dakwah, diamnya berdzikir, nafasnya tasbih, matanya penuh ramat Allah, telinganya terjaga, pikirannya baik sangka, tidak suka sinis, pesimis dan tak suka memvonis. . dia tidak sibuk mencari kesalahan orang lain dan asik memperbaiki dirinya . . (Ust.Muhammad Arifin Ilham)

Tuesday, October 14, 2014

Free WAN Optimizer appliance "OpenNOP"



If an organization want to connecting their datacenter to another site via private link, usually they will use leased line from Service Provider and they will be charged depend on how much bandwidth leased. 5, 10, 20, 50, 100 Mbps or higher so it will be affected to cost :)

The challenge is with minimum bandwidth link which leased, how they can achieve it being double, triple, quadruple or even decuple, is it possible ? ah, that is so impossible, keep in mind that money talks :D,  the value of quality is straight with value of cost.

Actually it can be reached with WAN Optimization, WAN optimization also known as WAN acceleration, is the category of technologies and techniques used to maximize the efficiency of data flow across a wide area network (WAN). In market review, there are some WAN Optimizer appliance with various vendor which has ability to optimize the traffic, the one is Steelhead from Riverbed, I think till now it’s the most popular and being a market leader in WAN Optimizater product. The big problem is that appliance so very expensive, for SMB segment the capital expenditure is unreachable.

But don’t worry, there is an opensource WAN Optimizer appliance, that is called “OpenNOP” :)  . I have tried this appliance and working on it, I think the result is not bad. Check it out !


How to Install OpenNOP
 
These are a steps which you have to take for implementing OpenNOP as a WAN Optimizer in your organization, even it used with fully mesh topology, peer to peer or client server.

Before you perform installation, please check some minimum hardware requirements below for this appliance :
  • CPU: Dual-Core
  • Memory : 1024MB 
  • Disk: 40GB
  • NIC: 10/100Mb (2 interfaces)
If you have makesure that the hardware requirements already fixed so do these steps :

1. Download iso files from https://www.dropbox.com/s/50e0qubxfctcmhq/OpenNOP.x86_64-0.5.0.preload.iso

2. Install it to your physical server or virtual machine, both are possible to do.
Do Installation steps just with follow the wizard. Just for your information, This appliance is based on OpenSUSE 12.3 version, so all command prompt must following OpenSUSE command.

3. OpenNOP already installed and login to the system with credentials : User: root / Pass: linux

4. Configure the network configurations:
  • Setting IP Address eth0 : vi /etc/sysconfig/network/ifcfg-eth0
BOOTPROTO=static
IPADDR=192.168.2.110
NETMASK=255.255.255.0
NETWORK=192.168.2.0
BROADCAST=192.168.2.255
MTU=1500
ONBOOT=yes
USERCONTROL=no
STARTMODE=auto
ETHTOOL_OPTIONS=
MTU=
REMOTE_IPADDR=
  •  Setting IP Address eth1 : vi /etc/sysconfig/network/ifcfg-eth1
 BOOTPROTO=static
IPADDR=172.16.10.1
NETMASK=255.255.255.0
NETWORK=172.16.10.0
BROADCAST=172.16.10.255
MTU=1500
ONBOOT=yes
USERCONTROL=no
STARTMODE=auto
ETHTOOL_OPTIONS=
MTU=
REMOTE_IPADDR=
  •  Setting default gateway: vi /etc/sysconfig/network/routes
 default 192.168.2.1
  •   Setting DNS (Name Server): vi /etc/resolv.conf
 nameserver 8.8.8.8 
  •  Restart networking configuration: # service network restart
And verify all networking configuration, is it any improperly configuration?, or is all configuration already working fine ? test by ping to gateway


5. Disable firewall
There are 2 steps to deactivate the firewall in OpenNOP, with “yast” or using Command. if you want using “yast” it very simple, just type “yast” enter then select “Security and users” > Firewall > then disable firewall in startup tab like in screenshoot below :





Or in another option, you can turn-off the firewall with just typing this simple command :

# /sbin/SuSEfirewall2 stop           (option start/stop/status)

Whatever step do you want to take to activate it, all of them are effective to do.


6. Enable IP Forwarding
Each OpenNOP instance is running as a gateway in topology for every hosts behind it which would to be optimized. IP forwarding needed to enabled for make the connection/traffic from host able to goes through over this appliance.

For enable ip forwarding just using simple command below:

First step is checking is the IP Forwarding already activated or not by enter command :
# sysctl net.ipv4.ip_forward   
if the result is “net.ipv4.ip_forward = 0” which means that IP forwarding not active yet and you have to enable it using this command:
# sysctl -w net.ipv4.ip_forward=1
Then the result will be showing “net.ipv4.ip_forward = 1” which means that IP Forwarding successfully activated

7. Upgrade Appliance
My experience in the LAB stuff, OpenNOP installer from this source isn’t working due to need to be upgraded, so we have to upgrade this appliance first with following steps :
  • run: # zypper install perl
  • run: # zypper install glibc-locale
  • run: # zypper refresh
  • run: # zypper dup
  • run: # reboot
8. Install dependencies module
And we need to install additional software to this appliance, just install it with following run steps:
  • run: # zipper install libnfnetlink-devel
  • run: # zipper install libnetfilter_queue-devel
  • run: # zypper install libnl-devel
 9. Start OpenNOP Service
For the first we need to setup and start the kernel module before starting service with the command below :
# service opennop setup
# modprobe opennopdrv
# service opennop start
Now we get OpenNOP already running in our appliance and also with Optimization traffic which through over it.

To Stop OpenNOP service just enter commands:
# service opennop stop
# rmmod opennopdrv
 10. Verify
Let we verify that OpenNOP service was running on the appliance.




Ok, Have a lot of fun :)

Donny Achmadi,
(14 October 2014)

~ Spending my boring time ~

Wednesday, October 1, 2014

The Difference between VLAN Tagged, Untagged and Exclude


Many people confusing the difference between TAGGED, UNTAGGED and EXCLUDE when configuring VLAN.

Especially with VLAN configuration in HP Procurve Switch, So do i.
It so made me confuse, because it's quite different  with another common switch platform, where VLAN which need to be tagged to the port as either with access or trunk.

For the sample in cisco switch, if we want to tagging VLAN in one port or more so we just need tag that VLAN to the port, it's clear and so simply, but not with this HP Procurve Switch. because we need to determine all ports in each VLAN which added on switch.

There are terms for VLAN in HP Procurve switch, such as Untag, Tagged and Exclude, here is my definitions about mean of it :
1. Untag    : Port which configured access and tagged with specific VLAN
2. Tagged    : Port which already tagged with another VLAN
3. Exclude    : Port which exist with no one of VLAN ID, ussualy configured with Trunk

To make this describe clearly, let we see in this scenario.

In HP Procurve we have 24 ports and there is exist 2 VLAN ID; which are VLAN 10 and 20 with VLAN allocation on port below :

Port 1-12 for VLAN 10
Port 13-23 for VLAN 20
Port 24 set as Trunk

Then the configuration on HP Procurve switch will looks like below :



VLAN 10
port 1-12 untagged
port 13-23 tagged
port 24 exclude all

VLAN 20
port 1-12 tagged
port 13-23 untagged
port 24 exclude all

Trunk
port 24


This is knowledge, experience and what i got from my friends about configuration in HP Procurve v1810-24g, likely the concept of this VLAN is similar with Switch of Dell and others.

(Spare time at Office on 1 October 2014)