Overview

Here are some basics on configuring PXE boot using legacy or the new UEFI LEGACY UEFI Applying Filters subnet 10.10.10.0 netmask 255.255.254.0 { option domain-name "hosangit.corp"; option domain-name-servers 10.10.250.11, 10.44.88.11, 10.44.112.234; option routers 10.10.10.1 ; option option-242 "L2QVLAN=2106"; infoblox-client-association-grace-period 86400; if (substring(option vendor-class-identifier,0,20)="PXEClient:Arch:00000") { # Option filter "PXE USCHI1 Legacy" option vendor-encapsulated-options "01:P04:00:00:00:00"; option vendor-class-identifier "PXEClient"; server-name "10.10.250.21"; next-server 10.10.250.21; filename "smsboot\x5cx64\x5cwdsnbp.com"; } elsif (substring(option vendor-class-identifier,0,20)="PXEClient:Arch:00007") { # Option filter "PXE USCHI1 UEFI" option vendor-encapsulated-options ff; option vendor-class-identifier "PXEClient"; server-name "10.10.250.21"; next-server 10.10.250.21; filename "smsboot\x5cx64\x5cwdsnbp.com"; }

For quick reference Code Description 0 Pad. 1 Subnet Mask. 2 Time Offset (deprecated). 3 Router. 4 Time Server. 5 Name Server. 6 Domain Name Server. 7 Log Server. 8 Quote Server. 9 LPR Server. 10 Impress Server. 11 Resource Location Server. 12 Host Name. 13 Boot File Size. 14 Merit Dump File. 15 Domain Name. 16 Swap Server. 17 Root Path. 18 Extensions Path. 19 IP Forwarding enable/disable. 20 Non-local Source Routing enable/disable. 21 Policy Filter. 22 Maximum Datagram Reassembly Size. 23 Default IP Time-to-live. 24 Path MTU Aging Timeout. 25 Path MTU Plateau Table. 26 Interface MTU. 27 All Subnets are Local. 28 Broadcast Address. 29 Perform Mask Discovery. 30 Mask supplier. 31 Perform router discovery. 32 Router solicitation address. 33 Static routing table. 34 Trailer encapsulation. 35 ARP cache timeout. 36 Ethernet encapsulation. 37 Default TCP TTL. 38 TCP keepalive interval. 39 TCP keepalive garbage. 40 Network Information Service Domain. 41 Network Information Servers. 42 NTP servers. 43 Vendor specific information. 44 NetBIOS over TCP/IP name server. 45 NetBIOS over TCP/IP Datagram Distribution Server. 46 NetBIOS over TCP/IP Node Type. 47 NetBIOS over TCP/IP Scope. 48 X Window System Font Server. 49 X Window System Display Manager. 50 Requested IP Address. 51 IP address lease time. 52 Option overload. 53 DHCP message type. 54 Server identifier. 55 Parameter request list. 56 Message. 57 Maximum DHCP message size. 58 Renew time value. 59 Rebinding time value. 60 Class-identifier. 61 Client-identifier. 62 NetWare/IP Domain Name. 63 NetWare/IP information. 64 Network Information Service+ Domain. 65 Network Information Service+ Servers. 66 TFTP server name. 67 Bootfile name. 68 Mobile IP Home Agent. 69 Simple Mail Transport Protocol Server. 70 Post Office Protocol Server. 71 Network News Transport Protocol Server. 72 Default World Wide Web Server. 73 Default Finger Server. 74 Default Internet Relay Chat Server. 75 StreetTalk Server. 76 StreetTalk Directory Assistance Server. 77 User Class Information. 78 SLP Directory Agent. 79 SLP Service Scope. 80 Rapid Commit. 81 FQDN, Fully Qualified Domain Name. 82 Relay Agent Information. 83 Internet Storage Name Service. 84 ------ 85 NDS servers. 86 NDS tree name. 87 NDS context. 88 BCMCS Controller Domain Name list. 89 BCMCS Controller IPv4 address list. 90 Authentication. 91 client-last-transaction-time. 92 associated-ip. 93 Client System Architecture Type. 94 Client Network Interface Identifier. 95 LDAP, Lightweight Directory Access Protocol. 96 ------ 97 Client Machine Identifier. 98 Open Group's User Authentication. 99 GEOCONF_CIVIC. 100 IEEE 1003.1 TZ String. 101 Reference to the TZ Database. 102-111 ------ 112 NetInfo Parent Server Address. 113 NetInfo Parent Server Tag. 114 URL. 115 ------ 116 Auto-Configure 117 Name Service Search. 118 Subnet Selection. 119 DNS domain search list. 120 SIP Servers DHCP Option. 121 Classless Static Route Option. 122 CCC, CableLabs Client Configuration. 123 GeoConf. 124 Vendor-Identifying Vendor Class. 125 Vendor-Identifying Vendor-Specific. 126 ------ 127 ------ 128 TFPT Server IP address. 129 Call Server IP address. 130 Discrimination string. 131 Remote statistics server IP address. 132 802.1P VLAN ID. 133 802.1Q L2 Priority. 134 Diffserv Code Point. 135 HTTP Proxy for phone-specific applications. 136 PANA Authentication Agent. 137 LoST Server. 138 CAPWAP Access Controller addresses. 139 OPTION-IPv4_Address-MoS. 140 OPTION-IPv4_FQDN-MoS. 141-149 ------ 150 TFTP server address, Etherboot, GRUB configuration path name. 151-174 ------ 175 Etherboot. 176 IP Telephone. 177 Etherboot, PacketCable and CableHome. 178-207 ------ 208 pxelinux.magic (string) = F1:00:74:7E (241.0.116.126). 209 pxelinux.configfile (text). 210 pxelinux.pathprefix (text). 211 pxelinux.reboottime (unsigned integer 32 bits). 212-219 ------ 220 Subnet Allocation. 221 Virtual Subnet Selection. 222-223 ------ 224-254 Private use. 255 End.

DHCP Option 60 DHCP Option 66 will contain the ip or FQDN of your WDS server (PXE Service Point role in SCCM) DHCP Option 67 will contain the name of your bootfile (SMSBoot\x86\wdsnbp.com)

Step One (Select Interface) Open Wireshark and go to (Capture -> Interfaces) Determine which Ethernet device you are using to connect to the network. You can determine which one is being used by the number of packets sent/received. NOTE: I’m using the one called eth0, which is my virtual network card. Step Two (Choose Options) Click the options button on the device being used to bring up the capture options menu. Uncheck the capture packets in promiscuous mode option to only see traffic that is sent and received to this network card. Step Three (Start Capture) Click the start button to begin capturing network traffic. Now Wireshark is capturing all of the traffic that is sent and received by the network card. Step Four (Filter) We are only interested with the DHCP traffic, so on the display filter type (bootp.option.type == 53) and click apply. The DHCP Release resulted from me typing Linux: sudo dhclient -r Windows: ipconfig /release Mac: sudo ifconfig en1 down (list interfaces: networksetup -listnetworkserviceorder) The DHCP Discover, Offer, Request, and ACK resulted from me typing Linux: sudo dhclient eth0 Windows: ipconfig /renew Mac: sudo ifconfig en1 up If you look at the DHCP Response you can see the DHCP Scope Options that have been sent to the client from the DHCP Server DHCP (Dynamic Host Configuration Protocol) Discovery DHCP uses the same two ports assigned by IANA for BOOTP: destination UDP port 67 for sending data to the server, and UDP port 68 for data to the client. DHCP operations fall into four basic phases: IP discovery, IP lease offer, IP request, and IP lease acknowledgment. DHCP clients and servers on the same subnet communicate via UDP broadcasts, initially. If the client and server are on different subnets, a DHCP Helper or DHCP Relay Agent may be used. Clients requesting renewal of an existing lease may communicate directly via UDP unicast, since the client already has an established IP address at that point. The client broadcasts messages on the physical subnet to discover available DHCP servers. Network administrators can configure a local router (or IP Helper Address on a switch) to forward DHCP packets to a DHCP server which resides on a different subnet. This client implementation creates a User Datagram Protocol (UDP) packet with the broadcast destination of 255.255.255.255 or the specific subnet broadcast address. A DHCP client can also request its last-known IP address (in the example below, 192.168.1.100). If the client remains connected to a network for which this IP is valid, the server may grant the request. Otherwise, it depends whether the server is set up as authoritative or not. An authoritative server will deny the request, making the client ask for a new IP address immediately. A non-authoritative server simply ignores the request, leading to an implementation-dependent timeout for the client to give up on the request and ask for a new IP address. DHCP Offer When a DHCP server receives an IP lease request from a client, it reserves an IP address for the client and extends an IP lease offer by sending a DHCPOFFER message to the client. This message contains the client's MAC address, the IP address that the server is offering, the subnet mask, the lease duration, and the IP address of the DHCP server making the offer. The server determines the configuration based on the client's hardware address as specified in the CHADDR (Client Hardware Address) field. Here the server, 192.168.1.1, specifies the client's IP address in the YIADDR (Your IP Address) field. DHCP Request In response to the DHCP offer, the client replies with a DHCP request, broadcast to the server, requesting the offered address. A client can receive DHCP offers from multiple servers, but it will accept only one DHCP offer. Based on required server identification option in the request and broadcast messaging, servers are informed whose offer the client has accepted. When other DHCP servers receive this message, they withdraw any offers that they might have made to the client and return the offered address to the pool of available addresses. DHCP Acknowledgement When the DHCP server receives the DHCPREQUEST message from the client, the configuration process enters its final phase. The acknowledgement phase involves sending a DHCPACK packet to the client. This packet includes the lease duration and any other configuration information that the client might have requested. At this point, the IP configuration process is completed. After the client obtains an IP address, the client may use the Address Resolution Protocol (ARP) to prevent IP conflicts caused by overlapping address pools of DHCP servers. The protocol expects the DHCP client to configure its network interface with the negotiated parameters.

When I ping 1.2.3.4... I get this. Pinging 1.2.3.4 with 32 bytes of data: Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Ping statistics for 1.2.3.4: Packets: Sent = 4, Received = 4, Lost = 0 (0 Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms The TTL (Time To Live) value determines the maximum amount of time an IP packet may live in the network without reaching its destination. It is effectively a bound on the number of routers an IP packet may pass through before being discarded. This message indicates that the TTL expired in transit. Increase the TTL value using the -i parameter with the ping command. Most computers today initialize the TTL value of outgoing IP Packets 128 or higher. If you ever see a reply above with a "TTL=5" (or some other low TTL number) this tells you that the computer being pinged should most likely have its default TTL value increased. Otherwise, anyone trying to communicate with the computer that is at a hop count higher than the TTL will not be able to communicate with the computer. You could also be experiencing issues at a firewall with ICMP (ping) being blocked/dropped or issues with Network Address Translations (NAT) not working or setup properly. In this situation the NAT was removed If you find that ICMP is being blocked then you can use nmap which can use TCP. So instead of using ICMP, which is a layer3 (network), the TCP or layer4 (transport) layer is utilized. The default behavior of NMAP is to do both an ICMP ping sweep (the usual kind of ping) and a TCP port 80 ACK ping sweep. If an admin is logging these this will be fairly characteristic of NMAP. This behavior can be changed in several ways. The easiest way is, of course, to simply turn off ping sweeps with -P0. If you want to do a standard ICMP ping sweep use -PI. If you are trying to get through a firewall, though, ICMP pings will likely be blocked and using packet filtering ICMP pings can even be dropped at the host. To get around this NMAP tries to do a TCP "ping" to see if a host is up. By default it sends an ACK to port 80 and expects to see a RST from that port if the host is up. To do only this scan and not the ICMP ping scan use -PT. To specify a different port than port 80 to scan for specify it immediately afterwards, e.g. -PT32523 will ACK ping port 32523. Picking a random high-numbered port in this way may work *much* better than the default NMAP behavior of ACK pinging port 80. This is because many packet filter rules are setup to let through all packets to high numbered ports with the ACK bit set, but sites may filter port 80 on every machine other than their publically accessable webservers. You can also do both an ICMP ping scan and an ACK scan to a high numbered port with, e.g. -PB32523. However, if a site has a really, really intelligent firewall that recognizes that your ACK packet isn't part of an ongoing TCP connection it might be smart enough to block it. For that reason, you may get better results with a TCP SYN sweep with -PS. In this case, scanning a high-numbered port will probably not work, and instead you need to pick a port which is likely to get through a firewall. Port 80 is not a bad pick, but something like ssh (port 22) may be better.

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network. DHCP assigns an IP address when a system is started, for example: A user turns on a computer with a DHCP client. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER), looking for a DHCP server to answer. The router directs the DISCOVER packet to the correct DHCP server. UDP Src=0.0.0.0 sPort=68 Dest=255.255.255.255 dPort=67 The server receives the DISCOVER packet. Based on availability and usage policies set on the server, the server determines an appropriate address (if any) to give to the client. The server then temporarily reserves that address for the client and sends back to the client an OFFER (or DHCPOFFER) packet, with that address information. The server also configures the client's DNS servers, WINS servers, NTP servers, and sometimes other services as well. UDP Src=192.168.1.1 sPort=67 Dest=255.255.255.255 dPort=68 The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it intends to use the address. UDP Src=0.0.0.0 sPort=68 Dest=255.255.255.255 dPort=67 The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given a lease on the address for a server-specified period of time. UDP Src=192.168.1.1 sPort=67 Dest=255.255.255.255 dPort=68

Many hardware and software solutions exist to implement redundancy and load balancing for hosted services. One way to implement load balancing and redundancy is to use anycast, defined in RFC 1546. In an anycast setup, multiple hosts share the same IP address. This address is announced through a routing protocol, so that packets sent to the anycast address will be routed to the (network topology wise) closest host. A paper from Cisco provides a good background on anycast. Another, more theoretical paper is available from IBM. Because anycast relies only on a routing protocol, no additional hardware or software is needed to implement it. Since it relies on inherently dynamic routing protocols (such as OSPF or BGP) to decide which host packets are routed to, it is generally only useful for protocols that require very little state, such as DNS. According to some, in practice this instability is not significant enough to prevent anycast from being used for TCP-based services. Adds redundancy and load balancing to connectionless client/server services and improve availability and possibly latency. Anycast is a communication model (network service) for IPv4 and IPv6. As originally described in RFC 1546, "Host Anycast Service," the purpose of anycast is to assign an identical anycast address to a group of geographically distributed nodes. IP datagrams approach the nearest destination node in the set of available destination nodes, based on the unicast routing measure of distance transparent to the clients. The network (routing system) decides where to guide the client request. An IPv4 anycast address is distinguishable from a unicast address because they are allocated from a special reserved range. This is different in IPv6. The real-world applications of anycast I am aware of are limited to DNS root server concepts and Protocol Independent Multicast (PIM) rendezvous points, stateless protocols in general. Anycast is usually implemented by using Border Gateway Protocol (BGP) to simultaneously announce the same destination IP address range from many different places on the network. This results in packets addressed to destination addresses in this range being routed to the "nearest" point on the net announcing the given destination IP address. In the past, anycast was suited to connectionless protocols (generally built on UDP), rather than connection-oriented protocols such as TCP that keep their own state. However, there are many cases where TCP anycast is now used. With TCP anycast, there are cases where the receiver selected for any given source may change from time to time as optimal routes change, silently breaking any conversations that may be in progress at the time. These conditions are typically referred to as a "pop switch". To correct for this issue, there have been proprietary advancements within custom IP stacks which allow for healing of stateful protocols where it is required. For this reason, anycast is generally used as a way to provide high availability and load balancing for stateless services such as access to replicated data; for example, DNS service is a distributed service over multiple geographically dispersed servers. Unicast addressing uses a one-to-one association between destination address and network endpoint: each destination address uniquely identifies a single receiver endpoint. Multicast addressing uses a one-to-unique many association, datagrams are routed from a single sender to multiple selected endpoints simultaneously in a single transmission. Broadcast addressing uses a one-to-many association, datagrams are routed from a single sender to multiple endpoints simultaneously in a single transmission. The network automatically replicates datagrams as needed for all network segments (links) that contain an eligible receiver. Anycast addressing routes datagrams to a single member of a group of potential receivers that are all identified by the same destination address. This is a one-to-nearest association. Cisco Router Configuration ip sla 101 dns anycast.example.com name-server 10.10.10.1 frequency 30 ip sla schedule 101 life forever start-time now ! track 101 ip sla 101 ! ip route 10.0.0.1 255.255.255.255 10.10.10.1 track 101 Here is the IP route on the router: router# show ip route 10.0.0.1 Routing entry for 10.0.0.1/32 Known via "static", distance 1, metric 0 Redistributing via eigrp 1234 Advertised by eigrp 1234 route-map STATIC-TO-EIGRP bgp 1234 Routing Descriptor Blocks: * 10.10.10.1 Route metric is 0, traffic share count is 1 Then you can see that this same address is also available from multiple locations: router# show ip eigrp topology 10.0.0.1/32 EIGRP-IPv4 Topology Entry for AS(1234)/ID(10.9.9.1) for 10.0.0.1/32 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2562560 Descriptor Blocks: 10.10.10.1, from Rstatic, Send flag is 0x0 ... 10.8.8.1 (Vlan20), from 10.6.6.1, Send flag is 0x0 ... 10.7.7.1 (Vlan30), from 10.4.4.1, Send flag is 0x0 On the Unix server I have the following network interfaces setup: eth0 Link encap:Ethernet HWaddr 00:15:17:A6:25:97 inet addr:10.10.10.1 Bcast:10.10.10.255 Mask:255.255.255.0 lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.255 To summarize the whole setup. The router does a DNS query to the DNS server that is directly connected to it every 30 seconds. If the DNS query succeeds the static router stays in the table. If the test fails the route is withdrawn. If a DNS query is sent to 10.0.0.1 the router will process this by sending the query to the IP address the static route points to. The DNS server accepts the query on the management interface, then passes it to the lo:1 interface for processing. Depending on where you are at you automatically get routed to the closest server: dj@thezah:~$ traceroute 10.0.0.1 traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 60 byte packets 1 l3-core-vl7.nts.example.com (10.50.1.46) 0.309 ms 0.338 ms 0.381 ms 2 anycast.ip.example.com (10.0.0.1) 0.202 ms 0.195 ms 0.180 ms dj@hosangit:~$ sudo traceroute 10.0.0.1 traceroute to 10.0.0.1 (10.0.0.1), 64 hops max, 52 byte packets 1 nts-desk120-brook.nts.example.com (10.50.120.125) 0 ms 0 ms 0 ms 2 anycast.ip.example.com (10.0.0.1) 0 ms 0 ms 0 ms The best thing about this setup is: If a server fails you automatically fail over to the next closest server. This way the client does not have to deal with DNS times outs. Depending on your location you are automatically routed to the closest server. This will help with DNS response time. It is not that hard to setup. Nothing special is needed either the router or the server.

This is an attempt to help troubleshoot DHCP issues. First let me attempt at explaining how DHCP works to better understand how to troubleshoot it. Let's talk about DHCP at the home which is more simple. Your router typically does everything to providing wireless signal for you to connect to as well as route traffic to your internet provider via a cable modem or other device that connects you to the internet. The router also provides DHCP to all the devices in your home like your phone, iPad, Smart TV, Apple TV, computer, Playstation etc.. So what happens when you connect a device to your WiFi or plug directly into your router with a network cable? The new device calls out and says, "I want an IP address" and the DHCP server see's the request and assigns them the next available IP address. You can confirm this on your device... Windows - in the search bar type cmd and command prompt should pop up, click on that then enter ipconfig /all and press enter. This will give you your ip address as well as a few other very helpful bits of information like the servers that resolve a name to an IP called DNS servers, also you'll see your default gateway which is typically the ip address of your router (the way out of your network to the internet). Mac/Linux - you can run ifconfig | egrep 'mtu|ether|inet' and it will show you the IP address next to inet and the ether is the hardware address What if you don't have an IP address? Here is a couple suggestions Typically a reboot of the system is the default action since we know that rebooting a device will request an IP address if it doesn't have one. In Windows you can type: ipconfig /renew and it will request a new IP address from the DHCP server

I put together this script that checks the status of everything prior to the change and then run it after the change and then download the two log files and open in something like VSCode and do a compare to see if the change you did on the GTM changed the status of something. It has helped me and I hope it helps you. I'm sure there is something better but this is what I know how to do. ** USE AT YOUR OWN RISK ** #!/bin/bash ## Author: Cowboy Denny ## Last Modified: 2024.05.06 ## RUN THIS FILE ON THE GTM in the /var/tmp directory ## GTM: Change Verify BEFORE & AFTER change deployment ## RUN with: bash gtmchgverify.sh unset totalgtmwips; unset totalgtmwipsa; unset totalgtmwipsu; unset totalgtmwipso; unset totalgtmwipsd; unset totalgtmwipsun; unset totalgtmpools; unset totalgtmpoolsa; unset totalgtmpoolsu; unset totalgtmpoolso; unset totalgtmpoolsd; unset totalgtmpoolsun; unset totalgtmdc; unset totalgtmdca; unset totalgtmdcu; unset totalgtmdco; unset totalgtmdcd; unset totalgtmdcun; unset totalgtmiquery; unset totalgtmiqueryc; unset totalgtmpp; unset totalgtmppa; unset totalgtmppu; unset totalgtmppo; unset totalgtmppd; unset totalgtmppun; unset totalgtmsrv; unset totalgtmsrva; unset totalgtmsrvu; unset totalgtmsrvo; unset totalgtmsrvd; unset totalgtmsrvun; unset totalgtmlist; unset totalgtmlista; unset totalgtmlistu; unset totalgtmlisto; unset totalgtmlistd; unset totalgtmlistun; unset gtmchgfilename; clear echo "GTM: Data Gathering has started... this takes about 60-90 seconds" gtmchgfilename=/var/tmp/$(echo $HOSTNAME | cut -d'.' -f1)-$(date +%Y%m%d_%H%M)-STATUS.log; date > $gtmchgfilename; echo "SERVER specific INFO for hostname...." >> $gtmchgfilename; tmsh list sys global-settings hostname | grep hostname >> $gtmchgfilename; echo "F5 running version...." >> $gtmchgfilename; tmsh -q show sys software status >> $gtmchgfilename; echo "Master Key is..." >> $gtmchgfilename; f5mku -K >> $gtmchgfilename; echo ""; echo "1/3 PATIENCE while we gather statistics" ##WIDE IPS export totalgtmwips=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | grep -c 'Gtm::WideIp'); export totalgtmwipsa=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability'| grep -c 'available'); export totalgtmwipsu=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability'| grep -c 'unavailable'); export totalgtmwipso=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability'| grep -c 'offline'); export totalgtmwipsd=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability'| grep -c 'disabled'); export totalgtmwipsun=$(tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability'| grep -c 'unknown'); ##POOLS export totalgtmpools=$(tmsh -q -c 'cd / ; show gtm pool recursive' | grep -c 'Gtm::Pool'); export totalgtmpoolsa=$(tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability'| grep -c 'available'); export totalgtmpoolsu=$(tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability'| grep -c 'unavailable'); export totalgtmpoolso=$(tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability'| grep -c 'offline'); export totalgtmpoolsd=$(tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability'| grep -c 'disabled'); export totalgtmpoolsun=$(tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability'| grep -c 'unknown'); #DATACENTERS export totalgtmdc=$(tmsh show gtm datacenter | grep -c 'Gtm::Datacenter'); export totalgtmdca=$(tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability'| grep -c 'available'); export totalgtmdcu=$(tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability'| grep -c 'unavailable'); export totalgtmdco=$(tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability'| grep -c 'offline'); export totalgtmdcd=$(tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability'| grep -c 'disabled'); export totalgtmdcun=$(tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability'| grep -c 'unknown'); #IQUERY export totalgtmiquery=$(tmsh show gtm iquery | grep -c 'Gtm::IQuery'); export totalgtmiqueryc=$(tmsh show gtm iquery | egrep 'Gtm::IQuery|State'| grep -c 'connected'); #PROBERPOOLS export totalgtmpp=$(tmsh show gtm prober-pool | grep -c 'Gtm::Prober Pool'); export totalgtmppa=$(tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability'| grep -c 'available'); export totalgtmppu=$(tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability'| grep -c 'unavailable'); export totalgtmppo=$(tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability'| grep -c 'offline'); export totalgtmppd=$(tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability'| grep -c 'disabled'); export totalgtmppun=$(tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability'| grep -c 'unknown'); #SERVERS export totalgtmsrv=$(tmsh show gtm server | grep -c 'Gtm::Server'); export totalgtmsrva=$(tmsh show gtm server | egrep 'Gtm::Server|Availability'| grep -c 'available'); export totalgtmsrvu=$(tmsh show gtm server | egrep 'Gtm::Server|Availability'| grep -c 'unavailable'); export totalgtmsrvo=$(tmsh show gtm server | egrep 'Gtm::Server|Availability'| grep -c 'offline'); export totalgtmsrvd=$(tmsh show gtm server | egrep 'Gtm::Server|Availability'| grep -c 'disabled'); export totalgtmsrvun=$(tmsh show gtm server | egrep 'Gtm::Server|Availability'| grep -c 'unknown'); #LISTENERS export totalgtmlist=$(tmsh show gtm listener | grep -c 'Gtm::Listener'); export totalgtmlista=$(tmsh show gtm listener | egrep 'Gtm::Listener|Availability'| grep -c 'available'); export totalgtmlistu=$(tmsh show gtm listener | egrep 'Gtm::Listener|Availability'| grep -c 'unavailable'); export totalgtmlisto=$(tmsh show gtm listener | egrep 'Gtm::Listener|Availability'| grep -c 'offline'); export totalgtmlistd=$(tmsh show gtm listener | egrep 'Gtm::Listener|Availability'| grep -c 'disabled'); export totalgtmlistun=$(tmsh show gtm listener | egrep 'Gtm::Listener|Availability'| grep -c 'unknown'); echo "2/3 PATIENCE adding the stats gathered to $gtmchgfilename" echo "**************************" >> $gtmchgfilename; echo "* STATS for $HOSTNAME *" >> $gtmchgfilename; echo "***********************" >> $gtmchgfilename; echo " Total GTMWideIPs:$totalgtmwips - Available:$totalgtmwipsa - Unavailable:$totalgtmwipsu - Offline:$totalgtmwipso - Disabled:$totalgtmwipsd - Unknown:$totalgtmwipsun" >> $gtmchgfilename; echo " Total GTMPools:$totalgtmpools - Available:$totalgtmwipsa - Unavailable:$totalgtmwipsu - Offline:$totalgtmwipso - Disabled:$totalgtmwipsd - Unknown:$totalgtmwipsun" >> $gtmchgfilename; echo " Total GTMDataCenters:$totalgtmdc - Available:$totalgtmdca - Unavailable:$totalgtmdcsu - Offline:$totalgtmdco - Disabled:$totalgtmdcd - Unknown:$totalgtmdcun" >> $gtmchgfilename; echo " Total iQueryStats:$totalgtmiquery - Connected:$totalgtmiqueryc" >> $gtmchgfilename; echo " Total ProberPools:$totalgtmpp - Available:$totalgtmppa - Unavailable:$totalgtmppu - Offline:$totalgtmppo - Disabled:$totalgtmppd - Unknown:$totalgtmppun" >> $gtmchgfilename; echo " Total Servers:$totalgtmsrv - Available:$totalgtmsrva - Unavailable:$totalgtmsrvu - Offline:$totalgtmsrvo - Disabled:$totalgtmsrvd - Unknown:$totalgtmsrvun" >> $gtmchgfilename; echo " Total Listeners:$totalgtmlist - Available:$totalgtmlista - Unavailable:$totalgtmlistu - Offline:$totalgtmlisto - Disabled:$totalgtmlistd - Unknown:$totalgtmlistun" >> $gtmchgfilename; echo "3/3 PATIENCE final step is to gather details to help troubleshoot to $gtmchgfilename" echo "*************************************************************************************************************" echo "now exporting all GTM WideIPs to file" echo "********" >> $gtmchgfilename; echo "WIDE-IPs" >> $gtmchgfilename; echo "********" >> $gtmchgfilename; tmsh -q -c 'cd / ; show gtm wideip recursive' | egrep 'Gtm::WideIp|Availability :|State|Reason' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all GTM Pools to file" echo "********" >> $gtmchgfilename; echo "*POOLsv*" >> $gtmchgfilename; echo "********" >> $gtmchgfilename; tmsh -q -c 'cd / ; show gtm pool recursive' | egrep 'Gtm::Pool|Availability|State|Reason' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all DataCenters to file" echo "***********" >> $gtmchgfilename; echo "DATACENTERS" >> $gtmchgfilename; echo "***********" >> $gtmchgfilename; tmsh show gtm datacenter | egrep 'Gtm::Datacenter|Availability|State|Reason' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all iQuery to file" echo "***********" >> $gtmchgfilename; echo "**IQUERY***" >> $gtmchgfilename; echo "***********" >> $gtmchgfilename; tmsh show gtm iquery | egrep 'Gtm::IQuery|Server|Data Center|State|version' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all ProberPool to file" echo "***********" >> $gtmchgfilename; echo "PROBER-POOL" >> $gtmchgfilename; echo "***********" >> $gtmchgfilename; tmsh show gtm prober-pool | egrep 'Gtm::Prober Pool|Availability|State|Reason' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all Servers to file" echo "***********" >> $gtmchgfilename; echo "**SERVER***" >> $gtmchgfilename; echo "***********" >> $gtmchgfilename; tmsh show gtm server | egrep 'Gtm::Server|Availability|State|Reason' >> $gtmchgfilename; echo "*************************************************************************************************************" echo "now exporting all Listeners to file" echo "***********" >> $gtmchgfilename; echo "**LISTENER*" >> $gtmchgfilename; echo "***********" >> $gtmchgfilename; tmsh show gtm listener | egrep 'Gtm::Listener|Availability|State|Reason' >> $gtmchgfilename; echo "****************************************************************************************************************" echo "" date >> $gtmchgfilename; echo "Done with $HOSTNAME change data gathering. NOTE for more info look at output file: $gtmchgfilename " unset totalgtmwips; unset totalgtmwipsa; unset totalgtmwipsu; unset totalgtmwipso; unset totalgtmwipsd; unset totalgtmwipsun; unset totalgtmpools; unset totalgtmpoolsa; unset totalgtmpoolsu; unset totalgtmpoolso; unset totalgtmpoolsd; unset totalgtmpoolsun; unset totalgtmdc; unset totalgtmdca; unset totalgtmdcu; unset totalgtmdco; unset totalgtmdcd; unset totalgtmdcun; unset totalgtmiquery; unset totalgtmiqueryc; unset totalgtmpp; unset totalgtmppa; unset totalgtmppu; unset totalgtmppo; unset totalgtmppd; unset totalgtmppun; unset totalgtmsrv; unset totalgtmsrva; unset totalgtmsrvu; unset totalgtmsrvo; unset totalgtmsrvd; unset totalgtmsrvun; unset totalgtmlist; unset totalgtmlista; unset totalgtmlistu; unset totalgtmlisto; unset totalgtmlistd; unset totalgtmlistun; unset gtmchgfilename; echo "Now exiting" exit

I have a task of locating a server based off of URL So what my thought process is would be to first find the IP address ping url.com Then if it is a Windows server, try and utilize nbtstat -A ip.address or nbtstat -a computername Tried tracert url.com then connected to last hop/switch sh arp | incl ip.address sh mac-address-table address mac.address (may want to lookup mac address for vendor) if it shows up on a trunk or multiple ports, see if its going to another switch sh cdp nei (look for the port that the sh mac-address-table address result included) Also tried nslookup ip.address Also downloaded nmap and tried os detection but it couldn't identify the mac address nmap -sVC -O -T4 url.com Anyone have any other idea's for looking up information for a server in an intranet (internal LAN) I use nmap also and have no idea on how else to do that

So whats the difference? hosangit.example.com. CNAME mywiseguys.example.com. mywiseguys.example.com. A 192.168.2.23 When an A record lookup for hosangit.example.com is done, the resolver will see a CNAME record and restart the checking at mywiseguys.example.com and will then return 192.168.2.23.

I'm moving my website from my school machine (blah.mypc.com) to my own domain (myname.com). I parked myname.com a long time ago and set it as a simple redirect to blah.mypc.com following the instructions at Hostmonster, where I registered it. Now I'm going to convert myname.com to a full site, and I want my personal address blah.mypc.com to disappear as a machine and be nothing but a simple dns redirect to myname.com. What exactly do I want to ask my school tech people to do (in terms they will recognize)? Do I want a CNAME record created that will permanently redirect all incoming traffic from blah.mypc.com to myname.com? (There is no ftp or email traffic at this address, only http.) If not CNAME, what is it that I should request? The existing machine blah.mypc.com is one physical machine with a unique I.P. It's been my experience that a CNAME for your old site to your new domain name is a really good way to go about it. Here's why: Pro's: you can leave it there forever and forget about it with little drain on the university resources. (having them serve a refresh web-page or a redirect is probably more likely to get screwed up next time they diddle with their webserver) you can later change the DNS of your new machine around (if you get new IP addresses, for instance) and the university name points to your new domain name regardless of the IP address you can treat the traffic from people who are trying to go to your old name differently. (set up apache on your new machine to serve that virtual host differently, for instance to redirect to your new site with a notice or something of the change) you can serve your site entirely with no redirects or refreshes, which some people claim affect spiders/search engine's rankings of your site. Use apache's ServerName directive to correct the hostname that the browser requested. Con's if people send mail to you at your old university machine, it may have problems because your MX record may end up being pointed to a CNAME record, which is not strictly acceptable by standards. you may have to set up your new web server to either have this extra virtual host (and treat it just like your new domain name) or to serve pages for any hostname which points to your new IP address (often called a default virtual host, which you can't do sometimes if you're just one virtual host on your hosting company's machine) There are probably more arguments on each side, but I think that putting in a CNAME record for your old hostname pointing to your new one is the best way to go about it. Example: In their dns zone files they have a record similar to the following blah.mypc.com. IN A 1.2.2.2 To do a dns redirect using a CNAME record they need to change blah.mypc.com. IN A 1.2.2.2 to blah.mypc.com. IN CNAME myname.com. The main drawback is that the old URL " http://blah.mypc.com " will appear in the browser's address bar. Anyway to redirect the queries and keep the links unchanged? I don't want to loose the google queries or static links that people have from other sites So if I have http://blah.mypc.com/forums/mywiseguys-is-awesome.html I would like it to redirect to http://mysite.com/forums/mywiseguys-is-awesome.html What's the best way to do this? If you have access to your .htaccess file you may want to give this a try Options +FollowSymLinks RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} !^www\.mysite\.com$ RewriteRule ^(.*)$ http://www.mysite.com/$1 It seems to work pretty good for me but I just learned that this is a restriction of BIND and not F5 BigIP or even Cisco The best way to analyze a URL is in four parts scheme (http, https, etc.) hostname (mywiseguys.com) path (/forums/gallery/) query (#entry620) BIND DNS can address only the hostname portion of this where a load balancer pretty much doesn't have much for limitations.

I want to add an IP address to a DNS name so I don't have to rely on DNS to do the resolution for me but I can not seem to locate the hosts file when I do a search on my machine. Any ideas? Sometimes doing a search will not find the hosts file. Typically the hosts file is located on a windows machine at the following location: %SystemRoot%\system32\drivers\etc\ So you can click on Start - Run and type: See if the file is there in explorer run: explorer %SystemRoot%\system32\drivers\etc\ To edit the file run: notepad %SystemRoot%\system32\drivers\etc\hosts to edit the file If you aren't seeing the file in that location then the administrator may have moved the location of the hosts file. No worries, you can find the new location by looking in the registry at: \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath

First check the domain using nslookup nslookup set querytype=ns mywiseguys.com Next check the alias or hostname set querytype=a branch.mywiseguys.com Using nslookup interactively Enter nslookup at the command line. The nslookup prompt appears. View the current options by entering set all. Change any desired options by entering set option. Issue nslookup commands. Enter exit to leave nslookup. For a list of sample commands, see ``nslookup interactive commands''. For a list of options, see ``nslookup interactive options''. nslookup interactive commands These sample commands are available from the nslookup shell: volga Return the IP address of volga. 172.16.118.1 Return the name matching the IP address you enter. set querytype=ns Set the query type to the Name Server record. Future queries of names and IP addresses return the NS record from that host. set querytype=a Restore the query type to the Address record. server server Make server the default server that is queried. nslookup interactive options Here are the commonly used options of nslookup. For a complete list, see the manual page for nslookup(1Mtcp). recurse Sets the query type to recursive. When toggled to norecurse, nslookup performs iterative queries. querytype=type Sets the query type to the DNS data type specified. Common types include a (Address), any (any data type), mx (Mail Exchanger), and ns (Name Server). retry=n Resends the query n times before giving up. root=root server Sets the root server to the server you enter. timeout=n The period of time nslookup waits for a response after the query is sent. This period doubles between each retry. You can save any of these options in a .nslookuprc file in your home directory. The format of this file, which is searched for each time you invoke nslookup, is one set command per line. Here is an example, which sets the query type to address records, the domain to mynet.com, and sets the timeout on requests to 10 seconds: set querytype=a set domain=mynet.com set timeout=10 Querying a single name or address To issue a simple query from the command line, use one of the following forms of the command: nslookup name nslookup IP_address nslookup should return the desired answer by querying the default server. To query a different server, enter one of the following forms of the command: nslookup name server nslookup IP_address server