ISOPreparatory
Create an additional partition beside the existing Linux partition.
$fdisk /dev/hda
new partition will be hda3 since hda1 is default linux and hda2 is swap
Make filesystem on new partition.
$mke2fs /dev/hda3
Mount new partition
$mkdir /mnt/hdd
$mount /dev/hda3 /mnt/hdd
File Hierarchy Standard (FHS)
Create directories.
Compliant - www.pathname.com/fhs
In accordance to the FHS there is a need to create the following parent directories.
[/]$mkdir bin boot dev etc lib mnt proc sbin tmp var
Child directories have to be created for both /usr
[/usr]$mkdir bin etc include lib sbin
[/var]$mkdir cache lib log mail run spool tmp
Now copying existing device /dev files over to new partition.
$cp -a /dev/ /mnt/hda3/
Bash
Insertion of BASH 2.05a
From current linux partition, extract the tarball.
$./configure --enable-static-link --prefix=/mnt/hd/usr --bindir=/mnt/hd/bin
$make
$make install
After doing so is able to produce a bash of 2M
(nevermind the size for now as it is only use for booting up and will be replaced later)
$ln -sf bash sh <--- linking the default sh to bash
Busybox
File utilities - Great swiss knife from BusyboxTinylogin
Login utilities -
Bootscripts
create $hdd/etc/inittab
$cat >> inittab
id:S:initdefault: #<--- that's for single user
~~:S:wait:/bin/bash
edit /etc/lilo.conf
add in new partition with root=/dev/hda3
Let's start and see
$reboot
What will appear will be
bash-2.05a#
congrats, bootable
FirewallZebraGetting the Networking in place
Using Zebra to run OSPF and BGP
Installation of Zebra was a breeze. Simply
$ ./configure
$ make
$ make install
Files will be copied to /usr/local/etc /usr/local/sbin
The Network
Virtual interfaces were created on Cipher & Phantom's E/0 to increase the 'network' size.
+--------+ OSPF Area 0 +---------+
| Cipher |----------------------| Mercury | E/0 172.16.10.1/30
+--------+ +---------+ E/1 172.16.10.5/30
| E/0 172.16.10.2/30 |
| E/0:1 172.16.10.129/29 |
| E/0:2 172.16.10.137/29 |OSPF Area 0
| E/0:3 172.16.10.145/29 |
| E/0:4 172.16.10.153/29 |
| E/1 172.16.10.248/29 | E/0 172.16.10.6/30
| (dhcpd) | E/0:1 172.16.10.193/29
| | E/0:2 172.16.10.201/29
+--------+ +---------+ E/0:3 172.16.10.209/29
| Xenium | | Phantom | E/0:4 172.16.10.217/29
+--------+ +---------+
E/0 172.16.10.248/29 <-- will get IP from DHCP
[root@mercury etc]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.4 * 255.255.255.252 U 0 0 0 eth1
172.16.10.0 * 255.255.255.252 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
[root@cipher etc]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.0 * 255.255.255.252 U 0 0 0 eth0
172.16.10.8 * 255.255.255.252 U 0 0 0 eth1
172.16.10.128 * 255.255.255.248 U 0 0 0 eth0
172.16.10.136 * 255.255.255.248 U 0 0 0 eth0
172.16.10.144 * 255.255.255.248 U 0 0 0 eth0
172.16.10.152 * 255.255.255.248 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 172.16.10.1 0.0.0.0 UG 0 0 0 eth0
[root@phantom etc]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.4 * 255.255.255.252 U 0 0 0 eth0
172.16.10.192 * 255.255.255.248 U 0 0 0 eth0
172.16.10.200 * 255.255.255.248 U 0 0 0 eth0
172.16.10.208 * 255.255.255.248 U 0 0 0 eth0
172.16.10.216 * 255.255.255.248 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 172.16.10.5 0.0.0.0 UG 0 0 0 eth0
Starting up Zebra and OSPF engine
Mercury_Router> en
Mercury_Router# sh ip ro
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
B - BGP, > - selected route, * - FIB route
C>* 127.0.0.0/8 is directly connected, lo
O 172.16.10.0/30 [110/10] is directly connected, eth0, 00:07:11
C>* 172.16.10.0/30 is directly connected, eth0
O 172.16.10.4/30 [110/10] is directly connected, eth1, 00:07:11
C>* 172.16.10.4/30 is directly connected, eth1
O>* 172.16.10.8/30 [110/20] via 172.16.10.2, eth0, 00:01:50
O>* 172.16.10.128/29 [110/20] via 172.16.10.2, eth0, 00:01:50
O>* 172.16.10.136/29 [110/20] via 172.16.10.2, eth0, 00:01:50
O>* 172.16.10.144/29 [110/20] via 172.16.10.2, eth0, 00:01:50
O>* 172.16.10.152/29 [110/20] via 172.16.10.2, eth0, 00:01:50
O>* 172.16.10.192/29 [110/20] via 172.16.10.6, eth1, 00:06:24
O>* 172.16.10.200/29 [110/20] via 172.16.10.6, eth1, 00:06:24
O>* 172.16.10.208/29 [110/20] via 172.16.10.6, eth1, 00:06:24
O>* 172.16.10.216/29 [110/20] via 172.16.10.6, eth1, 00:06:24
[root@mercury root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.4 * 255.255.255.252 U 0 0 0 eth1
172.16.10.0 * 255.255.255.252 U 0 0 0 eth0
172.16.10.8 172.16.10.2 255.255.255.252 UG 19 0 0 eth0
172.16.10.248 172.16.10.2 255.255.255.248 UG 19 0 0 eth0
172.16.10.192 172.16.10.6 255.255.255.248 UG 19 0 0 eth1
172.16.10.200 172.16.10.6 255.255.255.248 UG 19 0 0 eth1
172.16.10.208 172.16.10.6 255.255.255.248 UG 19 0 0 eth1
172.16.10.216 172.16.10.6 255.255.255.248 UG 19 0 0 eth1
172.16.10.128 172.16.10.2 255.255.255.248 UG 19 0 0 eth0
172.16.10.136 172.16.10.2 255.255.255.248 UG 19 0 0 eth0
172.16.10.144 172.16.10.2 255.255.255.248 UG 19 0 0 eth0
172.16.10.152 172.16.10.2 255.255.255.248 UG 19 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
Cipher_Router> en
Cipher_Router# sh ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
B - BGP, > - selected route, * - FIB route
C>* 127.0.0.0/8 is directly connected, lo
O 172.16.10.0/30 [110/10] is directly connected, eth0, 00:01:47
C>* 172.16.10.0/30 is directly connected, eth0
O>* 172.16.10.4/30 [110/20] via 172.16.10.1, eth0, 00:01:37
O 172.16.10.8/30 [110/10] is directly connected, eth1, 00:01:47
C>* 172.16.10.8/30 is directly connected, eth1
O 172.16.10.128/29 [110/10] is directly connected, eth0, 00:01:47
C>* 172.16.10.128/29 is directly connected, eth0
O 172.16.10.136/29 [110/10] is directly connected, eth0, 00:01:47
C>* 172.16.10.136/29 is directly connected, eth0
O 172.16.10.144/29 [110/10] is directly connected, eth0, 00:01:47
C>* 172.16.10.144/29 is directly connected, eth0
O 172.16.10.152/29 [110/10] is directly connected, eth0, 00:01:47
C>* 172.16.10.152/29 is directly connected, eth0
O>* 172.16.10.192/29 [110/30] via 172.16.10.1, eth0, 00:01:37
O>* 172.16.10.200/29 [110/30] via 172.16.10.1, eth0, 00:01:37
O>* 172.16.10.208/29 [110/30] via 172.16.10.1, eth0, 00:01:37
O>* 172.16.10.216/29 [110/30] via 172.16.10.1, eth0, 00:01:37
[root@cipher root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.4 172.16.10.1 255.255.255.252 UG 19 0 0 eth0
172.16.10.0 * 255.255.255.252 U 0 0 0 eth0
172.16.10.248 * 255.255.255.248 U 0 0 0 eth1
172.16.10.192 172.16.10.1 255.255.255.248 UG 29 0 0 eth0
172.16.10.200 172.16.10.1 255.255.255.248 UG 29 0 0 eth0
172.16.10.208 172.16.10.1 255.255.255.248 UG 29 0 0 eth0
172.16.10.216 172.16.10.1 255.255.255.248 UG 29 0 0 eth0
172.16.10.128 * 255.255.255.248 U 0 0 0 eth0
172.16.10.136 * 255.255.255.248 U 0 0 0 eth0
172.16.10.144 * 255.255.255.248 U 0 0 0 eth0
172.16.10.152 * 255.255.255.248 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
Phantom_Router# sh ip ro
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 172.16.10.5, eth0
C>* 127.0.0.0/8 is directly connected, lo
O>* 172.16.10.0/30 [110/20] via 172.16.10.5, eth0, 00:06:52
O 172.16.10.4/30 [110/10] is directly connected, eth0, 00:07:39
C>* 172.16.10.4/30 is directly connected, eth0
O>* 172.16.10.8/30 [110/30] via 172.16.10.5, eth0, 00:02:27
O>* 172.16.10.128/29 [110/30] via 172.16.10.5, eth0, 00:02:27
O>* 172.16.10.136/29 [110/30] via 172.16.10.5, eth0, 00:02:27
O>* 172.16.10.144/29 [110/30] via 172.16.10.5, eth0, 00:02:27
O>* 172.16.10.152/29 [110/30] via 172.16.10.5, eth0, 00:02:27
O 172.16.10.192/29 [110/10] is directly connected, eth0, 00:07:39
C>* 172.16.10.192/29 is directly connected, eth0
O 172.16.10.200/29 [110/10] is directly connected, eth0, 00:07:39
C>* 172.16.10.200/29 is directly connected, eth0
O 172.16.10.208/29 [110/10] is directly connected, eth0, 00:07:39
C>* 172.16.10.208/29 is directly connected, eth0
O 172.16.10.216/29 [110/10] is directly connected, eth0, 00:07:39
C>* 172.16.10.216/29 is directly connected, eth0
[root@phantom root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.10.4 * 255.255.255.252 U 0 0 0 eth0
172.16.10.0 172.16.10.5 255.255.255.252 UG 19 0 0 eth0
172.16.10.8 172.16.10.5 255.255.255.252 UG 29 0 0 eth0
172.16.10.248 172.16.10.5 255.255.255.248 UG 29 0 0 eth0
172.16.10.192 * 255.255.255.248 U 0 0 0 eth0
172.16.10.200 * 255.255.255.248 U 0 0 0 eth0
172.16.10.208 * 255.255.255.248 U 0 0 0 eth0
172.16.10.216 * 255.255.255.248 U 0 0 0 eth0
172.16.10.128 172.16.10.5 255.255.255.248 UG 29 0 0 eth0
172.16.10.136 172.16.10.5 255.255.255.248 UG 29 0 0 eth0
172.16.10.144 172.16.10.5 255.255.255.248 UG 29 0 0 eth0
172.16.10.152 172.16.10.5 255.255.255.248 UG 29 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 172.16.10.5 0.0.0.0 UG 0 0 0 eth0
Xenium have no problems pinging Phantom's virtual interfaces and vice versa
[root@phantom root]# traceroute 172.16.10.10
traceroute to 172.16.10.10 (172.16.10.10), 30 hops max, 38 byte packets
1 172.16.10.5 (172.16.10.5) 0.153 ms 0.177 ms 0.109 ms
2 172.16.10.2 (172.16.10.2) 0.181 ms 0.185 ms 0.158 ms
3 172.16.10.10 (172.16.10.10) 0.272 ms 0.270 ms 0.271 ms
C:\>tracert 172.16.10.216
Tracing route to 172.16.10.216 over a maximum of 30 hops
1 <10 ms <10 ms <10 ms 172.16.10.9
2 <10 ms <10 ms <10 ms 172.16.10.1
3 <10 ms <10 ms <10 ms 172.16.10.216
Trace complete.
DHCP Running DHCPD
Get DHCPD from isc.org
./configure
make
make install
simple as that.
#dhcpd.conf
#
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.248;
option broadcast 172.16.10.255;
option routers 172.16.10.249;
subnet 172.16.10.248 netmask 255.255.255.248
range 172.16.10.250 172.16.10.254
ddns-update-style none;
#
$dhcpd eth1 -cf /usr/local/etc/dhcpd.conf
ProxyMonitoringIPSec
IPSec is based on using FreeS/WAN
The FreeS/WAN project has created an environment to allow *nix boxes to connect via a secure path thru various encrypted protocols.
MailerMaking a boot-disk
A creating of a boot-disk is necessary to emulate the boot up process of the CD
lilo_lrcd.conf
boot=/dev/fd0
install=/boot/boot.b
backup=/dev/null
compact
image=/boot/kernel.img
label=lrcd
root=/dev/hdc
The process
mount /dev/fd0 /mnt/floppy
cd /mnt/floppy
mkdir boot
cp /boot/boot.b /mnt/floppy/boot
cp /boot/kernel.* /mnt/floppy/boot
lilo -C lilo_lrcd.conf -r /mnt/floppy
dd bs=10k count=144 if/dev/fd0 of=/kernel/****
ISO
Copy the boot image to the LRCD root directory
mkisofs -b boot.img -h -R -o /lrcd.iso .
