Archive for the ‘Networking’ Category

Using .bashrc in Unix systems

If you are a system administrator, your tasks generally require you to login to many systems remotely through the terminal, and having proper knowledge of useful commands is a must! However, just knowing about these commands is not sufficient because you need to use them efficiently. Getting your mind over the bashrc file is one step in that process.

Where is the .bashrc file located?

Since messing around with the .bashrc file can cause big issues with your system, it is a hidden file located in your home directory. That means you can open the file with any text editor by going to ~/.bashrc. The absolute path is /home/<my_username>/.bashrc (more…)

Load balancing and Failover systems

In the previous posts on high availability architecture, we have already talked about scaling databases and Content Delivery Networks. Many a times, we have talked about evenly distributing the requests to the different nodes, and also about how to avoid downtime when some node or component fails. In this post, the prime objective is to talk about these processes of load balancing and failover systems in details.

Load balancing is a technique of distributing your requests over a network when your server is maxing out the CPU or disk or database IO rate. The objective of load balancing is optimizing resource use and minimizing response time, thereby avoiding overburden of any one of the resources.

The goal of failover is the ability to continue the work of a particular network component or the whole server, by another, should the first one fail. Failover allows you to perform maintenance of individual servers or nodes, without any interruption of your services. (more…)

Improving performance with CDNs

A content delivery network or a content distribution network (CDN) is a system of servers that are deployed over the whole world wide web, which duplicates content on multiple servers and serving them to the users based on proximity. CDNs help in delivering content (images, documents, JavaScript and CSS files) to the end users at very high speeds. In CDNs, multiple copies of the content is present on strategically dispersed servers. The geographically closer a server is to the user, the faster the content is delivered. (more…)

Scaling your Databases

We have already discussed on the general ideas behind High Availability architecture. The scaling of databases is a very crucial component of the implementation of high availability architecture. In this post, we would explore the various techniques of scaling up databases. The distribution models discussed here apply to both relational and non-relational (NoSQL) databases.

As is the case with other components of high availability architecture that I would discuss in subsequent posts, it is imperative that the database solution that you plan to implement should be optimal to the needs of your product or application. Let us first see the need of scaling databases. (more…)

VLANs Offer Security & Network Segregation Without the Cost

VLANs (Virtual Local Area Networks) are two or more LAN subnets that exist on the same networking equipment, such as a switch or firewall. Given that ports on a switch function independently, this creates the ability to treat each port as if it is its own network. Grouping these ports together creates a VLAN, essentially creating subsets of logical networks on a physical switch.

For example, assume you are using an eight port switch. If no VLANs existed, assume the entire switch operated on the 10.81.44.X network. Any devices attached to the switch could communite to one another as long as their IP address fall between 10.81.44.1 and 10.81.44.254. Now assume we have implemented VLANs on the switch. The first four ports are still associated with the 10.81.44.X network; however, we have configured the last four ports to act on the 192.168.1.X network. Doing so, we have essentially created two logical networks on one physical network switch. Only devices on the first four ports can now communicate with each other and the same goes for devices attached to the last four ports.

So what benefits do VLANs give us?

Broadcast Domain

Each network has its own broadcast domain. Whenever a broadcast packet is sent out, this packet gets sent to every device on the network. As the number of devices attached to the network grow, so do the amount of broadcast packets being sent throughout the network. As the amount of traffic grows, these broadcast packets can congest the network and could potentially slow things down. Splitting the traffic into two networks created by VLANs can greatly reduce the broadcast traffic and reduce congestion on the network.

Security

VLANs offer the ability to keep data packets from multiple networks separated. Organizations who wish to utilize wireless Internet in their workspace, yet still wish to maintain a private and secure network can utilize VLANs to achieve this goal. Take the example used earlier where two networks exist: 10.81.44.X and 192.168.1.X. The 10.81.44.X network is a private network that contains critical file servers, e-mail servers, and potentially private data that should only be accessed by internal employees. If the company simply attached a wireless router to this network, anyone with some computer knowledge could easily hack into the router from within the wireless range and access this private data network. This is where VLANs and the 192.168.1.X network come into play. On the company’s switch, a VLAN can be created specifically for the new wireless network of 192.168.1.X. These ports on the switch associated with the wireless VLAN would communicate only to the Internet and traffic would never pass between the two networks. A router would need to be placed in the middle of these two networks in order for the two to communicate. As a switch does not function as a router, the packets pass only to those ports associated with the same VLAN and function as if there are two physical networks in place.

Dividing Critical Network Traffic

Often, networks will have some sort of device or system that requires a large amount of network bandwidth. One example are VOIP phones which require voice packets to travel at a higher priority compared to file or email packets. VLANs offer a chance to segregate this higher priority traffic to their own network to avoid voice traffic from clogging network bandwidth. Similar to the example explained above, a new network could be created without purchasing any more switching hardware utilizing VLANs. The 10.81.44.X network would remain as the primary data network and a new network, 192.168.1.X, created for the VOIP traffic. The way this differs is that the same ports can be utilized for both voice and data VLANs, meaning a single port can function on two VLANs at once. Doing so still divides the traffic, as the data packets from each network will be tagged with a specific ID number correlating to each VLAN. Assume the data VLAN has a VLAN ID of 1 and the voice VLAN has a VLAN ID of 200. When a packet travels to a switch port with both a computer and VOIP phone attached, the port looks at the VLAN ID and knows which device to pass the packet to. Devices also check this VLAN and discard any packets that do not match the same network as their own. Through the use of VLANs and unique VLAN IDs, devices can reside on the same physical switch port yet still function on two logical networks.

Configuring a VLAN on a network brings multiple benefits to the security and functionality of a network, without the need to purchase more hardware. If bandwidth issues or the need for a separate wireless network arises, first turn to VLANs to save the day. You’ll save yourself some money and learn a lot about how networks functions along the way.

Uploader client for Tonido WebsharePro

We are happy to announce the new WebsharePro uploader under Apache 2.0 license. Source code for this application is available at the Tonido developer repository.

The current release has binaries for windows.  Since the application is made with platform agnostic development libraries, it will be easier for other developers to improve, extend and migrate the application to other platforms.

A Word on Tonido Webshare and WebsharePro

Webshare is an application that runs on the Tonido platform. It lets users to share files from their home computers and make it available from anywhere on the internet. It lets users create accounts for friends and family thereby giving restricted access based on the identity. You can try the free download from here.

WebsharePro extends the ability of Webshare by allowing upload of files to their home computers from anywhere on the internet. It also makes it easy for users to send and receive files from others. A browser is the only requirement to upload files to remote computer.

Drawbacks with using browser for uploads

It is important to note that there are some drawbacks in using just a browser to send files to another remote computer.

  • When a user wants to upload multiple files, he/she can only upload only one file at a time.
  • Hard to upload a directory and its contents. Contents can be files or sub-folders.
  • It is not possible to perform drag-and-drop of files and folders to be uploaded.

WebsharePro Uploader

To overcome these issues we introduce the new WebsharePro Uploader. This is a standalone native application that is currently released only on windows. Once the application is downloaded and installed, all you need is to specify the Tonido URL, user name, password and you are good to go. You can use the built-in file/folder chooser or drag-and-drop files and folders. Uploader starts uploading them without anymore user attention. Go here for more information on setup, configuration and use of this uploader.

uploader1

Download Uploader for Windows

If you don’t have WebsharePro, you can also buy it from our Tonido Store.

TonidoPlug, A NAS Adapter: How to convert your USB harddisk to NAS

“TonidoPlug is a tiny, low-power, low-cost home server powered by Tonido software that allows you to access your apps, files, music and media from anywhere. “

That is the definition you will see when you goto TonidoPlug.com. What is not explained clearly is that it is actually a tiny linux server running Ubuntu 9.0.4 in it and it can function as a NAS adapter out of the box.

USB Hard drives: USB hard drives are very handy to extend the storage of your desktop, to archive documents, photos and other media files. The problem with an USB hard drive is that it can be connected to only one desktop at a time. If you have multiple desktops then it will be difficult to share the drive among them. NAS adapters can help to fix this issue.

NAS Adapter: When you connect an USB drive to a NAS adapter, it makes the drive available on your local network. So multiple desktops can see the drive on the network and read/write files from/to it.

TonidoPlug as a basic NAS adapter: Like any NAS adapter you can connect your USB drive to TonidoPlug and it immediately makes it available on the local network. It understands all the common disk formats such as: FAT16, FAT32, NTFS, EXT2, EXT3. It supports hard drives of capacity upto 2TB. Price tag $99.

How it works:

  1. Power on TonidoPlug and connect a network cable to it.
  2. Now connect your USB hard drive on the USB slot of TonidoPlug.
  3. Access it from any local network. ie., you can access your USB drive at \\<TonidoPlug IP Address>\MediaDisk\

TonidoPlug as an advanced NAS adapter: If you want to setup multiple user accounts by providing private space for each user on the USB hard drive then it is as easy as changing few parameters in the configuration file. Look here for a quick how-to. Also if you are linux user who is familiar with SAMBA then the possibilities are endless.

If you are in the market for looking for NAS storage or NAS adapter then TonidoPlug might be the right choice for all your needs and much more like their definition claims “A tiny, low-power, low-cost home server powered by Tonido software that allows you to access your apps, files, music and media from anywhere. “

Save your personal data before it is too late.

Do you store and share your photos online? Watch out.

“As of February 1st, 2008 the ImageStation online service is permanently closed.”
Sony ImageStation, Feb 1, 2008

“Photo site Digital Railroad derailed completely.” CNet News Oct 29, 2008

“The AOL Pictures online photo service is now closed.” AOL July 14th 2008

“Yahoo Photos going dark as Flickr shines on.” USA Today May 4th 2007

“If the amount of storage you use is equal to 2 gigabytes (GB) or less, you must make purchases totaling at least $4.99 once every 12 months. If your storage amounts to over 2 GB, you must make purchases totaling at least $19.99 once every 12 months. If you do not meet the applicable minimum purchase requirement, your photos may be deleted.” Kodak March 13, 2009

“Users of the Fotango photo-sharing website were thrown into disarray today after finding out that the company has abruptly announced that it will close down the site next month.” Photography Press June14th 2006

“On approximately September 15, 2005, the HP Photo site was permanently closed, and is no longer accessible.” Snapfish Sep 15, 2005

“Zing.com, an online photography site backed by venture capital powerhouse Kleiner Perkins Caufield & Byers, said it will shutter its consumer operations next month.” CNet News June 13, 2001

It is not just the online photo storing sites, even cloud services that offer file storage are closing down…

“Thank you for your interest in HP Upline. The HP Upline service has been discontinued as of March 31, 2009.” HP March 31, 2009

“Yahoo’s Briefcase online storage service, which soldiered on for almost 10 years with a distinctly Web 1.0 capacity of 30MB, is finally being shut down.” PC World March 30, 2009

“The Xdrive service is closed. Thank you for having been an Xdrive user.” Xdrive July 14th 2008
Does this bother you? Is your data safe and secure?

If giants such as Yahoo, HP, and Sony closed their online storage services then it is a real possibility that it can happen to any company any time.

So what can you do?

  1. Remember that Your data is secure and safe at no other place other than your PC.
  2. Create a backup plan and backup the data in your hard drive at regular intervals.
  3. Avoid storing sensitive data and personal photos online that you cannot afford to lose.

Hmm… But some of us want to share this data with friends and family.

Peer-to-Peer (P2P) service: With a P2P service, you can directly share your files and photos with your network of friends and family without having to upload to web or email the photos and files.

Good.. But I want to access my files and photos from anywhere.

Tonido gives you the best of both worlds. Tonido does Peer-to-Peer file and photo sharing. In addition, Tonido gives an unique benefit of accessing files, photos, music etc that reside on your PC from anywhere.

Configure and Use Dynamic DNS

DNS

DNS or Domain Name lookup Service provides the mapping between internet addresses such as 22.43.68.133 to a human readable (and memorable) address (known as URL) such as www.apple.com. Without a DNS service it will be difficult for us to remember all the internet server addresses that we use daily. These address mappings will be hosted by some well known servers on the internet. These mappings can be created usually for a flat fee by many vendors. These mapping servers are very reliable in providing the name resolution.

DNS Pros and Cons

Pros:

  • Get any available URLs
  • Reliable, enterprise grade service

Cons:

  • Pay service
  • Not suitable for DHCP addresses

Dynamic DNS

Dynamic DNS (DDNS) is also a name to internet address mapping service but more suitable for home or small business users. The basic Dynamic DNS (DDNS) service is provided free by many service providers(www.DynDns.com).

Internet providers such as cable or DSL often provide dynamic IP addresses to their subscribers unless the subscriber paid for a static IP address. If  you want an URL for accessing your home computer from anywhere:

1.      You have to pay for a DNS mapping service.
2.      If the home computer is assigned with DHCP address then you have to update the mapping every time there is an address change.

But with DDNS service, you can get a basic mapping service for free and these services are suitable for even DHCP addresses. This is made possible by some kind of DDNS client.

Dynamic DNS Client

There are two types of DDNS clients.

  1. A client that runs on your home computer.
  2. A client that runs on your router itself.

No matter where the client runs, the functionality of the clients is the same. They connect to the DDNS provider at regular intervals and update the mapping. When the DHCP address at home changes, the mapping will be updated automatically on the next update. If you choose to go with type 2 client, there are lot of free and shareware DDNS clients available on the web. You can select them depending on the operating system of your home computer and the feature set offered.

Dynamic DNS Pros and Cons

Pros:

  • Basic service is free.
  • Suitable for DHCP addresses.
  • Restrictive URLs.

Cons:

  • DDNS clients are not available on all home routers, though newer routers mostly have this functionality.
  • Some configuration involved in running a DDNS client on your computer.

Dynamic DNS Uses

Let us assume that you have setup a DDNS at your home. Now what do you do with that. Actually DDNS setup can be found very useful for your day-to-day applications. Here are some of the uses.

Basic:

  • Remotely connect to your PC via SSH, Telnet, VNC or Remote Desktop
  • Access your files at home computer via FTP

Advanced:

  • Listen to your music collection at home computer from anywhere
  • Run your own personal web server hosting websites, blogs etc.
  • Run your own mail server for sending and receiving mails.

Tonido Dynamic DNS

Tonido is a new software from CodeLathe that includes DDNS client functionality. It is available for Windows, Linux and Mac OSX. Upon installation, user needs to create a new account and this new account name will be the users URL.

For example, If you create an account called ‘John’ then you can access your home computer from anywhere using the address ‘john.tonidoid.com’. There is no other configuration needed.

Tonido Uses

Tonido also comes bundled with a bunch of applications that will make your DDNS setup worthwhile.

  1. Jukebox: Listen and organize your MP3 song collection from anywhere.
  2. Web share: Host a quick file download server allowing access to your files from anywhere. Hosted files can be downloaded via any web browser.
  3. Photos: Securely share your photos with friends and family, without uploading to any third party servers.
  4. Workspace: Personal Information Management tool that lets you to sync notes, calendar, contacts, to dos, chat messages among your friends and family.

Summary

There are lot different ways of setting up DDNS service for home or small business. Tonido is one tool that not only provides DDNS client service but also takes one step further by providing all the applications that required DDNS in the first place. You can checkout Tonido at www.tonido.com

Browsing from office via home network

Introduction
Many of us would like to do free spirit internet browsing while at office and working hard :-). However not all offices will allow you to do unrestricted internet traveling. Most of the day-to-day websites, email sites etc., will be on the restricted list. While some of the sites are restricted for security reasons, most of them are restricted for loss of productivity during office time.

Here is a way we can quickly bypass browsing restrictions and get to any site we want. This article assumes a fairly working knowledge on computers. In this article, we setup a browsing proxy service on the office system which will route all the internet traffic via a remote home system. Also the entire communication between office and home system is over a secure channel, so there is no worry of privacy concerns.

Our environment will have two systems:
(1) Local/Office System:
Windows operating system such as xp, 2000 etc.,.
Putty – Very useful telnet/ssh client for windows.
(2) Remote/Home System:
Preferably a linux operating system with SSH service started. If you don’t have a machine with linux system handy, you can use cygwin/openSSH on windows platform. In a nutshell this system should have a SSH server running on it.

Additional Requirements:
If home system is directly connected to internet, then public IP address of the home system will be needed for this setup. To make life easier a free dynamic dns account for mapping the IP address to a URL can also be created. Check http://www.dyndns.org for details.
If home system is connected to internet via a router, then add a port forwarding on port 22 to the home system. Again public IP address or dynamic dns name of the router will be needed for this setup.

Setup steps:

1) On the office system, open putty enter the ipaddress or dynamic dns name in the host name field. Select “SSH” as connection type. Port 22 will be selected which can be left alone unless you run the SSH service on a different port. Note: Though your putty screen might look a little different than the one seen here due to version differences, the basic steps would be still the same

In our example,
Host Name = demo123.dyndns.org
Port= 22

Remote home system network details

2) In putty, on the left-hand navigation panel, open SSH option and select “Tunnels”.

In the tunnels screen, set these values
Source Port: 3000 (this is the port at which our proxy service listens to, this port can be changed to any but preferably a number larger than 1024)
Destination Port: (Leave Blank)
Finally, select “Dynamic” from the radio button options.

Tunnelling information for the proxy

3) Important: Click “Add” to add the tunnel settings to the connection.

Tunnel settings added

 

4) On left-hand navigation panel, move the scrollbar to the top and click session. You will be seeing the settings entered in step(1). Now we can save the whole connection settings. Add a name for this connection in the saved sessions textbox and click save.

Saving the connection settings

5) Click open, to open connection to home machine, and enter login and password information for the remote machine. This user need not be root user, but it needs to be an user with network access on the remote machine. That brings to the end of putty configuration. Now you have a proxy connection pipe from office machine to home machine. Now we need to configure our browser to use this pipe instead of the direct connection.

6) Open up a browser window and make the following changes to the connection settings.
On FireFox,
Select connection settings from the menu item Tools -> Options. This will bring up the option window, Select “Advanced” from the icon and then switch to “Network” tab.

FireFox Connections Tab

Click on Settings, which will bring up the network settings screen for the browser. Normally, the browser will be set for no proxy. If you have any other proxy settings remember to note those values. We might need to put that back when we are done using our own proxy service. Click on “Manual proxy configuration” option and enter “127.0.0.1” for SOCKS Host and 3000 (or the port you’ve used) for Port. Finally click “OK” to save the changes.

Browser connection settings: Before changes Browser connection settings: After changes

On IE,
Select connection settings from the menu item Tools -> Internet Options. This will bring up the option window, switch to “Connections” tab. Click on “LAN Settings”. IE network settings window will open. In this window select “Use proxy server….” and click “Advanced”. In the proxy settings window, enter 127.0.0.1 as socks proxy host and 3000 as socks proxy port. Click “OK” and save the changes. Note: Make note of the existing LAN settings to put it back after using the proxy service.

IE Connections Tab IE LAN Settings IE Proxy Settings

7) Now we are ready for browsing any website through our home network and not through the office network. To verify this you can close look at the putty logs. Also another crude test will be to close the putty session to sure browser cannot connect to internet anymore. Once you are done using the proxy service revert back to your original browser network settings.