26 Dec

Buffalo Linkstation: Add NFS function (support NFS v3)

So I just noticed that the previous method only support NFS v2. ESXi require NFS v3 at minimum. So here’s the guide for NFS v3 on Buffalo Linkstation.

Step 1:
Gain SSH and optware (check my previous post)

Step 2:
Check for unfs package

#ipkg update
#ipkg list | grep unfs
unfs3 - 0.9.22-1 - Version 3 NFS server (not recommended, use nfs-utils instead)

Step 3:

Install unfs
#ipkg install unfs3
#ipkg install portmap (optional)

Step 4:
Configure

#nano /opt/etc/exports
/mnt/array1/share (rw,no_root_squash)

(ctrl-x to quit and save)

Restart services

#/opt/etc/init.d/S55portmap restart
#/opt/etc/init.d/S56unfsd restart

You can try mount this NFS from ESXi or ubuntu server

#apt-get install rpcbind nfs-common
#mkdir -p /mnt/mynfsshare
#mount IP-of-your-NFS-Server:/mnt/array1/share /mnt/mynfsshare/
#df -kh

When configuring NFS shares to use as network sources for Kodi’s music/video libraries, use the following format: nfs://1.2.3.4/path/to/folder (where “1.2.3.4” should be replaced with the IP of your NFS server, and “/path/to/folder” should be replaced with the path to the folder you want to share; a double slash between the server and the path is wrong, you should not use nfs://1.2.3.4//path/to/folder)

Reference(s):
http://web.archive.org/web/20151207200629/http://forum.buffalo.nas-central.org/viewtopic.php?t=6531&start=15
https://serverfault.com/questions/554215/nfs-mount-with-nfs-3
https://help.ubuntu.com/community/SettingUpNFSHowTo#Installation

Incoming search terms:

  • century9j1
  • enoughxkb
  • ipkg nfs
25 Dec

Buffalo Linkstation: Add NFS function (caveat – only support NFS v2)

SMB sucks when compared to NFS. Here’s how to enable NFS in our Linkstation.

Step 1
The first step is to gain ssh root access to this Linkstation. Refer here.

Step 2
Install NFS
# ipkg update
# ipkg install nfs-server

Step 3
To configure your exports you need to edit the configuration file /opt/etc/exports. My example is this:

/mnt/array1/backups 10.0.0.10(rw,sync)
/mnt/array1/films 10.0.0.10(rw,sync)
/mnt/array1/tv 10.0.0.10(rw,sync)

or just allow the whole subnets
/mnt/array1/backups 10.0.0.0/24(rw,sync)

Once that file has been updated you’ll need to restart NFS:
# /opt/etc/init.d/S56nfsd stop
# /opt/etc/init.d/S56nfsd start

If you receive this error when restarting NFS daemon:
Cannot register service: RPC: Unable to receive; errno = Connection refused

Try checking portmapper
#rpcinfo -p
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused

Easy, just restart the portmapper daemon
#/opt/etc/init.d/S55portmap stop
#/opt/etc/init.d/S55portmap start

Then repeat above step to restart NFS.

Reference(s:
https://github.com/skx/Buffalo-220-NAS
https://maazanjum.com/2014/02/17/starting-nfs-quotas-cannot-register-service-rpc-unable-to-receive-errno-connection-refused/

23 Oct

Adding Realtek 8168/8111/8411/8118 based NICs to ESXi 6.5

Step 1: Install ESXi PowerShell Module
Run PowerShell with elevated privilege (run as administrator)

PS D:\> Install-Module -Name PowerShellGet -Force
PS D:\> Install-Module -Name VMware.PowerCLI

Step 2: Changing the Windows PowerShell Script Execution Policy

PS D:\Set-ExecutionPolicy Unrestricted

Step 3: Download ESXi-Customizer-PS
Go to https://www.v-front.de/p/esxi-customizer-ps.html and download ESXi-Customizer-PS-v2.5.1.ps1 and move the script to D:\ (to ease our job)

Step 4: Run PowerShell script

PS D:\> .\ESXi-Customizer-PS-v2.5.1.ps1 -vft -load net55-r8168

Notes:
net55-r8168 is the package name from https://vibsdepot.v-front.de/wiki/index.php/List_of_currently_available_ESXi_packages containing Realtek NICs driver.
PS D:>.\ESXi-Customizer-PS-v2.5.1.ps1 -help for more customization

Alternative way:
esxcli software acceptance set --level=CommunitySupported
esxcli network firewall ruleset set -e true -r httpClient
esxcli network firewall ruleset set -e true -r dns
esxcli software vib install -d https://vibsdepot.v-front.de -n net55-r8168


Incoming search terms:

  • load additional vibs from online depots error cannot find vib named
  • realtek rtl8111e vib esxi 6 5 download
  • 8111 for ESXi
  • ESXI 6 7 8168
  • vmware esxi6 5 realtek
  • advanxer
  • [error] cannot find vib named net-tulip !
  • https://advanxer com/blog/2017/10/adding-realtek-8168811184118118-based-nics-to-esxi-6-5/
  • esxi 6 7 realtek
  • esxi 6 5 add driver
  • install esxi with realtek 8111
  • realtek nic r8168 esxi 6 5
  • esxi realtek driver
  • esxi realtek 8168
  • Esxi RTL8169 drivers
10 Apr

Allowing tracert in Cisco ASA firewall

I was under impression that allowing icmp in the service policy will enable tracert to work. I was wrong. After scouting around I found below tweaks that will enable tracert to run correctly.

1. Set decrement TTL
ASA# configure terminal
ASA(config)# policy-map global_policy
ASA(config-pmap)# class class-default
ASA(config-pmap-c)# set connection decrement-ttl
ASA(config-pmap-c)# exit

2. Permit icmp control messages
ASA(config)# access-list inbound permit icmp any any time-exceeded
ASA(config)# access-list inbound permit icmp any any unreachable

3. Permit icmp connection, which you should already have 😀
ASA(config)# access-list outbound permit icmp any any

References:
http://www.cisco.com/c/en/us/td/docs/ios/sec_data_plane/configuration/guide/12_4/sec_data_plane_12_4_book/sec_fwall_icmp_insp.html

http://www.petenetlive.com/KB/Article/0000753.htm

Incoming search terms:

  • asa tracertrt
  • cisco asa 5508 gui enable tracert
  • cisco asa 9 1 windows traceroute
  • unifi allow tracert
  • tracert not working asa the address translation slot was deleted
  • enable traceroute on asa
  • enable tracert on cisco ASA
  • allow traceroute through asa
  • allow tracert asa
  • asa tracert
  • can i tracert from asa
  • can you trace route from a cisco asa
  • cisco allow trace route asa
  • Cisco ASA 5525X allowing trace route
  • how enable traceroute on asa
05 Mar

Force apt-get to use IPv4 instead of IPv6

It seems that Ubuntu/Debian (or perhaps other distros as well) prefer IPv6 DNS records instead of IPv4 when applicable and some times this results in loss of connectivity or similar problems.
I ran into this issue today while trying to update an old VPS with apt-get/aptitude. Specifically, security.ubuntu.com was being resolved in an unreachable IPv6 address and I had to wait some minutes for timeout every time.
Fortunately, there is an easy fix for this; you just have to edit the file located at: /etc/gai.conf which is the configuration for getaddrinfo(). There you have to uncomment line ~54 which reads: “precedence ::ffff:0:0/96 100″, and you are all set! (assuming that every other option is commented out by default as in my case).

gai

Reference: http://bruteforce.gr/make-apt-get-use-ipv4-instead-ipv6.html

Incoming search terms:

  • force apt-get ipv4
  • force ubuntu to use ipv4
  • force yum ipv4
  • ubuntu force ipv4