Henry Du Blog

Basic iptables Introduction Kubernetes kube-proxy provides the important role to work with Service resource. kube-proxy will create and define iptables rules to manipulate the network traffic for the service resource. iptables is a Linux firewall. In this article, we will introduce very basic iptables concepts: tables, chains and targets. Tables are files are join similar actions. There are several build-in tables. Chains are the set of rules. Rules are statements about what to do with the network package.

KEA DHCP part 3 This is the study notes of Using the Kea DHCP Server -Session 3 of 6. The DHCP reservation part will be added later on. DHCP Lease allocation When DHCP lease request is received, after Kea server successfully granted a lease, the following log is generated. 2020-10-15T20:35:36.137822+00:00 onprem-dhcp-6c98f7f9d9-lxd5d kea-dhcp4: INFO [kea-dhcp4.leases] DHCP4_LEASE_ALLOC [hwtype=1 10:7d:b9:2f:0d:eb], cid=[no info], tid=0x1: lease 172.17.10.1 has been allocated This informational message indicates that the server successfully granted a lease in response to client’s DHCPREQUEST message.

DNSTap Basic Introduction DNSTap is a fast, flexible method for capturing and logging DNS traffic. Developed by Robert Edmonds at Farsight Security, Inc., and supported by multiple DNS implementations, dnstap uses libfstrm (a lightweight high-speed framing library, see https://github.com/farsightsec/fstrm) to send event payloads which are encoded using Protocol Buffers (libprotobuf-c, a mechanism for serializing structured data developed by Google, Inc.; see https://developers.google.com/protocol-buffers). Enable DNSTap for BIND To enable dnstap at BIND compile time, the fstrm and protobuf-c libraries must be available, and BIND must be configured with –enable-dnstap.

KEA DHCP Part 2 This is the study notes from KEA DHCP Webinar Part 2. Some of contents are from ISC KEA document listed in Reference section. KEA DHCP KEA is modern DHCPv4 and DHCPv6 server. It is under open source MPL License. It provides JSON/REST API and modular design. It also provides high performance, which is able to have 1000 leases/seconds. KEA supports for DHCPv6 prefix delegation, dynamic reconfiguration, dynamic DNS updates, SQL database backend and PXE Boot support.

Using the Kea DHCP Server 1 Introduction This is the study notes from ISC webinar DHCP is short for Dynamic Host Configuration Protocol. It is addressed in RFC 2131 for IPv4 and RFC 8415 for IPv6. DHCPv4 Protocol The DHCPv4 server or relay agents listen on port 67. The DHCPv4 clients listen on port 68 for messages from a server or relay agent. The communication between a client and a DHCP server follow the DORA procedures.