Tag Archives: code

How to – Debian Static IP Configuration

On a basic Debian machine without a graphical interface assigning the same IP address all the times can be achieved in two ways.

Static IP Address

To configure a static IP, (an IP that will never change), and not use DHCP you must edit the file /etc/networking/interfaces.
Insert the following code at the end of the file and don’t change anything else unless you know what you do:

# The first network card – this entry was created during the Debian installation
# (network, broadcast and gateway are optional)
#Private Interface
iface eth0 inet static
address 192.168.0.254
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
## only use gateway if your machine is not multi-homed, (two network cards). You can only have a default route.
# gateway 192.168.0.1

In our case the IP of the Debian machine is 192.168.0.254. The gateway, (the router), is 192.168.0.1 and it is a standard Class C network.

To refresh the network configuration without restarting the server execute:
/etc/init.d/networking restart

If that doesn’t work reboot the machine (reboot or init 6).

For a second network card you should add at the end of the file another entry for your second card:
#External interface
iface eth1 inet static
address 1.1.2.2
netmask 255.255.255.0
network 1.1.2.0
gateway 1.1.2.254

Check the new configuration by issuing the command:
ifconfig

DHCP Reserved address

If you want to set this via DHCP you have to make a reservation into your DHCP server for your network card’s MAC address.
You can find your MAC address by using the command ifconfig.
The server will spit some information on the screen that looks like this:
eth0 Link encap:Ethernet HWaddr 00:33:ff:c4:2f:2b
inet addr:192.168.0.254 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::230:f4ff:fdd4:bf33/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:93373 errors:0 dropped:0 overruns:0 frame:0
TX packets:38320 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76539317 (72.9 MiB) TX bytes:5551726 (5.2 MiB)
Interrupt:17 Base address:0x6000

The first line is the one you are interested in:
HWaddr 00:33:ff:c4:2f:2b
In your DHCP server make a reservation using 0033ffc42f2b as your MAC address. Note the removal of the colons in between.
Reboot the server and when the machine will try to renegociate its IP address the DHCP server will assign it the newly reserver address.

If you want to add a static route on your Debian machine edit your /etc/networking/interfaces file and add the following two lines at the end of your eth1, (eth0), configuration.
up route add -net 192.168.22.0 netmask 255.255.255.0 gw 192.168.100.254
down route del -net 192.168.22.0 netmask 255.255.255.0 gw 192.168.100.254
The two lines tell Debian to add a static route when the computer boots, and to remove the static route when it shuts down.

The parameters mean: 192.168.22.0 is the network you want to make your Debian machine aware of; 255.255.255.0 is the netmask of your added network, 192.168.100.254 is the gateway to that network.

Why would you need a static network? In our configuration example your default route is through your public network interface.
Any additional internal networks or VPN’s will not be available. The configuration above tells your Debian machine how to reach any VPN or networks not reachable via the default Network.

There is another change needed if you plan to configure this machine as a simple router. You need to enable IP forwarding, in other words allow the machine to forward traffic for its clients.
# nano /etc/sysctl.conf
Change the following line : net.ipv4.ip_forward = 0
to net.ipv4.ip_forward = 1

Reboot the machine to make the setting active, or issue the following command to make the kernel aware of the change:
# echo 1 > /proc/sys/net/ipv4/ip_forward

Why do you want your Debian machine to connect to other networks or VPN’s? If your machine is a proxy, or a gateway it needs to know where to route packets for its clients. Even if your remote networks or VPN’s have their own proxy, if you have a shared server in one of these networks you need to make it available for your users. It is easier to maintain a static route on one server than add it to all of the clients.

Browser Auto-config and Wpad deployment

Using a Proxy Server in your Company’s Network is one of the best decisions you have made.
But this decision can bring you some administration overhead if you don’t have an automatic way to provision the browser settings.
Fortunately, for Microsoft Operating Systems there is a way to accomplish this.
The procedure involves a configuration file that tells browsers how to connect to Internet.
This file is published via the existing Infrastructure using DNS, DHCP and a WEB Server.

Create the configuration file

Create the wpad.dat file inserting the following text:
function FindProxyForURL(url, host) {
return "PROXY 192.168.100.10:3128; DIRECT";
}

IIS

Create a new website and link it to a folder of your choice, (for instance c:\wpad). Place the wpad.dat file inside the folder.
Create a mime type for the .dat  file type with the mime type  “application/x-ns-proxy-autoconfig”.
Restart IIS. If you already have an IIS just place the file in the root directory.

Apache:

Create the wpad.dat file on the www directory depending on your distribution (on a Debian is /var/www/).
For instance:
#nano /var/www/wpad.dat
would open the nano editor. If nano is not install use vi or mcedit or any other text editor.
Edit httpd.conf:
#nano /etc/apache/httpd.conf
and insert the following line:  
AddType application/x-ns-proxy-autoconfig .dat

Make sure apache daemon is starting at boot time, (update-rc.d  apache2 defaults)
Restart apache #/etc/init.d/apache2 restart.

DHCP – Configuration for Proxy Auto discovery

(on a Microsoft DHCP server)

  1. Click Start, point to All Programs, point to Administrative Tools, and then click DHCP.
  2. In the console tree, right-click the applicable DHCP server, click Set Predefined Options, and then click Add.
  3. In Name, type WPAD.
  4. In Code, type 252.
  5. In Data type, select String, and then click OK.
  6. In String, type http://internalserver/wpad.dat where:
    • internalserver is the domain name of the Server that hosts the wpad.dat file. (Alternatively you can use fully qualified domain name, (eg. http://internalserver.domain.local:3129/wpad.dat)
    • Port is the port number on which automatic discovery information is published. You can specify any port number. I put 3129.
  7. Right-click Server options, and then click Configure options.
  8. Confirm that Option 252 is selected.

If you configure this on a Unix DHCP server you might need to add an extra blank character at the end of the DNS Configuration
Create an alias (CNAME) with the name wpad pointing at the webserver that hosts your wpad.dat file. For instance the alias is wpad and the fully qualified domain name is internalserver.domain.local

Troubleshooting

WPAD alias DNS entry not responding
After creating your alias when you ping wpad you get host not found this could be related to a security improvement on Microsoft’s DNS servers.
To fix this you need to edit the following registry value: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters\GlobalQueryBlockList
Edit this on all of your Microsoft DNS servers and remove wpad from the list of values. See the image below:

Registry Fix for Implementation of WPAD

Note that this configuration requires you or your user to configure your browser to “Automatically Detect Settings”.
For Internet Explorer this can be automatically configured for all the users in an Active Directory domain via a Group Policy.
The same policy will be used by Google Chrome, which uses the Windows Internet Connection configuration.
Other browsers such as Opera, and Mozilla will have to be manually configured. Alternatively, for an automatic configuration they can be tweaked via registry hacks or configured via third party software.
The disadvantage with manual configuration is of course the cost of deployment and the fact that this can be changed by the user. If you want to enforce the use of the proxy you have to restrict the gateway access and allow only the proxy machine to access it. Another way would be to configure your proxy to be your router and set up a transparent proxy.

Business Domain Name Registration and Trademark Protection

Domain name registration is an important step for any business. Almost all businesses need to be online even if only for PR. Sometimes business owners don’t have all the information in order to take a decision regarding a Domain Name. This happens because of high level of technical information, not enough literature on the subject, and a lot of time misguided information.

What is a Domain Name?

Domain Name www
www

Every domain name contains two or more components separated by periods, called “dots”. The last part of the address, (com, net, org, us, ca, uk), is called the “Top Level Domain”. The second part of the domain is what the “Second Level Domain”. Examples of Second Level Domain are: com.uk, or on.ca. The Second Level Domains are a great way to organize geographically or functional the Domain Names, (on.ca for example is the SLD for Ontario – Canada).

It is also possible to have sub-domains such as “subdomain.yourdomain.com”. I own, for instance, www.head-massage.net. I could choose to split my traffic and content between multiple websites and assign them different sub-domain names such as: practitioner.head-massage.net, directory.head-massage.net, articles.head-massage.net, etc… That is a Web Marketing or technical decision.

A domain name is hierarchical and most common offers information about the type of entity using the domain name. However, for an additional charge, you can choose to keep that information private.

Why do we need a domain name?

A domain name is always needed when you want to be present on the web. It is a way to translate your server’s address into a nice looking address. Who can remember a web address like 192.168.196.231? Not me… For me, and most of us, it is easier to remember a name like dorianblog.info.

Your Domain Name is your property on the Internet. It is the name of your space on Internet. Since it represents you and your company you want make it look good.

Marketing and PR are other two major reasons. You want to brand your Web Site and personalize it.

Search Engine ranking is another reason. There is been a lot of discussions on this subject and it seems that Search Engines such as Google, Yahoo, Bing, etc. are taking in consideration the domain name of your website in their ranking algorithm.

Trademark protection is so important these days and if you don’t use a domain name that sounds like your company name someone else will use it, and reap off the benefits.

How to choose a good domain name

There is no absolute formula for choosing your domain name but there are some guidelines. These guidelines along with a good Marketing strategy, can give you an idea of what domain name or names you should choose.

Some of the guidelines are the following:

  • Try to make your domain name as short as possible. This makes it easier to remember and get the attention of your visitors.
  • It has to be as short as possible. People have to remember the name easily.
  • It has to have a meaning, something that people can relate to easily. You can’t name your website tmmfalfbte.com because this is the acronym of your book: “The Massage Manual For All Levels From Beginner to Expert”.
  • It has to be related to your company name or to your products or to a specific Marketing Campaign.
    I have dorianblog.info, (my name + blog), and the other one is head-massage.net, (obviously the name says it all is about Head Massage). If I had enough money and energy to finish my project to write a book about massage I would promote it through an alternate website, (part of my Marketing Campaign), let’s say learntomassage.tv which is not yet registered.
  • This last example leads me to the next question what TLD, (Top Level Domain), should I choose. If you can, stick to the designation of the TLD. For example .com is for commercial institutions, .org is for noncommercial organizations, etc… But this isn’t extremely important.

Other TLD, (Domain Name Extensions), are:

  • .edu — for educational institutions, (you have to prove you are an educational institution and are allowed only one name), .net — for network infrastructure providers, (the initial designation has been lost),
  • .gov — for governmental entities in US – restricted,
  • .mil — for military entities in US – restricted,
  • .int — for international treaty organizations – restricted and very tight controlled.
  • On top of these there are Country Code Top Level Domains, one per country, such as .us for USA, .ca for Canada, .mx for Mexico, .fr for France, etc.
  • New domain extensions are .tv, .aero, .biz, .coop, .info, .museum, .name, .pro and many others.
  • Some of the CCTLD Registries require you prove that you operate or live in their country in order to approve an application for a Domain Name. Some others have even tighter rules requiring you for example a Trademark for the name you request. This however is changing and there are less and less restrictions.
    There are new extensions that don’t fall in either of these categories they appear, because there is a demand.

    What if my Domain Name is taken?

    There are a lot of ways to get around. First of all if your name is taken and you registered a trademark you can go to court and fight for your name. As a first step you can ask the owner to sell you the name for a reasonable price. If this doesn’t work you can ask the registry to arbitrate this. You can hire a trademark lawyer to solve this for you if none of the previous worked.

    If you don’t have a trademark for the name is more difficult but basically you can try all of the above.
    If you know you can’t win, choose something very close, use hyphens or numbers. Hyphens are better. My domain name is head-massage.net and is well positioned in rankings and search results. You will hear a lot of people saying that is better to have all letters Domain Names. I am not sure about that.

    Try to use another extension, with so many choices these days, it is almost impossible to not find one available.

    How Many Years Should I register my Domain Name?

    The longer you register your Domain Name the better. There are a few reasons for that. First of all is convenient to know that you have done it and you don’t have to do it for another few years. Then, some search engines give you some extra points in their rankings if you register for longer periods. That means you are serious and you plan to be there for a long time.

    If you register for 5 years you get a great discount, most of the registrars give you the best discount for 5 years. If you register for more than 10 years, your investment might become wasted, the technology changes so fast. For instance there are discussions about completely customized Domain Names. That will render obsolete the actual Domain Names Market. I could, for example, buy the domain name head.massage.

    How to protect my Domain Name and my Trademark?

    Copyright Trademark

    Register your Domain Name in multiple TLD’s. This prevents Cyber-Squatters to register your name and take advantage of it.
    Register a Trademark; this entitles you to dispute domain names using your Trademark.
    Keep an eye on the Internet for any new names related to your Trademark. There are companies that offer these kinds of services.

    What is a registrar and what is a registry

    A Registrar is usually a company that handles Domain Name registration. They are an interface between you the registrant and the Registry Administrator.

    The Registry Administrator, (sometimes called for short the Registry), is the authority that administrates a TLD or more and the database with all the Domain Names. Examples of Internet Registration Authorities are the country code Top Level Domain administrators, such as DENIC in Germany, or Nominet in the United Kingdom, or CIRA in Canada, which are the Administrators for the .de TLD and .uk TLD, or .ca in Canada. Most of the Registry administrators will choose to deal with you through Registrars, but some will allow you to purchase your names directly.

    The Registrant is the owner of the domain – You, your Company, your boss, etc…

    How to choose my Registrar

    Your registrar is an important thing since you will have to deal with him a lot. The Registrar Market is constantly changing, however big registrars are the most likely to survive over time, which is critical for you as a domain name owner.
    The Domain Name administration is not an easy task and sometimes involves technical knowledge. Usually, when you buy a Domain Name you also buy some services with it. These services are some or all of the following:

    • DNS hosting – is usually free with domain name purchase, there are still a few companies that charge for this kind of service. Without a DNS computers will not know where to direct the requests for your website.
    • Web forwarding – very few companies give this as a free service. This is an advanced feature that let you specify that all the requests for a certain web-address should go to another web-address. That is handy if you purchased another company and want to redirect all the traffic from this company to your website.
    • Website hosting – basic web site hosting is provided with a Domain Name purchase by some Registrars. For a starter the free this is a good option but this is going to give you a limited space and limited number of pages. On the other hand many companies will give you a free domain name registration if you purchase any hosting package.
    • Make sure you choose a good and established Registrar that offers you the features described above.
    • Good technical support is another key element. Cost is probably one of the most important elements for many of us especially if it’s a starter website. But don’t try to go too cheap, because you will end up by paying more…

    Good Domain Name Registrars and Web Hosting companies are:
    GoDaddy.com – World’s No.1 Domain Name Registrar , I am hosting one of my websites with them and I registered hundreds of domains for other companies. They have great prices for domains and if you know how to choose the web-hosting can be free to cheap. They have discounts and promotions all the time it’s up to you to register when you get a promotion.
    HOSTMONSTER.COM – great Domain Registrar and Web-site Hosting I am hosting two of my websites with them and they have a good up time and the Control Panel used to administrate the websites are great.

    What else Do I Need to Know when I Register a Domain Name?

    When you, or someone you designate, register a domain, make sure you are the Administrative Contact in the registration record. The Administrative Contact has the authority to make any changes, transfers, etc… The technical contact is someone that makes technical changes such as IP address changes, etc.
    Make sure all the details in the registration are correct, such as address, company name, etc, otherwise it is a real hassle to change this after creation.
    If you register with a TLD Administrator, and not with a registrar, you have to provide at the registration time the IP address of your server. Many times this is difficult to change and is not free.