How Do You Get a NIC to Permanently Be in a firewalld Zone with a Single Command?

0 Comments

Problem scenario
A NIC or network interface is not being protected by a zone in the firewalld. You run firewall-cmd commands, and later run “firewall-cmd –runtime-to-permanent” afterward. But a NIC (e.g., a virtual NIC) will not persistently remain in a zone. You want your firewall-cmd commands to have a permanent effect. The “firewall-cmd –runtime-to-permanent” command is supposed to work, but it is not helping. What should you do?

Continue reading “How Do You Get a NIC to Permanently Be in a firewalld Zone with a Single Command?”

How Do You Get a NIC to Permanently Be in a firewalld Zone with Multiple Commands?

0 Comments

Problem scenario
A NIC or network interface is not being protected by a zone in the firewalld. You run firewall-cmd commands with different flags, but some NIC (e.g., a virtual NIC) will not persistently remain in a zone. You want your firewall-cmd commands to have a permanent effect. The –permanent flag is supposed to work, but it is not helping. What should you do?

Solution
If a firewall-cmd command fails with a –permanent flag,

Continue reading “How Do You Get a NIC to Permanently Be in a firewalld Zone with Multiple Commands?”

Should You Disable WPS on Your WiFi/Router at Home?

0 Comments

Problem scenario
You want to not broadcast your home’s network (e.g., to make sure people do not borrow your bandwidth or hack your devices such as your thermostat with ransomware). You want to keep using your WiFi. You try to disable the “Broadcast Network Name (SSID)”, but you get a prompt like “WARNING:
Disabling Broadcast Network Name (SSID) will disable Wi-Fi Protected Setup (WPS) functionality. Are you sure you want to change?”

Should you click “OK”?

Continue reading “Should You Disable WPS on Your WiFi/Router at Home?”

How Do You Troubleshoot an IP Address That You Can SSH to, But You Cannot Ping It?

0 Comments

Problem scenario
nmap shows that the host seems down. You cannot ping the IP address. But you can SSH to the IP address. How is this possible?

Solution
Possible Solution #1
A host server could have multiple IP addresses (e.g., with a virtual server hosted by a type 2 hypervisor utilizing KVM or QEMU). The networking could be done at the kernel level.

Continue reading “How Do You Troubleshoot an IP Address That You Can SSH to, But You Cannot Ping It?”

How Is Jitter Different from Latency in Networking?

0 Comments

Question
In networking, you have read about latency and jitter. How are the two terms different?

Answer
“Jitter is used to describe the amount of inconsistency in latency across the network, while latency measures the time it takes for data to reach its destination and ultimately make a round trip.” Taken from https://www.networkmanagementsoftware.com/jitter-vs-latency/.

Clock jitter can create logging discrepancies;

Continue reading “How Is Jitter Different from Latency in Networking?”

Do Either Kernel Space or User Space Play a Role in Operating Systems Networking?

0 Comments

Question
Networking is usually very important for a Linux/Unix OS. For typical applications that use networking, do kernel space or user space play a role?

Answer
Yes, both play a role.

User space facilitates the application layer of the TCP/IP protocol suite; kernel space facilitates the network and transport layers of the TCP/IP protocol suite (this was taken from page 1181 of The Linux Programming Interface,

Continue reading “Do Either Kernel Space or User Space Play a Role in Operating Systems Networking?”

How Do You Troubleshoot the OpenVPN Issue “insufficient key material or header text not found in file”?

0 Comments

Problem scenario
You get an error message when you run openvpn. You are trying to start the client service. You get “insufficient key material or header text not found in file”. What should you do?

Possible Solution #1
Backup your client.conf file.

Find your tls-crypt.key file. If you have none, run this:

openvpn –genkey –secret /etc/openvpn/tls-crypt.key

Copy every line in the tls-crypt.key file and paste it into a particular location of the client.conf file.

Continue reading “How Do You Troubleshoot the OpenVPN Issue “insufficient key material or header text not found in file”?”

How Do You Troubleshoot “TLS Error: TLS key negotiation failed to occur TLS handshake failed”?

0 Comments

Problem scenario
You have a Linux server with the openvpn binary command installed. You try to start the OpenVPN client service. You see this message: “TLS Error: TLS key negotiation failed to occur TLS handshake failed.”

What should you do?

Solution
Reinstall and reconfigure the OpenVPN server. Just completely start over.
You may want to try this: https://www.cyberciti.biz/faq/howto-setup-openvpn-server-on-ubuntu-linux-14-04-or-16-04-lts/

Continue reading “How Do You Troubleshoot “TLS Error: TLS key negotiation failed to occur TLS handshake failed”?”