What Is The Third Way of the Three-Way Handshake?

0 Comments

Question
You want to know discretely what the third way of the three-way handshake is in the context of TCP/IP networking. What is it?

Short Answer
It is the sending of a TCP packet with a flag of “ACK” from the client to the server/destination.

Longer Answer
The third way is sending a TCP packet with the “ACK” flag (of which several potential flags are possible) to the destination:
Client —–>

Continue reading “What Is The Third Way of the Three-Way Handshake?”

What Is The Second Way of the Three-Way Handshake?

0 Comments

Question
You want to know discretely what the second way of the three-way handshake is in the context of TCP/IP networking. What is it?

Short Answer
It is the sending of a TCP packet with a flag of “SYN-ACK” from the server/destination to the initiating client (after the first way was completed).

Longer Answer
The second way is sending a TCP packet with the “SYN-ACK” flag (of which several potential flags are possible) to the destination:
Server —–>

Continue reading “What Is The Second Way of the Three-Way Handshake?”

How Do You Go to an ELB from Your Workstation?

0 Comments

Problem scenario
You can go to an ELB’s FQDN via an EC-2 instance (with a curl command). But you cannot go to an ELB from your workstation (with a web browser). What should you do?

Possible solution #1
From the EC-2 instance, can you use nslookup FQDNofELB (where FQDNofELB is the FQDN of the ELB)? This should provide you with the IP address (the last of the IP addresses in the results).

Continue reading “How Do You Go to an ELB from Your Workstation?”

How Do You Troubleshoot “timed out waiting for the condition” after Running “kubeadm init”?

0 Comments

Problem scenario
You run “sudo kubeadm init”, and you get this message:

[kubelet-check] It seems like the kubelet isn’t running or healthy.
[kubelet-check] The HTTP call equal to ‘curl -sSL http://localhost:10248/healthz’ failed with error: Get “http://localhost:10248/healthz”: dial tcp 127.0.0.1:10248: connect: connection refused.

[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory “/etc/kubernetes/manifests”. This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed. …

Continue reading “How Do You Troubleshoot “timed out waiting for the condition” after Running “kubeadm init”?”

How Do You Troubleshoot Connectivity over Port 80 when You Know It Is Listening?

0 Comments

Problem scenario
A server is hosting a website. On the server, nmap -Pn x.x.x.x is showing port 80 is listening on the server itself. From another server this nmap -Pn x.x.x.x command is showing no ports (or a subset of the ports) are listening. What is the cause of this?

Possible Solution #1
There is a firewall on the webserver that is causing this.

Continue reading “How Do You Troubleshoot Connectivity over Port 80 when You Know It Is Listening?”

How Do You Run an AWS CLI Command to Allow Access to an EC-2 Instance in Security Group?

0 Comments

Problem Scenario
You want to modify a security group to allow SSH connections from an IP address. How do you do this with the AWS CLI?

Solution
You have to know the security group’s ID. Replace “sg-abcd1234” with the group ID, and replace 1.2.3.0/24 with the IP address and subnet mask you want to allow to connect from in this command and then run it:

aws ec2 authorize-security-group-ingress \
–group-id sg-abcd1234 \
–protocol tcp \
–port 22 \
–cidr 1.2.3.0/24

Continue reading “How Do You Run an AWS CLI Command to Allow Access to an EC-2 Instance in Security Group?”

Is a Private Key on a Linux Client Used in SSH Authentication to a Remote Server?

0 Comments

Question
This website (https://kb.iu.edu/d/aews) says “On the SSH command line: Add the -i flag and the path to your private key.”

When running an SSH command, you do not think that the client’s private key would not come into play. You think that the public key would be used. The man page for SSH says

-i identity_file
Selects a file from which the identity (private key) for public key authentication is read

ssh will also try to load certificate information from the filename obtained by appending -cert.pub to identity filenames.

Continue reading “Is a Private Key on a Linux Client Used in SSH Authentication to a Remote Server?”

How Do You List the ELBs in Your AWS Account when You Know One Exists But the Command You Run Shows None?

0 Comments

Problem scenario
You run an AWS CLI command to list load balancers. It returns none. You know there are load balancers. What should you do?

Solution
Run these commands:

aws elb describe-load-balancers
aws elbv2 describe-load-balancers

(It could be that you have a newer load balancer or an older style load balancer. If you run both of the above commands,

Continue reading “How Do You List the ELBs in Your AWS Account when You Know One Exists But the Command You Run Shows None?”

What is a Bootstrap DNS Server?

0 Comments

Question
What is a bootstrap DNS server? When is a bootstrap DNS server needed?

Answer
In computing the term “bootstrap” can mean to initiate a self-sustaining process (the source is this posting). A bootstrap DNS server is a DNS server that allows other domain name entries (such non-IP addresses) to be found by finding a DNS server. If you have hostnames in an /etc/hosts file or similar configuration,

Continue reading “What is a Bootstrap DNS Server?”