How to avoid becoming your organisation as Transit AS?

When looking at BGP, the simplest/most-scalable way to prevent transit AS is with a filter-list.  This calls for regular expressions, which sometimes scare people…
ip as-path access-list 1 permit ^$
router bgp 100
neighbor 1.2.3.4 filter-list 1 out
And what you will do at that point is ONLY send out routes with an EMPTY as-path.  If you receive a route from ANY other eBGP peer, the as-path list will no longer be empty.  Therefore empty = your own internal routes!
And that way whether it’s 1 route today or 100 of them you are originating tomorrow, the rule set will still work.

RHCSA 7

Break password:
-Press e
– go to linux16 line and at end of the line add “rd.break console=tty1”. Press control + X
– mount -o remount,rw /sysroot/
– chroot /sysroot/
-passwd
– Type password
– touch /.autorelabel
– Ctrl + D to exit

– Change the screen from CLI to GUI
systemctl set-default graphical-target— For permanent
systemctl isolate graphical-trarget

Configure the IP address, GW, DNS, hostname
– Check below things
static or dynamic ip address: ip a s
hostname: #hostnamectl
GW: route -n
DNS: cat /etc/resolv.conf
connection: nmcli connection show
#nmcli connection modify “System eth0” ipv4.address “172.25.10.10/24 172.25.10.254” ipv4.dns “172.25.254.254” ipv4.dns-search “example.com” ipv4.method static
# nmcli connection down “System eth0”
# nmcli connection up “System eth0”
# hostnamectl set-hostname desktop10.example.com
Verify using the above command.

1) Create the “LVM” with the name “marvel” by using 21PE’s from the volume group “stone”. Consider the PE size as “8MB”. Mount it on /mnt/secret with filesystem vfat.

solution:

# fdisk -cu /dev/vda

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot   Start End   Blocks   Id  System
/dev/vda1   *     2048   526335   262144   83  Linux
/dev/vda2   526336 9914367 4694016   8e  Linux LVM

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
e
Partition number (1-4): 3
First sector (9914368-12582911, default 9914368):
Using default value 9914368
Last sector, +sectors or +size{K,M,G} (9914368-12582911, default 12582911):
Using default value 12582911

Command (m for help): n
Command action
l   logical (5 or over)
p   primary partition (1-4)
l
First sector (9916416-12582911, default 9916416):
Using default value 9916416
Last sector, +sectors or +size{K,M,G} (9916416-12582911, default 12582911): +169M

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot   Start End   Blocks   Id  System
/dev/vda1   *     2048   526335   262144   83  Linux
/dev/vda2   526336 9914367 4694016   8e  Linux LVM
/dev/vda3 9914368    12582911 1334272    5  Extended
/dev/vda5 9916416    10262527   173056   83  Linux

Command (m for help): t
Partition number (1-5): 5
Hex code (type L to list codes): 8e
Changed system type of partition 5 to 8e (Linux LVM)

Command (m for help): p

Disk /dev/vda: 6442 MB, 6442450944 bytes
16 heads, 63 sectors/track, 12483 cylinders, total 12582912 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007d1ac

Device Boot   Start End   Blocks   Id  System
/dev/vda1   *     2048   526335   262144   83  Linux
/dev/vda2   526336 9914367 4694016   8e  Linux LVM
/dev/vda3 9914368    12582911 1334272    5  Extended
/dev/vda5 9916416    10262527   173056   8e  Linux LVM

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

# reboot

# pvcreate /dev/vda5
# vgcreate -s 8M stone /dev/vda5
# pvs
# vgs
# vgdisplay stone
# lvcreate -L +168M -n marvel stone
# lvs
# lvdisplay /dev/stone/marvel
# mkfs.vfat /dev/stone/marvel
# mkdir /mnt/secret
# vim /etc/fstab
–> append the following entry
/dev/stone/marvel /mnt/secret vfat defaults 0 0
–> save and exit
# mount -a
# df -Th

Question 2:
# groupadd sysadmin
# groupadd stooges
useradd -G stooges larry
useradd -G stooges curly
useradd -s /sbin/nologin moe

passwd larry
passwd moe
passwd curly

Question 3:

mkdir -p /home/manager
groupadd manger
chgrp manger /home/manager
chmod 770 /home/manager
chmod 2770 /home/manager

Question 4: Question on upgrading the kernel

uname -r : to check what kernal is loaded
yum-config-manger –add-repo== <they will provide you the link>
cd /etc/yum.rep
vim <file_name>
gpgcheck=0
yum install kernel -y
yum list kernel
reboot
uname -r : to check if it’s booted on new version or not.

Question 5:
Question on Crony

useradd sarah
useradd max
crontab -eu sarah
23    14    *    *    *    /bin/echo    “hyer”
vim /etc/cron.deny
max
systemctl status crond
Test: loging to max user and execute crontab -eu max: you will see pemission denied.

Question 6:

I got the question to extend the volume group

To extend the logical volume
lvextend -L +100M /dev/<vggroup_name>/<lvgroup_name>
resize2fs /dev/<vggroup_name>/<lvgroup_name>

Question 7: Question on LDAP and autofs

Yum install authconfig-gtk sssd autofs
authconfig-gtk
-> In the “User Account Database:” select “LDAP”
–> In the “LDAP Search Base DN:” type “dc=example,dc=com”(suffix in our classroom)
–> In the “LDAP Server:” type “ldap://instructor.example.com”
–> Select “Use TLS to encrypt connections”
–> Click on “Download CA Certificate” and in the appeared box type the URL “ftp://instructor.example.com/pub/EXAMPLE-CA-CERT”
–> Click on “OK”
–> In the “Authentication Method:” select “LDAP password”
–> Click on “Apply”
–> Then with the below command you should be able to view user’s information

# getent passwd ldapuserX
Verify:
su – ldapuserX : It will give error since home directoy is not present on this PC but execute command whoami and see if you can see ldapuserX got login.

Question 8:

YUM install chrony
Change the date and time of system
vim /etc/chrony.conf
comment out all the server lists there and then put the line server classroom.example.com iburst
systemctl restart chronyd

Question 9:
yum install autofs

vim /etc/auto.master
/home/guests /etc/auto.misc
vim /etc/auto.misc
ldapuser1 -fstype=nfs classroom.example.com:/home/guests/ldapuser1
here * all files which are present under guests. If asked spefic user then mentioned that specifi user only.
systemctl reload autofs
systemctl reload sssd
mount -a

Question 10:

# cp /etc/fstab /var/tmp
# ls -l /var/tmp/fstab
# useradd sarah
# setfacl -m u:sarah:rw /var/tmp/fstab
# useradd natasha
# setfacl -m u:natasha:— /var/tmp/fstab

Question 12:

yum install httpd
firewall-cmd –permanent –add-service=http
firewall-cmd –reload
download the file using wget command and copy it to the /var/www/html folder
systemsctl start http
systemctl enable http

To verify.: get the hostname of m/c using hostname command open firefox or curl for hostname. We should see the html page.

*****if the file is not index.html then home page is not opening****

Question 13:

useradd -u 4223 dax

verify using the : id dax

Question 14: Set SELinyux to enforcing mode
change the file: vim /etc/selinux/conf
and mentioned enforcing and reboot the PC.

Question 15:
mkdir /root/found
find / -user julie -exec cp -rvfp {} /root/found/ \;

Question : SSH
You just need to check if the ssh is enable or not.
systemctl status sshd
ssh saara@server0.example.com // local host

Question: Search alpha numerinc charater and sort them and redirect to some file.

# wget http://192.168.0.254/exam/sample.txt
# cat sample.txt | grep “a-z” “0-9” | sort >> /root/samplelines

17) List all lines which have string “enter” from “/tmp/file1” file and copy the lines in /root/word

# grep enter /tmp/file1 >> /root/word

Swap question short cut:
code: 82
free -m – to check the swap staus
mkswap <path> : Copy the blkid
vim /etc/fstab
<UUID> swap swap defaults 0 0
swapon <path>
swapon -a
swapon -s

LVM question for physical extent
code: 8e
pvcreate /dev/vdbX
vgcreate -s <size> <name> /dev/vdbX
lvcreate -l <number of physical extent> -n <name_lv> <name of vg group>
mkfs.ext4 /dev/<vggroup_name>/<lvgroup_name>
mkdir /databd
vim /etc/fstab
/dev/<vggroup_name>/<lvgroup_name> /datadb    ext4    defaults 0 0
mount -a

To extend the logical volume
lvextend -L +100M /dev/<vggroup_name>/<lvgroup_name>
resize2fs /dev/<vggroup_name>/<lvgroup_name>

To reduce the logical volume
get the final size after reducing the volume. Lets say final size is 150 mb
umount <folder_name_where_it_mounted>
e2fsck -f /dev/<vggroup_name>/<lvgroup_name>
resizefs /dev/<vggroup_name>/<lvgroup_name> 150M
lvreduce -L 150M /dev/<vggroup_name>/<lvgroup_name>
mount -a