In order to support chat in LAN, install Openfire, following are the steps for installing and configurating.
$ wget
$ apt-get update && apt-get install default-jre
Since another people is also installing this. Change it to DigitalOcean.
Get the image via:
docker pull sameersbn/openfire
Since the installation is already done, docker ignored…
Want to redirect from http://xxx/ to http://xxx/a/b
Change the configuration file of the /etc/apache2/sites-enabled/000-default, enable the RedirectMatch:
# For forwarding all of the request to '/' TO '/bin/view'
RedirectMatch ^/$ /a/b
Restart the service of apache2 then everything goes OK.
First we should get repo, while this little kit has been banned via GFW, thus we should use DO machine for getting it down and ssh to local machine.
$ mkdir ~/bin
$ PATH=~/bin:$PATH
$ curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
$ chmod a+x ~/bin/repo
$ tail ~/.zshrc
# Add our own bin/ folder for using different tools:
export PATH="$PATH:$HOME/bin"
Now we could use repo.
The default version of git is too old in CentOS, thus we have to upgrade it. , repo needs git version newer than 1.7.2, or you won’t get any results from github.
~% git --version
git version 1.7.1
Install necessary packages:
$ sudo yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker
Now build and install git via:
$ sudo mkdir -p /usr/local/git
$ wget https://www.kernel.org/pub/software/scm/git/git-1.9.4.tar.gz
$ tar xzvf git-1.9.4.tar.gz
$ cd git-1.9.4
$ make prefix=/usr/local/git all
$ sudo make prefix=/usr/local/git install
$ echo "export PATH=/usr/local/git/bin:$PATH">>~/.zshrc
$ source ~/.zshrc
$ git --version
git version 1.9.4
Now the git is already the newer version, we could use it together with repo.
Unfortunately we have been blocked by GFW, so we have to enable little tool proxychains:
$ git clone https://github.com/rofl0r/proxychains-ng.git
$ cd proxychains-ng
$ ./configure --prefix=/usr
$ make
$ sudo make install
$ sudo make install-config
$ sudo vim /etc/proxychains.conf
# defaults set to "tor"
#socks4 127.0.0.1 9050
socks5 127.0.0.1 1395
Now we could use proxychains for syncing the repositories, simply init the repo via:
$ cd /home/xxx.xxxxx/Code/Vrouter_repo
$ proxychains4 repo init -u git@github.com:Juniper/contrail-vnc -m vrouter-manifest.xml
Now sync the repository via:
$ proxychains4 repo sync
After syncing the code, we could finally build this repository, build it via;
$ scons vrouter
Seems boost is pretty old on CentOS 6.6, thus we have to manually compile boost on our system.
Since some packages are pretty old on CentOS, I switched to the ubuntu for developing.
Until now I failed in installing chrome on CentOS, for the libstdc++ version is too old in the machine, but record the steps here, later I will continue to work on this issue.
Add following file in to your /etc/yum.repos.d:
~% cat /etc/yum.repos.d/google-chrome.repo
[google-chrome]
name=google-chrome
baseurl=http://dl.google.com/linux/chrome/rpm/stable/$basearch
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
Now install the chrome via:
$ sudo yum install google-chrome-stable
Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.15)(64bit) for package: google-chrome-stable-40.0.2214.91-1.x86_64
--> Finished Dependency Resolution
Error: Package: google-chrome-stable-40.0.2214.91-1.x86_64 (google-chrome)
Requires: libstdc++.so.6(GLIBCXX_3.4.15)(64bit)
The failure reason is because our libstdc++ version is too old.
View where is libstdc++:
$ ldconfig -p | grep stdc++
libstdc++.so.6 (libc6,x86-64) => /usr/lib64/libstdc++.so.6
Get the strings which contains LIBCXX in the libstdc++.so.6:
$ strings /usr/lib64/libstdc++.so.6 | grep LIBCXX
GLIBCXX_3.4
GLIBCXX_3.4.1
GLIBCXX_3.4.2
GLIBCXX_3.4.3
GLIBCXX_3.4.4
GLIBCXX_3.4.5
GLIBCXX_3.4.6
GLIBCXX_3.4.7
GLIBCXX_3.4.8
GLIBCXX_3.4.9
GLIBCXX_3.4.10
GLIBCXX_3.4.11
GLIBCXX_3.4.12
GLIBCXX_3.4.13
GLIBCXX_FORCE_NEW
GLIBCXX_DEBUG_MESSAGE_LENGTH
We could see the newest version of GLIBCXX is only 3.4.13, while chrome requuires 3.4.15. So the solution should be we install the newer version.
TBD.
Following records my questions on Contrail.
对于大二层的互通,还有一种简单有效的方法就是vpn,vpn可以工作在二层(如openvpn中的tap模式,左右两边的子网可以相同,但IP肯定不能同,相当于bridge模式),也可以工作在三层(如openvpn中的tun模式, 要求左右两边子网不同)。IPSec只是一种加密模式,L2TP才是二层的vpn接入层,所以L2TP+IPSec肯定可以实现openvpn的tap模式,但是strongswan因为是三层的vpn应该不行。
More detailed info could be found at:
http://blog.csdn.net/quqi99/article/details/11778413
MPLS(Multiprotocol Label Switching, 多协议标记交换)使用标签(Label)进行转发,一个标签是一个短的、长度固定的数值,由报文的头部携带,不含拓扑信息,只有局部意义。MPLS包头包含20比特的标签,3比特的EXP(通常用作Cos),1比特的S,用于标识此标签是否为最底层标签,8比特的TTL。
More detailed infos here:
http://www.net130.com/netbass/VPN/v111301.htm
(GRE: Generic Routing Encapsulation)
通用路由封装 (GRE)定义了在任意一种网络层协议上封装任意一个其它网络层协议的协议。
More detailed info could be found here:
http://baike.baidu.com/view/3871502.htm
MPLS是多协议标签交换的简称,它用短而定长的标签来封装网络层分组。MPLS最初是为提高路由器的转发速度而提出一个协议。
GRE协议是对某些网络层协议的数据报进行封装,使这些被封装的数据报能够在另一个网络层协议中传输。GRE是VPN的第三层隧道协议,在协议层之间采用了一种被称之为Tunnel的技术。
MPLS在VPN中的应用,用MPLS为转发通道运行私网流量,使一个运营商的网络可以同时支撑多个不同客户的IP VPN,这样就要求运营商的网络全程支持MPLS转发。但是在实际运用中,有时由于网络规划的原因,运营商网络的中间设备并不支持MPLS功能,而基本的BGP/MPLS VPN是要求所用到的运营商设备全程支持MPLS功能才可以,这样采用基本的BGP/MPLS VPN方法就行不通了,此时GRE的应用很好的解决了这个问题,只需要运营商边缘设备支持MPLS转发就能实现功能。而且GRE只需要保证两端网络类型相同,中间可以穿越其他类型的网络,也降低了对运营商网络的要求。
More detailed info could be found here:
http://blog.sina.com.cn/s/blog_6dc951ef01015bpm.html
Layer 3, or VPRN (virtual private routed network), utilizes layer 3 VRF (VPN/virtual routing and forwarding) to segment routing tables for each “customer” utilizing the service. The customer peers with the service provider router and the two exchange routes, which are placed into a routing table specific to the customer. Multiprotocol BGP (MP-BGP) is required in the cloud to utilize the service, which increases complexity of design and implementation. L3 VPNs are typically not deployed on utility networks due to their complexity; however, a L3 VPN could be used to route traffic between corporate or datacenter locations.
http://en.wikipedia.org/wiki/MPLS_VPN#Layer_3_VPN_.28VPRN.29
http://www.doc88.com/p-0903761953194.html
Fuck,
vxlan(virtual Extensible LAN)虚拟可扩展局域网,是一种overlay的网络技术,使用MAC in UDP的方法进 行封装,共50字节的封装报文头。具体的报文格式如下:
More detailed info could be found here:
http://www.huawei.com/ecommunity/bbs/10239835.html
Answer comes here:
SDN究竟要不要管物理交换机?
http://www.jianshu.com/p/4c2448e201a2