Windows: ARP Command – Show Table & Clear Cache

 An ARP (Address Resolution Protocol) is a communication protocol that works on a “Physical (Data-Link)” layer of a TCP/IP stack and is used to discover a MAC address of a device on a LAN (local-area network) based on its IP address.

An ARP table is used to store the discovered pairs of the MAC and IP addresses.

In this note i will show how to display the ARP table and how to clear the ARP cache using the Windows arp command.

Windows ARP Command

Show ARP Table

To display the current ARP table in Windows, use the arp command with the -a option:

C:\> arp -a

Interface: 192.168.1.31 --- 0x7
  Internet Address    Physical Address     Type
  192.168.1.1         60-35-c0-6b-a2-b7    dynamic
  192.168.1.255       ff-ff-ff-ff-ff-ff    static
  224.0.0.22          01-00-5e-00-00-16    static
  224.0.0.252         01-00-5e-00-00-fc    static

Show the ARP table in a verbose mode:

C:\> arp -av

To record an IP and MAC address of a device on a LAN to the ARP table, simply ping it:

C:\> ping 192.168.1.95

Pinging 192.168.1.95 with 32 bytes of data:
Reply from 192.168.1.952: bytes=32 time=18ms TTL=64

C:\> arp -a

Interface: 192.168.1.31 --- 0x7
  Internet Address    Physical Address     Type
  192.168.1.1         60-35-c0-6b-a2-b7    dynamic
  192.168.1.95        d6-58-01-33-dd-bc    dynamic
  192.168.1.255       ff-ff-ff-ff-ff-ff    static
  224.0.0.22          01-00-5e-00-00-16    static
  224.0.0.252         01-00-5e-00-00-fc    static

To discover all the devices on a LAN, you can ping them all using this one-liner (adjust the IP of your network):

C:\> FOR /L %i IN (1,1,254) DO ping -n 1 -w 100 192.168.1.%i | FIND /i "Reply"

Clear ARP Cache

To clear an ARP cache it is required to open an elevated command prompt, otherwise you may receive an error as follows: “The ARP entry deletion failed: The requested operation requires elevation.”

To start the elevated command prompt, press the ⊞ Win keybutton to open the start menu, type in cmd to search for the command prompt and press the Ctrl + Shift + Enter to start the command prompt as an administrator.

To clear the ARP cache in Windows, use the arp command with the -d option:

C:\> arp -d

Interface Based PBR Configuration in Huawei Switch & Router..!

Policy-based routing PBR

Let’s assume that we have topology like this:

What we have to do is to force router CX_1 to choose interface G7/5/0 and next hop 10.0.2.2 to forward traffic from source IP 5.5.5.5 to destination IP 15.15.15.15. Rest of traffic should go through interface G7/5/7.

Configure IP addresses based on this topology.

Use OSPF protocol to ensure communication in tested network. Let’s take CX_1 as an example:

#
ospf 1 router-id 6.6.6.6
 area 0.0.0.0
  network 10.0.1.0 0.0.0.3
  network 10.0.2.0 0.0.0.3
  network 10.0.0.0 0.0.0.3
  network 6.6.6.6 0.0.0.0
#

Configure OSPF for the remaining routers.

Increase OSPF cost of one of the links between CX_1 and CX_2 to exclude load-balancing:

#
interface GigabitEthernet7/5/0
 ospf cost 100
#

Display routing-table of AR29 to check if all necessary subnets are available through OSPF (display ip routing-table).

Configure ACL on CX_1 which permits IP source 5.5.5.5 to send packets to destination IP 15.15.15.15:

[CX_1]acl number 3000
[CX_1-acl-3000}rule 5 permit ip source 5.5.5.5 0.0.0.0

Configure traffic classifier and traffic behavior for classified packets:

#
traffic classifier ABC

 if-match acl 3000
#
traffic behavior ABC

 redirect ip-nexthop 10.0.2.2 interface GigabitEthernet7/5/0
#

Configure traffic policy and assign it to interface G7/5/5 as inbound:

#
traffic policy ABC
 statistics enable
 classifier ABC behavior ABC
#
interface GigabitEthernet7/5/5
 traffic-policy ABC inbound
#

Let’s check now what the result of such traffic policy is. On AR29 router we can use tracert command to check how traffic is going to 15.15.15.15.

<AR29>tracert -a 5.5.5.5 15.15.15.15
 traceroute to  15.15.15.15(15.15.15.15), max hops: 30, packet length: 40, press CTRL_C to break
1   10.0.0.1 4 ms  2 ms  7 ms
2   10.0.2.2 3 ms  4 ms  5 ms

As we can see traffic policy is working correctly choosing 10.0.2.2 as the IP next hop.

Now we can try the same but without source IP 5.5.5.5:

<AR29>tracert 15.15.15.15
 traceroute to  15.15.15.15(15.15.15.15), max hops: 30, packet length: 40, press CTRL_C to break
1   10.0.0.1 3 ms  1 ms  1 ms
2   10.0.1.2 3 ms  2 ms  2 ms

We can see that policy-based routing is working properly for traffic classified in ACL 3000. Rest of traffic is choosing a route based on IP routing table.

We can also check statistics for this traffic policy. We can use ping for such purposes. Use ping from AR29 and check statistics on CX_1:

<AR29>ping -a 5.5.5.5 -c 100 -m 100 15.15.15.15
<CX_1>display traffic policy statistics interface g 7/5/5 inbound
Info: The statistics is shared because the policy is shared.
Interface: GigabitEthernet7/5/5
Traffic policy inbound: labnario
Traffic policy applied at 2012-02-06 16:15:04
Statistics enabled at 2012-02-06 16:15:16
Statistics last cleared: 2012-02-06 20:14:59
Rule number: 4 IPv4, 0 IPv6
Current status: OK!
Item                             Packets                      Bytes
-------------------------------------------------------------------
Matched                              100                     10,200
  +--Passed                          100                     10,200
  +--Dropped                           0                          0
    +--Filter                          0                          0
    +--URPF                            0                          0
    +--CAR                             0                          0
Missed                                19                      2,640
Last 30 seconds rate
Item                                 pps                        bps
-------------------------------------------------------------------
Matched                                0                          0
  +--Passed                            0                          0
  +--Dropped                           0                          0
    +--Filter                          0                          0
    +--URPF                            0                          0
    +--CAR                             0                          0
Missed                                 0                        288
<AR29>ping -c 100 -m 100 15.15.15.15
<CX_1>dis traffic policy statistics interface g 7/5/5 inbound
Info: The statistics is shared because the policy is shared.
Interface: GigabitEthernet7/5/5
Traffic policy inbound: labnario
Traffic policy applied at 2012-02-06 16:15:04
Statistics enabled at 2012-02-06 16:15:16
Statistics last cleared: 2012-02-06 20:14:59
Rule number: 4 IPv4, 0 IPv6
Current status: OK!
Item                             Packets                      Bytes
-------------------------------------------------------------------
Matched                              100                     10,200
  +--Passed                          100                     10,200
  +--Dropped                           0                          0
    +--Filter                          0                          0
    +--URPF                            0                          0
    +--CAR                             0                          0
Missed                               126                     13,956
Last 30 seconds rate
Item                                 pps                        bps
-------------------------------------------------------------------
Matched                                0                          0
  +--Passed                            0                          0
  +--Dropped                           0                          0
    +--Filter                          0                          0
    +--URPF                            0                          0
    +--CAR                             0                          0
Missed                                 3                      2,648

You can also configure policy-based routing in MPLS L3VPN to allow some IP traffic (based on ACL) from one VPN to be redirected to another VPN. Maybe I will show you such configuration in the future.

HUawei Global PBR Configuration in Switch...!

 Traffic routing with Policy-based routing (PBR)

Packet routing is generally carried out by equipment by consulting its routing table where they look for the best routes based on their destination address.

However, what I intend to show is that there are other forms of packet routing, such as PBR, which allows routes to be changed based on other criteria such as source addresses, packet size or next hop.

 

To show one of the ways to configure packet forwarding based on PBR, I will use an example:

 

In the company we have two departments that have different access to the Internet due to the needs of the IT Team who need better access to the Internet. What we are going to show is a way to configure the routing of each network for its Internet access, and both teams access the DMZ and can also communicate with each other.

 

 

 

The first step will be to carefully configure an ACL to select only the traffic we want to redirect. As we want to redirect all traffic destined for the Internet, we make the following configuration:

 

ACL name IT_TEAM number 3001 rule 10 permit ip source 192.168.0.0 0.0.0.255 destination any rule 15 permit ip source 192.168.1.0 0.0.0.255 destination any  # ACL Name COM_TEAM number 3002 rule 10 permit ip source 192.168.2.0 0.0.0.255 destination any rule 15 permit ip source 192.168.3.0 0.0.0.255 destination any

 

After defining the ACLs, they configured the traffic classifiers

 

traffic classifier TC_IT_TEAM type or   if-match acl 3001  # traffic classifier TC_COM_TEAM type or   if-match acl 3002

 

 

The next step was to choose what to do with the traffic they had just categorized.

 

traffic behavior TB_IT_TEAM redirect nexthop 192.168.0.147  # traffic behavior TB_COM_TEAM redirect nexthop 192.168.0.149

 

As you know after the classifier and traffic behavior are configured they need to be put together to make sense. And that's what they did too.

 

traffic policy TP_IT_TEAM classifier TC_IT_TEAM behavior TB_IT_TEAM # traffic policy TP_COM_TEAM classifier TC_COM_TEAM behavior TB_COM_TEAM

 

Finally, the traffic policies were configured. The only thing left to do was to apply the traffic policies on the switch.

 

traffic-policy TP_IT_TEAM global inbound # traffic-policy TP_COM_TEAM global inbound

 

After that, traffic destined for the internet was redirected according to the policy.

Transit ISP bgp configuration..Only default route adverisement..!

In this blog, we will see how we will advertise only default route to our transit peer . find the diagram below.

bgp 456

 graceful-restart

 graceful-restart peer-reset

 undo check-first-as

 peer 10.10.1.2 as-number 789

peer 2XXX:XXX:XXX:2::2 as-number 789

 ipv4-family unicast

 peer 10.10.1.2 enable

  peer 10.10.1.2 route-policy ASN-789-IN import

  peer 10.10.1.2 route-policy ASN-789-OUT export

  peer 10.10.1.2 default-route-advertise

ipv6-family unicast

  undo synchronization

  peer 2XXX:XXX:XXX:X::2 enable

  peer 2XXX:XXX:XXX:X::2 route-policy ASN-789-IPv6-IN import

  peer 2XXX:XXX:XXX:X::2 route-policy ASN-789-IPv6-OUT export

  peer 2XXX:XXX:XXX:X::2 default-route-advertise

 

################Downlink IPv4 Route filtering configuration#############

ip ip-prefix ASN-789-OUT index 10 permit 0.0.0.0 0

ip ip-prefix ASN-789-IN index 11 permit 1XX.XXX.XXX.0 23

route-policy ASN-789-OUT permit node 20

 if-match ip-prefix ASN-789-OUT

route-policy ASN-789-IN permit node 20

 if-match ip-prefix ASN-789-IN

################Downlink IPv6 Route filtering configuration#############

ip ipv6-prefix ASN-789-IPV6-IN index 10 permit 2XXX:2XXX:: 32

ip ipv6-prefix ASN-789-IPV6-OUT index 10 permit :: 0

route-policy ASN-789-IPv6-OUT permit node 20

 if-match ipv6 address prefix-list ASN-789-IPV6-OUT

#

route-policy ASN-789-IPv6-IN permit node 20

 if-match ipv6 address prefix-list ASN-789-IPV6-IN

#

Transit ISP BGP Configuration...!

 

eBGP Lab

Peering & IXP Workshop

 

Introduction

The next step of this workshop lab will set up eBGP with our upstream provider so that we can see the Internet.

 

Lab Topology

The diagram below is a reminder of the lab topology:

 

Configuring the link to the Transit Provider

The lab instructors will be running the routers for the two Transit Providers and will have already configured them. Please remember to discuss any problems with setting up BGP with the two Transit Operators. Don’t just assume that if eBGP doesn’t come up that the lab instructors will fix the problem for you in the background.

 

Physical Link

Follow the guidelines in the IP Address Plan document to configure the link to the upstream. Make sure that you can ping the upstream’s router using both IPv4 and IPv6 - if it doesn’t work, investigate why not.

Here is an typical configuration sample - note that we are following the same good practices as we did when we set up the internal interfaces on our network:

interface Fastethernet 0/0
 description Link to Transit Provider N
 ip address <ipv4-ptp> 255.255.255.252
 no ip directed-broadcast
 no ip redirects
 no ip proxy-arp
 ipv6 address <ipv6-ptp>/127
 ipv6 nd prefix default no-advertise
 ipv6 nd ra suppress all
 no shutdown
!

 

IS-IS

Do not configure IS-IS towards the upstream provider! They are not part of your autonomous system.

 

External BGP

We now configure eBGP with the upstream. Again, the configuration on the two transit routers will have already been completed by the instructors, so once configured, the eBGP session should just come up and work.

Don’t forget to filter what you hear from the upstream, and what you send to them. You should only accept a default route from them (they may send you more), and you should only send prefixes you originated!

Let’s set up the filters first, before we set up the eBGP session with our external neighbour. Let’s create an outbound filter for the prefixes we will send to our upstream provider. We do this for IPv4:

ip prefix-list ASX0-block permit 100.68.X.0/24

and IPv6:

ipv6 prefix-list ASX0-v6block permit 2001:DB8:X::/48

Now we need to create prefix-lists for the default route we are hearing from the upstream provider. First we create one for IPv4:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0

and then for IPv6:

ipv6 prefix-list DEFAULT-v6ROUTE permit ::/0

Then we can set up the eBGP configuration. Here is a configuration sample, first for IPv4:

router bgp X0
!
 address-family ipv4
  neighbor <ipv4-ptp> remote-as <N-ASN>
  neighbor <ipv4-ptp> description eBGP with TRANSIT N
  neighbor <ipv4-ptp> password BGPlab
  neighbor <ipv4-ptp> prefix-list ASX0-block out
  neighbor <ipv4-ptp> prefix-list DEFAULT-ROUTE in
  neighbor <ipv4-ptp> activate
!

and then for IPv6:

router bgp X0
!
 address-family ipv6
  neighbor <ipv6-ptp> remote-as <N-ASN>
  neighbor <ipv6-ptp> description eBGP with TRANSIT N
  neighbor <ipv6-ptp> password BGPlab
  neighbor <ipv6-ptp> prefix-list ASX0-v6block out
  neighbor <ipv6-ptp> prefix-list DEFAULT-v6ROUTE in
  neighbor <ipv6-ptp> activate
!

Once this has been configured, you should now see a default route coming from the upstream provider, and you should be able to see your aggregate being sent to your upstream.

If you see nothing from the upstream provider, check your filters first before asking the lab instructors. Check also with your lab instructors to make sure that they are seeing your IPv4 and IPv6 aggregates. Don’t just assume they will somehow look on your behalf.

The commands to see what you are receiving from the Transit Provider are:

show ip bgp neighbor <ipv4-ptp> routes
show bgp ipv6 unicast neighbor <ipv6-ptp> routes

and to show what you are sending to the Transit Provider:

show ip bgp neighbor <ipv4-ptp> advertised-routes
show bgp ipv6 unicast neighbor <ipv6-ptp> advertised-routes

Note that there are IPv4 versions of the IPv6 commands too, although they are a bit more to type than the versions given above:

show bgp ipv4 unicast neighbor <ipv4-ptp> routes
show bgp ipv4 unicast neighbor <ipv4-ptp> advertised-routes

 

Confirmation

Check on the Core, Access and Peering Routers what you now see in the BGP table. Are there differences? Can you explain what they are, and why?

 

Sending Default Route using IS-IS

The border router connects to the upstream provider, and therefore gives us access to the whole Internet. The upstream provider will usually send us a default route by eBGP. Once we hear this default route, how should it be propagated around the autonomous system?

It can be propagated using iBGP as we have just seen, but that tends to be non-optimal, certainly when trying to load balance between two or more transit providers, as the BGP best path is just that, the one and only best path. If we distribute the default by the IGP instead, then at least the default route becomes the nearest exit, to the nearest border router (we only have one in this lab, but a future scaled version of this network infrastructure would double up on the core, border and peering routers at least).

IS-IS by default will always originate a default route with the default-information originate command (unlike OSPF which will do it only if there is a default route in the Global RIB)¹. So we need to fix this so that IS-IS will only announce a default if it sees the default in the Global RIB. To do this we will reuse the prefix-list we already created earlier which has the default route in it:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
ipv6 prefix-list DEFAULT-v6ROUTE permit ::/0

Now we create a route-map which matches the default route, first for IPv4:

route-map DEFAULT-ORIG permit 5
 match ip address prefix-list DEFAULT-ROUTE
!

and then for IPv6 (using same name, but adding v6):

route-map DEFAULT-ORIGv6 permit 5
 match ipv6 address prefix-list DEFAULT-v6ROUTE
!

and finally we apply the route-map to the default-information originate command in IS-IS:

router isis asX0
 default-information originate route-map DEFAULT-ORIG
!
 address-family ipv6
  default-information originate route-map DEFAULT-ORIGv6
!

 

Confirmation

Check on the Core, Access and Peering Routers what you now see in the BGP table. And look at the Routing table on each. Are there differences? Can you explain what is happening now?

 

RIB Failure?

What does:

show ip bgp 0.0.0.0 0.0.0.0
show ip route 0.0.0.0 0.0.0.0

and

show ipv6 route ::/0
show bgp ipv6 unicast ::/0

show you on the core router and on the peering router?

You will notice that the default route is being propagated by BGP throughout the AS.

• On the core and access routers, you should see “complaints” of a RIB failure when you look at the BGP table, because IS-IS has a default route with a lower protocol distance.

• On the peering router, it will complain of a RIB failure when you look at the BGP table, because there is a static default route to the Null interface.

While there is nothing wrong with a RIB failure, we can just remove the default from being propagated by the iBGP process.

 

Stopping default route propagation by iBGP

To do this, we go back to the eBGP session with the transit provider (on the border router), look for the default, tag it with the no-advertise community, and then the border router will no longer announce the default by iBGP.

Let’s create the route-map first - we’ll have to create one for IPv4 and another one for IPv6. We already have a prefix-list for the default route on the Border router, so we can re-use it for the route-maps we are creating, First we create the IPv4 route-map:

route-map tag-default permit 5
 match ip address prefix-list DEFAULT-ROUTE
 set community no-advertise
!
route-map tag-default permit 10
!

and then we create the IPv6 version:

route-map tag-v6default permit 5
 match ipv6 address prefix-list DEFAULT-v6ROUTE
 set community no-advertise
!
route-map tag-v6default permit 10
!

And then we apply the route-maps to the Border router. Here is a configuration sample for the Border router:

router bgp X0
 address-family ipv4
  neighbor <ipv4-ptp> route-map tag-default in
!
 address-family ipv6
  neighbor <ipv6-ptp> route-map tag-v6default in
!

Once this is done, we need to refresh the iBGP session the Border router has with the Core router:

BX# clear ip bgp X0 out
BX# clear bgp ipv6 unicast X0 out

To confirm, has the default route now disappeared from the BGP table on the Core, Access and Peering routers? If not, check your configuration, check the route-refresh command you issued above.

 

Testing

Once this has been completed, test the connectivity. Can you reach the other groups in the class? You should be able to ping all the IPv4 and IPv6 loopbacks across the whole classroom.

Can you see the Internet too? The lab has IPv4 connectivity to the Internet - check that this works by trying a few pings or traceroutes to well known destinations (e.g. to 8.8.8.8).

The instructors will let you know if the lab has IPv6 connectivity. If it does, check IPv6 connectivity to the Internet as well, by trying a few pings or traceroutes to well know destinations (e.g. to 2001:4860:4860::8888).

Hint: for the traceroutes, try using the loopback address as the source for your pings and traceroutes².

 

Appendix - Transit Router Configuration

This appendix shows the minimum configuration used for the TR1 router in this lab. The TR2 router has a very similar configuration.

interface FastEthernet0/0
 description Link to AS10
 ip address 100.121.1.1 255.255.255.252
 ipv6 address 2001:18:0:10::/127
!
interface FastEthernet0/1
 description Link to AS20
 ip address 100.121.1.5 255.255.255.252
 ipv6 address 2001:18:0:11::/127
!
interface FastEthernet1/0
 description Link to AS30
 ip address 100.121.1.9 255.255.255.252
 ipv6 address 2001:18:0:12::/127
!
interface GigabitEthernet4/0
 description Link to TR2 (and to the world)
 ip address 100.121.0.1 255.255.255.252 secondary
 ip address 10.10.0.235 255.255.255.0
 ipv6 address 2001:18::/127
 ipv6 address 2001:DB8:100::235/64
!
router bgp 121
 bgp log-neighbor-changes
 bgp deterministic-med
 no bgp default ipv4-unicast
 neighbor 2001:18::1 remote-as 122
 neighbor 2001:18::1 description eBGP with TR2
 neighbor 2001:18::1 ttl-security hops 1
 neighbor 2001:18::1 password BGPlab
 neighbor 2001:18:0:10::1 remote-as 10
 neighbor 2001:18:0:10::1 password BGPlab
 neighbor 2001:18:0:11::1 remote-as 20
 neighbor 2001:18:0:11::1 password BGPlab
 neighbor 2001:18:0:12::1 remote-as 30
 neighbor 2001:18:0:12::1 password BGPlab
 neighbor 100.121.0.2 remote-as 122
 neighbor 100.121.0.2 description eBGP with TR2
 neighbor 100.121.0.2 ttl-security hops 1
 neighbor 100.121.0.2 password BGPlab
 neighbor 100.121.1.2 remote-as 10
 neighbor 100.121.1.2 password BGPlab
 neighbor 100.121.1.6 remote-as 20
 neighbor 100.121.1.6 password BGPlab
 neighbor 100.121.1.10 remote-as 30
 neighbor 100.121.1.10 password BGPlab
 !
 address-family ipv4
  network 100.121.0.0 mask 255.255.0.0
  neighbor 100.121.0.2 activate
  neighbor 100.121.1.2 activate
  neighbor 100.121.1.2 default-originate
  neighbor 100.121.1.6 activate
  neighbor 100.121.1.6 default-originate
  neighbor 100.121.1.10 activate
  neighbor 100.121.1.10 default-originate
  distance bgp 200 200 200
 exit-address-family
 !
 address-family ipv6
  network 2001:18::/32
  neighbor 2001:18::1 activate
  neighbor 2001:18:0:10::1 activate
  neighbor 2001:18:0:10::1 default-originate
  neighbor 2001:18:0:11::1 activate
  neighbor 2001:18:0:11::1 default-originate
  neighbor 2001:18:0:12::1 activate
  neighbor 2001:18:0:12::1 default-originate
  distance bgp 200 200 200
 exit-address-family
!
ip route 0.0.0.0 0.0.0.0 10.10.0.254
ip route 100.121.0.0 255.255.0.0 Null0
!
ipv6 route 2001:18::/32 Null0
ipv6 route ::/0 2001:DB8:100::241
!

---

1. OSPF version of the command has a different result from the IS-IS version of the command. To conditionally announce the default in OSPF, default-information originate is sufficient. If the operator needs to always announce the default, regardless of whether it is in the Global RIB or not, the always keyword needs to be added.↩

2. Can you explain why we are doing this, and not using the default (which would be the point-to-point link address of the outbound interface)?

My LibreNMS suddenly Stopped Pooling the Devices .

 There is some bug in libre NMS i found that suddenly my pooling has been stopped without any reason. SO to re run it i just rerun my daily.sh and validated the php to rerun it .

[root@localhost ~]# su - librenms
[librenms@localhost ~]$ ./validate.php
===========================================
Component | Version
--------- | -------
LibreNMS  | 24.8.0-72-g7d450345d (2024-09-15T05:43:11+05:30)
DB Schema | 2024_08_27_182000_ports_statistics_table_rev_length (299)
PHP       | 8.1.21
Python    | 3.6.8
Database  | MariaDB 10.3.28-MariaDB
RRDTool   | 1.7.0
SNMP      | 5.8
===========================================
[OK]    Composer Version: 2.7.9
[OK]    Dependencies up-to-date.
[OK]    Database connection successful
[OK]    Database connection successful
[OK]    Database Schema is current
[OK]    SQL Server meets minimum requirements
[OK]    lower_case_table_names is enabled
[OK]    MySQL engine is optimal
[OK]    Database and column collations are correct
[OK]    Database schema correct
[OK]    MySQL and PHP time match
[OK]    Active pollers found
[OK]    Dispatcher Service not detected
[OK]    Locks are functional
[OK]    Python poller wrapper is polling
[OK]    Redis is unavailable
[OK]    rrd_dir is writable
[OK]    rrdtool version ok
[WARN]  Your install is over 24 hours out of date, last update: Sun, 15 Sep 2024 00:13:11 +0000
        [FIX]:
        Make sure your daily.sh cron is running and run ./daily.sh by hand to see if there are any errors.

[librenms@localhost ~]$ 
[librenms@localhost /]$ su root
Password:
[root@localhost /]# cd opt/librenms/
[root@localhost librenms]# sudo ./daily.sh
Re-running /opt/librenms/daily.sh as librenms user
Updating to latest codebase                        OK
Updating Composer packages                         OK
Updated from 7d450345d to 7034fd7a4                OK
Updating SQL-Schema                                OK
Updating submodules                                OK
Cleaning up DB                                     OK
Fetching notifications                             OK
Caching PeeringDB data                             OK
[root@localhost librenms]#

Ookla Server Auto Start After Machine reboot or Network Outage..!

 Here i will show you how you can enable your Ookla server in Auto start mode when there is a machine reboot or any kind of network outage . find the configuration below.

 It is highly advisable to create own systemd services or udev rules to run scripts during boot instead of using this file  /etc/rc.d/rc.local .

make sure you have given executable permission to your own systems script. 

chmod +x /etc/systemd/system/speedtest.service

[root@localhost ~]# vi /etc/systemd/system/speedtest.service
[Unit]
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/usr/ookla/
Type=simple
KillMode=mixed
ExecStart=/usr/ookla/OoklaServer
TimeoutStartSec=30
TimeoutStopSec=60
Restart=always
[Install]
WantedBy=multi-user.target


[root@localhost ~]#

systemctl enable speedtest.service
 systemctl start speedtest.service
 systemctl status speedtest.service
systemctl daemon-reload

How to Troubleshoot of a website if that website is not opening .

Let's say we will try on google.com. and we are not able to open the google.com website.

Step-1 = Ping to the website which is not opening.

First you have to check the ping to that website. There may be a possibility that ICMP is blocked in the destination end due to security concern...

C:\Users\hp>ping google.com
Pinging google.com [142.250.194.206] with 32 bytes of data:
Reply from 142.250.194.206: bytes=32 time=49ms TTL=58
Reply from 142.250.194.206: bytes=32 time=46ms TTL=58
Reply from 142.250.194.206: bytes=32 time=48ms TTL=58
Reply from 142.250.194.206: bytes=32 time=51ms TTL=58
Ping statistics for 142.250.194.206:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 46ms, Maximum = 51ms, Average = 48ms
C:\Users\hp>

You can see above that ICMP is not blocked in google end and we are getting Ping to google.com.Thats Fine..

Till Now we are getting the ping but 

2-Check Traceroute to google.com to verify whether you can reach the destination or not .

C:\Users\hp>tracert google.com

Tracing route to google.com [142.250.193.206]

over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  192.168.0.1

  2     2 ms     1 ms     1 ms  103.14.9.18

  3    43 ms    44 ms    42 ms  103.15.9.17

  4    43 ms    43 ms    44 ms  103.6.9.26

  5    46 ms    45 ms    46 ms  72.4.203.200

  6    45 ms    46 ms    45 ms  142.250.244.151

  7    45 ms    45 ms    45 ms  142.250.54.97

  8    47 ms    44 ms    46 ms  del11s17-in-f14.1e100.net [142.250.193.206]

Trace complete.

C:\Users\hp>

As you can see above that the Traceroute is showing OK and we are able to reach the destination.

Step-3=Check the DNS resolve , weather the DNS is proper or not .

C:\Users\hp>nslookup
Default Server:  UnKnown
Address:  192.168.0.1
> google.com
Server:  UnKnown
Address:  192.168.0.1
Non-authoritative answer:
Name:    google.com
Addresses:  2404:6800:4002:81c::200e
          142.250.194.206
>

As you can see above that DNS is working properly and we are able to resolve from name to IP and IP to name.

Step-4= Check the Telnet to Website whether the https://google.com is open on 443 port or not.

To check in Telenet , Got to your cmd and write the telnet google.com 443

C:\Users\hp>telnet google.com 443

You can see above that we are able to access the website on 443 port , it means everything is fine .

Summary.

Till now everything is fine from our end but still we are not able to access the website . So now you have to contact your ISP for checking this issue because this issue can be with your public IP or in ISP end there is some routing issue such as Assymetric routing or Routing failure in the transit etc etc..and also there is a possibility that somewhere in transit  Your public IP address is blocked.