Multiple network interfaces with multiple public IPs in an EC2 instance with different outbound source using network namespaces

14 02 2017

In this scenario we will have an ec2 instance with:

* 3 network interfaces
* 3 public IPs (one for each interface)
* 3 different process with different public outbound address running in separate network namespaces

As starting point, we have a simple ec2 instance with one interface and a public IP assigned to it. The steps are:

– Allocate two new elastic IPs

– Create two new network interfaces in the same subnet in which resides the instance.

– Associate the new elastic IPs to these new network interfaces.

– Associate the new network interfaces to the instance. Now, it have the default eth0 and two more, eth1 and eth2.

– Create a pair of network namespaces for the new interfaces:

ip netns add blue
ip link set eth1 netns blue
ip netns add green
ip link set eth2 netns green

– Request the IPs for the interfaces:

ip netns exec blue dhclient eth1ip netns exec green dhclient eth2

– And test it:

curl ipinfo.io/ip
ip netns exec blue curl ipinfo.io/ip
ip netns exec green curl ipinfo.io/ip

Take into account that:

– You need to launch the proces with the “ip netns exec xxxx” due that systemd don’t support the network namespace assignement.
https://github.com/systemd/systemd/issues/2741

– Look the limits of AWS, by default, only 5 EIPs are allowed and each type of instance have a network limit.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html





Ssh error Too many authentication failures for root

8 02 2017

ssh -o PubkeyAuthentication=no root@host





Allow caching when the request have cookies – nginx

16 01 2017

Simply, ignore them. If Nginx sees it, it disables caching:

proxy_ignore_headers "Set-Cookie";
proxy_hide_header "Set-Cookie";





Docker: Remove all images and containers

15 01 2017

List all images:
docker images -a

List all containers:
docker ps -a

Delete all containers
docker rm $(docker ps -a -q)

Delete all images
docker rmi $(docker images -q)

Delete intermediate images ” <none":
docker rmi $(docker images --filter "dangling=true" -q --no-trunc)





Testing hhtp2 with curl

9 01 2017

Testing a domain resolving different IP in http2:
# curl --http2 -I --resolve http://www.domain.com:443:192.168.1.1 https://www.domain.com





Install OpenLDAP in Debian 8

21 12 2016

This guide is the best, by far, that covers the installation of a LDAP server and the configuration of the loging of a server through it.

https://www.unixmen.com/install-openldap-in-ubuntu-15-10-and-debian-8/

http://www.unixmen.com/configure-linux-clients-to-authenticate-using-openldap/





Linode ssh login problem

14 12 2016

If you try to connect to a Linode server by ssh and receive the following message:

Received disconnect from 1.1.1.1: 2: Too many authentication failures

It’s related to the ssh keys, try again with the following argument:

ssh -o PubkeyAuthentication=no user@1.1.1.1

More info:
http://superuser.com/questions/187779/too-many-authentication-failures-for-username