Syed Jahanzaib – Personal Blog to Share Knowledge !

March 30, 2015

Playing with the Mikrotik’s PCC

Filed under: Mikrotik Related — Tags: — Syed Jahanzaib / Pinochio~:) @ 1:30 PM

 

3

GT_50mbx2

dual-wan-pcclb

Following post is an reference guide or scrapbook, which have working codes for following.

  1. Dual WAN PCC with 2 DSL modems [configured in bridge mode] and dialing is done via mikrotik
  2. Port forwarding various ports [as required] from the internet to local web server
  3. PPPoE Server

Note: I have used SOURCE BASE classifier in this example, to avoid common load balancing problems like https links breakup, buffering issues stuck problem etc etc : )

Just to remind this is not a copy paste version. its not complete export version. I modified the data for reference. Read them carefully for better understanding. You can pick any section of your choice or as required. I will add more sections later …

For port forwarding under PCC, You need to play with the PCC router. Logic is simple, let router knows the return path !! You should mark incoming connection to remember incoming interface, and then via route responses , using that marked packet to send them via same interface.
First You need to mark new incoming connections from WANs with connection marks (to identify via which wan request came from). & then for outgoing packets of these previously marked connections, you need to mark routing, to make them use the right WAN (via which packets arrived)

NETWORK DETAiLS :

Mikrotik LAN Interface name = Local
Mikrotik WAN 1 interface name = WAN1
Mikrotik WAN 2 interface name = WAN2

Mikrotik LAN IP Address = 192.168.0.1
WEB Server on LAN side = 192.168.0.10

Mikrotik IP POOL for LAN DHCP = 10.0.0.1/8
Mikrotik IP POOL for PPPoE Users = 172.16.0.0/16

Let’s Start ….

kick


# Syed Jahanzaib / aacable@hotmail.com
# https://aacable.wordpress.com
# Adding IP pool for dhcp and pppoe

/ip pool
add name=pppoe-pool ranges=172.16.0.1-172.16.1.255
add name=dhcp_pool ranges=10.0.0.1-10.0.0.255

# ADD dhcp server

/ip dhcp-server
add address-pool=dhcp_pool authoritative=after-2sec-delay bootp-support=static disabled=no interface=Local lease-time=6h name="ZAIB DHCP SERVER"
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=10.0.0.0/8 comment="zaib DHCP SERVER" dhcp-option="" dns-server=192.168.0.1,8.8.8.8 gateway="" ntp-server="" wins-server=""

# Adding dsl pppoe client connections, make sure your dsl modems are in bridge mode.

/interface pppoe-client
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 dial-on-demand=no disabled=no interface=WAN1 max-mru=1480 max-mtu=1480 mrru=disabled name=pppoe-out1 password=ISP_DSL_PASSWORD profile=default \
service-name="" use-peer-dns=no user=ISP_DSL_USERNAME
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 dial-on-demand=no disabled=no interface=WAN2 max-mru=1480 max-mtu=1480 mrru=disabled name=pppoe-out2 password=ISP_DSL_PASSWORD profile=default \
service-name="" use-peer-dns=no user=ISP_DSL_USERNAME

# Adding PPPoE Default Profile

/ppp profile
add change-tcp-mss=default dns-server=192.168.0.1,8.8.8.8 local-address=192.168.0.1 name=pppoe-profile only-one=yes rate-limit=512k/512k remote-address=pppoe-pool use-compression=default use-encryption=no \
use-mpls=default use-vj-compression=default

# Adding PPPOE Server
/interface pppoe-server server
add authentication=pap default-profile=pppoe-profile disabled=no interface=Local keepalive-timeout=10 max-mru=1480 max-mtu=1480 max-sessions=0 mrru=disabled one-session-per-host=no service-name=service1

# Create address list and add your users pppoe pool and web server ip addresses in this list, later we will use this list as ACL to allow specific users internet access
/ip firewall address-list
add address=172.16.0.1-172.16.1.255 comment="Allowed Users to Use Internet" disabled=no list="allowed users"
add address=192.168.0.10 comment="Allowed Users to Use Internet" disabled=no list="allowed users"

# Now start Mangling /ip firewall mangle

############################################ > Zaib
#  PORT FORWARDING RELATED MANGLE SECTION STARTS
############################################

# This section is related to packet marking for Marking connections/packets arrived at WAN1 link
add action=mark-connection chain=input comment="Mark Connection - IN wan1,OUT wan1 Syed.Jahanzaib" disabled=no in-interface=pppoe-out1 new-connection-mark=pppoe_out1_conn passthrough=yes
add action=mark-routing chain=output comment="Mark Routing - IN wan1,OUT wan1" connection-mark=pppoe_out1_conn disabled=no new-routing-mark=pppoe_out1_traffic passthrough=no

# This section is related to packet marking for Marking connections/packets arrived at WAN2 link
add action=mark-connection chain=input comment="Mark Connection - IN wan2, OUT wan2" disabled=no in-interface=pppoe-out2 new-connection-mark=pppoe_out2_conn passthrough=yes
add action=mark-routing chain=output comment="Mark Routing -  IN wan2,OUT wan2" connection-mark=pppoe_out2_conn disabled=no new-routing-mark=pppoe_out2_traffic passthrough=no

add action=mark-connection chain=forward comment="Mark Connection for new conn - Packet Forward wan1, out wan1" connection-state=new disabled=no in-interface=pppoe-out1 new-connection-mark=pppoe_out1_pfw \
passthrough=no
add action=mark-routing chain=prerouting comment="Mark Packets for new conn - Packet Forward wan1, out wan1" connection-mark=pppoe_out1_pfw disabled=no in-interface=Local new-routing-mark=\
pppoe_out1_traffic passthrough=no

add action=mark-connection chain=forward comment="Mark Connection for new conn - Packet Forward  wan2, out wan2" connection-state=new disabled=no in-interface=pppoe-out2 new-connection-mark=pppoe_out2_pfw \
passthrough=no
add action=mark-routing chain=prerouting comment="Mark Routing for new conn - Packet Forward  wan2, out wan2" connection-mark=pppoe_out2_pfw disabled=no in-interface=Local new-routing-mark=\
pppoe_out2_traffic passthrough=no

########################
#  GENERAL PCC SECTION
########################

# This section is related to packet marking for general PCC
add action=accept chain=prerouting disabled=no in-interface=pppoe-out1
add action=accept chain=prerouting disabled=no in-interface=pppoe-out2

# Classifier for dual WAN links
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local new-connection-mark=wan1_conn passthrough=yes per-connection-classifier=src-address:2/0 src-address-list="allowed users"
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=src-address:2/1 src-address-list="allowed users"

add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled=no new-routing-mark=to_wan1 passthrough=yes src-address-list="allowed users"
add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled=no new-routing-mark=to_wan2 passthrough=yes src-address-list="allowed users"

##########################################################
#  NAT / DST-NAT / MASQUERADE SECTION / PORT FORWARD
##########################################################

/ip firewall nat

###  Route WEB Port from wan links to local web server IP/PORT
add action=dst-nat chain=dstnat comment="Route WEB Server Port 80 from INTERNET LINK1" disabled=no dst-port=80 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.0.10 to-ports=80
add action=dst-nat chain=dstnat comment="Route WEB Server Port 80 from INTERNET LINK2" disabled=no dst-port=80 in-interface=pppoe-out2 protocol=tcp to-addresses=192.168.0.10 to-ports=80

### Allow internet access/masquerade to allowed users list only (ACL)
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1 src-address-list="allowed users"
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out2 src-address-list="allowed users"

##################################################
#  ROUTE SECTION FOR PCC AND PORT FORWARD PACKETS
##################################################
# Add routes for general PCC
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_wan2 scope=30 target-scope=10

# Add routes for IN/OUT port forwarding packets
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=pppoe_out1_traffic scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=pppoe_out2_traffic scope=30 target-scope=10

Regard’s
Syed Jahanzaib

March 16, 2015

Windows 7 WEATHER GADGET ‘not working’ workaround!

Filed under: Microsoft Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 12:40 PM

UPDATE: May, 2015

The method defined in this post is now not working any more. [at the beginning it was working but not anymore] , I will see if alternate methods may work and will update this post in coming week, to see if its working … Insha Allah,  

 

 

 

From past few days, clients reported that Weather gadget stopped working with error “cannot connect to service …

gadgets-not-working

 

 

 

 

After doing some googling, it was revealed that dueto some security concerns Microsoft have discontinued it.  BUT  you can still Enable by following simple steps.

  1. Go to “C:\Users\USERNAME\AppData\Local\Microsoft\Windows Live\Services\Cache”
  2. Edit “Config.xml” by Right Click / EDIT
  3. Now donot change any thing & simply save it (CTRL+S or FILE -> Save) [without doing any modification]
  4. After 1-2 MINUTES, Restart the Gadget!

 

 

It will work Insha Allah !!!!

 

gadgets-working

 

 

Regard’s
Syed Jahanzaib

March 10, 2015

Extending Linux Partition in VMWARE ESXI

Filed under: Linux Related — Tags: , — Syed Jahanzaib / Pinochio~:) @ 4:36 PM

Reference Guide to extend partition size in Linux hosted on vmware

TASK: Linux (Centos) is hosted in Vmware  , Current size of disk is 10 GB, and we want to expand it to 15 GB.

First turn off the guess linux OS. and take its properties and extend the disk as showed in the image below…

 

1

2

Click on EXPAND and it will take some time to complete the operation …

.

once its completed, power ON the guest Linux.

 

 

Add a new partition with the free space of the virtual disk.

fdisk  /dev/sda

press n            < To add new partition
press p            < Select type PRIMARY
press 3            < Type number for new part…
(when it will ask for sectors numbers/values, pres Enter twice for default values)
press t            < To change partition type value
press 3           < Select partition number
press 8e         < Type 8e
press w          <type ‘w’ to write changes to disk

at end you will see following message…

The partition table has been altered!

As showed in the image below …

fdisk-gui

REBOOT THE GUEST OS NOW …

reboot

 

after reboot completes, Now, create a new physical volume from the new partition, issue following command two times

pvcreate /dev/sda3
pvcreate /dev/sda3

  Physical volume "/dev/sda3" successfully created

 

 

Then extend the existing volume group, you may want to use vgdisplay to list and identify the volume groups you have.

vgdisplay

vgdisplay
--- Volume group ---
VG Name               vg_radius
System ID
Format                lvm2
Metadata Areas        1
Metadata Sequence No  3
VG Access             read/write
VG Status             resizable
MAX LV                0
Cur LV                2
Open LV               2
Max PV                0
Cur PV                1
Act PV                1
VG Size               9.51 GiB
PE Size               4.00 MiB
Total PE              2434
Alloc PE / Size       2434 / 9.51 GiB
Free  PE / Size       0 / 0
VG UUID               MzawqN-X33a-e5AY-QxE4-WFHV-r5mh-IM4MuT

4

.

Now look at VG NAME value, note it down… (Your might be different)

vgextend vg_radius /dev/sda3

 Volume group "vg_radius" successfully extended

 

Now, extend the logical volume, again, use vgdisplay to list and identify the logical volumes you have.

lvextend /dev/vg_radius/lv_root  /dev/sda3

 Extending logical volume lv_root to 13.50 GiB
Logical volume lv_root successfully resized

 

And finally, resize the filesystem in the logical volume

resize2fs /dev/vg_radius/lv_root

 resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/vg_radius/lv_root is mounted on /; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/vg_radius/lv_root to 3539968 (4k) blocks.
The filesystem on /dev/vg_radius/lv_root is now 3539968 blocks long.

 

Now check the new DISK SIZE in Action !!! ; ) ALHAMDOLILLAH

df -h

 Filesystem                     Size  Used Avail Use% Mounted on
/dev/mapper/vg_radius-lv_root   14G  897M   12G   7% /
tmpfs                          504M     0  504M   0% /dev/shm
/dev/sda1                      485M   31M  430M   7% /boot

 

after-size-increases-

 

 

 

Regard’s
Syed Jahanzaib