How Can You Screw up a Network? 87
aztektum asks: "Like a lot of Slashdot readers, I have setup my own home network. It isn't tricked out with all the fanciest hardware, but I do have a switch, BSD based firewall, I have configured e-mail (again on BSD), NFS and Samba, as well as remote access services like SSH and FTP. Now my line of work isn't networking or computer related at all. This is a personal hobby and a fairly new one for me (relatively speaking compared to others). I'm looking to learn more about managing problems with networks, but have no idea where to start. With such a small setup and only supporting two users (myself and a roommate) this isn't exactly enterprise level with enterprise level ups and downs. What are some ways I can screw up my network to troubleshoot problems and gain some insight? Also, what are some reference materials that you have found to be educational with relation to network administration?"
just a few thoughts (Score:3, Interesting)
Run an ethernet cable (yours perhaps) next to a space heater/box fan/large electric motor of your choice. Periodicaly turn that motor on and off. Instant link loss due to a spike on the line. WARNING, this one could jack up your switch/computer so be sensible.
If you are really green, give your roommate and your computer the same IP.
Take a short ethernet cable and untwist it (take it out of its shielding and untwist the wires). Put it back together in various ways and see how fast/slow your download rates become.
Cable tricks and other tricks (Score:4, Interesting)
Two DHCP servers on the same LAN is fun.
Plug a crossover cable between two ports on your switch. See what happens (most should disable both ports, but some freak out).
Crimp your own ethernet cables. That leads to all kinds of fun the first few times you try it.
Meh.. I'm not good at breaking stuff, that's all I can think of.
Try building a firewall script... by hand... (Score:4, Interesting)
The first time I tried to setup a really locked down network (i.e. better than a NAT by allowing specific outgoing traffic only) I screwed up royally. Actually, I still would have significant difficulties without a good GUI.
For a crash course in the difference between UDP and TCP and how IP ports work and what NATs do, IMHO, there's nothing better than actually trying to create a "secure" firewall that still lets you do the stuff you normally expect. E.g. email, web, P2P (take your pick), streaming media, DNS resolution (which is way more complex than I would have imagined).
setup a honeynet and queueing (Score:3, Interesting)
guest account (Score:5, Interesting)
I have created "guest" account on my Linksys router three days ago. Someone from Romania discovered this account next morning. They downloaded some binary files and tried to run them. Idiots! Binaries were for i386 but Linksys router is MIPS
Re:Cable tricks and other tricks (Score:3, Interesting)
I have a box of subtly bad ethernet cables from a reputable commercial source (its now marked "special cables for special lusers"), nice molded strain reliefs with tab protectors.
Normal straight through ethernet cables are wired like this:
1->1
2->2
3->3
6->6
These cables are wired similar to:
1->1
2->2
3->6
6->3
There are also some crossovers with similar polarity problems.
With just one of the directions having the wrong polarity, depending on which brands of NICs on each end, there are all kinds of bizarre problems. Sometimes things work (cisco to intel, but not with auto-negotiate), sometimes you get errors (realtek 81x9), sometimes link status doesn't come up in one direction but is fine in the other direction, sometimes nothing at all works.
I hand these out to people I don't like, those who beg cables off me for "just a few days".
the AC
Re:etherkiller myths (Score:3, Interesting)
I once worked in a building that was on three phase power, where the outlets in each of the two wings off the main building were on different phases. The main wiring closet was in the main building, and the end points were plugged into PCs and hubs on a different phase. So there was 138VAC between the PCs and the main ethernet switches. NICs in PCs would last a few weeks before quietly failing, ports in switches lasted about two months. Every 3 months or so the company would just have to replace an entire 24 port blade. It was cheaper for them to keep their smartnet contracts up to date than to insist on an electrician fixing the problem since their lease was almost finished. The company that followed them into the building nearly burned it down the first week because of the improper electrical wiring, and much hilarity ensued.
the AC
You should have tried harder to destroy the PIX
Staple your cables (Score:3, Interesting)
Just as simple as that.... In stapling up your cables to walls, joists, studs or whatever, drive a staple through the cable.
I did that at least two times while setting up my home network. The first one shorted out a pair, and the cable was fine as soon as I removed the staple. The second one apparently severed a conductor, but then bridged it. That cable worked just fine until I removed the staple.
Needless to say, I have since acquired a cable-safe staple gun. It has a wire guide on its tip (you straddle the cable with the guide and it keeps the cable out of the way of the outcoming staple) and it uses rounded staples.