Install and Setup Tailscale on Ubuntu

Add the Tailscale package

curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/lunar.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/lunar.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list

Update and install Tailscale

sudo apt update && sudo apt upgrade
sudo apt install tailscale
sudo tailscale up

You’ll be given a link to visit to authenticate the device.

You can check the Tailscale IP address with

tailscale ip -4

https://tailscale.com/kb/1275/install-ubuntu-2304

RSTP Alternative Port vs Backup Port

The following is some basic info on STP and RSTP. This list is not comprehensive. Refer to the link at the bottom of the page for more in depth details.

RSTP Priority

Default Priority is 32768 + VLAN ID

For example, if we are using vlan 10, then our default priority is 32768 + 10 = 32778

RSTP Priority can be set from 0 – 61440 in increments of 4096.

RSTP Port Roles

Ports can fill 1 of 4 roles.

Port RoleDescription
Root PortPort closest to the Root Bridge (Switches going to the Root switch)
Designated PortPorts going away from the Root Bridge (To clients)
Alternate PortA “backup” port for the Root port. If the Root Port fails, this port takes over
Backup PortEssentially a backup port for the designated port
RSTP Port Roles

RSTP Port States

A port can be in one of 3 states. Well technically 4 states if you include down/unplugged.

Port StateDescription
DiscardingPort discards packets (Alternate and Backup Ports)
LearningPort learns MACs and doesn’t forward data
ForwardingPort forwards data and learns MACs
RSTP Port States

RSTP Port Types

There are 3 port Types. Not to be confused with port States or Roles.

Port TypeDescription
Point to PointSwitch to Switch
Point to Point EdgeEdge of Network. Connected to a PC, Printer etc.
SharedHalf Duplex, Port connected to a Hub
STP/RSTP Port Types

RSTP Timers

There are three RSTP timers. STP has the same timers, but the MaxAge is 10 seconds, and the Forward Delay is used for both Learning and Listening states which takes a total of 30 seconds to complete.

Timer NameDefault ValueDescription
Hello Timer2 SecondsTime between Hellos created by Root
MaxAge6 Seconds (Hello Timer * 3)How long a Switch should wait before trying to readjust the network
Forward Delay15 SecondsDelay used for Learning/Listening in STP. Shouldn’t be necessary if legacy bridges are not used.
RSTP/STP Timers

Port Cost

There are technically two types of cost. The newer cost values were introduced so we could use faster ethernet speeds.

By default Cisco switches use the old cost values, but they can be changed to use the new ones.

spanning-tree pathcost method long
Ethernet SpeedOld CostNew Cost
10 Mbps1002,000,000
100 Mbps19200,000
1 Gbps420,000
10 Gbps22000
100 GbpsN/A200
1 TbpsN/A20
STP/RSTP Path Cost

More information can be found at the following link.

https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html

Find IP address from command line on Linux

Using ip command

ip add

example output

bob@localhost:~$ ip add
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 38:ea:a7:13:a4:fe brd ff:ff:ff:ff:ff:ff
inet 192.168.1.21/24 brd 192.168.1.1 scope global dynamic noprefixroute eno1
valid_lft 513sec preferred_lft 513sec
inet6 13ac::98fe::ae78:d1ff/64 scope link noprefixroute
valid_lft forever preferred_lft forever
bob@localhost:~$

ifconfig

You may need to install net-tools to use

ifconfig  

example output

bob@localhost:~$ ifconfig 
eno1: flags=4163 mtu 1500
inet 192.168.200.58 netmask 255.255.255.0 broadcast 192.168.1.21
inet6 13ac::98fe::ae78:d1ff prefixlen 64 scopeid 0x20
ether b8:ac:6f:91:01:e8 txqueuelen 1000 (Ethernet)
RX packets 184950632 bytes 9487577263452
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 128473456 bytes 234612443785
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Using the hostname command

hostname -I

Output is just the IP address. Example below

192.168.1.21

Allow KDE Connect through firewall

Firewalld

sudo firewall-cmd --zone=public --permanent --add-port=1714-1764/tcp
sudo firewall-cmd --zone=public --permanent --add-port=1714-1764/udp
sudo systemctl restart firewalld.service

UFW firewall

sudo ufw allow 1714:1764/udp
sudo ufw allow 1714:1764/tcp
sudo ufw reload

More information https://community.kde.org/KDEConnect

Allow SSH access from a specific host using hosts.allow and hosts.deny on Linux

This is just a quick write on the hosts.allow and deny files.  You can lookup “spawn” and/or “twist” for some advanced usage.

 

So to limit an IP address, or a IP range access to SSH, do the following

Deny all incoming request for SSH

Edit the “hosts.deny” file

vi /etc/hosts.deny

add the following line

sshd : ALL

Now edit “hosts.allow” and allow the client IP, or IP range to access SSH

vi /etc/hosts.allow

add the following line to allow a single IP

sshd : 192.168.1.182

If you want to allow the whole subnet, then replace the above line with this one

sshd : 192.168.1.

hosts.allow overrides hosts.deny.  So you deny everything and then allow exceptions.

How to Set a Static IP Address on a Raspberry Pi

The examples given here are for modifying the wlan0 interface.  Replace wlan0 with the interface you are configuring. i.e. (eth0,wlan1)

Method 1

This was the typical way to add a static IP address to a Pi, if you have issues with this, then try Method 2.

sudo vi /etc/network/interfaces

In the file it is pretty easy to see which lines control which interface, find the lines that control wlan0 (or the interface your configuring) and change/add to look like below.

iface wlan0 inet static
address 192.168.42.109
netmask 255.255.255.0
gateway 192.168.42.1

Save the file, reboot, and the Pi should come up with the new static IP.

Method 2

It looks like on the newer versions of Raspbian, the above method does not work anymore, so now you have to edit the following file

sudo vi /etc/dhcpcd.conf

and add the following lines.

interface wlan0
static ip_address=192.168.42.109/24
static routers=192.168.42.1
static domain_name_servers=192.168.42.1

If you just need to assign a static IP address, to the device, because it is going to be setup as a hotspot or something, you can get away with the following.

interface wlan0
static ip_address=192.168.42.1/24

If you run into issues with it not assigning the address, check the /etc/network/interfaces file and make sure that the line that starts with “iface wlan0” says manual at the end and not static.  If it says “iface wlan0 inet static”, change it to “iface wlan0 inet manual”

How to set a static ip address on CentOS, Fedora, or Red Hat Linux

Open up the following file with your favorite text editor. Change eth0 to the interface you need, like “wlan0” or “eth1”.

 vi /etc/sysconfig/network-scripts/ifcfg-eth0

The file should look something like the following.

DEVICE=eth0
HWADDR=0A:2G:F3:56:66:4B
TYPE=Ethernet
UUID=aeh9421c-6a62-712c-886d-347813g8d1dh
ONBOOT=no
NM_CONTROLLED=yes
BOOTPROTO=dhcp

To set the static IP address change “BOOTPROTO=dhcp” to “BOOTPROTO=static” and add the following to the end of the file. If you want/need the interface to come up when the computer boots up then be sure to change “ONBOOT=no” to “ONBOOT=yes”.

BROADCAST=192.168.1.255
DNS1=8.8.8.8
GATEWAY=192.168.1.1
IPADDR=192.168.1.110
NETMASK=255.255.255.0

Also, on some newer versions of CentOS you may need to add NM_DISABLED=no

So your file should now look like this.

DEVICE=eth0
HWADDR=0A:2G:F3:56:66:4B
TYPE=Ethernet
UUID=aeh9421c-6a62-712c-886d-347813g8d1dh
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
BROADCAST=192.168.1.255
DNS1=8.8.8.8
GATEWAY=192.168.1.1
IPADDR=192.168.1.110
NETMASK=255.255.255.0

Save the file and restart networking.

service network restart

Finally, check you IP address with ifconfig.

root@localhost ~]# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 0A:2G:F3:56:66:4B  
          inet addr:192.168.1.110  Bcast:192.168.1.255  Mask:255.255.255.0

How to set a Static IP Address in Ubuntu and Debian

The first thing we need to do, is open our interfaces file.  Execute the following from a terminal.

sudo vi /etc/network/interfaces

or

sudo nano /etc/network/interfaces

Then add or copy and paste the following.

auto eth0
iface eth0 inet static
        address 192.168.1.100
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1

Close the file. Now we need to change the DNS settings

sudo vi /etc/resolv.conf

or

sudo nano /etc/resolv.conf

Edit the nameserver line to something like the following.

nameserver 8.8.8.8

Close the file and then restart the networking stuff.

sudo /etc/init.d/networking restart

How to Open a Port on Redhat, CentOS or Fedora Linux

By default iptables firewall stores its configuration at /etc/sysconfig/iptables file. You need to edit this file and add rules to open port number.

Note: if you have SELinux  enabled, you’ll need to allow the port with semanage.

Open port 80

To open a different port just enter the port number.

Open flle /etc/sysconfig/iptables:

# vi /etc/sysconfig/iptables

Append rule as follows:

A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Save and close the file.  Restart iptables:

# /etc/init.d/iptables restart

or,

#service iptables restart

 

Verify that port is open

Run the following command:

netstat -tulpn | less

Make sure iptables is allowing the port you enabled:

iptables -L -n

If you need more info you can refer to the man page:

man iptables