Set Mode and enable NIC

Configuring NIC

#sudo apt-get install vim

#sudo apt-get install nano

#sudo apt-get install screen

#sudo apt-get install sysstat

#sudo apt-get install iotop

#sudo apt-get install openssh-server

Download Cisco IOS image for GNS3

Hi dear all, that’s really a great to share my hard work  with you , After a lots of  hit in Google  I finally found trick to search Cisco IOS in free of course. So without talking much here are the link where you can free download Cisco ios image and you can upload or use this ios to the router and as well as in GNS3.
Small Collection of IOS Images.

ftp://ftp.unikon-ua.net/pub/Cisco/IOS/
{Updated}Big Collection of IOS Images (Almost All Cisco IOS Images)
ftp://62.117.115.92/upload/ios/
Another Big Collection

ftp://86.110.172.101/Soft/IOS/

(NEW)Cisco IOS Images Big Collection v3. **Direct HTTP Link**
http://www.jonsfiles.com/IOS%20Images%20for%20GNS3/Cisco_IOS_Collection/IOS/

http://www.intranet.betomt.com.br/repositorio/IOS/CISCO/ASA Binary files for GNS3
http://www.4shared.com/dir/5716575/72cbe353/IOS.html
New Big IOS Collection

ftp://79.120.76.25/torrent/downloaded/ios/

Ethernet Switch devices

GNS3 with Dynamips help integrates an Ethernet switch that supports VLANs with 802.1q trunking. Trunk ports trunk all VLANs known to the switch – no VLAN pruning here. It is just a basic virtual switch with limited functionality that provides the very basics you’d want in a switch. If you drag an Ethernet switch onto the workspace, right-click it and choose Configure, you’ll see the options you may set.

By default, there are 8 ports in VLAN 1 configured as access ports. However, you may in theory have up to 10,000 ports and up to 10,000 VLANs. You are limited to either access ports or dot1q trunking ports.

You may connect the switch to the real world through a cloud device. The Console window in GNS3 may be used to show and clear the MAC address tables using the following commands:

show mac switch_name
clear mac switch_name

You can also see the MAC address table by right-cliking on your Ethernet switch and then choosing MAC Address Table.

If want greater functionality that the virtual Ethernet switch provides that is integrated into GNS3, then you’ll need to add a router with an EtherSwitch card.

EtherSwitch Cards

You can buy an EtherSwitch card that may be inserted into a router. The card will function similar to a switch. In GNS3 you may also insert an EtherSwitch card into a router slot. The 7200 series routers do not support this adapter but many of the router platforms available in GNS3 do. The EtherSwitch card that is supported is the NM-16ESW. Here is a list of some of the features supported by the NM-16ESW card.

• Layer 2 Ethernet interfaces
• Switch Virtual Interfaces (SVI)
• VLAN Trunk Protocol (VTP): domains, all modes (server, client and transparent), pruning and passwords.
• Trunking: 802.1Q only, no ISL, no dynamic auto or dynamic desirable mode.
• EtherChannel: no LACP and Pagp support. Manual configuration supported.
• Spanning Tree Protocol: simple STP supported but no MSTP, RSTP or other advanced stuff.
• Cisco Discovery Protocol
• Switched Port Analyzer (SPAN)
• Quality of Service: mls qos commands and mls qos maps are supported.
• IP Multicast Support
• Storm Control
• Flow Control

However keep in mind that this module works differently than a real Cisco switch and doesn’t support all the features of a Cisco Catalyst Switch. At this moment, it is not possible to emulate Catalyst switches with Dynamips/GNS3. This is due to the impossibility to emulate ASIC processors used in those type of devices. Please see the hardware emulated page for a complete list of missing features for EtherSwtich module.

Not all commands that exist on an actual switch are supported by the NM-16ESW card, but as you can see, using an EtherSwitch card gives you a lot more features than the integrated virtual switch. If you wish to use this card, I recommend that you download the documentation from Cisco’s official EtherSwitch module page. Only vlan database mode is possible (not the newer global configuration mode) and the show vlan command is show vlan-switch, for example.

To use the card, just add a router and include the NM-16ESW adapter or the EtherSwitch router device if you have configured a c3700 IOS image in GNS3.

1. Download GNS3, I accept all the defaults (I actually tick to install SuperPuTTy, as tabbed console windows can be handy when using GNS3). Launch the program, you will be greeted with the following setup wizard. Select Option 1.

Note: You can do the same in future, by going to Edit > Preferences

2. Check that the path to the ‘projects’ and your ‘images’ folder are where you want them to be. The defaults are fine but if you run GNS3 on several machines you might want to choose something like Dropbox > Apply > OK.

3. Option 2.

4. Click Test Settings > Have patience, it can take a couple of minutes > Apply > OK.

Adding Router Images to GNS 3

5. Option 3

Note: You can visit the same section in future by clicking Edit > IOS Images and Hypervisors.

6. Image file > Browse to the image you want to import. Here on GNS3 8.6 you can select the filename.bin file, with older versions you need to extract that file to a filename.image file.

Note: You need to legally download these images from Cisco. This means you need a CiscoCCO account, and a valid support agreement. DO NOT email me and ask for Cisco IOSimages, (I will just ignore you!).

7. As mentioned above, it will convert my filename.bin image to an extracted filename.image file > Yes.

8. Set the Router platform and model > In the IDLE PC section click Auto calculation > This can take a while.

Note: You can do this later from the main workspace, and test a range of settings. I you don’t do this your virtual network devices will eat all your CPU power!

9. When complete click Close > Save > Close.

10. You can now start that model router to the workspace and use it. Repeat for each model of router you want to add.

Adding a Host to GNS3

Having a host machine for you labs is handy, usually you just need to be able to ping, or perform tracerts. So you can download a small Linux image from GNS3. There are a few options but I prefer linux-microcore.

11. Edit > Preferences.

n

12. Quemu > Quemu Guest > Give it an identifier name (can be anything) > Browse to, and select the image you downloaded.

13. Save > OK > Apply.

14. You can now drag a Quemu Guest machine onto the work space, and console into it.

Adding a Cisco ASA to GNS3

Yes you can add Cisco PIX as well, but there’s not many of them left in the wild.

15. Edit > Preferences > Quemu > ASA > Give it an identifier name (can be anything) > Set the RAM to 1024 > Set the Qemu options to;

Set the Kernel cmd line option to;

16. You need two files to run the ASA, an initrd file and a kernel file. You need to create these from a legally obtained copy of the asa843-k8.bin file.

Should you wish to locate these files form a less reputable source you are looking for
asa842-initrd.gz and asa842-vmlinuz, again don’t email me for them! If you are too stupid to use a search engine, then technical ninjary is not the correct career choice for you.

17. Finally select the vmlunuz file > Open.

18. Save > OK > Apply.

19. You can now drag an ASA onto the workspace and console into it (it takes a while, be patient). When the ASA starts it has all the licenses disabled, to add them you need to change the ASA’s activation key. An ASA Activation key is usually linked to the serial number of the ASA, in this case we don’t have a serial number, (that’s not strictly true, if you check, it’s something like 12345678). So I will publish a working activation key*

*Disclaimer, this will only work on this virtual ASA, and it’s published elsewhere on the Internet, if I receive a request to remove it I will do so.

Another ‘quirk’ is every time you add a new ASA to the workspace, you need to go through this process, if you enter the commands below you can issue a reload and also save the ASA, without the need to re-enter the activation key.

20. When it comes back up, (again it will take a few minutes). Your can check your ASA’s licensed features.

To Allow ICMP (Pings) from the inside Workstation as it will be blocked by default: 

ASA(config)# class-map icmp-class

ASA(config-cmap)# match default-inspection-traffic

ASA(config-cmap)# exit

ASA(config)# policy-map icmp_policy

ASA(config-pmap)# class icmp-class

ASA(config-pmap-c)# inspect icmp

ASA(config-pmap-c)# exit

ASA(config)# service-policy icmp_policy interface outside

To Permanently save the ASA config in GNS3: 

copy running-config disk0:/.private/running-config
copy disk0:/.private/running-config disk0:/.private/startup-config
conf t
boot config disk0:/.private/startup-config

There are literally thousands of commands and sub-commands available to configure a Cisco security appliance.  As you gain knowledge of the appliance, you will use more and more of the commands.  Initially, however, there are just a few commands required to configure basic functionality on the appliance.  Basic functionality is defined as allowing inside hosts to access outside hosts, but not allowing outside hosts to access the inside hosts.  Additionally, management must be allowed from at least one inside host.  To enable basic functionality, there are eight basic commands (these commands are based on software version 8.3(1) or greater).

• interface
• nameif
• security-level
• ip address
• switchport access
• object network
• nat
• route

Sample Network Diagram

interface

The interface command identifies either the hardware interface or the Switch Virtual Interface (VLAN interface) that will be configured.  Once in interface configuration mode, you can assign physical interfaces to switchports and enable them (turn them on) or you can assign names and security levels to VLAN interfaces.

nameif

The nameif command gives the interface a name and assigns a security level.  Typical names are outside, inside, or DMZ.

security-level

Security levels are numeric values, ranging from 0 to 100, used by the appliance to control traffic flow.  Traffic is permitted to flow from interfaces with higher security levels to interfaces with lower security levels, but not the other way.  Access-lists must be used to permit traffic to flow from lower security levels to higher security levels.  The default security level for an outside interface is 0.  For an inside interface, the default security level is 100.  In the following sample configuration, the interface command is first used to name the inside and outside VLAN interfaces, then the DMZ interface is named and a security level of 50 is assigned to it.

ciscoasa(config)# interface vlan1
ciscoasa(config-if)# nameif inside
INFO: Security level for “inside” set to 100 by default.
ciscoasa(config-if)# interface vlan2
ciscoasa(config-if)# nameif outside
INFO: Security level for “outside” set to 0 by default.
ciscoasa(config-if)# interface vlan3
ciscoasa(config-if)# nameif dmz
ciscoasa(config-if)# security-level 50

ip address

The ip address command assigns an IP address to a VLAN interface either statically or by making it a DHCP client.  With modern versions of security appliance software, it is not necessary to explicitly configure default subnet masks.  If you are using non-standard masks, you must explicitly configure the mask, otherwise, it is not necessary.

In the following sample configuration, an IP address is assigned to VLAN 1, the inside interface.

ciscoasa(config-if)# interface vlan 1
ciscoasa(config-if)# ip address 192.168.106.1

In the following sample configuration, an interface VLAN 2, the outside interface is configured as a DHCP client.  The use of the statement “setroute” tells the appliance to get its default route from the DHCP server.

ciscoasa(config-if)# interface vlan 2
ciscoasa(config-if)# ip address dhcp setroute

switchport access

The switchport access command on the ASA 5505 security appliance assigns a physical interface to a logical (VLAN) interface.  In the next example, the interface command is used to identify physical interfaces, assign them to switchports on the appliance, and enable them (turn them on).  This command is not used on the ASA 55×0 appliances.

ciscoasa(config-if)# interface ethernet 0/0
ciscoasa(config-if)# switchport access vlan 2
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# interface ethernet 0/1
ciscoasa(config-if)# switchport access vlan 1
ciscoasa(config-if)# no shutdown

object network net-192.168.106

The object network net-192.168.106 statement creates an object called “net-192.168.106”.  (You do not have to name the object “net-192.168.106”; that is a descriptive name, but you could just as easily name it “Juan”.)  The network option states that this particular object will be based on IP addresses.  The subnet 192.168.106.0 255.255.255.0 command states that net-192.168.106 will affect any IP address beginning with 192.168.106.

ciscoasa(config-if)#object network net-196.168.106
ciscoasa(config-network-object)#subnet 192.168.106.0 255.255.255.0

nat

The nat statement, as shown below, tells the firewall to allow all traffic flowing from the inside to the outside interface  to use whatever address is dynamically (DHCP) configured on the outside interface.

ciscoasa(config)#nat (inside,outside) dynamic interface

route

The route command, in its most basic form, assigns a default route for traffic, typically to an ISP’s router.  It can also be used in conjunction with access-lists to send specific types of traffic to specific hosts on specific subnets.

In this sample configuration, the route command is used to configure a default route to the ISP’s router at 12.3.4.6.  The two zeroes before the ISP’s router address are shorthand for an IP address of 0.0.0.0 and a mask of 0.0.0.0.  The statement outside identifies the interface through which traffic will flow to reach the default route.

ciscoasa(config-if)# route outside 0 0 12.3.4.6

In place of the manual default route configuration, as mentioned previously, you could instead configure your outside interface as a DHCP client and include the “setroute” statement to obtain the default route from the ISP’s DHCP server.

The above commands create a very basic firewall.  A sophisticated firewall such as the Cisco ASA Security Appliance is capable of much greater functionality than what is shown here.  These commands, however, will provide a solid foundation for configuring additional services on your appliance.

Other commands you might use include hostname to identify the firewall, telnet or SSH to allow remote administration, DHCPD commands to allow the firewall to assign IP addresses to inside hosts, and static route and access-list commands to allow internal hosts such as DMZ Web servers or DMZ mail servers to be accessible to Internet hosts.  Of course, there are many more advanced commands that are explained in other how-to guides and in the book The Accidental Administrator: Cisco ASA Security Appliance: A Step-by-Step Configuration Guide.

Sample Base Configuration #1 (Static IP Address on Outside Interface)

ciscoasa(config)# interface vlan1
ciscoasa(config-if)# nameif inside
INFO: Security level for “inside” set to 100 by default.
ciscoasa(config-if)# interface vlan2
ciscoasa(config-if)# nameif outside
INFO: Security level for “outside” set to 0 by default.
ciscoasa(config-if)# interface ethernet 0/0
ciscoasa(config-if)# switchport access vlan 2
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# interface ethernet 0/1
ciscoasa(config-if)# switchport access vlan 1
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# interface vlan 2
ciscoasa(config-if)# ip address 12.3.4.5 255.255.255.0
ciscoasa(config-if)# interface vlan 1
ciscoasa(config-if)# ip address 192.168.106.1
ciscoasa(config-if)# route outside 0 0 12.3.4.6
ciscoasa(config-if)#object network net-192.168.106
ciscoasa(config-network-object)#subnet 192.168.106.0 255.255.255.0
ciscoasa(config)#nat (inside,outside) dynamic interface
ciscoasa(config)#exit

Note in the above configuration that the outside interface address and default route are configured manually.  If your appliance’s outside interface is connected to a network with a DHCP server, such as an ISP, you could configured interface VLAN2 as a DHCP client with the command “ip address dhcp setroute”.  The use of the “setroute” statement also eliminates the need for the manual default route configuration (route outside 0 0 12.3.4.6).

Sample Base Configuration #2 (DHCP-assigned IP Address on Outside Interface)

ciscoasa(config)# interface vlan1
ciscoasa(config-if)# nameif inside
INFO: Security level for “inside” set to 100 by default.
ciscoasa(config-if)# interface vlan2
ciscoasa(config-if)# nameif outside
INFO: Security level for “outside” set to 0 by default.
ciscoasa(config-if)# interface ethernet 0/0
ciscoasa(config-if)# switchport access vlan 2
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# interface ethernet 0/1
ciscoasa(config-if)# switchport access vlan 1
ciscoasa(config-if)# no shutdown
ciscoasa(config-if)# interface vlan 2
ciscoasa(config-if)# ip address dhcp setroute
ciscoasa(config-if)# interface vlan 1
ciscoasa(config-if)# ip address 192.168.106.1
ciscoasa(config-if)#object network net-192.168.106
ciscoasa(config-network-object)#subnet 192.168.106.0 255.255.255.0
ciscoasa(config)#nat (inside,outside) dynamic interface
ciscoasa(config)#exit

I have seen most of dedicated hosting companies servers always have multiple partition for various folders. I have tried to follow some guide lines on my own on virtual box. I always use swap space as double the ram. let’s say

TS = total Size
SS = Swap Size
MS = Main Size

MS = TS - SS

What is bellow is percentage on MS.

/         20%
/boot     100M
/var      25%
/home     24%
/usr      10%
/tmp      200M
/opt      10%

it looks like I still need some key places I should give more space and some other places I should reduce space for example /usr and /var.

VirtualBox will not start and present a Critical Error dialog box which reads “Failed to create the VirtualBox COM object. The application will now terminate.” If you select Details for additional information, it may offer something similar to this error, if not the same, Callee RC: CO_E_SERVER_EXEC_FAILURE (0x80080005). Here is a solution that worked in this case and will get VirtualBox back up and running without losing any configuration changes.

I recognize this error will likely occur on multiple versions of this application, however, for the sake of disclosure, the error occured using Oracle VirtualBox 4.3.6 on a Microsoft Windows 7 Professional (64-bit). During the re-install, I elected to upgrade to the latest, at the time of this writing, Oracle VirtualBox 4.3.8.

The Process

• Navigate to your profile and look for the .VirtualBox folder. For example, C:\Users\your.name\.VirtualBox
• Copy the VirtualBox.xml to somewhere safe, like your desktop
• Uninstall VirtualBox
• Delete the .VirtualBox folder
• Re-install VirtualBox and the option package.
• Start VirtualBox
• Close VirtualBox
• Navigate to your profile and look for the .VirtualBox folder. For example, C:\Users\your.name\.VirtualBox
• Rename the VirtualBox.xml to VirtualBox.xml.old
• Copy your original VirtualBox.xml to the .VirtualBox folder
• Start VirtualBox

Note: If you are presented with a hardware error message of some sort, here the corrections may be made. In my case, there was a referenced hard disk that was unavailable. So I deleted it using the configuration window that was presented.

Everything should be working as expected.

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems, in addition to Mac OS X (which is based around Unix). Known as the “Bash Bug” or “ShellShock,” the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could allow an attacker to gain control over a targeted computer if exploited successfully.

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

Bash can also be used to run commands passed to it by applications and it is this feature that the vulnerability affects. One type of command that can be sent to Bash allows environment variables to be set. Environment variables are dynamic, named values that affect the way processes are run on a computer. The vulnerability lies in the fact that an attacker can tack-on malicious code to the environment variable, which will run once the variable is received.

Symantec regards this vulnerability as critical, since Bash is widely used in Linux and Unix operating systems running on Internet-connected computers, such as Web servers. Although specific conditions need to be in place for the bug to be exploited, successful exploitation could enable remote code execution. This could not only allow an attacker to steal data from a compromised computer, but enable the attacker to gain control over the computer and potentially provide them with access to other computers on the affected network.

The following video provides an explanation of the Bash Bug vulnerability and demonstrates how a likely attack scenario through the CGI interface may work:

Has it been exploited yet?
There are limited reports of the vulnerability being used by attackers in the wild. Proof-of-concept scripts have already been developed by security researchers. In addition to this, a module has been created for the Metasploit Framework, which is used for penetration testing.

Once the vulnerability has been made public, it was only a matter of time before attackers attempted to find and exploit unpatched computers.

How can it be exploited?
While the vulnerability potentially affects any computer running Bash, it can only be exploited by a remote attacker in certain circumstances. For a successful attack to occur, an attacker needs to force an application to send a malicious environment variable to Bash.

The most likely route of attack is through Web servers utilizing CGI (Common Gateway Interface), the widely-used system for generating dynamic Web content. An attacker can potentially use CGI to send a malformed environment variable to a vulnerable Web server. Because the server uses Bash to interpret the variable, it will also run any malicious command tacked-on to it.

Figure 1. How a malicious command can be tacked-on to the end of a legitimate environment variable. Bash will run the malicious command first.

The consequences of an attacker successfully exploiting this vulnerability on a Web server are serious in nature. For example attackers may have the ability to dump password files or download malware on to infected computers. Once inside the victim’s firewall, the attackers could then compromise and infect other computers on the network.

Aside from Web servers, other vulnerable devices include Linux-based routers that have a Web interface that uses CGI. In the same manner as an attack against a Web server, it may be possible to use CGI to exploit the vulnerability and send a malicious command to the router.

Computers running Mac OS X are also potentially vulnerable until Apple releases a patch for the vulnerability. Again, attackers would need to find a way to pass malformed commands to Bash on the targeted Mac. The most likely avenue of attack against OS X would probably be through Secure Shell (SSH), a secure communications protocol. However, it appears that the attacker would need to have valid SSH credentials to perform the attack. In other words, they would already have to be logged in to an SSH session.

Internet of Things (IoT) and embedded devices such as routers may be vulnerable if they’re running Bash. However, many newer devices run a set of tools called BusyBox which offers an alternative to Bash. Devices running BusyBox are not vulnerable to the Bash Bug.

For website owners and businesses
Businesses, in particular website owners, are most at risk from this bug and should be aware that its exploitation may allow access to their data and provide attackers with a foothold on their network. Accordingly, it is of critical importance to apply any available patches immediately.

Linux vendors have issued security advisories for the newly discovered vulnerability including patching information.

• Debian—https://www.debian.org/security/2014/dsa-3032
• Ubuntu—http://www.ubuntu.com/usn/usn-2362-1/
• Red Hat—https://access.redhat.com/articles/1200223*
• CentOS—http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html
• Novell/SUSE— http://support.novell.com/security/cve/CVE-2014-6271.html

*Red Hat has updated its advisory to include fixes for a number of remaining issues.

If a patch is unavailable for a specific distribution of Linux or Unix, it is recommended that users switch to an alternative shell until one becomes available.

For consumers
Consumers are advised to apply patches to routers and any other web-enabled devices as and when they become available from vendors. Users of Apple’s Mac OS X should be aware that the operating system currently ships with a vulnerable version of Bash. Mac users should apply any patches for OS X when they become available.

Symantec Protection
Symantec has created an Intrusion Prevention signature for protection against this vulnerability:

• 27907 – OS Attack: GNU Bash CVE-2014-6271

Symantec will continue to investigate this vulnerability and provide more details as they become available.

Yesterday I decided to upgrade my two ESXi servers from ESXi 5.1 to ESXi 5.5 since the update came out some time ago.
The upgrade from ESXi 5.0 to ESXi 5.1 went great, without any problems. But this time, that is not the case.

My two ESXi servers are white boxes made of the following hardware:

• Motherboard: MSI Z87-G43 (http://www.msi.com/product/mb/Z87-G43.html)
• CPU: i5-4670K (http://ark.intel.com/products/75048/)
• RAM: Kingston HyperX DDR3 1600MHz, 8Gb * 2(16GB total) (http://www.newegg.com/Product/Product.aspx?Item=N82E16820104173)

The problem was the motherboard that ships with an onboard Realtek 8111E network adapter.
This problem has been verified to be the same with Realtek 8168 and Realtek 8169.
The reason for this, is that VMware removed the drivers from the new ESXi 5.5 iso.

In this post I will show you how to get ESXi 5.5 working with the Realtek network adapters.

Some people don’t like to use “not supported” hardware this way, and others had connection problems on the VM’s after doing this. I did not have any problems, and have been running with this solution since I wrote this post (21 days ago now). So i think it is pretty stable.
If you don’t want to use the method below, you can always buy a Intel Pro 1000 network card and put it in a PCI-e slot.
I highly recommend the Intel pro 1000 series, they are fast, reliable and works on any OS out of the box (including ESXi), but they are a little pricy. You can get them here, with free shipping:
Intel Pro 1000 Dual port
Intel Pro 1000 single port

There are two ways to make the upgrade work on your motherboard:

1. Using a supported network adapter in a PCI-E slot (See above, regarding the Intel Pro 1000 network adapters)
2. Creating a custom ESXi 5.5 iso with the drivers from ESXi 5.1

Putting in a extra network adapter was not an option for me, so I went for option two, and here is how I did it:

Creating a custom ESXi 5.5 iso including the Realtek network drivers

What you need

You just need a Windows XP or higher computer, and the software below.

Getting the needed software

First you need to get the needed software.
The following is what you need to download:

• The original VMware ESXi 5.5 iso (https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5&lp=default)
• ESXi-Customizer (http://www.v-front.de/p/esxi-customizer.html#download)
• The drivers from the old ESXi 5.1 iso (save file and unzip), you only need one of the below depending on what model your network adapter is.
  • VMware_bootbank_net-r8168+r8111e
  • VMware_bootbank_net-r8169

Injecting the drivers and create a new iso file

There is not a lot of steps to this, actually just a couple and it will not take long.

Open the “Esxi-customizer”

First run the .exe for ESXi-customizer to extract it.
When extracted, run the program so you get the following window:

Fill out fields

Simply fill out all 3 fields.
First one: Choose the original VMware ESXi 5.5 iso you downloaded from VMware
Second one: Choose the .VIB file for you Realtek network adapter that you downloaded earlier.
Third one: Choose what folder to use for working folder. A log and the finished new .iso file will be saved here. just create a new folder on your C:\ drive and use it.

If your motherboard support UEFI boot, you can tick the “Create UEFI bootable ISO” if not, then untick this. If you are unsure about this, then untick it!
Tick the auto update check to make sure you always have the latest version of this software.

Do it!

Let’s do it! Press “Run!”
The program will run some commands in the command promt behind it, and that’s it.
It does not take long. Once done, you can close the program.

Upgrade your VMware ESXi server

Now, burn your newly created ISO image of VMware ESXi 5.5 with your Realtek network adapter drivers injected that was created in the folder you choose to be the working folder for the program.
You can also “Burn” it to a usb stick, if your server does not have a optical drive installed. I do not have a guide for this yet.

Boot up your server on the cd/usb and choose to upgrade the system like you would with the original iso.

Note that the custom .iso does not work trough VMware Update Manager.

Feel free to leave a comment below, and rate the post at the top if this helped you!

Difference between vSphere, ESXi and vCenter

VMware Inc. is a software company that develops many suite of software products specially for providing various virtualization solutions. There are many cloud products, datacenter products,  desktop products and so on.

vSphere is a software suite that comes under data center product. vSphere is like Microsoft Office suite which has many software like MS Office, MS Excel, MS Access and so on. Like Microsoft Office, vSphere is also a software suite that has many software components like vCenter, ESXi, vSphere client and so on. So, the combination of all these software components is vSphere. vSphere is not a particular software that you can install and use, “it is just a package name which has other sub components”.

ESXi, vSphere client and vCenter are components of vSphere. ESXi server is the most important part of vSphere. ESXi is the virtualization server. It is type 1 hypervisor. All the virtual machines or Guest OS are installed on ESXi server. To install, manage and access those virtual servers which sit above of ESXi server, you will need other part of vSphere suit called vSphere client or vCenter. Now, vSphere client allows administrators to connect to ESXi servers and access or manage virtual machines. vSphere client is installed on the client machine (e.g. Administrator’s laptop). The vSphere client is used from client machine to connect to ESXi server and do management tasks. So now what is vCenter? Why we need it? Try cloning existing virtual machine using just a vSphere client without vCenter server.

vCenter server is similar to vSphere client but it’s a server with more power. vCenter server is installed on Windows Server or Linux Server. VMware vCenter server is a centralized management application that lets you manage virtual machines and ESXi hosts centrally. vSphere client is used to access vCenter Server and ultimately manage ESXi servers. vCenter server is compulsory for enterprises to have enterprise features like vMotion, VMware High Availability, VMware Update Manager and VMware Distributed Resource Scheduler (DRS). For example, you can easily clone existing virtual machine in vCenter server. So vCenter is another important part of vSphere package. You have to buy vCenter license separately.

The diagram above shows vSphere suite in a more descriptive way. vSphere is a product suite, ESXi is a hypervisor installed on a physical machine. vSphere Client is installed on laptop or desktop PC and is used to access ESXi Server to install and manage virtual machines on ESXi server. vCenter server is installed as virtual machine on top of ESXi server. vCenter server is a vSphere component which is mostly used in large environment where there are many ESXi server and dozens of virtual machines. The vCenter server is also accessed by vSphere client for management purpose. So, vSphere client is used to access ESXi server directly in small environment. In larger environment, vSphere client is used again to access vCenter server which ultimately manages ESXi server.

The Linux kernel provides a tweakable setting that controls how often the swap file is used, called swappiness

A swappiness setting of zero means that the disk will be avoided unless absolutely necessary (you run out of memory), while a swappiness setting of 100 means that programs will be swapped to disk almost instantly.

Ubuntu system comes with a default of 60, meaning that the swap file will be used fairly often if the memory usage is around half of my RAM. You can check your own system’s swappiness value by running:

one@onezero:~$ cat /proc/sys/vm/swappiness
60

As I have 4 GB of RAM, so I’d like to turn that down to 10 or 15. The swap file will then only be used when my RAM usage is around 80 or 90 percent. To change the system swappiness value, open /etc/sysctl.conf as root. Then, change or add this line to the file:

vm.swappiness = 10

Reboot for the change to take effect

You can also change the value while your system is still running

sysctl vm.swappiness=10

you can also clear your swap by running swapoff -a and then swapon -a as root instead of rebooting to achieve the same effect.

To calculate your swap Formula

free -m (total) / 100 = A

A * 10

root@onezero:/home/one# free -m
             total       used       free     shared    buffers     cached
Mem:          3950       2262       1687          0        407        952
-/+ buffers/cache:        903       3047
Swap:         1953          0       1953

so total is 3950 / 100 = 39.5 * 10 = 395

so what it mean is that when 10 % 395 MB of ram left then it start using swapiness

                                          Help . Ubuntu . Swap

                                           What is swappiness

The swappiness parameter controls the tendency of the kernel to move processes out of physical memory and onto the swap disk. Because disks are much slower than RAM, this can lead to slower response times for system and applications if processes are too aggressively moved out of memory.

.     swappiness can have a value of between 0 and 100

.     swappiness=0 : Version 3.5 and over: disables swapiness. Prior to 3.5: tells the kernel to avoid swapping processes out of physical memory for as long as possible.

.     swappiness=1 : Version 3.5 and over: Minimum swappiness without disabling it entirely

.     swappiness=100 tells the kernel to aggressively swap processes out of physical memory and move them to swap cache

See http://en.wikipedia.org/wiki/Swappiness

The default setting in Ubuntu is swappiness=60. Reducing the default value of swappiness will probably improve overall performance for a typical Ubuntu desktop installation. A value of swappiness=10 is recommended, but feel free to experiment.

Started Using swap at 91%

As I have configured my system & vm to make use of ram at 90 % . At 90 % there was no swapping

after that I opened some application like Firefox & Shutter , its start swapping because of ram usage is above 90 %