Building Dreamhack, part three

DHCP design for IPv4 on Dreamhack

I will describe the protocol DHCP in general and specific the DHCP design that we use at Dreamhack for IPv4.

DHCP for IPv4
DHCP is a layer 3 protocol used for dynamic assignment of ip addresses and options to clients. The client device sends a layer 3 broadcast to 255.255.255.255 on the local network destination UDP port 67. This message is called a DHCP discovery and it is a request for a free ip with options. The server answers the broadcast on UDP port 68 with a DHCP offer. This offer contains information about IP, subnet mask, lease time, options and the ip address of the DHCP server. The client then sends a DHCP request to the DHCP server accepting the offered lease. When the server receives the DHCP request it sends back a DHCP acknowledgement with lease duration and options.
When half of the lease time has gone the client tries to renew its lease by sending a DHCP request message to the DHCP server. If the client does not get a response from the server it will continue to send DHCP request messages to the specific DHCP server on a regular interval. When the lease time ends the client will begin the process from start by sending a DHCP discover.

DHCP design at Dreamhack
At Dreamhack all the clients use DHCP for configuring IPv4, subnet mask, default gateway, SMTP, TFTP, DNS and NTP servers.

For hardware redundancy we have three DHCP servers. For operating system redundancy we run Debian and FreeBSD. We have one active/primary server that syncs its lease file to the two passive/secondary DHCP servers. If the primary goes down or a severe OS related issue occurs then we can start using one of the secondary.

DHCP monitoring and statistic
We have our own developed DHCP scope monitoring and statistic system written in ruby by me 🙂 The system has two daemons and a web application.

Daemon one tails and parses the DHCP lease file, and parses the scope information. Daemon one then sends the parsed output to MySQL and MongoDB datastores. Daemon two analyzes the data in the datastores and creates statistics and graphs. This information is then made available through a web application developed with the Sinatra framework.

Who won the raspberry?

Last week we attended the Swedish career day Armada 2012 in Stockholm. Thanks to everyone who came by our booth! Hope we meet in the future! 🙂

At our booth we arranged the competition “win a raspberry with Basefarm” where you could win a Raspberry Pi Model B V2 512 MB RAM, by guessing the closest to how many of our servers are virtualized. The correct answer is that we currently have 841 vitrtualized servers and the winners who guessed closesed is Alve Aalto and Joakim Jalap! They both guessed 850. Congratulations to Alve and Joakim! We have sent a raspberry to you both, so keep an eye out in the mail! 🙂

Skype Vulnerability

Please note that there appears to be a security vulnerability in Skype allowing an attacker to gain access to Skype accounts:

Here’s how it works:
> Sign up for a new Skype account. Use the victim’s email. A warning will come up that an account with that email already exists, but you can still proceed with filling out the form and account creation.
> Log in to the Skype client with your new account.
> https://login.skype.com/account/password-reset-request[2] – request a password reset using the victim’s email.
> You will get a password reset notification and token in your skype client. Follow the link to pick the victim’s account and reset the password.
> It appears the only way to safeguard yourself for now is to change your main Skype account email to one that’s not publicly known.

Source:
http://www.reddit.com/r/netsec/comments/13664q/skype_vulnerability_allowing_hijacking_of_any/

Update 12:27 CET: This was quickly remedied by Skype.

We have a winner from D-dagen!

In a previous blog post, we talked about a competition we arranged at the Swedish career day D-dagen at KTH. Christoffer Dahlgren and Daniel Swensson had guessed closest (with the same answer) in our competition. Today they visited us at our office in Stockholm to get a tour and make up for the firstplace.

As tiebreaker they had to guess how many customers we have at Basefarm in Sweden. How would you have guessed in that question by the way? Finally Christoffer guessed closest and won awesome headphones from Beats by dr. dre! Daniel didn’t left us empty-handed either, he got a gift card from the Swedish technology company Webbhallen as a consolation prize 🙂 We hope they enjoyed the tour at our office and wish them all the best in the future!

 

OpenStack Folsom quick installation

We tend to use VMware for our virtual machines, but it’s always important to evaluate and try out new software which is why I decided to try out OpenStack (Folsom)! Three of the biggest advantages to OpenStack is, in my opinion, that it’s open source and free, plus backed by many large organizations such as Rackspace Cloud, NASA, AMD, Intel, Canonical, SUSE Linux, Red Hat, Cisco, Dell, HP, IBM and Yahoo! 🙂 You can find more information about OpenStack on the following site: http://www.openstack.org/

Installing OpenStack isn’t the easiest of things though, and doing a reinstallation of a system can be quite time consuming.
I’ve written up some scripts to simplify my installations of OpenStack, and decided to make a blog post about it as I’ve not been able to find any installation scripts for Folsom.

Quick Installation (under 5 minutes) scripts for OpenStack Folsom.
——————————-

A quick installation guide for OpenStack Folsom for a single or dual node installation.

Prerequisites:
– The base minimum is one Server with 2 Network cards (one public and one internal, or just one public ethernet card plus one virtual for internal use) running Ubuntu 12.04. Two servers are required if you want to run Compute (Nova) on a secondary server.
– Run the scripts as root.
– Have a minimum of two drives (which uses LVM)
– It’s recommended that you do this on a reinstalled test machine. It’s against all possible recommendations to run these scripts on a production environment as it could potentially break/delete everything.
– It’s recommended that you have a range of public/internal IPs so you can assign public IPs to your virtual machines.

Installation (as ROOT):
apt-get update
apt-get install git
git clone https://github.com/speedis/QuickInstallFolsom.git
cd openstackfolsom
chmod +x *.sh
./folsom01.sh
Follow the guide.

Uninstall:
To uninstall the whole installation (this will remove ALL trace of MySQL, Apache, RabbitMQ on the server etc so make sure you view and edit this file before running it!), run ./uninstall-folsom.sh

Mainly based on:
http://docs.openstack.org/trunk/openstack-compute/install/apt/content/
https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/

Happy OpenStacking!