Upstream svech

Problem1/README.problem_1_troubleshooting

@@ -0,0 +1,29 @@
+Steps taken for intermittent browser connectivity issue:
+
+1) Logged into amazon ec2 instance with the certificate pem key provided
+
+2) I had to orient myself to understand what was configured in terms of connectivity, ips, subnets, dns resolv files
+etc.
+
+3) I used ifconfig -a to check the interfaces and verified that the subnets, broadcast, ip address were all proper
+
+4) From there I also checked the resolv.conf file to understand the name servers config; as wrong ip addressing,
+subnetting, gateway address, and dns resolvers are the usual culprits when it comes to connectivity issues, especially
+with browsers when we need name resolution
+
+5) I then proceeded to check the logs in /var/log directory and noticed DHCP renewal is happening every 1800 seconds or
+30 minutes
+
+6) I also checked the /var/lib/dhclient directory for the dhcp leases, ( I'm use to the dhclient leases being
+kept in a different directory) so i had to verify which directory it was on the ec2 instance
+
+7) From there I checked all the leases assigned to eth 0 in (cat dhclient--eth0.lease)
+and noticed they were renewing every 30 minutes or so
+
+8) So based on those two files and assuming this is the server that the clients are browsing the renewal of the lease
+every 30 minutes, involving the DHCP DORA process which is discovery, offer, request, accept  the IP address of the
+webserver was changing or in this case being renewed which would start the process of binding all over again which
+would cause disruption and hence the time out on the webpages every 30 minutes for a few seconds  till the server got
+it's IP again through the DHCP server
+
+9) General practice is to keep the IPs static in this case and exclude it from the DHCP pool

Problem1/README.problem_3_troubleshooting

@@ -0,0 +1,10 @@
+Steps taken for problem 3 Zyxel firewall config
+
+1) I do not have experience in Zyxel firewalls but after looking at the configuration, it was very similar to Cisco
+routers configuration
+
+2) I leveraged the standard configuration and some preliminary searches to make sure I get the syntax right for the
+DHCP lease time
+
+3) Once I configure VLAN 5 DHCP pool and the interface vlan settings, I added the VLAN 5 to the DMZ considering that is
+the standard internet access

docker/dns_server/files/bind/db.testroot.local

@@ -20,3 +20,4 @@ ns3.testroot.local.	IN 	A	10.0.0.12
 printer1.testroot.local.	IN A	10.0.1.200
 printer2.testroot.local.	IN A	10.1.4.147
 printer3.testroot.local.	IN A	10.9.7.34
+printer4.testroot.local.	IN A	10.4.7.19

network_config/firewall.conf

@@ -69,6 +69,18 @@ ip dhcp pool Network_Pool_VLAN4
  lease 3 0 0
  dhcp-option 42 NTP_Server ip 10.0.0.15 10.0.0.16 10.0.0.17
 !
+
+!
+ip dhcp pool Network_Pool_VLAN5
+ network 10.0.5.0 255.255.255.0
+ default-router 10.0.5.1
+ starting-address 10.0.5.100 pool-size 100
+ first-dns-server 10.0.0.10
+ second-dns-server 10.0.0.11
+ third-dns-server 10.0.0.12
+ lease 1 0 0
+ dhcp-option 42 NTP_Server ip 10.0.0.15 10.0.0.16 10.0.0.17
+!
 interface ge1
  type external
  upstream 1048576
@@ -188,6 +200,22 @@ interface vlan4
  ip ospf cost 10
  description 80:Voice: 5th floor
  ip dhcp-pool Network_Pool_VLAN4
+ !
+interface vlan5
+ port lag1
+ vlan-id 5
+ ip address 10.0.5.1 255.255.255.0
+ upstream 1048576
+ downstream 1048576
+ mtu 1500
+ type internal
+ ip rip send version 2
+ ip rip receive version 2
+ ip ospf priority 1
+ ip ospf cost 10
+ description 80:Internet: schhabra
+ ip dhcp-pool Network_Pool_VLAN5
+
 interface ge1_ppp
  account GE1_PPPoE_ACCOUNT
 !
@@ -1408,6 +1436,7 @@ zone WAN
  interface ge2_ppp
 !
 zone DMZ
+interface vlan5
 !
 zone SSL_VPN
 !