I read a book at the barber while I wait, and today I started reading this book. Here I'm writing some of the lines, as I found the introduction already 申分なく重大 haha. Starting with this line ... 事実は自ら語る、という言い慣わしがあります。もちろん、それは嘘です .. and it can be said in a more historian specific way as below ... 歴史家の解釈から独立に客観的に存在する歴史的事実という固い芯を信じるのは、前後顚倒の誤謬であります ... giving such an interesting example. 1066年にへスティングで戦闘が行われたことをことを知りたいと私たちが思う理由は、ただ一つ、歴史家たちがそれを大きな歴史的事件と見ているからにほかなりません What the above suggest can be said as below. 歴史的事実という地位は解釈の問題に依存することになるでしょう...歴史上の事実ということになったのは...意識的か否かは別として、ある特定の見解に染め上げられていた人たち、この見解を立証するような事実こそ保存する価値があると考えていた人たちによってのことであります And with that all being said, he says that there is additional job specific to historians studying today. 彼には、少しの重要な事実を発見して、これを歴史上の事実たらしめると同時に、たくさんの重要でない事実を非歴史的事実として棄てるという二重の仕事があるのです What I thought is that such an attitude of historians, being aware of what he is studying, or deciding weather to treat a fact as "fact", is also needed in everyday life today. I believe such an attitude could be applied to myself given the "fact" I see today on news or whatever kind of social media are being processed in a similar kind of manner. What's more is that they are like the 不透明な前提(p77) if I were to form my point of view. But this is where I find the fun, just like how he describes what historian does haha. 歴史家は、歴史の"補助科学"と呼ばれて来たもの - 考古学、金石文字、古銭学、年代学など - を頼りにすることができるのです...いかなる事実に、また、いかなる順序、いかなる文脈で発言を許すかを決めるのは歴史家なのです
Hi, another book review for this book. I always feel something 自己実現的 reading this kind book, such another book is this. And it's occasionally suffocating if I were to quote from the book, like there is no way out. To summerize, the idea of 労働力商品の所有者としての労働者 and 消費社会 are the two where I find such 自己実現的 aspect in today's world. Its kind of ironic like what we believe to be logical isn't really logical given the logic of Capitalism, as said below. ウェーバーが"プロテスタンティズムの倫理と資本主義の精神"の末尾部分で...近代社会を激しく糾弾したのは...そのような社会に適合して生きる近代人が、実際には倒錯的なものでしかない自らの精神的態度<形骸化した"禁欲">を合理的なものとして誇っていることへの憤りゆえであった And maybe what we need is such spirit of observing the world just as it is, said by Spinoza, but I would like to find laughter and pity in such observation opposing to Spinoza as the author suggests haha. 笑うな、泣くな、ただ理解せよ With that all being said, there were couple of books introduced, which I would like to read if I were to go further on the topic. I was interested in how the transition from Imperialism, Fordism and 消費社会 can be explained by, fits in to the picture of 資本論. Maybe I should take a look into 大転換 and 消費社会の神話と構造 as recommended. Reading such books gives better understanding of how today came to "today", and how I came to end up in such "today". ポピュリズム大陸 南米 is rather for pure curiosity, as I'm thinking of visiting Argentina next August, and thought would be interesting to learn its history and how the current libertarian government came to place given below. 無論、ヨーロッパや南米などで、反新自由主義を標榜する政権が登場するなどしているが、その打倒には程遠い And yes, I also need to start studying Spanish as well haha. That's it for today's post!
I'm writing this post because I was impressed by what its written haha. The book explains 労働力の商品化 as 諸在価値 to be 通約可能. And argues how such 通約可能性 wasn't possible back in Greece for the reason below. ギリシア社会は奴隷労働にもとづいており、したがって、人間とその労働力の不等を自然基礎としていたのであるからである And it continues discussing the nature of 貨幣 specific to Capitalism as the 通約可能性 and its consequence as below. 本来、何らかの具体的欲望をかなえるために貨幣を求める、というのが欲望の正常なあり方だとすれば、ここで現れるのは貨幣それ自体への欲望である...倒錯性 Its interesting how it associates this 倒錯性 to those 規範 seen in 前近代社会. したがって、古代社会は、貨幣を、その経済的なおよび道徳的な秩序の破壊者として批判する It also associates this 倒錯性 to 抽象的な価値の蓄積 within the context of Max Weber's Protestantism on Capitalism ... プロテスタンティズムの職業生活の成功によって自己の救済を不断に確信せねばならないという信仰から合理的で勤勉な生活態度...を"世俗的禁欲"とウェーバーは呼んだが...それは、財の有用性を享受することではなく、抽象的な"価値"の蓄積へとすべての努力を振り向ける ... which leads to the modern Capitalism. And I believe this transition is what The Great Gatsby was depicting. この...勤勉さは、その原初の緊張感を失っていき、致富に成功した資本家は奢侈に流れもするだろう And below sounds to explain a lot of what I see in myself, and I'm impressed how things can be explained in such manner. ウェーバーが"プロテスタンティズムの倫理と資本主義の精神"の末尾部分で...近代社会を激しく糾弾したのは...そのような社会に適合して生きる近代人が、実際には倒錯的なものでしかない自らの精神的態度<形骸化した"禁欲">を合理的なものとして誇っていることへの憤りゆえであった Its just amazing how and where you get to "re"discover yourself. It always leaves me questioning about myself and the world, which I kinda like it haha. May be I should read プロテスタンティズムの倫理と資本主義の精神 for the start. Also, the book draws an analogy between 一般的等価形態 and Hobb's 社会契約説. The 社会契約説 seems to explain the underlying assumptions of today's world which I am unaware of, taking it for granted. Might be good to take a look at リヴァイアサン as well. By the way, I'm thinking of going to this tomorrow. I hope I now have a better understanding of surrealism, able to appreciate them a bit😅, after reading this book.
I'm preempting this book for now to read this book, its shouldn't take too long. The reason is somewhat descriebed as below... われわれの意識や感性、感覚、価値観、思考といった、普通われわれ一人一人が"自分のもの"であると信じて疑わないもののなかに、資本主義がどのように入り込んでいるのか...資本主義社会のなかに現に生きているわれわれが無意識的に自明のものとして見てしまう事象が、この人類史的視点のフィルターを通して見られると、相対化され、決して自明ではないものとして現れてくる...そのような...批判の...テクストとしての"資本論" ...related to the book to some extent. 歴史が予見不可能だというのは嘘である...確かに見通すことができるのは、未来の一般構造だけかもしれない。しかし実を言えば、一般的構造だけが、過去や私たちにが理解できる唯一のことではないか。だから、もしあなたが自分の時代をはっきり見ようと願うならば、遠くから見るべきなのだ...クレオパトラの鼻が見えなくなるちょうどその距離からである With that being said, seems like I'm a kind of guy who can't stand being aware of unaware haha. われわれはそれでも無自覚でいられるだろうか By the way, I'm listening to this song repeatedly these days🎵.
The book was great giving lists of novels, describing how they can be characterized and fits in the context of "American". And there are couple of books that was introduced which I thought might be good to read in the future. - ライ麦畑でつかまえて - カッコーの巣の上で - キャッチ=22 - 見えない人間 I would definitely read "Inivisible Man", maybe I'll try others as well, but all the above I'm interested in Richard Powers, a novelist introduced at the very end of the book. In the epilogue, the book gives some advice for how and what can one expect from reading books, as below. 自分の読み方について考える時には、相手に自分を活性化してもらうという肯定的な発想にせよ他者を消費するという否定的発想にせよ、とにかくそうした非対称的な発想以外の道はないか考えてみることはできる Richard Powers is introduced as where we can find such 非対称性 in relation between 自分 and 他者 in his novels. パワーズという作家の大きな特徴は、世界を思い描く上で、意味づける自分と対象、自己と他者、というふうに非対称的な関係を根底にそえるのではなく、自分と対象<...対象が一枚の写真であれ、一人の他人であれ、第一次世界対戦であれ...>との関係がまずあって、刻々と変化していくその関係から、そのつど自分と対象とが分泌されていく And I believe such experience described as below are those moment when we become aware the 対称性 of today in relation to all the other times in the course of history. いわゆる"近代文化"-が、自らを決定的であるとする思い込みこそ、視界に生じた信じがたい頑迷さと狭隘さではないのか、という漠然とした直感がその根底に見出される。そしてそのように感じる時、私たちは自分たちが狭く閉ざされた場所から逃れ出て、再び星空の下に立ち、最善のことも最悪のこともすべてが可能な、真正で深遠で、恐ろしく見通しのきかない底しれない世界に出たのだという、えも言われぬ印象を持つのである Also, it should be the kind of relation which E.H. Carr describes as below. 過去は現在の光に照らされて初めて知覚できるようになる。現在は過去の光に照らされて初めて十分理解できるようになる By the way, I found out that Richard Powers is graduate of UIUC. I wonder if can go back to school and take his English courses haha.
Its after I started reading this book that I realized that its similar to this book, although I haven't read it yet, in a sense its about characterizing the society at the time. With that being said, and keeping in mind that the book was written in 1920s, it's interesting that the book describes what the basis use to be for people claiming their rights, which seems to differ from today's society of "singularity". むしろ現代(1920s)の特徴は、凡俗な魂が、自らを凡俗であると認めながらも、その凡俗であることの権利を大胆に主張し、それを相手かまわず押し付けることにある Note that I haven't read the book, so I might be totally wrong, let's see. But the book is still interesting itself finding out how the author lived in 1920s observed his society back then. Personally, I would rather once again take it as an ideal than taking it for granted ignorantly :) 普遍一般の人間個人の主権に関する理念や法的理想だったものが、いまや(1920s)...一つの心理状態へと移行したのだ And there is this moment that you discover what used to appear as 必然, in other words 心理状態, was one of mere possibility, reducing to a matter of choice, and everything starts to seem possible... - added as of 2025/06/19 いわゆる"近代文化"-が、自らを決定的であるとする思い込みこそ、視界に生じた信じがたい頑迷さと狭隘さではないのか、という漠然とした直感がその根底に見出される。そしてそのように感じる時、私たちは自分たちが狭く閉ざされた場所から逃れ出て、再び星空の下に立ち、最善のことも最悪のこともすべてが可能な、真正で深遠で、恐ろしく見通しのきかない底しれない世界に出たのだという、えも言われぬ印象を持つのである .. maybe because of the below reason. すなわち私たちの生とは、瞬間ごとに、そしてすべてに先立って、自分にとって可能なものについての意識であるということなのだ By the way, I can somewhat see myself in the song, don't know how I can fit in at this "party". Like nobody's lookin' me in my eyes and everyone's got so much to say. But I'm told that it's where I'm suppose to be. Makes me wonder if I could sneak out the back🎵.
Today's post is bit different from what I have been posting lately. The purpose of this post is to leave a note on places I was interested by reading this book, which hopefully I can visit one day. The last chapter of the book is about "utopia". It discusses how the notion of utopia has _not_ changed over time ever since the time of Greece and how it can be characterize by this and that. The first characteristic I was interested by is how lights are homogeneously arranged in utopian society. The book describes that such homogeneous arrangement of light does not create any kind of contrast that is provided by shadow, like found in fluorescent light. The opposite, meaning having contrast, is those that can be found in light bulb. The book interprets such homogeneous manner of light in utopian society as below, which reminds me of what Foucault was discussing. トーマス・モアの"ユートピア"には照明のことは書かれていなかったと思うけれども、生活には闇の部分がなく、隅々までも監視が行き届いているという意味では、大体の古今のユートピアはどれも基本的にいわゆる明るい社会なんです With the above being said, the books says that people of Paris once gone against such use of light. パリ・コミューンという1871年の革命のときに...民衆が闇をかえせと叫んで、パリの街灯をひとつひとつ壊して歩いたという And the city I want to visit is Prague as the book says its one of the city in Europe which contrast created by light is beautiful. 点々とオレンジ色のオレンジ色の街灯のならんでいるヨーロッパの町で、もっとも街灯の美しい町のひとつとしてプラハを挙げるならば、そこでは光と影がじつにみごとな起伏にとんだ空間を作り出している。歩くと自分の影がいっしょに動いてゆく Another characteristic that I found interesting in utopian society is its preference over linear arrangement of a city. Its interesting how those linearity found in Greece can be interpreted as "Rationale" ... たとえばアテネはずいぶん奇妙な町です...規則性と反復性の傑作といっていいパルテノン神殿が立っている...あの植谷雄高でさえ、パルテノン神殿に地中海の理性を感じたと記憶します ... and how its different from those linearity found in Pyramid in Egypt and other places. もちろん直交性を持った都市は以前からありました...たとえばエジプトのルクソールに行くと、神殿そのものが直線的ですから、まわりの道もほぼ直線になっていいます...ミレトスの直線は神によって与えられた直線ではなく、人間の(合理的)直線なんです And lastly, the book mentions how the linearity can be interpreted in a context of Orientalism considering "Rationale" as a Western representation. One such example the book gives is the city of Miletus in Turkey, considering how Miletus was neighboring "Asia" back when there was a Persian Empire. The book draws a contrast between Europe and Asia by considering the "Rational" as Western, against "Asia" described as below. そのころにプラトンが登場したんですね。彼には守るべきものがあったわけです。それは、ギリシアが既に高度に推しすすめていた理性というものです...それを象徴する幾何学的に構成された都市...ミレトスに...アジアが侵入してくるのが怖かったんですね。ここで言うアジアというのは、広いアジア的なものです...規則性、反復性がない...エキゾティックで...得体の知れない魅力的なもの Maybe I should read this book in regards. Also, back to how lights are arranged in utopian society, its interesting how Asian cities are getting more utopian today where it was "Asia" that represented the very opposite. Its interesting by how those nature found in the listed cities are still able to be seen in the very society that I live today. And if I were to consider "today" as a point in a history as just like those society once used to be, I see something within those cities that I can associated to myself. Its interesting that the very nature seems to stay the same over time, in fact I can still see them in The Hunger Game haha. The books also shares how those terms like Fantastic, Féerique and etc differs each other. I wonder which term is appropriate for describing Midnight in Paris. Maybe Fantastic? Please let me know if you can tell, because I can't yet😂. That's it for today's post. I hope I can write a post like this more often. See you in the next! --- Diary --- I went to Hakone today and it was such a great trip. Just wanted to keep a note so that I can remember haha.
This is a short note for myself, somewhat related to the reason why I want to read Society of Singularities. I haven't read the book yet, but I believe there is an attitude prevalent in such society, which attitude I am aware of my very self, something like below described in the book. "あれかこれか"の決断が迫られる状況は忌避される。さまざまな対立に主体的に関与するのというのではなく、多様性が強調される It could be about any kind of social matter, such as this against that. And I believe there needs at least some kind of attitude towards to make discussion meaningful. With that being said, I feel like its an responsibility of mine as one taking part in society to be aware of issues around the world and having my own attitude towards them. And the below quote from Wright Mills well states what I have in my mind in regards. 私は客観的で(objectvive)であろうと努めてきたが、コミットしてこなかった(detached)つもりはない By the way, I applied for the next year Masters tickets hoping as a gift for the coming father's day. Let's see if I can get one😉
This is the review, or rather my takeaway, of the book. I want to go over the book by quoting the two lines found in the book from E.H Carr. The first quote below, I believe, reflects the very argument that was repeated in the book... 過去は現在の光に照らされて初めて知覚できるようになる ... which is below. The above quote well points out that there always is a perspective, and its the perspective(現在) that allows us to look at(知覚) the past. 世界に起こることは無限であり、なんらかの意味づけをしなければ、それ自体に意味はない。どの事実をどのように整理して理解可能にするのか...事実は一定の観点に関係づけられてはじめて事実として浮かび上がる The second quote, from E.H Carr as well, is given as below. 現在は過去の光に照らされて初めて十分理解できるようになる Note that its not 知覚 as in the first quote, but its 理解. As far as I understand, the point is that we can only understand ourselves(現在) when there is a past that allows to place and study ourselves in relation to. The books wraps up with below line. I think the kind of discussion is needed, not just on the matter of 中立, but to really any subject out there in the world. この終章で考えたいのは、中立を強く求める、そうした時代についてである。さまざまな分野を横断して、なぜかこの時代に支配的になっている雰囲気を問題にしたいと思う。今日の雰囲気はいつの時代にも変わらず存在してきたものではない Which leads me to question the world that I see today, and its the question that I feel is the most interesting one out there.
It's interesting how an idea could be interpreted differently by people living in a different society or time in the history. The book shares couple of examples. One such example is Ando's perspective on 価値自由. 自分の観点を、他の対立する立場とのコンステレーション(布置連関)に位置づけて、可能なかぎり明晰に自覚化しようとする意識も希薄になりつつある。第一章で価値自由の暫定的な説明をしたときに、ウェーバーはいくぶん古い新カント派の価値哲学のヴォキャブラリーを引き継いでいると述べた。彼が使う価値という用語が古いことは否定できない。しかし、これらを古いと思うとき、私たちは一体、何を見失いつつあるのか。少なくともこの点を自らに問いかける必要はあるだろう。思想史の仕事の一つは、歴史的コンステレーションに今の時代を位置づけることである。価値というタームの意味がわかりにくくなっているとすれば、それが熱心に論じられていた時代から、現在を照らし直す必要がある。今この時代に安藤を読むということには、そうした意味がある Another is Odaka's interpretation of "事実をして語らしめる" within his translation given as below. まことの教師ならば、教壇の上から聴衆に向かってなんらかの立場を-あからさまにしろ暗示的にしろ-強いるようなことのないように用心するであろう。なぜなら、"事実をして語らしめる"というたてまえにとって、このような態度はもっとも不誠実なものだからである The interesting part is that how his mis-translation, or rather should be said his mis-emphasis on "事実をして語らしめる" reflects his attitude against what and how society treated "fact" as fact back then under war. I guess his obvious("自明") was a product of such time in history which lead him to emphasize "事実をして語らしめる" as the way he did. I believe there is an insight into what means to live in a society by looking at how one could be unaware of the "obvious" where he places all the basis of the discussion. 多くの誤訳は、訳者が自明だと思っている、その足元で生まれる。尾高が"事実をして語らしめる"という箇所に"たてまえ"という語句を挿入し、かなり無理をしてこの表現を肯定的な意味に転換してのには、"事実をして語らしめる"というスタンスに肯定的な場所を用意しておきたい、という彼なりの学問の理解があったはずである...イデオロギー的な議論が罷り通り、事実を基礎にした議論ができないという危機意識を彼が持っていたとしたら、そして事実を基礎にした議論をすれば非合理的な戦争遂行を抑制できると彼が信じていたとすれば、"事実をして語らしめる"というフレーズに最大限の強調点をおいたとしても、まったく不思議ではない Speaking of having different perspective, there was another interesting example in the book, which I believe is not because of any kind of "mis-" like in the Odaka's case, but rather something fundamental. The book discusses in the context of "新自由主義" back then in this regards. 事実はなんらかの観点や思想のフレームワークなしには事実にならない...そして事実だけでは学問ではない...この点では、ウェーバーその人とハイエクの違いはほとんどない...ハイエクがウェーバーと異なるのは...ウェーバーは価値自由的な学問を前提にする限り、学問によって体制の選択ができるとは決して考えなかった(沈黙)...これに対してハイエクの学問が沈黙するのは、正しい理論をできない少数の変わり者に対してである...価値自由を論じる時の一つの論点は、価値自由的な学問が個人の決定・決断を拘束する力をどれだけ持つと考えるのかという点にある。学問によって政治的な決定・決断の余地がかぎりなく"一択"に狭められると考えるか、あるいは学問は決定・決断を前にしてはほぼ無力だというくらいに、非合理的な"飛躍"を強調するのか...新自由主義者たちの価値自由論は前者の類型の極端なケースである It might sound little off the topic from what I wrote above, but I see analogy in the Faucault's study on morality back in Greek, Rome, and Cristian society, given how discourse on sexuality has changed over time. I won't quote here(around p208), but its interesting how those sexual customs back then can be understood considering the ethos of each society. I found this book which seems to follow all these discussion of whatever I just wrote above. I assume the book is about looking for those traces of morality in the characters appear in Greek literature which provides insights into the world that we live today. It might be interesting to look at. By the way, the song makes me want to learn Spanish, while I'm aware that the song is in Portuguese. It's Portuguese right😅? --- follow up as of 2025/06/09 --- Another interesting reference to how countries, namely German and America, accepted Wieber's 価値自由 differently and how it has changed over time in America. マックス・ウェーバーはその没後、ドイツでは急速に忘却されていく...忘却という表現は、必ずしも適切ではないかもしれない。ウェーバーの著作からナチズムへと至る放物線を思い描きながら、彼の思想に対して警戒感を持ち続けていたというほうが、より正確な記述ということになるだろう...その基調にあるのは、自然法の観念を相対化するウェーバーの政治理論への強い警戒感であった...これに対して、アメリカの受容は...方法論への関心は、当初のアメリカでのウェーバー受容では、それほど高くはなかった...方法論への関心の低さは、受容する側のアメリカの知的な雰囲気のほうに原因があると考えるべきである。方法論を論じるということは、それまで当たり前に行われてきたことの当たり前さを問うということである...共通了解の動揺やそれに対する懐疑が比較的弱かったということ...資本主義とデモクラシーへの信頼が安定して存在しているところで、深刻な方法論的な問い直しが求められることはなかった...このような状況が変化してきたのは1960年代だった...ウェーバーの方法論的な著作...がアメリカの知的世界でクリティカルな意味を持つのは、黒人の公民権運動などの人種問題、エコロジーの問題、そしてベトナム戦争の泥沼化に直面した、1960年代後半の危機の時代になってからであった...ウェーバーの方法論的な著作がアメリカで再発見されたのは、こうした文脈であった
By the end of my 20s, I want to travel to those Latin American countries, and I came to think that learning language and being able to immerse myself in the culture of my favorite must be quite a experience. It could be literature, paintings, music, or random chatting with local people. Whatever that might be, you will be able to experience by your very self. Just imagine how much of a world opens up by learning a language!
I was watching this movie and made me want to write about this book, which I wasn't really think of writing about it. To start, people may have different opinion on the movie, but I personally I liked it. Its about a kid who immersed himself in jazz, and a professor who just keep pushing the kid until he breaks. And I can kind of relate myself to this kid as I think I have this tendency of getting lost in my own world, unable to see the other possible choices. And this I believe can be said to various aspects in life, but here I will discusses in terms of jobs quoting from the book as below. 組織が不安定になっても、社会のなかにおける"職業"という軸をしっかりしていれば、そこから距離をとり、職場のなかでの仕事を茶化したりズラしたりすることができます。"ポスト日本型雇用社会"における茶化し/ズラしのためには、組織の安定に左右されない、社会のなかにおける仕事="職業"という考え方が必須で、それこそ、現代日本において、かりあげクンのように"軽やかに"いきるための条件なのです And what I like about the books is that it extends this way of "humorizing" to the life itself, finding the common ground in the way how the people lived back in Soviet Union. 後期社会主義では...彼らは、権威的な言説を茶化したり、骨抜きにしたり、新しい意味を与えたりしながら、一見抑圧的な体制の下にありながらも、"軽やかに暮らし""とても楽しい生活をしていた"のです...かりあげクンは、堅苦しい会社の仕事から"超越(ヴェ二)"した存在で、作品では、彼が、"軽やかに暮らし""とても楽しい生活をして"いる様子が描かれます。彼は、後期社会主義のソ連に生きていた人々と同じく、"システムの内部にいてその一部として機能しながら同時にその枠外の別の場所にいる生き方"(ユルチャク)をしていると言えるでしょう Note that I do _like_ my job, but it can't be all that's out there, so as every other things in life. Also I occasionally get lost in those books I read, makes me feel deadlocked and little discouraged, which is kind of paradoxical as they are suppose to help me figure out those lingering question of mine. Maybe his "軽やかさ" is exactly what I need now in my life haha. By the way, I like jazz and listening to them makes me want to appreciate the world just as it is, not sure myself what that suppose to mean though😂. There is a nice jazz bar in Shinjuku, which I haven't visited for a while. Hope I can visit the place once again during this summer.
A while ago, I quoted Hideharu Ando's description of 価値自由. There was a follow up on how his personal experience during the war had lead him to study the idea, and I wanted to make a note of it. It discusses the conditions on how one can be critical on something, and how his personal experience is tied to his study as below. 事実と価値の分離が可能になる条件は、一つの現実に一つの、その現実を正当化する価値がへばりついているという状態からの離脱である。一つの現実(事実)を異なる観点(価値)から把握する可能性がなければ、そしてそうした異なる、複数の観点がそんざいするということを真剣に受け止めたうえで自分と社会を考察するという構えがなければ、ウェーバーの方法論はまったく意味をなさない。安藤はこのことを軍隊生活とその後の研究生活で考え続けた。彼が価値自由を、自分自身の生き方の問題、そしてエートスの問題として引き受けたのも、このためであった And it continues as following, which I see interesting correspondance between Foucault's study unraveling the conditions for those human science came to exist at first place. 安藤の価値自由論は、学問論であると同時に、学問に先立つ前提を批判的に問い直そうとする理論である。無批判にある一定の前提で思考しているかぎり、目の前の、所与の社会秩序を相対化することはできない。このような場合には、wertfrei な態度は現状追認にしかならない。別の言い方をすれば、現実から距離をとって批判的に考察することができる、強い主体、ないしそれを可能にするエートスがなければ、目の前にある現実から自由になることはできない。安藤の読解では、ウェーバーの学問論と宗教社会学が独自の仕方で連結している I would like to queue the book for the next, but there are already few awaiting in the line, let's hope it wont get stalled for too long haha.
I finished reading the book. I wasn't really thinking of writing another post about the book but I changed my mind. The book says that Foucault once mentioned about his role as below. 人々が、自分で考えているよりもはるかに自由なのだと教えること、人々が自明で真理だと信じているいくつかのテーマが、歴史の特定の時点に作り出されたものであり、このみかけの上での自明性は批判し、破壊することができるものだということを示すことです。それが知識人の役割です。 And I realize that the books, not just his but all those other books as well, are playing this very role for me. It also mentions about the questions that he was trying to answer, and I share the same perspective on the kind of questions that needs to be answered, which is listed as below. - 主体の条件 - どのような知を"真理"として構成し、それを"真理"として確信するのか - 歴史的な条件のもとで、どのような条件において、ある対象が知の対象となりうるか - 主体は真理を獲得したと考えることで、どのような満足と権力を獲得するか Despite how complicated they all sounds, I believe its just saying think yourself, and books will help along the way😆. And I actually find it's something quite interesting to think about. By the way, I always find myself feeling strange yet peaceful like I'm back home listening to those songs from childhood. The song must had been played a lot on the radio back then haha. Its nice to have some place, photos, songs, or really anything you can find peace within🎵.
I'm back reading this book. Little note on the difference between 没価値 and 価値自由(Wertfrei) put it into my own words as a reminder for my own sake. The book quotes Hideharu Ando's description of 価値自由 as below. And how it differs from 没価値, which is more close to the seemingly objective notion of 中立, is what I want to emphasize. "ヴェルト・フライハイト"とは、価値理念や価値判断をできるだけ鮮明に(とりわけ自分自身に対して鮮明に)させることによってそれを自覚的に自己統制することを意味する The book continue as below ... 研究者が主体として価値とどう向き合うかが、安藤にとって重大な問題関心であった。自分の価値理念を自覚化することのない主体は容易に周囲の空気に流される...没価値的な学問はこのような主体のあり方と結びつきやすい ..., and I think this is not just something applicable to academic approach, but also to us regarding how we see the world considering that we are placed in our own unique situation. I remember that the book mentions about the origin of moral as Latin's mores and how its fragile which changes over time and society in the history, something like described as below in the book. エートスは"住み慣れた場所"を意味するギリシア語のἦθοςに由来し、"習慣"や"性格"を指す言葉である。もちろんエートスは倫理(ethics)の関連語でもある。しかし両者には違いもある。倫理ないし倫理学は、思考によってある程度まで整合的に考えられた理論のことである。これに対してエートスは、そうした理論とゆるやかに結びつきつつ、ある時代のある社会集団に共有され、彼らの行為を導くような、習慣化された倫理的態度を指す。エートスはラテン語のモーレス(mores)に対応する。 And I wonder what's out there that I could to do considering what I wrote above, and books seems to be a good place to start with ;)
Hi, here's another book review! I still haven't finished the book yet but I would like to summarized my short take away from it. I won't write all the details as I wrote a lot about it in the past posts. I would just say there was a lot of idea that I was seeking at the moment, and as of this moment. Again, its nice to have them put into words. Even though it was little discouraging and indeed suffocating as quoted below😂. フーコーの権力の分析が深まっていけばいくほど、生の可能性が失われていくような印象すら受ける。権力的な関係のうちでの抵抗の可能性が失われ...権力的な網の目に絡まれとられてしまうような理論の運びである...近代的な社会がまず規律的な権力の社会として捉えられ...社会にふさわしい身体と精神をもつ主体が構成される...これは息がつまるような理論である Also, it was interesting to see the book referring to Louis Althusser as I remember reading his book while I was in college. Seems like I'm coming back and forth haha. Another interesting reference I found is that the book which I just started reading mentions about how its based on Foucault's this and that book. Although I'm still not yet familiar with the idea of discours(言説), I'm willing to take a look into those books so that I can see how it can be apply to Orientalism. Maybe later, once I catch my breathing :) Lastly, there was this quote in the book about the seemingly neutral notion of Orientalism disattached from political discussion. "真の知識"が基本的に非政治的であるとする一般的でリベラルな多数意見というものは、知識の生み出される時点でその環境としてある、たとい目には見えずとも高度に組織化された政治的諸条件を、いかにして覆い隠すものとなっているのか。本書が明らかにしようとしているのはその点である I see the statement is also very true in today's everyday world, and I believe its something that we should carefully consider what kind of knowledge that we are dealing with. Again, this is something that I recognize from Max Weber's Wertfreiheit(没自由). And I'm looking forward to see how the book untangles the seemingly neutral notion of Orientalism as said below. "インドやイギリスに関するあらゆる学問的知識は、総体としての政治的事実によって何らかの意味で色付けされ刻印を押され侵害されているのだ"ということとは...本書でオリエンタリズムに関して私の言わんとするところなのである...なぜなら、人文科学におけるいかなる知識の生産であれ、その著者が人間的主体として周囲の環境に巻き込まれている... That's it for today's post! I wonder if there might be some insights into how Japan is portraited in today's tourism, which I kinda like it haha.
As I think more and more, I occasionally get this depression having hard time seeing value or faith in those things that considered to be a priori in life, feels like nothing left to believe in to start with. Sometimes its hard to keep my heads up... Maybe I must have a faith and start thinking the kind of changes that I may be able make. --- wrote as of 5/25 --- Isn't this the very question that I am trying to ask myself, and the very reason that I am willing to learn, so that I can live with little bit of confidence ;)
Little note on my thoughts while I was reading this article. I noticed that people involved in the situation covered in the article fits into the picture discussed in this book. The book discusses how America has changed over time, which resulted in society getting more deterministic in terms of their course of life, given their social and economic backgrounds. Considering how such current situation has been shaped over time and the fact we are at least placed in one of such situation of our own, it makes me wonder how where in the society which I belong to has came to be created. By the way, I think its important that you put your feelings or those intangible idea into words at that very moment, it's hard to come back and put them back together once its lost.
I wasn't able to put the reason for why I go after books in my own words, despite I am well aware of the urge. But I found a line in this book which articulates this urgency on behalf of me. 思想は抽象的な知の体系ではなく、現実の生き方を問う倫理的な営みとしての意味を持つものだった More accurately, or rather specifically, added as of 2025/05/20, the above can be rephrased as below for me. 様々な仮構的な主体概念を前提として分析するのではなく、その社会のなかで、このようなディスクールを真理として信じる主体(me)が、どのようにして形成されるかを分析...いかにしてその社会に適合的な主体として形成されていくか With the above said, the books I read is more than just some theory in an academic kind of sense. It gives me the reasoning that I look for in life, as said in the below line from this book. 価値をめぐる対立について、学問は一義的な解を与えることはできない。しかし、決断の手前のところで、あるいは決断へと至る過程の重要なところで、貢献できることが学問にはある And I guess this is all because I recently came to be aware of something described as below. ある人が社会の中で生きがたく思う時に、思想はその人が直面する問題を解決する手段となり、社会を変えていくために役立つべきである But yet I still have no clue what the "better" direction for this world to head. I guess there remains a lot for me to study😅. By the way, I recently wonder there might be things in life that themselves can be appreciated, those things that might not require any kind of reasoning. Maybe the memory from your childhood or the feeling you experience when you like someone.
Books occasionally provokes this sense of feeling that I'm more of a object(客体) of interest which needs to be studied within the context of the society(社会) and the history(時代) that I live in, leading me to lose the sense of subjectivity(主体). I think this sense of feeling is what keeps me thinking, questioning, and reading etc. I think below line from this book describes the idea. 自然のことものを対象とする物理学や化学のような学問とは異なり、学問の対象が同時にその主体であるために、厳密な科学性に到達することができないことにある I believe there is some idea shared among the above and below line from this book in terms of subjectivity. I also see something similar in the discussion of Wertfreiheit(没自由) by Max Weber. May be I'm wrong though. 人間には感情や自己の利益に左右されずに、合理的に判断を下すことのできるための能力がそなわっている...判断という活動そのものの力で独自の原則を作り出すことができる But at the end, if we were a product of the society and history we live in, isn't those society and history that we should be studying to understand ourselves? --- a little insight into what I wrote above as of 5/14 --- There must be a condition for such question to arise explaiend as below in the book . 近代の知の大きな特徴は、考古学的な変動によってこのまなざしと表の空間が崩壊し、そこに生身の人間が登場することである。人間は"知にとっての客体であるとともに認識する主体として、その両義的な立場において登場する"。 If the above can be said, there is where the question comes in. "純粋理性批判"においてカントは、批判哲学はコペルニクス的な転換を意味すると誇ったが、これは人間の知が人間の認識の有限性によって初めて根拠づけられるという確認であった...すなわち、人間の認識と知の真理の根拠は、人間が物自体ではなく、現象しか認識できないという認識能力の有限性そのもにあるとされたのだった。 --- another follow up as of 2025/05/19 --- I wondered if I should write this as a new post, but I'll write this as a follow up for this post. The line below is from the book. 真理とは、誰がそれを真理として信じるかによって、大きく意味を変えるものであり、思想を真理として信じる主体の分析なしには、真理そのものの概念を分析しても、意味がないことになる And it discusses about the nature of "the" truth as following. <本質>がどのように歴史的な経緯によって真理として形成されたのかを分析する...真理という概念は、この歴史性を隠蔽して、なにものかの"本質"であるかのように振る舞うものである And it describes "the" truth as following. 真理とは論駁されないという特徴をもつ誤謬にすぎず、歴史的な価値をもつものにすぎない And I agree with the above statement, as far as my understanding, which is for the reason described by the following statement from the book. 個々の主体から離れた真理というものはなく、真理はつねに一つの視点からみられなければならないこと示すものである But at the same time, if I were to place myself in a such mere existence relative to society and history, I get little discouraged that I feel there is no value in such notion of being "myself"😅. This book might be the one for me to take a look at next.
This is a short follow up to the last post. I occasionally use the term "better". I thought it might be a good idea to clarify what I mean by the term when I use in this blog as I believe it can deliver so many things when used depending on the context. Let me first state that, jumping to the conclusion, I try to keep the word "better" within the extent of technical sense. What I mean by that is that the word "better" I use is not based(to the extent that I'm aware of) on any kind of "argument" of mine. I think the below quote from this book gives the sense of idea which I have in my mind. 彼(ゴルトシャイト)からすれば、資本主義経済のネガティブな作用が顕在化する中で、より"人間的"な経済を主題化し、その方向で"進歩"を語ることは、混乱しているどころか、極めて筋の通った議論に思えたはずである。しかしウェーバーからすると、"人間的"というのはあまりにも多義的である。これについて一義的に進歩を論じることはできない。ゴルトシャイトにとっての"人間的"という評価は別の人にとってはそうではないかもしれない。別の人は別の基準で"人間的"を論じる可能性があるし、実際そうしているかもしれない。 But with the above said, there is this below quote that I found in this book. And if I were to make any kind of "argument" regarding "progress", it would be something similar to his. Maybe I will take a look at his book for the next. And yes, there also is this book that I bought quite a while ago that is still piled up in my room. Maybe now is a good time to revisit the book. 歴史の進歩とは、自らの責任を問われ必要のないことで負わされる"不条理な苦痛"を減らすことだ - 市井三郎 By the way, listening to this song while I play around with the DSLR from my college years make me feel things are still the same... Am I just being nostalgic or I actually haven't made any kind of progress ever since😅?
Hi, there was this book that I bought a couple of months ago and was being piled up among other books😅. I took up and have been reading for about a week and I want to share the ideas and some of the lines. Note I haven't read the entire book yet. I may come back and forth and write about the book sporadically. As stated in the intro, this blog is about what I learn, thought, or felt in everyday life. And I found below quote from the book that I think it well states what I'm trying to deal with. もちろんちゃんと"勉強"すれば、一つの答えが手に入るという場合も少なくない。むしろその方が多い。その地点までは人は"勉強"すべきであろう。しかし、人生にとって大事な問題ほど、答えは一つにならない。 Given the above statement, I believe the answer should be in the attempt and the attempt can be in such processes described as below. 私たちはそれぞれの状況で、異なる見方をする誰かと遭遇することで、その都度、違いとその理由を認識する...他者との出会いを通じて、自分が今このときに考えていることについて反省的に考える。こうした経験なしには、私たちは自分の考えを認識することができない...一定の議論と反省のプロセスの結果として、価値は輪郭を現す...そして同時に、いろいろな局面で自分にとって自明であった見方が修正や訂正を必要とすることに気づく。 And I above is what I mean when I say "learn". And this is where reading books comes into my "learn"ing as stated below. 価値をめぐる対立について、学問は一義的な解を与えることはできない。しかし、決断の手前のところで、あるいは決断へと至る過程の重要なところで、貢献できることが学問にはある。 That's it for today's post! By the way, I recently found that Norah Johes is visiting Japan. I always liked her songs and may visit Osaka for the first time.
Recently, I was watching this documentry. It reminded me of this image of myself that I used to had until college. I used to think that I will be working overseas just like any other people around me traveling and working abroad. I didn't expect that I'll be spending all day every day playing around with computers😅. There are couple of lines that I would like to quote from this book that I was reading. Maybe career is just an aggregate of accidental and coincidental events, full of unexpected turns, but they better be, in my opinion, result of something stated below by Inazō Nitobe. 己のいる場所、就ける職業、周囲の要求する義務を、如何に小さくとも、如何につまらなくとも、全く己を尽くし… I believe the above statement can be translated into more broader statement below by Uchimura Kanzō. われわれに後世に遺すものは何もなくとも、われわれに後世の人にこれぞというて覚えられるべきものはなにもなくとも、アノ人はこの世に活きているあいだは真面目なる生涯を送った人である… Maybe job is simply one of many means to an end to the above statement. At the end, something relate to what I took out from 責任と判断, I think its all about what one considers to be 人の人たる道 and live by accordingly. By the way, I used to listen to this playlist while I was in college. It still reminds of those nights with all my homework submitted and just waiting for their due of midnight to come without any kind of stress. It was such a peaceful time haha.
Hi, Today I'll be summerizing this book which I have been reading for about 2 months. I haven't yet read all the second chapter "Judgement" but I thought I should write about the book for now anyway because I thought the chapter one "Reponsibility" was more or less what I have been concerning recently. Maybe I'll come back to the second chapter someday in the future. The book was really worth reading. I'll leave the details of some of popped up thoughts while reading the book to the past posts but the gist of *my* take out is that it gave me a sense of idea what responsible means in respect to to the extent how free we are(please correct if I were wrong). It's that if we were to believe in such freedom, there is a responsibility that we should acknowledge. I can somewhat relate this to Sartre saying his existentialism as "Humanitarian". Believing in such "freedom" leaves little hope in being "man" myself. One more, little off the topic, the book mentions about a boy in p457. It makes me wonder what all these years I will live(d) will mean to me. I have no clue to the question, but for now, I just hope I can live by believing in such freedom and being aware of the entailing responsibility. By the way, while I repeat Every Summertime, seems summer is almost there.
This post will be about little bit of this and that. First I will write about the book that I'm reading right now up to the Chapter One "Responsibility". Let's start by quoting my favorite sentence from the the book as usual. 人間にとっては、過去の事柄について考えることは...自分の根を見出し...時代精神や歴史や単なる誘惑などの出来事によっても押し流されないようになる Related to above statement, one interesting fact that I learned about is that the word "conscience"(良心) stems from "consciousness"(意識). Back in time, the words weren't really distinguished as "conscience" were considered something that comes from "consciousness" as result of being aware of one's self, which implies being aware of what one considers to be good or bad. どんな言語でも良心という語は、もともとは善と悪について知り、判断する能力を指すものではなく、私たちが今意識と呼ぶもの、すなわち私たちが自らを認識し、自覚する能力を指すものでした As I think more and more, it does make sense that the fact those two words weren't distinguished, and still in some language treated as the same. Speaking of language, I was watching this documentry on a episode about translator and below I quoted something that I can relate to myself as of now writing this post. 鍵になりそうな言葉は、ごく基本的な単語でも書き出し、最もふさわしい訳語を見つけていく Currently, I don't have much chance to write English, or even Japanese, but I always try to find the *right* word which conveys the idea that I have in my mind. I always try to be accurate in that sense, not only when I'm writing, but also when I'm reading. Back when I was in college, I used to read Tolstoy or Dostoevsky and I really wanted to get on the originals just because I believed that there are some context that gets lost in translation. Nowadays, I'm little(very) lazy and I'm always reading translated books and making no effort in broadening my vocabulary for my writing(Note that I do spend considerable amount of time for those occasional writing that I do for patches and emails for Linux kernel😂). I'm also well aware that this blog that I write in English doesn't make much sense other than myself. Maybe I should start reading more books in English. That's it for todays post :)
Listening to Tupac makes me feel I'm no longer young in a sense that I am responsible in one way or the other just by taking part in a society. I like the feeling that there actually is something, no matter how trivial that might be, that I can take part and be responsible. Let's see if I can figure this out😉.
Hi! Today I'm writing about this book which I have been reading during lunch break😁. I occasionally mentioned that I have been interested in painting on this blog. This book adds some aspect in how paintings can be perceived *given* historical, religious, etc contexts. Its interesting how the object within the painting can be interpreted differently depending on the contexts. The book gives a couple of paintings as an example, but my definite favorite was the ”潔白の寓意” by アニョーロ・ブロンズィーノ. Also, its such an interesting subject to think about the reasoning behind the first impression you get from paintings. Maybe the impression we get(experience) through paintings doesn't change throughout ages and transcend the value at the time. I think the below quote articulates the point I'm trying to make. It describes the reasoning behind the difference in the impression we get from Impressionism and Expressionism. どんなに主観的な感覚が強調されたとしても、多くの場合、印象派の絵には安心感がある。感覚によって世界は色んな見え方をするとしても、世界そのものが混沌としたカオスであり無秩序であるということは、基本的に想定されていない。逆に言えば、表現主義が出てくるのは、秩序に対する一定の信頼が失われ、人々のあいだで”同じ一つの世界”を共有することが難しくなり、このため自分の内なる”体験”を世界に対して押し付けるしかなくなるからである...表現主義を絵画を観て、不安な、心もとない気持ちになるのは、この意味では当然である - マックス・ウェーバー-近代と格闘した思想家 By the way, fortunately or unfortunately, I recently realized that below is so true😅. 恋はうつくしかろ、孝もうつくしかろ、忠君愛国も結構だろう。然し自身がその局に当たれば利害の旋風に巻き込まれて、うつくしきことにも、結構なことにも、目は眩んでしまう - 草枕
I might be too naive, but I’m starting to think that below might be the only magic that will remain after all. At the end, its all about what you believe in, and the point is you get to choose what to believe in. If there's any kind of magic in this world it must be in the attempt of understanding someone sharing something. I know, it's almost impossible to succeed but who cares really? The answer must be in the attempt. - Before Sunrise
Today I'm writing about this book, as I mentioned in the last post. But this post will be only covering the 1st and little bit of 2nd chapter as I'm still reading the book. Its really worth reading books that addresses the questions that I was trying to ask myself. Sometimes, often these days, books helps me to articulate those questions that have been lingering without being clearly stated. But that doesn't mean that those question has been answered, it only means that I now have a firm grasp of what the question that I'm trying to answer. Below quote might be somewhat related. 懐疑や疑念は、物事を吟味して、自分で決心するために使えるのです...自分のうちの自己とともに生きなければならないことを知っている She also mentions in the book about to what extent man is responsible for his/her judgment as below. Believing in such statement gives some kind of hope but it entails the responsibility at the same time. And it is such responsibility that I hope that I am "capable" of taking. 政治的な問題と道徳的な問題に関しては、服従などというものは存在しないからです...この問題について考え抜いてみれば、私たちはある種の自信と、ときには誇りをもてるようになるでしょう Related to the first quote, there was a below line from this movie. Well, I'm no wise but have a lots of doubts... And I believe what matter is that I figure out my own answers to those doubts along the way. You are wise, because you have doubts By the way, I'm thinking of trip to Europe to see my family. It's been a while since I last traveled abroad, last time was India. I wouldn't be traveling if not for good reason so I'm very looking forward to make this trip happen. I would really like to visit those paintings that were addressed in the book and visit places seen in some of my favorite movies.
Hi, today I'm writing about some of the thoughts that came across while I was reading this book. Note that I'm sure that I will be writing about the book once again in the future as so far I found the book really worth giving thoughts into, especially on some of the topics which I have been thinking regarding to what extent one can be responsible living in a society. But I'll leave that topic to the next post and will write about my thoughts on job for this post. Let me start with quoting from the book. What I found so interesting about the below quote is that because I was't aware of the the kind of reasoning judicial systems are based on and how the judge at the time concluded as such. 判事たちが大きな努力を払って明らかにしたことは、法廷で裁かれているのはシステムではなく、大文字の歴史的な傾向でもなく、何とか主義でもなく、一人の人間なのだということでした。 I believe the below quote describes the very foundation of the belief behind such decision, and I also believe(hope) that below holds true. 人間には感情や自己の利益に左右されずに、合理的に判断を下すことのできるための能力がそなわっている...判断という活動そのものの力で独自の原則を作り出すことができる Back to the topic, the reason I found the first quote so interesting is that because it shows how we can bring(contribute) what each of us believe to be good to society through job. It make me wonder what is it that matters to me the most and what kind of contribution am I making to this world. By the way, as you might have guessed from the past posts, I love music. They somehow provokes, or rather amplifies the emotions and brings me back to the time when I was listening to those songs. They also provoke some dreamy thoughts like where I want to be in the future. Listening to the songs like "Young Folks" and "Suddenly I see" makes me wonder what its like to work in New York✈️. Maybe its only a daydream, but I'm sure I will keep daydreaming of that day working in New York while listening to those songs😅. That's it for today's post.
Hi, Today I'm writing about this essay by Kant. Its a short one but I found many relatable subjects in other books. First let me start by quoting from translator's postscript. 私たちの多くが、すでに経験してきたように、何事も親まかせ、他人まかせであった少年期を出てようやく青年期に入ろうとする頃は、自分の心に様々な疑問が粉起し、しかもこれをなんとか自分に納得いくように解決しなければ満足できない時期である。...そこで私達が眼前の諸問題を”自分で考える”ために、本書に収めたカントの労作を手引きとするならば、これらの諸論文は、若い人達に、”啓蒙”の役割を果たしてくれるに違いないと思うのである。 The enlightment(啓蒙) used here is, as far as I understand, is very similar to what is refered as "Entzauberung(魔法が解ける)" by Max Weber, as explained in this book. As I try to see through things, I occasionally find that things actually does not make sense either that could be a value that I used to hold or the way things are in society. When I realize that whatever I use to hold no longer have a ground within myself, I find "myself" clearer, but at the same time I find myself "What is it then that I can hold on to?". I'm not sure wheather if that's related to what Kant refers to as "Sapere aude", but I do believe in the process of learning and having better understanding of things, which is "Entzauberung" if I were to used the expression. I'm no smart by any means but I always hope that I can believe in what I belive to be right or wrong. And I believe its only possible because, although I know that there are still a lot more to learn, I'm at least trying(to my best) to have better understanding and figure out how things are. As of now writing this post, I'm listening to "Fine By Me" by Andy Grammer. I found the sond very heartwarming and it lifts off some of the weight off my shoulder for some reason. I'm just listening to the song over and over haha. That's it for today's post!
Hi, today I'm writing about my favorite novel, The Great Gatsby by F. Scott Fitzgerald. I read the book for the first time very long time ago. I'm writing this now because it came across while I was reading some books and this documentry. The book have been my favorite just because I only liked the character of Gatsby😅. But while I was reading this book, there was below which describes what the novel was trying to convey, what we can take out from the novel. フィッツジェラルドもギャッツビーとデイジーに託して相克する二つのビジョンの物語を書く。そして高度化する資本主義社会の空虚さに目を向けながら、かつての理想の喪失を語ろうとするとき、この二人の眼差しは交差する。 I wasn't aware of the contrast it was trying to depict, which is the world(or value) before and during the 1920's of America. It makes me feel strange(little sad one?) when such a contrast "can" be depicted so clearly over two "individual"s. It reminds that I'm part of society, I'm no exception. Which makes me wonder what is like to be in a society, the kind of society that am I living. Below is a quote from this book that I'm reading right now. Althought the book is about paintings, I think the same can be said to novel, as it conveys the essense of the time and society the author is living, and we can see his or her individuality living in that society. いかなる純粋絵画であっても、時代と文化の文脈を逃れることはできない。...すぐれた作品には必ず解釈ができる。すぐれた作品とは、画家の精神の中枢から創造されているからである。 By the way, thinking of such things makes me a little curious if AI can create an art😆. In my opinion, wheather that be a novel or painting, I think its only possible if AI could become an individual living(experiencing) in a society, meaning that having the experience that is truely unique to that AI just like us living in the same society but different life. I think such an uniqueness as individual is what makes art an art. That's it for today's post!
Hi, Today I wanted to make a brief post, its new year! Let's start with some tech stuff that I hope to do this year. Threre are many things I want to do related to Linux kernel, as always :). I'm currently enjoying studying locking, scheduler, interrupt and defferring related subjects like softirq. There are mostly related to preemptivity and I found it such an interenting and complicated(in a fun sense) to look into. Printk is a subsystem that I found quite interesting that involves all of what listed. Lets see how it goes😆. And most importantly, I found that taking part in the community is the exciting part and where I learn the most, and I just really want enjoy it! Secondly, speaking of more in general, I hope I can be more honest to my dreams, opinion and essentially to myself. I often feel lost and confused unabled to sort things out, leads to some kind of loneliness something that I have to face, "only" I can face. But note that its not anxiety that I am feeling. I found below quote while I was reading this book as something that I can relate to. No power transcending man can make a moral claim upon him. Man is responsible to himself for gaining or losing his life... no one can help him but he himself. (Man for Himself) I'm not sure if this is something that can be get rid of, but reading books and thinking to myself and having my point of view clearer gives some sense of direction and confidence in living life. For me, honesty comes from having such sense of direction that I can truely believe and living accordingly. Maybe it's because I always keep telling myself "Why'd you have to go and make things so complicated?"🎵. This might sounds a lot but essentially I just simply want enjoy what 2025 has to bring. See you in the next post!
Hi! Today I am sharing some of the books I read this year which struck me, those I found worth giving thoughts into. - Z世代化する社会 by 舟津 昌平 - マック・ウェーバー 近代と格闘した思想家 by 野口雅弘 - 知ってるつもり 無知の科学 by スティーブン・スローマン・フィリップ・ファーンバック - 二十世紀と格闘した先人たち by 寺島 実郎 I learned many things trying out new things, meeting new people throughout the year. When you get out, you will learn something better than you used to, or maybe you will realize that there exists some aspects in things that you didn't even know that existed. One thing that I believe import is that you know what you know, and more importantly, knowing what you don't know. There are always things that you take it for granted, assuming(never even bother to think about) that always stands true. It could be a knowledge in science or a value you hold in which shared among the society you live in. The books I listed above gave me some insights into how I am perceiving the world, and how "I" believe the world should be perceived. Being aware of where I stand in the society, the value I am holding, or the job I am given and thinking how I am taking part in the world is something that I feel responsible. I want always to be grateful for the people around me, never stop learning and be aware there are still a lot more to learn about out in this world, but at the same time, why not Thank heaven for little illusions which makes this world a little more hopeful and beautiful place to believe in ;). By the way, although I'm always on Linux kernel, I might be writing more of book reviews and less tech stuff haha.
Hi! As the end of this year is almost there, I'm writing some of the stuff that came across my mind reflecting over this year. I was reading an article about snoopy last week, as Charles M. Schulz's birthday was November 26, and I learned this "Oh Good Grief!" and what it is trying to convey. 『ピーナッツ』は子どものダメ、できない、困ったという心の悩み、葛藤をどう乗り越えるかを一貫したテーマとし、それは登場人物が頻繁に発する「Good grief」(やれやれ、困った、お手上げだよ)という台詞にも現れている。 quote from wikipedia If I were to summarize this year, it was a year full of "Oh Good Grief!" moment. I had this moments in both in job and social life, might had more in social life though. Everytime I encountered this "Oh Good Grief!", either in job or social life, I tried to accept the result(how it turned out) as they were all result of choices made by myself. But things can't be overcame so easily haha. I was either lingering on regret or trying making sense out of the mistakes. One thing I learned(at least what I take it for now) is that its not always about coming up with solution, but its about facing it and understanding more clearly how things are. It might not solve the issue, but at least you will have better understanding of the situation you are in which gives you better insight into how you should face it. Now I'm 26, which for some reason makes me feel I should be more responsible for whatever I do😉. Luckly, working on Linux kernel and being part of it, however small the contribution might be, makes me feel at least I'm make this world a little better place. I know there are more to think about, but its something that I should always keep in mind that its so greatful to have such thing in life.
Hi! I wanted to share something that I have been looking into related to Realtime kernel. RT kernel is a kernel which aims to achieve low latency for process scheduling. One of its application is audio and I'm trying to see how it benefits from RT kernel. Below is the setup that I'm currently working on. Machine: Mac M2 (which I bought it recently, it runs on Linux😆) Audio Editor: Ardour Although I'm still trying to understand how Ardour and audio input devices work, today I went to my friend's place who plays guitar to see how it works. It was quite intersting to see his setup, especially the audio interface which converts sound signals from guitar into digital bits so that PCs can do interesting suff (please correct me if I were wrong...). I am not yet ready to do any kind of testing(benchmarking?), but my guess is that higher the frequency you try to capture, you will need a kernel with a lower latency! By the way, besides playing around with guitar, Today I made a strawberry pi for the first time. I tasted ok but yet there remained a room for improvement. Maybe I can give another try next week😋. See you on the next post!
Hi, I just wanted to make a brief post (its new year). At the end of the last year, I was on travel to India, the country I always wanted to visit since college(couldn't due to covid). During the trip, I had a serious food poisoning. But I still consider it was a great trip(even though I still haven't had curry ever since I got back) and I am already looking forward to the next trip to India(喉元過ぎれば熱さ忘れる). I had a good time giving time for myself to think about this and that. Throughout the last year, I was trying to figure out this and that, and I believe now I at least have a direction. And I just feel so greatful, given the chance to pursuit what I want.
Hi, recently I have been looking into how user processes are prepared. Today's post is about the how user process and thread are being prepared in terms of allocated memory.
When a new process or thread being created, it calls clone system call. If you want to create a thread, you can pass CLONE_VM flag to the system call. One of the difference between a process and thread is that wheather it shares its memory space or not. The latter does but the former does not, and today's post is about looking into this difference.
In order to see the difference, I prepared a program which ① the parents process assignes a variable with 5, and ② the cloned child process rewrites the variable with 10. The difference mentioned earlier can be seen at the ② point.
Let's first see how the process looks like. Below shows that the PID 1628 is the parent and the 1629 is the child.
crash> ps | grep clone
1628 1601 0 ffff94fd4a271c80 IN 0.1 2628 1336 clone
1629 1628 0 ffff94fd4123b900 IN 0.1 2628 884 clone
crash>
Now let's take a look at the physical address correspoding to the variable's virtual address which is 0x404068. You can see the corresponding physical address is 17bfe068. As expected, the value at the address is still 5 as the child process does not share the address space.
crash> vtop -c ffff94fd4a271c80 404068
VIRTUAL PHYSICAL
404068 17bfe068
...
crash> rd -p 17bfe068 10
17bfe068: 0000000000000005 00000000014b72b0 .........rK.....
...
crash>
However, if you take a look at the threading, you will see the varible is now changed as the child shares the same address space and rewrites the variable.
crash> ps | grep clone
1714 1601 0 ffff94fd44e2d580 IN 0.1 2628 1396 clone
1715 1714 0 ffff94fd41291c80 IN 0.1 2628 964 clone
crash> vtop -c ffff94fd44e2d580 404068
VIRTUAL PHYSICAL
404068 1161e068
...
crash> rd -p 1161e068 10
1161e068: 000000000000000a 00000000004c32b0 .........2L.....
...
crash>
That's it for the today's post. Note that I used x86 for this experiment as vtop on arm64(below) did not work. I wonder why🤔. Might be fun looking into it.
crash> vtop -c 11884 aaaae706c84c
VIRTUAL PHYSICAL
vtop: invalid structure member offset: mm_struct_mmap
FILE: memory.c LINE: 4007 FUNCTION: vm_area_dump()
[/usr/bin/crash] error trace: aaaae706c84c => aaaae706456c => aaaae7101180 => aaaae71010ec
vtop: invalid structure member offset: mm_struct_mmap
FILE: memory.c LINE: 4007 FUNCTION: vm_area_dump()
crash>
Hi, I wanted make a post on how the first process gets initiated as I have been playing around with qemu recently. Specifically, I will describe how the parameters below lead to the /sbin/init, which has the pid of 1.
admin@ip-10-0-16-6:~/busybox/busybox$ qemu-system-aarch64 -M virt -cpu cortex-a72 -m 1024 -kernel /boot/vmlinuz-6.1.0-13-cloud-arm64 -initrd /home/admin/busybox/busybox/rootfs -append "root=/dev/ram0 rdinit=/sbin/init nokaslr" -nographic
Let's start with the source code. After the kernel finishes the initilization of this and that, it gets ready for the first process and calls rest_init. The function inits the rest and calls kernel_init, and then run_init_process gets called.
Now back to the arguments and see what it's doing. If you take a look at the man page of initrd, it says that -initrd gets uncompressed onto the /dev/ram0, which then mounted as the inital root file system. Here I found little confusing is that if you specify root as /dev/ram0, the initial root file system, which is /dev/ram0, will remain as the normal root file system.
Let's make sure that the first run_init_process is the one being called for initiating the first process in the case of using /dev/ram0 as the normal root file system. Here you can see that the execute_command has /sbin/init, the program specifed by rdinit from the normal root file system which now is the /dev/ram0.
(gdb) print ramdisk_execute_command
$1 = 0xffff00003fdf0196 "/sbin/init"
(gdb) print execute_command
$2 = 0x0
(gdb)
By the way, don't forget to specify "nokaslr" for the boot parameter. Otherwise, break points won't work😑. That is it for this post!
I have been trying to understand how systemtap works. And I want to share some of the things I studied about systemtap, or kprobe which systemtap uses internally.
When you register a handler through kprobe, it inserts brk instruction at the specified offset from the chosen symbol as shown below. You can find the sample program I used for testing kprobe here.
┌──(kali㉿kali-raspberry-pi)-[~/proper-version-name/dumpable-kernel]
└─$ sudo crash ./vmlinux
crash> dis cpus_are_stuck_in_kernel
0xffffffe9258290a4
Once it reaches the brk instruction, it triggers an el1 synchronous exception. In the case of brk instruction, EC will set to 0x3C and will call el1_dbg.
Where I found interesting is how brk_handler gets called. When I was first reading the source code, I thought brk_early64 is the one which gets called. However, tracing the functions showed that brk_handler is the one which was actually being called. Note that some of the functions doesn't appear because they are inlined...
┌──(kali㉿kali-raspberry-pi)-[~/systemtap/kprobe_observation]
└─$ sudo trace-cmd report -i trace.dat | grep "kexec_\|kimage_\|cpus_are_stuck_in_kernel\|do_debug_exception\|early_brk64\|do_bad\|brk_handler\|debug_exception_enter\|debug_exception_exit"
...
kexec-1060 [000] 246.092881: function: do_debug_exception
kexec-1060 [000] 246.092884: function: brk_handler
In addition, I found that the entry for the early_brk64 is replaced with brk_handler🤨.
crash> rd debug_fault_info
ffffffe926d6a168: ffffffe925831fe4 ...%....
crash> struct fault_info ffffffe926d6a168 10
fn = 0xffffffe925831fe4
If you trace back the brk_handler, you will find how this replacement happens. During the initialization, trap_init replaces the early_brk64 with brk_handler for the reason which I haven't found yet... That is it for today's post!
When I was trying to kexec on my RPI4, I had trouble loading the image. I remember that in order to diagnose the problem, I inserted bunch of printks to understand what was going on. Today I am writing about these 2 tools I recently started looking into which are used for debugging, maybe not just for debugging, called trace-cmd and systemtap.
Recalling back when I was tackling the problem of kexec not loading the image, my first approach was to strace kexec and trace the associated system calls. It looked something like below.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo strace kexec -l /boot/kdumpv07222023.img --reuse-cmdline
...
kexec_load(0x2c9e6a0, 3, [{buf=0x7ff3c37010, bufsz=22475264, mem=0x1600000, memsz=23658496}, {buf=0x55555b7850, bufsz=55722, mem=0x2c90000, memsz=57344}, {buf=0x55555c57b0, bufsz=13656, mem=0x2c9e000, memsz=16384}], KEXEC_ARCH_AARCH64) = -1 EBUSY (Device or resource busy)
From what the strace above gave me, I started looking into the source code and inserted pritnks to see which functions are being called and what they are returning. Very clever haha🙃.
But now equipped with trace-cmd and systemtap, I think I'm released from this flooding of prinks, Phew... Let's say that I want to know which functions are being called. Considering the above case, I can use trace-cmd to trace all the functions being called and decide which of them might be the one that I am interested in.
┌──(kali㉿kali-raspberry-pi)-[~/systemtap]
└─$ trace-cmd report -i ebusy.dat | grep "kexec_\|kimage_\|cpus_are_stuck_in_kernel"
kexec-945 [000] 100.885692: function: kexec_image_load_default
...
kexec-945 [000] 100.886629: function: machine_kexec_prepare
kexec-945 [000] 100.886631: function: cpus_are_stuck_in_kernel
kexec-945 [000] 100.887281: function: kimage_free
...
When the system call for loading the kexec image is called, it calles either of kexec_load or kexec_file_load. The EBUSY error is returned by its sanity check which is handle by the cpus_are_stuck_in_kernel show above. You can guess that the cpus_are_stuck_in_kernel is the one that we are interested by reading the source code as the subsequent function are not being called.
https://github.com/raspberrypi/linux/blob/rpi-6.1.y/kernel/kexec_file.c#L368
https://github.com/raspberrypi/linux/blob/rpi-6.1.y/arch/arm64/kernel/machine_kexec.c#L70
https://github.com/raspberrypi/linux/blob/rpi-6.1.y/arch/arm64/kernel/smp.c#L1093
In order to make sure that cpus_are_stuck_in_kernel is the one preventing from loading the image, let's take a look at what its return value is. Here we can use systemtap, and below indeed shows the return value is EBUSY(-16).
┌──(kali㉿kali-raspberry-pi)-[~/systemtap]
└─$ sudo stap -v kexec.stp
Pass 1: parsed user script and 471 library scripts using 115208virt/100712res/6596shr/94160data kb, in 1860usr/360sys/2232real ms.
Pass 2: analyzed script: 1 probe, 2 functions, 0 embeds, 0 globals using 174920virt/161736res/7860shr/153872data kb, in 6930usr/700sys/7637real ms.
Pass 3: using cached /root/.systemtap/cache/07/stap_0744f24e121f251cab8e1f8c2089a20b_1355.c
Pass 4: using cached /root/.systemtap/cache/07/stap_0744f24e121f251cab8e1f8c2089a20b_1355.ko
Pass 5: starting run.
machine_kexec_prepare returned -16
Pass 5: run completed in 70usr/670sys/49763real ms.
I feel that what systemtap does is soo magical. And I'm not really comfortable using magic... Next I might look into how systemtap does its magic💡.
Hi! Today's post is about perf which is a tool I recently started looking into. perf monitors hardware/software events and is used for performace analysis. I have only started looking into the tool and haven't yet explored what its capable of but I will share something I found interesting about the tool for this post.
If you take a look at how perf collects hardware/software events, you will find that there is a hardware(Performance Monitoring Unit) dedicated for monitoring the system. PMU sends interrupts to check in the time(?) spent on CPU at function level. Here I will share the result of "perf top" on RPI4(arm64).
Samples: 10K of event 'cycles', 4000 Hz, Event count (approx.): 291421676 lost: 0/0 drop: 0/0
Overhead Shared Object Symbol
16.40% [kernel] [k] _raw_spin_unlock_irqrestore
7.16% [kernel] [k] finish_task_switch.isra.0
7.14% [kernel] [k] arch_counter_get_cntpct
4.03% [kernel] [k] _raw_spin_unlock_irq
3.60% [kernel] [k] _raw_read_unlock_irqr
And here is the result of "perf top" on Optiplex(x86).
Samples: 10K of event 'cycles', 4000 Hz, Event count (approx.): 297333264 lost: 0/0 drop: 0/0
Overhead Shared Object Symbol
4.45% [kernel] [k] native_sched_clock
1.88% perf [.] dso__find_symbol
1.64% perf [.] io__get_char
1.61% perf [.] rb_next
1.59% [kernel] [k] menu_select
...
One thing to note here is that you can see _raw_spin_unlock_irqrestore is spending a lot time on RPI4(arm64) unlike Optiplex(x86). If you recall that currently arm64 does not support NMI-like inturrupt, it's clear that why perf is showing such high overhead for _raw_spin_unlock_irqrestore.
Below shows the RPI4(arm64) and Optiplex(x86)'s interrupts triggered by PMU which is used for collecting data shown on "perf top". As Optiplex(x86)'s PMU uses NMI unlike RPI4(arm64), whenever it interrupts, its the exact function that is currently running at the moment. However, in the case of RPI4(arm64), the interrupts generated by PMU has the same priority as the currently runnning interrupt and needs to wait until it releases by calling _raw_spin_unlock_irqrestore.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ cat /proc/interrupts
CPU0 CPU1 CPU2 CPU3
...
29: 4111 0 0 0 GICv2 48 Level arm-pmu
30: 0 6871 0 0 GICv2 49 Level arm-pmu
31: 0 0 3374 0 GICv2 50 Level arm-pmu
32: 0 0 0 533 GICv2 51 Level arm-pmu
ryo@ryo-OptiPlex-3020:~$ cat /proc/interrupts
CPU0 CPU1 CPU2 CPU3
...
NMI: 7723 9494 7256 6888 Non-maskable interrupts
...
PMI: 7723 9494 7256 6888 Performance monitoring interrupts
That's it for this post. It's fun to take a look at different architecture other than arm64. It helps to deepen your understanding of cantain features(like interrupts) by making a comparison🧐.
I also wanted to share that I decided to make the memos private. Instead, my plan is to make posts more often here on this blog, See you on the next post!
Hi, today I will be posting about exceptions which is the subject I found very fun and interesting as it requires a good understanding of hardware along with the linux source code. I've yet only started exploring the subject but I'll share some of the stuff I've learned so far.
There are many situations that can trigger an exception such as system call, packet reception, etc... But for this post, I will specifically focus in the case of null pointer dereference😏.
As the MMU translation fault is an synchronous exception, it referes to the table and calls el1h_64_sync.
Whenever an exception is triggered, it saves the state of registers by storing them on the stack and passes the sp to the subsequent functions. You can see how el1h_64_sync stores the registers on the stack here.
crash> disas el1h_64_sync
Dump of assembler code for function el1h_64_sync:
0xffffffe8e681121c <+0>: stp x0, x1, [sp]
0xffffffe8e6811220 <+4>: stp x2, x3, [sp, #16]
...
0xffffffe8e6811278 <+92>: mov x0, sp
0xffffffe8e681127c <+96>: bl 0xffffffe8e739f080
After el1h_64_sync has done its job, in the case of null pointer dereference, it calles el1_abort by refereing to the ESR reigster which is 0x25. Then el1_abort refers to this table defined as fault_info which is used to trigger the appropriate handlers based on ESR register. The handler will be called based on the offset from the fault_info. In the case of Null pointer dereference, do_translation_fault will be triggered.
crash> sym fault_info
ffffffe833bcb000 (d) fault_info
crash> sym do_translation_fault
ffffffe833bae0b4 (t) do_translation_fault
crash> rd ffffffe833bcb000 0x20
ffffffe833bcb000: ffffffe8330377a0 0000008000000009 .w.3............
ffffffe833bcb010: ffffffe833e18a80 ffffffe8330377a0 ...3.....w.3....
ffffffe833bcb020: 0000008000000009 ffffffe833e18a98 ...........3....
ffffffe833bcb030: ffffffe8330377a0 0000008000000009 .w.3............
ffffffe833bcb040: ffffffe833e18ab8 ffffffe8330377a0 ...3.....w.3....
ffffffe833bcb050: 0000008000000009 ffffffe833e18ad8 ...........3....
ffffffe833bcb060: ffffffe833bae0b4 000000010000000b ...3............
ffffffe833bcb070: ffffffe833e18af8 ...
After the call of do_translation_fault, it simply calls functions accordingly. One thing to note is that once it gets to die, you can see that it won't panic unless you enable CONFIG_PANIC_ON_OOPS. That's it for this post! I will be digging deeper into this subject and might be sharing them here as well✍️.
Hi, last post I made was about "task_struct" which is used to manage tasks and I wrote little bit about how stacks are associated. In this post, I will share how to read a stack to trace the functions being called from a register being dumped at the moment of panic.
Here is an example of a dumped register that you will see in the event of panic. The registers of interest are frame pointer(x29) and program counter(x30).
[ 340.163740] pc : machine_kexec+0x44/0x200
[ 340.163757] lr : machine_kexec+0x44/0x200
[ 340.163773] sp : ffffffc00a963b50
[ 340.163782] x29: ffffffc00a963b50 x28: ffffff80bc6f3e00 x27: 0000000000000000
...
[ 340.163982] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffffff80bc6f3e00
In ARM64, whenever you branch(bl) to a new function, the instruction below gets called. It stores the fp and pc at the address where sp plus offset points to. As a result, fp is pointing at the address of the previous frame and it enables to track frames in a linked list fashion.
stp x29, x30, [sp, offset]!
Now let's take a look at the actual stack. I won't dump the entire stack👾, but take a look here if interested.
If you start from ffffffc00a963b50(X29), you will get a list of fps shown below.
ffffffc00a963b50
ffffffc00a963b80
ffffffc00a963d10
ffffffc00a963df0
ffffffc00a963e00
ffffffc00a963e30
ffffffc00a963e70
ffffffc00a963e80
ffffffc00a963ea0
ffffffc00a963fe0
0000000000000000
And as you can see from the stp instruction, the return addresses which points to the functions that we are intrested in, are on the stack right next to the fps. If we trace the addresses on the stack next to the fps and look up the associated functions, we get the backtrace.
crash> sym ffffffdefb15fa74
ffffffdefb15fa74 (T) __crash_kexec+164
ffffffdefbb8dd14 (T) panic+444
ffffffdefb0aaef0 (T) __arm64_sys_p4ni9+64
ffffffdefb029a60 (t) invoke_syscall+80
ffffffdefb029b9c (t) el0_svc_common+108
ffffffdefb029c98 (T) do_el0_svc+56
ffffffdefbb9b9d4 (t) el0_svc+48
ffffffdefbb9be28 (T) el0t_64_sync_handler+244
ffffffdefb011548 (t) el0t_64_sync+396
As you can see, this trace show that the panic was triggered by an user space exception. For the next post, I will write about how excpetions are triggered and how they work😉.
Hi, I have been working on kernel dump which works after the call of panic(). Along the way, I learned a lot about kernel basics and I decided to share some of them here as my memos are getting quite messy.
For this post, I will share how kernel manages tasks using the structure task_struct. You can find the source below.
https://elixir.bootlin.com/linux/latest/source/arch/arm64/include/asm/thread_info.h#L24
Here is an example of the task "Softwar~cThread" running at the moement of panic. You can see the struct task_struct has an address of ffffff805ea4be00 given at "TASK".
crash> bt -c 1
PID: 2132 TASK: ffffff805ea4be00 CPU: 1 COMMAND: "Softwar~cThread"
#0 [ffffffc00800bd60] crash_save_cpu at ffffffdefb15ff60
...
If you look at the definition of task_struct, there are some members that might be interesting to take a look at. The member that caught my attention is stack which points to the stack for the task.
crash> struct task_struct ffffff805ea4be00
struct task_struct {
thread_info = {
...
},
__state = 0,
stack = 0xffffffc00a110000,
If you take a look at the memory where the "stack" points at, you can see the exact stack at the moment of panic.
crash> rd ffffffc00a110000 0x1FFF
ffffffc00a110000: 0000000057ac6e9d 0000000000000000 .n.W............
ffffffc00a110010: 0000000000000000 0000000000000000 ................
ffffffc00a110020: 0000000000000000 0000000000000000 ................
...
ffffffc00a113f90: 0000007f5869bfa0 0000007f5eb5e100 ..iX.......^....
ffffffc00a113fa0: 0000007ff7c1d8a8 0000007f5eb5e100 ...........^....
ffffffc00a113fb0: 0000007ff7c1d8d4 0000000080000000 ................
ffffffc00a113fc0: 0000007feb8f2194 0000000000000062 .!......b.......
ffffffc00a113fd0: 0000000000000000 0000000000000000 ................
ffffffc00a113fe0: 0000000000000000 0000000000000000 ................
ffffffc00a113ff0: 0000000000000000 0000000000000000 rd: invalid kernel virtual address: ffffffc00a114000 type: "64-bit KVADDR"
crash>
One thing that I could't figure out is that I don't see thread_info at the bottom of the stack. I read a lot of articles explaining that each stack has a thread_info at its bottom... Maybe I should look deeper into how tasks are scheduled and stacks gets prepared😎.
Hi, I wanted to share something that I have been working on along with the networking stack, kernel crash dump. The reason why started working on the subject is because I quite often got stuck on debugging kernel panic and I need a tool besides inserting bunch of printks😅.
Along the way, I tried many different approches I found online and I finally made a kernel with functioning kexec in the event of kernel panic. Here is the source code that I prepared for ARM64(Raspberry Pi 4).
https://github.com/ryofslife/dumpable-kernel
You can find the details of implementation and all the researches that I have done here.
https://scrapbox.io/ryozioput/
I removed some parts of the code from the original source and added a system call which triggers a kernel panic for testing the kexec rebooting of the loaded kernel.
Besides the coding, I will share some of the tunings that you have to do if you want to enable kexec on Raspberry Pi(quad-core, 4GB RAM).
First, you have to make sure that you have reserved enough memory for the loaded kernel. You can check memory info on /proc/meminfo and estimate how much memory your system will need. If the memory you reserved was too small, it will hang and never boot up. For my system, 512MB was enough to get away with the boot up process. You might need more if you are running additional processes after the boot up.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ dmesg | grep crash
[ 0.000000] crashkernel reserved: 0x000000000ac00000 - 0x000000002ac00000 (512 MB)
[ 0.000000] Kernel command line: coherent_pool=1M 8250.nr_uarts=0 snd_bcm2835.enable_headphones=0 snd_bcm2835.enable_headphones=1 snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=1824 bcm2708_fb.fbheight=984 bcm2708_fb.fbswap=1 smsc95xx.macaddr=E4:5F:01:D3:5B:D9 vc_mem.mem_base=0x3eb00000 vc_mem.mem_size=0x3ff00000 console=ttyS0,115200 console=tty1 root=PARTUUID=59536845-02 rootfstype=ext4 fsck.repair=yes rootwait net.ifnames=0 crashkernel=512M maxcpus=1
Another tip is that kexec did not work on multi-core mode at least on Raspberry Pi 4. Some of the changes that I made on the source code is that I disable the check against the number of running cores so that it can load the image regardless of the number of cores on the system. You can see that the maxcpu is set 1 on the above log from the dmesg.
I learned a lot from the process of preparing kexec and I enjoyed it. Kernel crash dump is such an insteresting subject, and I might be digging deeper into it👾.
Hi, today I wanted to make a short post that I now have a working kernel built-in ARP(reply) stack😎. Although the stack can't yet handle ARP request, my stack is now able to receive packets from local peers! Here are the output showing the windows sending arp request and raspberry pi (my stack!) replying to the request.
C:\WINDOWS\system32>arp -a
Interface: 192.168.10.2 --- 0x8
Internet Address Physical Address Type
192.168.10.1 fc-99-47-12-26-7a dynamic
192.168.10.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
Interface: 172.21.176.1 --- 0x2b
Internet Address Physical Address Type
172.21.179.85 00-15-5d-4a-0e-39 dynamic
172.21.191.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
224.0.1.60 01-00-5e-00-01-3c static
239.255.255.250 01-00-5e-7f-ff-fa static
C:\WINDOWS\system32>ping 192.168.10.3
Pinging 192.168.10.3 with 32 bytes of data:
Request timed out.
Ping statistics for 192.168.10.3:
Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
Control-C
^C
C:\WINDOWS\system32>
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ dmesg | grep my_arp_rcv
[ 93.757253] my_arp_rcv(): address of skb 00000000f1642941
[ 93.757324] my_arp_rcv(): address of arp header0000000063ca06a6
[ 93.757349] my_arp_rcv(): sender IP address of 34252992
[ 93.757371] my_arp_rcv(): target IP address of 51030208
[ 93.757391] my_arp_rcv(): the arp requsest is for IP protocol
[ 93.757430] my_arp_rcv(): found matching ip interface
[ 93.757484] my_arp_rcv(): successfully sent an arp response
C:\WINDOWS\system32>arp -a
Interface: 192.168.10.2 --- 0x8
Internet Address Physical Address Type
192.168.10.1 fc-99-47-12-26-7a dynamic
192.168.10.3 e4-5f-01-d3-5b-d9 dynamic --> here the entry is added, fc-99-47-12-26-7a is the MAC of pi
192.168.10.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
Interface: 172.21.176.1 --- 0x2b
Internet Address Physical Address Type
172.21.179.85 00-15-5d-4a-0e-39 dynamic
172.21.191.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
224.0.1.60 01-00-5e-00-01-3c static
239.255.255.250 01-00-5e-7f-ff-fa static
C:\WINDOWS\system32>
I recently started this service called scrapbox.io for keeping all the notes taken while I build my programs. Below is the link to the note while I was doing some debuggings for this arp reply stack.
https://scrapbox.io/everydaymemo/arpリプライのデバッグ
Hi! There is this holiday called Golden Week in Japan. It is a week long holiday and I wanted to share this project I was working on for almost 12/7😅. Its about building your own networking stack from device(using TAP) to socket. It is a great project for those who want to understand how OS networking stack works behind the Linux kernel. Below is the github link I was following along the project.
https://github.com/pandax381/microps
https://github.com/sititou70/klab-protocol-stack-tutorial
I've gone through each stack and it really deepened my understanding of how OS handles data arriving to its physical devices and sending all the way up to sockets assigned to each application. I am thinking of sharing some of the key concepts of each stack and how they passes data to each other in the future posts! For today's post, I just wanted to share a modification that I made from the original program regarding the TCP stack. I enabled the TCP stack to be able to establish a active connection to a server on the internet and fetch some random content. Of course, the established connection can't just abandon the connection😏. It has to participate in the process of terminating connection passively. I modified the code to complete the entire procedure of such TCP connection. Below is the log from the local program, the one uses the DIY network stack.
00:18:18.434 [D] tcp_open_rfc793: connection established: local=192.0.2.2:7, foreign=194.195.86.83:8080 (tcp.c:1172)
00:18:18.434 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=100 (payload=80) (tcp.c:417)
src: 7
dst: 8080
seq: 1804289384
ack: 3543150099
off: 0x50 (20)
flg: 0x18 (---AP---)
wnd: 65535
sum: 0x30fe
up: 0
00:18:18.434 [D] ip_output_core: dev=net1, iface=192.0.2.2, protocol=TCP(0x06), len=120 (ip.c:477)
vhl: 0x45 [v: 4, hl: 5 (20)]
tos: 0x00
total: 120 (payload: 100)
id: 131
offset: 0x0000 [flags=0, offset=0]
ttl: 255
protocol: 6 (TCP)
sum: 0xdfe3 (0xdfe3)
src: 192.0.2.2
dst: 194.195.86.83
00:18:18.435 [D] arp_resolve: resolved, pa=192.0.2.1, ha=8e:6e:37:e9:d1:92 (arp.c:357)
00:18:18.435 [D] net_device_output: dev=net1, type=IP(0x0800), len=120 (net.c:189)
00:18:18.435 [D] ether_transmit_helper: dev=net1, type=IP(0x0800), len=134 (ether.c:108)
src: 00:00:5e:00:53:01
dst: 8e:6e:37:e9:d1:92
type: 0x0800 (IP)
Data with the size of 80 was sent. Closing the connection.
...
00:18:18.562 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=67 (payload=47) (tcp.c:996)
src: 8080
dst: 7
seq: 3543150099
ack: 1804289464
off: 0x50 (20)
flg: 0x18 (---AP---)
wnd: 29200
sum: 0xc768
up: 0
+------+-------------------------------------------------+------------------+
| 0000 | 48 54 54 50 2f 31 2e 31 20 34 30 30 20 42 61 64 | HTTP/1.1 400 Bad |
| 0010 | 20 52 65 71 75 65 73 74 0d 0a 43 6f 6e 6e 65 63 | Request..Connec |
| 0020 | 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a | tion: close.... |
+------+-------------------------------------------------+------------------+
00:18:18.562 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7
dst: 8080
seq: 1804289464
ack: 3543150146
off: 0x50 (20)
flg: 0x10 (---A----)
wnd: 65488
sum: 0x029d
up: 0
...
00:18:18.565 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=20 (payload=0) (tcp.c:996)
src: 8080
dst: 7
seq: 3543150146
ack: 1804289464
off: 0x50 (20)
flg: 0x11 (---A---F)
wnd: 29200
sum: 0x905c
up: 0
00:18:18.565 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7
dst: 8080
seq: 1804289464
ack: 3543150147
off: 0x50 (20)
flg: 0x10 (---A----)
wnd: 65535
sum: 0x026d
up: 0
...
00:18:18.565 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7
dst: 8080
seq: 1804289464
ack: 3543150147
off: 0x50 (20)
flg: 0x11 (---A---F)
wnd: 65535
sum: 0x026c
up: 0
...
00:18:18.689 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=20 (payload=0) (tcp.c:996)
src: 8080
dst: 7
seq: 3543150147
ack: 1804289465
off: 0x50 (20)
flg: 0x10 (---A----)
wnd: 29200
sum: 0x905b
up: 0
Connection is closed passively.
And here is the log from my web server hosting this web site. By comparing the logs, you can see that the TCP 3 way handshake at the beginning actively initiated by the local program of mine. At the end, the server is the one that initiating the termination of the connection as it has finished sending all the data, which in this case is a "400 Bad Request".... I made few modification on the program so that the local program can handle the state transition associated with the active establishment and the passive termination of a connection.
root@ryofslife:~# tcpdump src host 180.56.119.152 -vvv
...
15:18:18.426463 IP (tos 0x48, ttl 233, id 129, offset 0, flags [none], proto TCP (6), length 40)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [S], cksum 0xaed7 (correct), seq 1804289383, win 65535, length 0
...
15:18:18.550721 IP (tos 0x48, ttl 233, id 130, offset 0, flags [none], proto TCP (6), length 40)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad84 (correct), seq 1804289384, ack 3543150099, win 65535, length 0
...
15:18:18.554528 IP (tos 0x48, ttl 233, id 131, offset 0, flags [none], proto TCP (6), length 120)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [P.], cksum 0xdb95 (correct), seq 0:80, ack 1, win 65535, length 80: HTTP, length: 80
GET / HTTP/1.1
...
15:18:18.679744 IP (tos 0x48, ttl 233, id 132, offset 0, flags [none], proto TCP (6), length 40)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad34 (correct), seq 80, ack 48, win 65488, length 0
...
15:18:18.682063 IP (tos 0x48, ttl 233, id 133, offset 0, flags [none], proto TCP (6), length 40)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad04 (correct), seq 80, ack 49, win 65535, length 0
15:18:18.682646 IP (tos 0x48, ttl 233, id 134, offset 0, flags [none], proto TCP (6), length 40)
p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [F.], cksum 0xad03 (correct), seq 80, ack 49, win 65535, length 0
15:18:18.683615 IP (tos 0x48, ttl 43, id 54157, offset 0, flags [none], proto TCP (6), length 52)
I am thinking of sharing the code on my github once done fixing little bits and pieces😎. Anyways, wish you all have a great week! See in the next post!!
Hi! I have been working on my lab and wanted to share its physical and logical topology. I think I made a huge improvement on the diagram compared to the last one from an aesthetic point of view😎. Here is the logical topology. There are networks connected by BGP and I prepared a local network for each one of them. All the three local networks are reachable from each other as they advertise their local network to their peers. Among the three routers, I installed netem to the VyOS so that I can simulate some of the WAN characteristics like latency and packet loss.
And here is the physical setup and topology of my lab. I used two L2 switches to connect three routers and to prepare a local network for each of the routers.
I recently took a simple benchmark regarding bandwidth and latency using this lab setup. It's great have an environment where you can gets your hands dirty😏. See you in the next post!
Hi! I've been running out of cables for my lab and I decided to make one by myself from a 15m CAT 6 ethernet cable which I got from my local store for about $10. I had to make 4 attempts to finally get a working cable and here are the mistakes that I made. Hope it helps someone who is trying to do the same thing😅.
First attempt, the pin for white/orange wire were not properly attached.
It is also not looking good as the cable sheet is too short for the plug😂.
Second attempt, I misaligned the blue and white/green wire.
Third attempt, I realized that I was configuring the order of the wires upside-down respect to the plug🤣🤣🤣.
And here is the final product!
Mistakes are proof that you are learning😎. See you in the next post!
Hi! I wanted to share that my lab is finally connected to the internet! For the last 6 months ever since I got my first switch and router, my lab never had gotten out of its LAN😅. It's the first time getting out of my LAN and interacting with the internet and I'm just sooo excited about it. The reason I decided to extend my lab to the internet is because I have been looking into technologies used over the internet, TOR in particular. I'm learning how relays used in TOR allows clients to hide their identity over the internet and how it helps people in some countries with strict censorship. I found the technology as well as the role it plays in society very interesting. I believe such technology to ensure people have access to learn what is happening around the world is crucial. Having such tool gives us additional choice in what we choose from the pool of sources and I believe it could make a huge different sometimes. I am learning that there are many ways that I can take part in the community and I'm sure there is something that I can do to help people out there! https://www.torproject.org/ By the way, I noticed that my lab topology is getting pretty messy😂. I'm currently working on BGP and I'll share a nicer topology here once I'm done with all the BGP configurations that I have in my mind. See you in the next post!!!!!
Hi! I have been working on l2tp on my lab and I wanted to leave a tip here as it took me about a week to finally make it work. I'm not sure if the problem that I faced is specific to the device that I am using, namely cisco 892 router, but here is the tip for those working on l2tp.
When you are setting the interface which is used for tunneling the LAN, the one you apply "xconnect", it has to be a WAN interface!
I found this very weird and confusing. Why would you want to use WAN interface for tunneling LAN interface🤣. The below link really saved me as the given answer was exactly the one I needed. Without it, I'm probably still working wondering why ping is not working even though that the tunnel is established and everything seems configured correctly.
Cisco892で, "WANポート"を使わなければL2TP接続した両端の機器間でPing疎通できない
I also used a lot of Switched Port Analyzer(SPAN) for debugging. It's very useful and fun tool for labbing! Below is the topology of my lab after setting up l2tp.
I have been interested in benchmarking my networking devices for a while and I am hoping to make a post about it within a next couple week. Anyways, see you in the next post!
Hi! Today, I wanted to share that I installed VyOS on my DELL desktop as I needed additional router for my home lab. I usually install this kind of softwares on Ras Pi but I learned that there is no ARM64 version of VyOS😂. The reason I turned my DELL into VyOS is only because I wanted to try out BGP with physical devices😏. See you in the next post!
Hi! Today, I wanted to share about the things that I have learned by tunneling between Ras Pi and a router through GRE. At first, I was trying GRE on packet tracer but it didn't work for some reason. So I decided to instead work on physical devices which were available at the moment. I will share some of key commands for setting up GRE on Ras Pi. For the router, you will find many resources online for setting up GRE on a cisco router😅.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip tunnel add gre1 mode gre remote 172.168.10.25 local 192.168.233.204 ttl 255
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ ip tunnel list
gre0: gre/ip remote any local any ttl inherit nopmtudisc
gre1: gre/ip remote 172.168.10.25 local 192.168.233.204 ttl 255
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip addr add 10.10.10.1/24 dev gre1
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip link set gre1 up
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip addr add 192.168.233.204/24 dev eth0
The process of setting up GRE is the same for both Ras Pi and a router, only difference is the commands😎. Once done with the above set up, you have to configure the route for both the physical interface connected to the router and the virtual tunnel interface. Below is the route table.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip route
default via 192.168.85.77 dev wlan0 proto dhcp src 192.168.85.76 metric 600
10.10.10.0/24 dev gre1 proto kernel scope link src 10.10.10.1
172.168.10.25 dev eth0 scope link
192.168.85.0/24 dev wlan0 proto kernel scope link src 192.168.85.76 metric 600
192.168.233.0/24 dev eth0 proto kernel scope link src 192.168.233.204
Here 10.10.10.0/24 is the network for the tunnel and 172.168.10.25 is the address of the router's physical interface connected to Ras Pi. When I was working on tunneling yesterday, I couldn't figure out why ping was failing after setting up the tunnel. It was the route info that was missing🤣. See you in the next post!
Hi! Today, I wanted to share that I recently turned my raspberry pi into to a firewall to make it part of my home lab. Here are some notes for setting up IPFire on raspberry pi. When I was setting up IPFire, I got stuck for a little while with a rainbow screen when trying to boot it up.
1. Set "hdmi_safe" to 0 which you will find in config.txt.
hdmi_safe=0
2. Set "SERIAL-CONSOLE" to OFF which you will find in uENV.txt.
SERIAL-CONSOLE=OFF
Hope it helps if any one of you encounters the same issue. Firewall is something that I haven't really looked into and excited about adding new component into my home lab and learning what it is capable of!
Hi! Today, I configured an EtherChannel to see how it affects STP. For the setup, I prepared two switches (Switch1 & Swtich2) and connected them with 2 cables. Below shows how STP is configured on Switch1 before EtherChannel is ready on Switch2.
Switch1(config)#
Switch1(config)#interface range fastEthernet 0/1-2
Switch1(config-if-range)#channel-group 1 mode active //Swtich1はactiveに設定
Creating a port-channel interface Port-channel 1
Switch1(config-if-range)#
Switch1(config-if-range)#channel-protocol LACP
Switch1(config-if-range)#exit
Switch1(config)#exit
Switch1#show
00:11:48: %SYS-5-CONFIG_I: Configured from console by console
% Type "show ?" for a list of subcommands
Switch1#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SD) LACP Fa0/1(I) Fa0/2(I)
Switch1#
Switch1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address ec30.918e.c100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address ec30.918e.c100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
As you can see from the above, since the EtherChannel is still not configured on Switch2, you can see that STP recognizes 2 ports as they are not yet bundled even though the 2 ports are registered on the channel-group 1. Below is how Switch2 is configured after setting up Switch.
Switch1#
Switch1#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Fa0/1(P) Fa0/2(P)
Switch1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address ec30.918e.c100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address ec30.918e.c100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 12 128.56 P2p
After the ports are bundled, you can see that there are only 1 port recognized by STP. Another observation you can make is that the cost of the bundle port has decreased from 19 to 12. I also tested how STP will behave if I plugged out one of the port used by the channel-group.
Switch1#show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Fa0/1(P) Fa0/2(D)
Switch1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address ec30.918e.c100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address ec30.918e.c100
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 19 128.56 P2p
Comparing before and after plugging one of the port on Switch1 shows that the cost has decreased but it is still recognized as a port-channel.
Hi! Today, I tested STP with my two switches by simply connecting them with two cables. As shown below, one of the links belonging to the non-root bridge got blocked based on the priority number.
pi#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address ec30.918e.c100
Cost 19
Port 5 (FastEthernet0/3)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address f029.2952.8d80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.3 P2p
Fa0/3 Root FWD 19 128.5 P2p
Fa0/5 Altn BLK 19 128.7 P2p
As the above shows, Fa0/3 is the root port connected to the switch on the other end. So I plugged it out to see if the connection remains up by changing the root port to Fa0/5. Below is the result.
pi>show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address ec30.918e.c100
Cost 19
Port 7 (FastEthernet0/5)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address f029.2952.8d80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.3 P2p
Fa0/5 Root LIS 19 128.7 P2p
As expected, Fa0/5 is now the root port and the connection is still up! However, one drawback of this configuration is that one of the links is left unused. In order to utilize both of the links, I can set up an etherchannel and bundle the two links. I'm currently studying etherchannel to actually test it out and see how it differs from simply connected redundant links🧐.
Hi! Today, I was working on Inter VLAN Routing using a router(800) and L2 switch(Catalyst 2960). I connected a PC to each VLAN(VLAN10, VLAN20) and tested if I can ping to each other. Below is the set up for the PCs(Windows, Raspberry Pi) connected to the switch. The ip address for the Windows PC is 192.168.1.2/24 and the gateway address for 192.168.2.0/24 is 192.168.1.1/24. For Raspberry Pi, its ip address is 192.168.2.2/24 and the gateway address for 192.168.1.0/24 is 192.168.2.1/24.
C:\WINDOWS\system32>route add 192.168.2.0 mask 255.255.255.0 192.168.1.1
OK!
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ifconfig eth0 192.168.2.2
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip route add 192.168.1.0/255.255.255.0 via 192.168.2.1 dev eth0 onlink
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.164.146 0.0.0.0 UG 600 0 0 wlan0
192.168.1.0 192.168.2.1 255.255.255.0 UG 0 0 0 eth0
192.168.2.0 192.168.2.1 255.255.255.0 UG 0 0 0 eth0
192.168.164.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0
Then I configured the switch. I prepared vlan10 & vlan20 for the Windows PC & Raspberry Pi, respectively. After finishing setting up vlans, you need to assign ports to the respective vlans. This time, I used 4 cables, two for connecting the PCs to the switch and the other two for connecting the router. Here are the commands I used for creating vlans.
Switch>enable
Switch#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 10
Switch(config-vlan)#vlan 20
Switch(config-vlan)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Next I assigned the ports to the respective vlans.
Switch(config)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 VLAN0010 active
20 VLAN0020 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
Switch(config)#interface fa0/1
Switch(config-if)#
00:02:41: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/3 (1), with Router FastEthernet0 (10).
Switch(config-if)#
00:02:47: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/5 (1), with Router FastEthernet1 (20).
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface fa0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#
00:03:36: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/3 (1), with Router FastEthernet0 (10).
Switch(config-if)#interface fa0/3
Switch(config-if)#switchport access vlan 20
00:03:42: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/5 (1), with Router FastEthernet1 (20).
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#interface fa0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#switchport access vlan 20
00:04:10: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state tmode access
Switch(config-if)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/4, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 VLAN0010 active Fa0/1, Fa0/3
20 VLAN0020 active Fa0/2, Fa0/5
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
After working on the switch, I had to configure the ports on the router each connected to the switch's vlan port. At first, I tried to assign IP address to the ports directly but I got this error.
Router#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastethernet0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
% IP addresses may not be configured on L2 links.
The problem was that the port which I was configuring only works with L2 layer and an IP address can't be assigned. After doing some research, I figured out that I need to first create a vlan so that I can assign an IP address to it. The created vlan with an IP address can then be assigned to a port of your choice. Here is how I did it.
Router(config)#vlan 10
Router(config-vlan)#vlan 20
Router(config-vlan)#interface vlan 10
Router(config-if)#ip address 192.168.1.1 255.255.255.0
% 192.168.1.0 overlaps with Vlan1
Router(config-if)#interface vlan 1
Router(config-if)#ip address 192.168.3.1 255.255.255.0
Router(config-if)#interface vlan 10
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#interface vlan 20
Router(config-if)#
*Jan 3 09:40:49.434: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to down
Router(config-if)#ip address 192.168.2.1 255.255.255.0
% 192.168.2.0 overlaps with Vlan2
Router(config-if)#interface vlan 2
Router(config-if)#ip address 192.168.4.1 255.255.255.0
Router(config-if)#interface vlan 20
Router(config-if)#ip address 192.168.2.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#interface fastethernet 1
Router(config-if)#switchport access vlan 10
Router(config-if)#interface fastethernet 2
Router(config-if)#switchport access vlan 20
Router(config-if)#exit
Router(config)#
Router(config)#do show interface (| include Vlan)
...
Vlan10 is up, line protocol is up
Hardware is EtherSVI, address is e4d3.f166.3fd2 (bia e4d3.f166.3fd2)
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
...
Vlan20 is up, line protocol is up
Hardware is EtherSVI, address is e4d3.f166.3fd2 (bia e4d3.f166.3fd2)
Internet address is 192.168.2.1/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
...
Below is the routing table after configuring the router.
Router>show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan10
L 192.168.1.1/32 is directly connected, Vlan10
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Vlan20
L 192.168.2.1/32 is directly connected, Vlan20
Now we are ready to ping the PC on the other VLAN connected by the router! Here is the result pinging from the Windows PC(192.168.1.2/24) to Raspberry Pi(192.168.2.2/24)
C:\Users\Ryo>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Reply from 192.168.2.2: bytes=32 time=1ms TTL=63
Reply from 192.168.2.2: bytes=32 time=11ms TTL=63
Reply from 192.168.2.2: bytes=32 time=1ms TTL=63
Reply from 192.168.2.2: bytes=32 time=1ms TTL=63
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 11ms, Average = 3ms
Configuring the router was somewhat difficult as the commands I found online for inter VLAN routing didn't work for the router(800). I had to do some researching to find the commands that works for the router but it was fun as you don't get to do this kind of researching when you are working on packet tracer😎.
I recently bought a router and 2 switches(L2 and L3) for a studying purpose. Today I tried one of the switches, Catalyst 2960. I connected two of my PC and see if I can ping from one to the other. After connecting two of my PC to the ports Fa0/1-2, I checked if they are really connected.
Switch>show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0180.c200.0000 STATIC CPU
All 0180.c200.0001 STATIC CPU
All 0180.c200.0002 STATIC CPU
All 0180.c200.0003 STATIC CPU
All 0180.c200.0004 STATIC CPU
All 0180.c200.0005 STATIC CPU
All 0180.c200.0006 STATIC CPU
All 0180.c200.0007 STATIC CPU
All 0180.c200.0008 STATIC CPU
All 0180.c200.0009 STATIC CPU
All 0180.c200.000a STATIC CPU
All 0180.c200.000b STATIC CPU
All 0180.c200.000c STATIC CPU
All 0180.c200.000d STATIC CPU
All 0180.c200.000e STATIC CPU
All 0180.c200.000f STATIC CPU
All 0180.c200.0010 STATIC CPU
All ffff.ffff.ffff STATIC CPU
1 902e.169d.b2f1 DYNAMIC Fa0/1
1 e45f.01d3.5bd9 DYNAMIC Fa0/2
Total Mac Addresses for this criterion: 22
You can see the mac address table has the mac address of the each device connected to the port(Fa0/1-2). However, I wasn't able to ping from my Windows PC(Fa0/1) to Raspberry-pi(Fa0/2). I checked the ARP table of my Windows PC and it showed the list with the mac address of raspberry pi.
C:\>arp -a
Interface: 192.168.1.2 --- 0x11
Internet Address Physical Address Type
192.168.1.3 e4-5f-01-d3-5b-d9 dynamic
192.168.1.255 ff-ff-ff-ff-ff-ff static
The problem was my Windows PC's firewall😅. After configuring its firewall rules to allow ICMP traffic, I was able to ping!
C:\Users\Ryo>ping 192.168.1.3
Pinging 192.168.1.3 with 32 bytes of data:
Reply from 192.168.1.3: bytes=32 time=2ms TTL=64
Reply from 192.168.1.3: bytes=32 time=6ms TTL=64
Reply from 192.168.1.3: bytes=32 time=1ms TTL=64
Reply from 192.168.1.3: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 6ms, Average = 2ms
I tried to understand the difference between VLAN and subnet by looking into their ARP broadcast request. First I deleted all the ARP entries on the source PC so that when I ping, there will be an ARP request broadcasted to all the devices connected to the switch. Here is how you can check and delete the ARP table.
C:\>arp -a
Internet Address Physical Address Type
192.168.2.4 0001.436a.8be5 dynamic
C:\>arp -d
C:\>arp -a
No ARP Entries Found
After deleting all the ARP entries, the source PC will send an ARP request as it has no mac address on its table. Here is the list of ports on the switch when an ARP request was sent. It shows an ARP reqeust is sent to all the ports except the one(FastEthernet0/3) which is connected to the source PC. In addition, even though FastEthernet0/1-2 are not within the same subnet(192.168.2.0/24), you can see that they still receive the ARP request sent by the source PC(192.168.2.2/24).
1. FastEthernet0/1 sends out the frame. #192.168.1.2
2. FastEthernet0/2 sends out the frame. #192.168.1.3
3. FastEthernet0/4 sends out the frame. #192.168.2.3
4. FastEthernet0/5 sends out the frame. #192.168.2.4
Now its time see how an ARP request will behave when the switch is divided into VLANs(192.168.1.0/24, 192.168.2.0/24) . I once again deleted all the ARP entries in the table of the source PC and here is the commands I used for creating VLANs.
Switch>enable
Switch#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa0/1
Switch(config-if)#exit
Switch(config)#vlan 10
Switch(config-vlan)#vlan 20
Switch(config-vlan)#int fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#int fa0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#int fa0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#int fa0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#int fa0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig0/1
Gig0/2
10 vlan01 active Fa0/1, Fa0/2
20 vlan02 active Fa0/3, Fa0/4, Fa0/5
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
I created VLAN01 and VLAN02 for 192.168.1.0/24 and 192.168.2.0/24, respectively. And here is the list of the ports that received an ARP request sent by the source PC(192.168.2.2/24). It shows that FastEthernet0/1-2 are not receiving an ARP request any more as they no longer belong to the same VLAN as the source PC(VLAN02)!
1. FastEthernet0/4 sends out the frame. #VLAN01
2. FastEthernet0/5 sends out the frame. #VLAN02
Once you are done with the VLANs, you can place the ports back to the default VLAN by the below commands.
Switch(config-if-range)#interface range Fa 0/1-5
Switch(config-if-range)#switchport access vlan 1
Switch(config-if-range)#do show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 vlan01 active
20 vlan02 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch(config-if-range)#no vlan 10
Switch(config-if-range)#no vlan 20
After studying how different devices work at different layers, I got little confused how ping works if its only given ip address to reach the destination pc connected via switch which is a layer 2 device. Here's how it works.
1. We only have the destination's ip and no mac address info.
->ARP request which is broadcasted to all devices connected to the switch.
2. Once your PC has the mac address in its mac address table, the frame is sent to the switch which contains the mac address of the destination pc.
3. Switch needs to know which port is connected to the PC with the destination mac address.
->Flood the frame to all other ports if the destination mac address is not in the mac address table.
4. Once the switch gets the reply form the destination PC, it now knows which port to send the frame to get to the destination PC!
Here are ARP and Mac address tables before and after ping.
Switch#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
Switch#show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 00e0.8fe3.e0b3 DYNAMIC Fa0/2
1 00e0.f7a1.365d DYNAMIC Fa0/1
C:\>arp -a
No ARP Entries Found
C:\>arp -a
Internet Address Physical Address Type
192.168.1.2 00e0.8fe3.e0b3 dynamic
For testing static routes, I created a system with 2 routers each connected to a PC. There are 3 networks so that one PC can connect to the other after setting up a static route.
Here I first configured router's interface for 192.168.1.0/24 and 192.168.1.1/24 is the default gateway for 192.168.1.0/24. I did the same for the other router responsible for 192.168.2.0/24. The third network(192.168.3.0/24) which needs to be configured is the one connecting the two routers.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface GigabitEthernet 0/0/0
Router(config-if)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up
Router(config-if)#do show interfaces
GigabitEthernet0/0/0 is up, line protocol is up (connected)
Hardware is ISR4331-3x1GE, address is 0001.4384.9c01 (bia 0001.4384.9c01)
Internet address is 192.168.1.1/24
...
After setting up all three networks, I pinged form the PC with 192.168.1.2/24. But the result shows that it is still not reachable.
C:\>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
The remaining task is to set up the static routes so that the packet can reach the PC with 192.168.2.2/24. Here is how I set up the static route for 192.168.2.2/24.
Router(config)#ip route 192.168.2.0 255.255.255.0 192.168.3.2
After setting up as above, you still won't be able to get replies from the other end as the returning packets get lost at the 192.168.3.2/24.
C:\>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Once I set up the static route as below, I was able to get replies from 192.168.2.2/24!
Router(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1
C:\>ping 192.168.2.2
Pinging 192.168.2.2 with 32 bytes of data:
Reply from 192.168.2.2: bytes=32 time<1ms TTL=126
Reply from 192.168.2.2: bytes=32 time=10ms TTL=126
Reply from 192.168.2.2: bytes=32 time<1ms TTL=126
Reply from 192.168.2.2: bytes=32 time=11ms TTL=126
Ping statistics for 192.168.2.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 11ms, Average = 5ms
I have been studying basic networking by reading books for CCNA. At this point, I think I should go hands-on with packet tracer or the router (Cisco 892) and switches (Cisco L2 and L3) I bought this week for studying purpose. Here are the list of the things I want to try hands-on. ・Static route ・OSPF ・ACL ・DHCP ・Unidirection & Bidirectional NAT ・NAPT(PAT) ・VLAN only using access ports (single switch) ・VLAN using access and trunk ports (two switches) ・VLAN rounting (using router and L2 switch, later using L3 switch)
I started using packet tracer and enjoying the tool a lot. I configured hub, switch, and router based network using the tool. It's really fun to put the materials you learned from books into practice! Here are the commands I used for configuring the router and the details of what it's doing.
Router>enable
Router#
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface GigabitEthernet0/0 #select the port(interface) on the router
Router(config-if)#ip address 192.168.1.4 255.255.255.0 #assign gateway IP address to the interface
Router(config-if)#no shutdown #bring up the inerface
Router(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
Here I tested if I am connected to the network configured above by pinging from a node within another network.
C:\>ping 192.168.1.3
Pinging 192.168.1.3 with 32 bytes of data:
Request timed out.
Reply from 192.168.1.3: bytes=32 time=14ms TTL=127
Reply from 192.168.1.3: bytes=32 time<1ms TTL=127
Reply from 192.168.1.3: bytes=32 time=11ms TTL=127
Ping statistics for 192.168.1.3:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 14ms, Average = 8ms
It shows that the first packet is dropped. This is because of the switch on the network configured above does not have not have the destination pc's MAC address in its ARP table and need to get the one by 'flooding' which takes some time.
"ip addr" shows the mac address for each interface, it's e4:5f:01:d3:5b:da in the case of wlan0. "arp" shows the router's mac address.
┌──(kali㉿kali-raspberry-pi)-[/var/lib/dhcp]
└─$ ip addr
...
3: wlan0:
The first hop of "traceroute", which is 192.168.164.146, shows the router's local ip address.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 192.168.164.146 (192.168.164.146) 40.242 ms 41.001 ms 43.085 ms
2 121.83.171.60 (121.83.171.60) 74.412 ms 74.476 ms 76.689 ms
3 100.64.3.181 (100.64.3.181) 81.472 ms 81.503 ms 83.573 ms
4 58.191.128.178 (58.191.128.178) 86.298 ms 85.972 ms 86.346 ms
5 61.205.127.233 (61.205.127.233) 86.192 ms 87.454 ms 87.482 ms
6 203.140.81.209 (203.140.81.209) 86.012 ms 48.984 ms 55.241 ms
7 60.56.20.190 (60.56.20.190) 54.917 ms 54.165 ms 62.331 ms
8 142.250.172.36 (142.250.172.36) 62.152 ms 61.755 ms 65.046 ms
9 * * *
10 dns.google (8.8.8.8) 65.708 ms 65.737 ms 65.926 ms
After piging to my laptop within the same local network, my laptop's mac address is added to the arp table. But ping is failing for some reason...
┌──(kali㉿kali-raspberry-pi)-[/var/lib/dhcp]
└─$ ping 192.168.164.137
PING 192.168.164.137 (192.168.164.137) 56(84) bytes of data.
^C
--- 192.168.164.137 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6143ms
┌──(kali㉿kali-raspberry-pi)-[/var/lib/dhcp]
└─$ arp
Address HWtype HWaddress Flags Mask Iface
192.168.164.146 ether ac:a8:8e:ec:6e:66 C wlan0
192.168.164.137 ether 50:c2:e8:29:9b:cb C wlan0
Wireshark shows the arp protocol is requesting the mac address of 192.168.164.137, and the response from the router shows the mac address is 50:c2:e8:29:9b:cb. However there is no response from 192.168.164.76.
2 18.664379309 Raspberr_d3:5b:da Broadcast ARP 42 Who has 192.168.164.137? Tell 192.168.164.76
3 18.680115301 CloudNet_29:9b:cb Raspberr_d3:5b:da ARP 42 192.168.164.137 is at 50:c2:e8:29:9b:cb
4 18.680196856 192.168.164.76 192.168.164.137 ICMP 98 Echo (ping) request id=0x0002, seq=1/256, ttl=64 (no response found!)
I checked my laptop's firewall configuration and enable ping echo request. Ping is now working!
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ ping 192.168.164.137
PING 192.168.164.137 (192.168.164.137) 56(84) bytes of data.
64 bytes from 192.168.164.137: icmp_seq=1 ttl=128 time=53.2 ms
64 bytes from 192.168.164.137: icmp_seq=2 ttl=128 time=75.9 ms
64 bytes from 192.168.164.137: icmp_seq=3 ttl=128 time=8.42 ms
64 bytes from 192.168.164.137: icmp_seq=4 ttl=128 time=42.1 ms
64 bytes from 192.168.164.137: icmp_seq=5 ttl=128 time=8.71 ms
^C
--- 192.168.164.137 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 8.417/37.644/75.852/26.122 ms
Here are the commands I used after finishing compiling the source code.
──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ ls
arch certs CREDITS Documentation fs init ipc Kconfig lib MAINTAINERS mm modules.builtin.modinfo modules.order net README.md scripts sound tools virt vmlinux.o
block COPYING crypto drivers include io_uring Kbuild kernel LICENSES Makefile modules.builtin modules-only.symvers Module.symvers README samples security System.map usr vmlinux vmlinux.symvers
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ sudo make modules_install
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ sudo cp arch/arm64/boot/dts/broadcom/*.dtb /boot/
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ sudo cp arch/arm64/boot/dts/overlays/*.dtb* /boot/overlays/
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ sudo cp arch/arm64/boot/dts/overlays/README /boot/overlays/
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux]
└─$ sudo cp arch/arm64/boot/Image.gz /boot/kernel-ryo-1.img
┌──(kali㉿kali-raspberry-pi)-[/boot]
└─$ sudo vim config.txt
# 64-bit kernel for Raspberry Pi 4 is called kernel8l (armv8a)
kernel=kernel-ryo-1.img
┌──(kali㉿kali-raspberry-pi)-[/boot]
└─$ sudo reboot
And I got this!
┌──(kali㉿kali-raspberry-pi)-[/var/log]
└─$ uname -a
Linux kali-raspberry-pi 5.15.83-v8-ryos-first-kernel+ #1 SMP PREEMPT Fri Dec 16 12:25:46 UTC 2022 aarch64 GNU/Linux
┌──(kali㉿kali-raspberry-pi)-[/var/log]
└─$ cat messages
Dec 16 14:43:01 kali-raspberry-pi pulseaudio[968]: ICE I/O error handler called
Dec 16 14:43:04 kali-raspberry-pi kernel: [ 0.000000] Hello World, I'm Ryo!
Dec 16 14:43:04 kali-raspberry-pi kernel: [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd083]
Dec 16 14:43:04 kali-raspberry-pi kernel: [ 0.000000] Linux version 5.15.83-v8-ryos-first-kernel+ (kali@kali-raspberry-pi) (gcc (Debian 11.3.0-5) 11.3.0, GNU ld (GNU Binutils for Debian) 2.38.90.20220713) #1 SMP PREEMPT Fri Dec 16 12:25:46 UTC 2022
This time I was able to print during the boot up with my customized kernel! I can now try to do some work on the network stack and compile😁.
This time, I modified /arm/arm64/kernel/setup.c as below. You can find the source code here.
void __init smp_setup_processor_id(void)
{
u64 mpidr = read_cpuid_mpidr() & MPIDR_HWID_BITMASK;
set_cpu_logical_map(0, mpidr);
pr_info("Hello World, its Ryo!");
pr_info("Booting Linux on physical CPU 0x%010lx [0x%08x]\n",
(unsigned long)mpidr, read_cpuid_id());
}
Here is the commands that I used.
$ KERNEL=kernel8
$ make bcm2711_defconfig
$ vim .config
CONFIG_LOCALVERSION="-v8-ryos-first-kernel"
$ make -j4 Image.gz modules dtbs
It's completed compiling! Here is what I did afterwards.
$ make
...
OBJCOPY arch/arm64/boot/Image
GZIP arch/arm64/boot/Image.gz
[1] + done make
$ ls
arch certs CREDITS Documentation fs init Kbuild kernel LICENSES Makefile modules.builtin modules-only.symvers Module.symvers README scripts sound tools virt vmlinux.o
block COPYING crypto drivers include ipc Kconfig lib MAINTAINERS mm modules.builtin.modinfo modules.order net samples security System.map usr vmlinux vmlinux.symvers
$ file vmlinux
vmlinux: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=8d74859bebe9cce14587e1b3272c7b11fe5de611, not stripped
$ sudo make modules_install
INSTALL /lib/modules/5.15.44-Re4son-v8l/kernel/sound/usb/misc/snd-ua101.ko
INSTALL /lib/modules/5.15.44-Re4son-v8l/kernel/sound/usb/snd-usb-audio.ko
INSTALL /lib/modules/5.15.44-Re4son-v8l/kernel/sound/usb/snd-usbmidi-lib.ko
DEPMOD /lib/modules/5.15.44-Re4son-v8l
$ sudo make install
sh ./arch/arm64/boot/install.sh 5.15.44-Re4son-v8l \
arch/arm64/boot/Image System.map "/boot"
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 5.15.44-Re4son-v8l /boot/vmlinuz-5.15.44-Re4son-v8l
update-initramfs: Generating /boot/initrd.img-5.15.44-Re4son-v8l
cryptsetup: ERROR: Couldn't resolve device /dev/root
cryptsetup: WARNING: Couldn't determine root device
I'm having trouble installing compiled files. I did some research and boot up process is not what I thought as Rasbarry Pi does not support grub😰. I found the kernel source code for Raspberry Pi here. Another mistake that I found is that I was working on linux/arch/arm. My Raspberry Pi is 64bits machine so the directory should be under linux/arch/arm64. Glad I found this mistake before compilation.
I will once again compile the source code and see how it goes😂.
Some stuff I learned about how Nmap SYN scanning works. Below is the captured packets from Wireshark.
10 13.006851 192.168.100.103 192.168.100.101 TCP 60 44276 → 445 [SYN] Seq=0 Win=1024 Len=0 MSS=1460
15 13.007423 192.168.100.101 192.168.100.103 TCP 60 445 → 44276 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460
16 13.007594 192.168.100.103 192.168.100.101 TCP 60 44276 → 445 [RST] Seq=1 Win=0 Len=0
It shows that the the state of port is open as the server's reply to the nmap's SYN is SYN,ACK. You can observe that SYN scan terminates 3 way handshake by RST sent by nmap. Also, here is the source code I found which I thought might be useful for spoofing Nmap OS detection. You can find the source code here. I think the below code is the part where it specifies the window size of a packet.
/* Numbers are taken from RFC3390.
*
* John Heffner states:
*
* The RFC specifies a window of no more than 4380 bytes
* unless 2*MSS > 4380. Reading the pseudocode in the RFC
* is a bit misleading because they use a clamp at 4380 bytes
* rather than use a multiplier in the relevant range.
*/
__u32 tcp_init_cwnd(struct tcp_sock *tp, struct dst_entry *dst)
{
__u32 cwnd = (dst ? dst_metric(dst, RTAX_INITCWND) : 0);
if (!cwnd) {
if (tp->mss_cache > 1460)
cwnd = 2;
else
cwnd = (tp->mss_cache > 1095) ? 3 : 4;
}
return min_t(__u32, cwnd, tp->snd_cwnd_clamp);
}
I modified ./arch/arm/kernel/setup.c as below. You can find the source code here.
void __init smp_setup_processor_id(void)
{
int i;
u32 mpidr = is_smp() ? read_cpuid_mpidr() & MPIDR_HWID_BITMASK : 0;
u32 cpu = MPIDR_AFFINITY_LEVEL(mpidr, 0);
cpu_logical_map(0) = cpu;
for (i = 1; i < nr_cpu_ids; ++i)
cpu_logical_map(i) = i == cpu ? 0 : i;
/*
* clear __my_cpu_offset on boot CPU to avoid hang caused by
* using percpu variable early, for example, lockdep will
* access percpu variable inside lock_release
*/
set_my_cpu_offset(0);
pr_info("Hello world, this is Ryo speaking!\n");
pr_info("Booting Linux on physical CPU 0x%x\n", mpidr);
}
After the above modification, I started compiling the source code as below.
$ cp /boot/config-$(uname -r) .config
$ sudo apt-get install git fakeroot build-essential ncurses-dev xz-utils libssl-dev bc flex libelf-dev bison
$ make menuconfig
No change to .config
*** End of the configuration.
*** Execute 'make' to start the build or try 'make help'.
$ make
This is going to take a while😝.
I learned that you can't use printk() during the early stage of the boot up process😅. Here is the output of /var/log/messages.
┌──(kali㉿kali-raspberry-pi)-[/var/log]
└─$ cat messages
Dec 11 02:00:25 kali-raspberry-pi rsyslogd: [origin software="rsyslogd" swVersion="8.2206.0" x-pid="525" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd083]
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Linux version 5.15.44-Re4son-v8l+ (root@kali-raspberry-pi) (gcc (Debian 11.2.0-19) 11.2.0, GNU ld (GNU Binutils for Debian) 2.38) #1 SMP PREEMPT Debian kali-pi (2022-07-03)
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] random: crng init done
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Machine model: Raspberry Pi 4 Model B Rev 1.5
I once again gone through the source code and found that "Booting Linux on" is printed by pr_info() and Linux version 5.15.44-Re4son-v8l+ is printed by decompressor_printk(). I will go for pr_info() as it comes earlier than decompressor_printk()😝.
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux-5.15.44]
└─$ grep -r "Booting" .
./arch/arm/kernel/setup.c: pr_info("Booting Linux on physical CPU 0x%x\n", mpidr);
┌──(kali㉿kali-raspberry-pi)-[~/sources/linux-5.15.44]
└─$ grep printk * -r | grep "decompressor_printk"
arch/s390/boot/pgm_check_info.c: decompressor_printk("Linux version %s\n", kernel_version);
I check my Raspberry Pi kernel version and its 5.15.44.
$ uname -r
5.15.44-Re4son-v8l+
I want to printk during the boot up process so I look through the kernel source code where "Booting Linux on..." is printed as shown below.
┌──(kali㉿kali-raspberry-pi)-[/var/log]
└─$ cat messages
Dec 11 02:00:25 kali-raspberry-pi rsyslogd: [origin software="rsyslogd" swVersion="8.2206.0" x-pid="525" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd083]
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Linux version 5.15.44-Re4son-v8l+ (root@kali-raspberry-pi) (gcc (Debian 11.2.0-19) 11.2.0, GNU ld (GNU Binutils for Debian) 2.38) #1 SMP PREEMPT Debian kali-pi (2022-07-03)
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] random: crng init done
Dec 11 02:27:19 kali-raspberry-pi kernel: [ 0.000000] Machine model: Raspberry Pi 4 Model B Rev 1.5
Seems like "Booting Linux on..." is printed by pr_info(), not printk(). Not yet sure where the first printk() is...
You can find the source code for version 5.15.44 here.
Today I inserted a kernel module which simply prints "Hello Ryo!" under /var/log/messages. Here is the c program.
int init_module(void)
{
//printk(KERN_INFO "Hello world 1.\n");
printk(KERN_INFO "Hello Ryo!\n");
return 0;
}
void cleanup_module(void)
{
//printk(KERN_INFO "Goodbye world 1.\n");
printk(KERN_INFO "Bye Ryo!\n");
}
MODULE_LICENSE("GPL");
initi_module() is used to initialize the module and cleanup_module is responsible for shutting down the module. When you are using printk(), you can give eight 8 levels of different logs at the part of "KERN_INFO". Below is the commands I used for initializing and removing the kernel.
make -C /lib/modules/`uname -r`/build/ M=${PWD} modules
sudo insmod hello_world.ko
sudo rmmod hello_world.ko
Here is the output of the above operation.
Dec 12 14:21:27 kali-raspberry-pi kernel: [ 8233.939103] Hello Ryo!
Dec 12 14:22:33 kali-raspberry-pi kernel: [ 8299.742310] Bye Ryo!
I will start looking into where I can printk() inside the kernel source code during the boot up process!
I've been working on TUN device for a while and thought I should look into how packets are handled within the kernel. TUN device allows us to handle packets above layer 3. The corresponding entry point within the kernel is ip_rcv() whih can be found here. ip_local_deliver_finish() is the function whichis the exit of the layer 3 responsible for passing data to the layer 4 stack based on the protocol found in the ip header. You can find the function https://elixir.bootlin.com/linux/v2.6.20/source/net/ipv4/ip_input.c#L199. After ip_local_deliver_finish(), the data is sent to the function handling layer 4 protocol such as tcp_v4_rcv(), udp_rcv(), icmp_rcv(). Might be fun to customize your own network stack and make a kernel of your own😝.
I am getting used to reading the hexs shown in Wireshark. Here is the summary of what is going with the below packet sent by my TUN program.
0x00, 0x00, 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x89, 0x4b, 0x40, 0x00, 0x40, 0x01, 0x39, 0x59, 0xcb, 0x00, 0x71, 0x02, 0xcb, 0x00, 0x71, 0x01, 0x08, 0x00, 0x2a, 0xc7, 0x00, 0x19, 0x00, 0x07, 0xc8, 0xb6, 0x8c, 0x63, 0x00, 0x00, 0x00, 0x00, 0xaf, 0x2b, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
The first 4 bit (4 of 0x45)
・Version: the fist field tells us which IP version we are using, only IPv4 uses this header so you will always find decimal value 4 here.
The first 4 bit (5 of 0x45)
・The length of the ip header. In the case of this example, 5=>5*4(bytes)=>20(bytes)=>20 pair(0x45)s, as each hex is 4 bits.
・Because of the maximum possible value f=>15, the maximum ip header length is 15*4byte=60byte.
Protocol: 0x01
・1 stands for ICMP, 6 stands for tcp, 17 stands for UDP
Source and destination address: 0xcb, 0x00, 0x71, 0x02, 0xcb, 0x00, 0x71, 0x01
・In decimal, 203.0.113.2 and 203.0.113.1 respectively.
Below is the c program for sending receiving packets using TUN device. You should comment out either the dump_packet() or send_packet(). Otherwise, the program will be sending and receiving packets of its own.
void dump_packet(int fd, int count, char* buffer)
{
printf("the fd is %d. read %d bytes!\n", fd, count);
int i;
for (i=0; i
Wireshark shows the packet are exchanged as below. It's working!
1 0.000000000 203.0.113.2 203.0.113.1 ICMP 86 Echo (ping) request id=0x0019, seq=7/1792, ttl=64 (reply in 2)
2 0.000082333 203.0.113.1 203.0.113.2 ICMP 84 Echo (ping) reply id=0x0019, seq=7/1792, ttl=64 (request in 1)
Below is the database file which Nmap uses as a reference to packet info specific to OS. It is at /usr/share/nmap/nmap-os-db in the case of Ubuntu 20.04.4 LTS.
# Linux 2.6.30-ARCH #1 SMP PREEMPT Wed Sep 9 12:37:32 UTC 2009 i686 AMD Athlon(tm) XP 2000+ AuthenticAMD GNU/Linux
Fingerprint Linux 2.6.30
Class Linux | Linux | 2.6.X | general purpose
CPE cpe:/o:linux:linux_kernel:2.6.30
SEQ(SP=C1-CB%GCD=1-6%ISR=C5-CF%TI=Z%II=I%TS=U)
OPS(O1=M5B4NNSNW6%O2=M5B4NNSNW6%O3=M5B4NW6%O4=M5B4NNSNW6%O5=M5B4NNSNW6%O6=M5B4NNS)
WIN(W1=16D0%W2=16D0%W3=16D0%W4=16D0%W5=16D0%W6=16D0)
ECN(R=Y%DF=Y%T=3B-45%TG=40%W=16D0%O=M5B4NNSNW6%CC=N%Q=)
T1(R=Y%DF=Y%T=3B-45%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
T2(R=N)
T3(R=Y%DF=Y%T=3B-45%TG=40%W=16D0%S=O%A=S+%F=AS%O=M5B4NNSNW6%RD=0%Q=)
T4(R=N)
T5(R=Y%DF=Y%T=3B-45%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=N)
T7(R=Y%DF=Y%T=3B-45%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(DF=N%T=3B-45%TG=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)
IE(DFI=N%T=3B-45%TG=40%CD=S)
The Nmap source code can be found here.
I'm curious how Nmap OS detection works. Project like below is something that I am interested! https://nmap.org/misc/defeat-nmap-osdetect.html
I added the below code to the previous post to receive ICMP packets.
char *buffer = (char *) calloc(150, sizeof(char));
ssize_t count = read(fd, buffer, 100);
Below is how read() can be used.
The read() function shall attempt to read nbyte bytes from the file associated with the open file descriptor, fildes, into the buffer pointed to by buf.
In the absence of errors, or if error detection is not performed, the read() function shall return zero and have no other results. reference
Below is the received packet in hex.
00 00 08 00 45 00 00 54 89 4b 40 00 40 01 39 59 cb 00 71 01 cb 00 71 02 08 00 2a c7 00 19 00 07 c8 b6 8c 63 00 00 00 00 af 2b 0a 00 00 00 00 00 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37
The above shows that the source address is "cb 00 71 01->203.0.113.1" and the destination address is "cb 00 71 02->203.0.113.290". I'll try to send packets next time! I'm curious simply switching the source and destination address will be enough to send back the packet?
I created a TUN interface with the below c program.
int main(int argc, char** argv)
{
if (argc != 2)
return 1;
const char* device_name = argv[1];
if (strlen(device_name) + 1 > IFNAMSIZ)
{
return 1;
}
int fd = open("/dev/net/tun", O_RDWR);
if (fd == -1)
{
return 1;
}
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = IFF_TUN;
strncpy(ifr.ifr_name, device_name, IFNAMSIZ);
int res = ioctl(fd, TUNSETIFF, &ifr);
if (res == -1)
{
return 1;
}
printf("the created device is only available during this program\n");
while (1) {
}
return 0;
}
The important part in the above code is below. You can provide the name of the interface to "ifr.ifr_name" and spcify whether you want the interface to be TUN or TAP with "ifr.ifr_flags".
int fd = open("/dev/net/tun", O_RDWR);
int res = ioctl(fd, TUNSETIFF, &ifr);
There is another way of creating TUN device using ip command which is shown below.
$ sudo ip tuntap add dev tun0 mode tun
My next attempt is to receive and read packets using read() and send(). I also want to see how packets are being exchanged using Wireshark.
Maybe TUN/TAP is a good place to start understanding how low-level networking works?
You can check the file descriptor and associated device files with the below command.
$ lsof
cat 307 ryo 1w REG 8, 32 0 106248 /home/ryo/ctf/kernel/file1.txt
Above shows that device files have major and minor numbers to identify the associated device drivers. You can see that 8, 32 are the major and minor number in the above case. You can check which device number has 8, 32 by the below command.
/dev$ ls -la
brw------- 1 root root 8, 32 Nov 23 11:51 sdc
Maybe I should start looking into device drivers used for networking?
I used Wireshark to observe how packets are exchanged between client and server. Packets are sent by client form some random port. Packets are received by the server with the specified port by the running program.
Client socket program written in python
import socket
# AF_INET refers to ipv4
# SOCK_STREAM refers to TCP protocol
clientSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# 3 way handshake(SYN) as socket.SOCK_STREAM is the selected type
# clientSocket.connect(('127.0.0.1', 12345))
clientSocket.connect(('192.168.50.130', 1234))
dataFromServer = clientSocket.recv(1024)
print(dataFromServer.decode())
Server socket program written in python
import socket
s = socket.socket()
port = 12345
s.bind(('', port))
s.listen(5)
while True:
# 3 way handshake(ACK) as socket.SOCK_STREAM is the selected type
clientSocket, addr = s.accept()
print(addr)
clientSocket.send('Thank you for connecting'.encode())
clientSocket.close()
break
Packets form Wireshark
1 0.000000000 127.0.0.1 127.0.0.1 TCP 74 44070 → 1234 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=4210716831 TSecr=0 WS=128
2 0.000113299 127.0.0.1 127.0.0.1 TCP 74 1234 → 44070 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=4210716831 TSecr=4210716831 WS=128
Some stuff I learned about socket programming ・client socket socket.socket, socket.connect ・server socket socket.connect, socket.bind, socket.listen, socket.accept Client socket sends SYN with socket.connect and server socket sends ACK with socket.accept. Server socket create client-like(temporary) socket for every incoming client socket.