Terribly Embarrassing Admin Moment

I am still quite new to WordPress. I was finally able to get time to clean out my basement, cobble together an old PC and get my favorite flavor of Linux installed. Of course, there was an unnecessary struggle there, but I won’t get into details. Low and behold, I am up and running. About a week or so after the initial install, I received an update notice for WordPress. Ok, easy enough, I can just click on the upgrade button, right? Wrong, and after messing around with this for over three days, it is finally updated.

First, I do not trust FTP so I immediately ruled that out as a method to upgrade. I immediately went the SSH2 route. I needed an article to assist me though and did a few minutes of searching. Finally, I came across an article by Justin Ellingwood on Digital Ocean titled, “How To Configure Secure Updates and Installations in WordPress on Ubuntu”. (https://www.digitalocean.com/community/tutorials/how-to-configure-secure-updates-and-installations-in-wordpress-on-ubuntu) The article is for Ubuntu so I knew right away I would have to adapt to make it work on my box.

In the article, Justin mentions creating a new user, ‘wp-user’.

sudo add-user wp-user

What I failed to realize was that it could have been anything. What I later came to realize was that my already established user account, the one I used to login to the box, would have sufficed as that is what worked for me in the end. Looking back, I wish the article would have done something like the next code snippet, given a warning, made a note, or just screamed, “If you already have a user account, please skip to the next section.

sudo adduser <new user>

I defintely did learn quite a bit along the way, though, so not all was lost. I learned that the apache daemon running on my server should be owned by my user account and not the httpd process. I made the appropriate change, restarted httpd, and prayed the site would still display. It did, so that worked out well.

I also got a refresher in Linux permissions and setting owners. The one thing I still do not think is working as I intended, though, is using the SSH keys. I ended up getting SSH working, but with username and password. I mucked around the wp-config.php file and changed a few constants but could never figure out a combination to get the key-based authentication working. The instructions are even provided in the WordPress Codex. (https://codex.wordpress.org/Editing_wp-config.php#WordPress_Upgrade_Constants)

So yeah, this was quite a learning experience for me. One I hope to never have to suffer through again.

Dynamic Trunking Protocol (DTP)

Dynamic Trunking Protocol is a Cisco proprietary protocol used to negotiate trunks between Cisco devices. To autonegotiate trunking, the interfaces must be in the same VLAN Trunking Protocol (VTP) domain. Trunk negotiation is managed by the Dynamic Trunking Protocol, which is a point-to-point protocol.

Configure

Switch# configure terminal
Switch(config)# interface interface-id
Switch(config-if)# switchport mode {access | dynamic {auto | desirable} | trunk}

Modes

  • access: Set the port to access mode. The port is set to access unconditionally and operates as a nontrunking, single VLAN interface that sends and receives nonencapsulated (non-tagged) frames. An access port can be assigned to only one VLAN.
  • dynamic auto: Set the interface trunking mode dynamic parameter to auto to specify that the interface convert the link to a trunk link. This is the default switchport mode.
  • dynamic desirable: Set the interface trunking mode dynamic parameter to desirable to specify that the interface actively attempt to convert the link to a trunk link.
  • trunk:  Set the port to trunk unconditionally. The port is a trunking VLAN Layer 2 interface. The port sends and receives encapsulated (tagged) frames that identify the VLAN of origination. A trunk is a point-to-point link between two switches or between a switch and a router.

Verify

Switch# show interfaces interface-id switchport
Name: interface-id
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On

Troubleshoot

The default switchport mode is dynamic auto, so if two switches are connected, they will not form a trunk.

Access mode will not trunk, period.

Trunk mode will change the interface to permanent trunking mode.

Dynamic auto will only trunk if the neighboring interface is set to trunk or desirable mode.

Dynamic desirable will trunk if the neighboring interface is set to trunk, desirable, or auto mode.

References


  1. https://networklessons.com/switching/cisco-dtp-dynamic-trunking-protocol-negotiation/
  2. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/15-0_1_se/command/reference/cr_3560/cli3.html#marker-2357437

Virtual Local Area Network (VLAN)

A Virtual Local Area Network or VLAN is a way to logically break up broadcast domains.

VLAN = Subnet = Broadcast Domain

When using multiple switches, you have to ensure that the VLAN is configured on any switch that will use the VLAN. Since a VLAN defines broadcast domains in a Layer 2 network, in order to pass traffic from one VLAN to another, you must use routers or Layer 3 switches.

Configure

A VLAN is configured in global configuration mode using the vlan keyword. VLAN configuration is stored in a vlan.dat file, not in the running-config or startup-config files.

Switch# configure terminal
Switch(config)# vlan vlan_ID
Switch(config-vlan)# end

VLAN Ranges

  • VLAN 1 is the Cisco default; it is created for you and cannot be deleted.
  • VLAN 2 – VLAN 1001 are used for Ethernet VLANs; these can be created and deleted
  • VLAN 1002 – VLAN 1005 are defaults for FDDI and Token Ring; these cannot be deleted.
  • VLAN 1006 – VLAN 4094 are considered in the extended range and are for Ethernet VLANs only. These will not be propagated by VLAN Trunking Protocol (VTP) and also will not be saved to the VLAN database unless in VTP transparent mode.

Verify

Switch# show vlan [id | name] vlan_name

Troubleshoot

Oddly enough, the Cisco exam objectives for ICND2 call out troubleshooting VLANs. While at this point there is not much for troubleshooting besides verifying that you have created VLANs, the troubleshooting objective will be necessary after further configurations have been made, such as after assigning an interface to a VLAN or with VLAN Trunking Protocol (VTP). There are no specific commands, per se, to aide in troubleshooting.