Archive
Posts from 2009
Enabling IPv4 forwarding on Centos and Fedora Linux servers
When I was playing around with KeepAlived, I managed to create a few HA scenarios that mirrored actual production uses. One scenario was creating a highly available router, which would forward IPv4 traffic between interfaces. To configure a CentOS or Fedora Linux host to forward IPv4 traffic, you can set the "net.ipv4.ip_forward" sysctl to 1 in /etc/sysctl.conf: net.ipv4.ip_forward = 1 Once the sysctl is added to /etc/sysctl.conf, you can enable it by running sysctl with the "-w" (change a specific sysctl value) option: If routing is configured correctly on the router, packets should start flowing between the interfaces on the server. Nice!
$ read more →Measuring TCP and UDP throughput between Linux and Solaris hosts
I have been assisting a friend with tuning his Netbackup installation. While debugging the source of his issues, I noticed that several jobs were reporting low throughput numbers. In each case the client was backing up a number of large files, which should have been streamed at gigabit Ethernet speeds. To see how much bandwidth was available between the client and server, I installed the iperf utility to test TCP and UDP network throughput…
$ read more →Compiling a custom kernel on Fedora and CentOS Linux hosts
I have been experimenting with lxc-containers, which use a number of features in the latest 2.6 kernels (specifically, namespaces). To ensure that I have the latest bug fixes and performance enhancements, I have been rolling my own kernels. This has been remarkably easy, since the Makefile that ships with the kernel has an option to build RPM packages. To build a kernel and create an RPM, you will first need to download and extract the kernel source code: Once the source code is extracted, you can create a kernel configuration file with 'make menuconfig': If you have built a kernel previously, you should run 'make mrproper' to clean up old object and configuration files: If all goes well, you should now have a clean set of kernel source and a kernel configuration file…
$ read more →Continuing failed FTP and HTTP transfers with wget
As you can probably tell from my blog, I am constantly learning about new technology products. When I decide that I want to play with a new operating system release, or test out a new piece of software, I will typically retrieve the latest stable version of the software. When operating system ISO images are involved, this typically requires me to download several gigabytes of data prior to beginning my testing. Periodically transfers will fail, leaving me with a chunk of the original file…
$ read more →Awesome use of read-only variables in bash scripts
I was reading through Jim Perrin's CentOS hardening article, and saw one super interesting use of read-only bourne shell variables. If you have users that are frequently logging in and staying idle for days and or weeks, you can add a readonly TMOUT variable to /etc/profile: The TMOUT variable controls the amount of time a user can be idle before the system logs them out. Since the variables in /etc/profile will be applied to the environment before a users .bash* and .profile files, you can be sure that users can't override (this doesn't address users who use C shells, but that can be addresses similarly) the read-only TMOUT variable and stay idle for longer periods of time. This also works well for HISTFILE environment variable, which is mentioned in the article…
$ read more →