Here are simple instructions on how to configure network interface bonding on Red Hat based distros. The thing I always forget. There’s also a little script which will create a bonding interface bond0 between eth0 and eth1 and migrate existing IP settings from eth0. You can find it in the bottom of this post.
(more…)
Here’s how to set up relatively cheap redundant iSCSI storage on Linux. The redundancy is achieved using LVM mirroring, and the storage servers consist of commodity hardware, running the OpenFiler Linux distribution, which expose their disks to the clients using iSCSI over Ethernet. The servers are completely separate entities, and the purpose of this mirroring is to keep the logical volumes available, even while one of the storage servers is down for maintenance or due to hardware failure.
Ultimately the disks of the iSCSI target servers will show up as normal SCSI disks on the client (/dev/sdb, /dev/sdc, …). The data will be moved across the network transparently. It is preferable to use multiple gigabit network interface cards on both the initiator and the target, and bond them together for reliability and speed gain (or use Device Mapper Multipath). A separate VLAN for iSCSI traffic is recommended for security and speed. By default, the traffic is not encrypted so your disk blocks can easily be sniffed using tcpdump.
First, create a key-pair with ssh-keygen. This is a one-time operation.
ssh-keygen -t dsa
It is good practice to enter a good password, but you may also leave the password empty. That will leave your private key vulnerable to local attacks, but if you need to login somewhere from a cron job, you probably need to do that.
I upgraded my Lenovo Thinkpad X300 to Ubuntu 8.10 Intrepid Ibex today. My original installation notes for Hardy are here.
After the upgrade, sound was working without compiling an ALSA snapshot by hand. Also, 3G connections worked straight out of the NetworkManager applet, which is very nice. But WiFi was broken, as the nm-applet refused to connect to any SSID, encrypted or open. That seemed to be due to myself using the development networkmanager packages with Hardy. They were not upgraded correctly. The remedy was to remove all network-manager packages and reinstall them. (more…)
Here’s how to make dynamic IPv6 routing work between a Cisco IOS router and an OpenWRT Linux Quagga router. I couldn’t find a similar howto anywhere, so I decided to write my own.
I am using OpenWRT Kamikaze 7.09 (kernel 2.4) on an ASUS WL-500gP wireless router. Any IPv6 enabled Cisco router should do.
I assume you have already installed the IPV6 kernel modules and userland tools, and set up static addresses for your interfaces (if you haven’t check out the OpenWRT IPv6 Howto).
I am using SixXS for tunneling an IPv6 /48 prefix over IPv4. (more…)
Network interfaces can be bonded to provide fault-tolerant operation. Here’s how to do it in Ubuntu. I will assume the interfaces to be bonded are eth0 and eth1.
First, create a user account for your Apache in the Active Directory. Let’s assume the AD Kerberos realm is KOO.FI, and the user name we have created is “apache”. Also create a computer account, let’s call that “apachesrv”.
Getting the HP Array Configuration Utility (ACU) and the Array Diagnostic Utility (ADU) for Linux to work was non-trivial. It does not seem to be supported anymore, but I managed to get it working on CentOS 5 running on an HP ProLiant DL185 G5.
First, let me tell you some first impressions about the machine. The keyboard is very good. It feels even a bit better than the one in my old T60. The display is very bright and sharp, but viewing angles could be better. WLAN worked right out of the box, as did the webcam.
The solid state drive is incredibly fast. I will never switch back to a hard disk after experiencing an SSD. Everything loads up in an instance. OpenOffice starts in about 5 seconds, which is very good compared to my T60. And the machine boots up and shuts down really fast (I haven’t timed those operations, though).
There are also a couple of annoyances which I hope will soon be fixed. (more…)
A backup server was saturating the DSL links of remote offices every time the backups were running. To prevent this, I had to limit the incoming bandwidth of the TCP-connections that were used to back up the remote hosts, but not touch the ones that were used to connect to the servers in the local network. Here’s how to do it.
