≡ Menu

Networking

Red Hat Enterprise Linux 5.2 Released

Red Hat enterprise Linux version 5.2 has been released and available via a Red Hat Network subscription. This update brings broad refresh of hardware support and improved quality, combined with new features and enhancements in areas such as virtualization, desktop, networking, storage & clustering and security.

Virtualization of very large systems, with up to 64 CPUs and 512 GB of memory, is now possible. Virtualization support for NUMA-based architectures is provided, as well as security, performance, manageability and robustness improvements. CPU frequency scaling support for virtualized environments also allows for reduced power consumption.

Red Hat Enterprise Linux 5.2 provides enhanced capabilities for several hardware architectures, covering x86/x86-64, Itanium, IBM POWER and IBM System z, which provide improved performance, power usage, scalability and manageability. For example, support for Intel's Dynamic Acceleration Technology permits power saving by quiescing idle CPU cores, and offers performance gains by potentially overclocking busy cores within safe thermal levels. Other hardware enhancements include extensive device driver updates, covering storage, network and graphics devices, and certification of IBM's new Cell Blade systems.

Red Hat Enterprise Linux becomes a certified operating system for IBM's new high-performance blade server based on Cell Broadband Engine (Cell/B.E) Architecture.

Desktop version includes latest cutting edge softwares:

  • Evolution 2.12.3
  • Firefox 3
  • OpenOffice 2.3.0
  • Thunderbird 2.0

Red Hat Cluster Suite, which is included in Red Hat Enterprise Linux 5 Advanced Platform, now has a Resource Event Scripting Language that enables sophisticated application failover capabilities. It also newly supports SCSI-3 reservation fencing support for active/active and active/passive DM/MPIO (multipathing), which widens the range of storage devices that can be used in clusters.

Improved iSCSI support allows users to set-up diskless systems with a root volume on the iSCSI server, a common requirement in high-density Blade environments.


How do I upgrade my system?

First, make sure you backup existing configuration and data. Next, simply type the following two commands:
# yum update
# reboot

Verify that everything is working fine including all services:
# netstat -tulpn
# netstat -nat
# tail -f /var/log/messages
# egrep -i 'error|warn' /var/log/messages
# egrep -i 'error|warn' /path/to/apps/log/file

Alternatively, you can click on the "Red Hat Network Alert Notification GUI Tool" - which is a notifier that appears on the panel and alerts users when software package updates are available for the systems. This is point and click method.

If you are CentOS Linux user wait for some time to get all updates. More information available at Red Hat web site.

Informationweek tested openSUSE, Ubuntu 8.4, PCLinuxOS, Mandriva Linux One, Fedora, SimplyMEPIS, and CentOS 5.1. All performed well, and each had at least one truly outstanding feature. From the article:

In the last couple of years, desktop-friendly Linux distributions have taken enormous leaps -- they're easier to install, better maintained, and more powerful than ever before. There's also that many more of them -- which means that many more possibilities to sift through.

In this roundup I've looked at seven Linux distributions, all mainly aimed at desktop users. Some ought to be household names; some are less widely sung but still worth looking at. All are meant to be top-of-the-line, "throw-and-go" distros for general use, so I paid careful attention to how they behaved on a fairly broad range of hardware -- how display, networking, or other default configurations were set to behave both out of the box and after an update (if one was available).

Related: Which Linux Desktop Distribution is the best for me?

Open Source Alternative to Commercial Software

Webi has published a very comprehensive list of alternative "open source" applications to mainstream applications. It includes office applications, multimedia, graphics, networking and security applications.

=> Free and Open Source Software Directory (FLOSS/FOSS) [webi.org]

netcat utility (nc command) considered as TCP/IP swiss army knife. It reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

I also install the netcat package for administering a network and you'd like to use its debugging and network exploration capabilities.

One my favorite usage is to migrating data between two server hard drives using netcat over a network. It is very easy to copy complete drive image from one server to another.

You can also use ssh for the same purpose, but encryption adds its own overheads. This is tried and trusted method (hat tip to karl) .

Make sure you have backup of all important data.

Install netcat

It is possible that nc may not be installed by default under Redhat / CentOS / Debian Linux.

Insall nc under Redhat / CentOS / Fedora Linux

Use yum command as follows:
# yum install nc
Output:

Loading "installonlyn" plugin
Loading "rhnplugin" plugin
Setting up Install Process
Setting up repositories
rhel-x86_64-server-vt-5   100% |=========================| 1.2 kB    00:00
rhel-x86_64-server-5      100% |=========================| 1.2 kB    00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for nc to pack into transaction set.
nc-1.84-10.fc6.x86_64.rpm 100% |=========================| 6.9 kB    00:00
---> Package nc.x86_64 0:1.84-10.fc6 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 nc                      x86_64     1.84-10.fc6      rhel-x86_64-server-5   56 k
Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 56 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): nc-1.84-10.fc6.x86 100% |=========================|  56 kB    00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: nc                           ######################### [1/1]
Installed: nc.x86_64 0:1.84-10.fc6
Complete!

Debian / Ubuntu Linux netcat installation

Simply use apt-get command:
$ sudo apt-get install netcat

WARNING! These examples may result into data loss, ensure there are good backups before doing this, as using command wrong way can be dangerous.

How do I use netcat to copy hard disk image?

Our sample setup

-----------------------
HostA // 192.168.1.1
------------------------
           sda
        NETWORK
           sdb
------------------------
HostB // 192.168.1.2
-------------------------

Your task is copy HostA /dev/sda to HostB's /dev/sdb using netcat command. First login as root user

Command to type on hostB (receiving end ~ write image mode)

You need to open port on hostB using netcat, enter :
# netcat -p 2222 -l |bzip2 -d | dd of=/dev/sdb
Where,

  • -p 2222 : Specifies the source port nc should use, subject to privilege restrictions and availability. Make sure port 2222 is not used by another process.
  • -l : Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host.
  • bzip2 -d : Compresses image using the Burrows-Wheeler block sorting text compression algorithm, and Huffman coding. This will speed up network transfer ( -d : force decompression mode)
  • dd of=/dev/sda : /dev/sda is your hard disk. You can also specify partition such as /dev/sda1

Command to type on hostA (send data over a network ~ read image mode)

Now all you have to do is start copying image. Again login as root and enter:
# bzip2 -c /dev/sda | netcat hostA 2222
OR use IP address:
# bzip2 -c /dev/sda | netcat 192.168.1.1 2222

This process takes its own time.

A note about latest netcat version 1.84-10 and above

If you are using latest nc / netcat version above syntax will generate an error. It is an error to use -l option in conjunction with the -p, -s, or -z options. Additionally, any timeouts specified with the -w option are ignored. So use nc command as follows.

On hostA, enter:
# nc -l 2222 > /dev/sdb
On hostB, enter:
# nc hostA 2222< /dev/sda
OR
# nc 192.168.1.1 2222< /dev/sda

Using a second machine (hostB), connect to the listening nc process at 2222 (hostA), feeding it the file (/dev/sda)which is to be transferred. You can use bzip2 as follows.
On hostA, enter:
# nc -l 2222 | bzip2 -d > /dev/sdb
On hostB, enter:
# bzip2 -c /dev/sda | nc 192.168.1.1 2222

Further readings

How do I improve performance?

As suggested by anonymous user:

You should definitely use bs=16M or something like that. Otherwise, the copy will take forever. Copying a 300 GB hard drive over a 1 Gbps cross-over cable took about 1 1/2 hours or so using bs=16M Without this option, the same thing would have taken about 7 hours.

In short use command as follows:
# netcat -p 2222 -l |bzip2 -d | dd of=/dev/sdb bs=16M

Updated for accuracy.

When you cannot monitor your server for service availability, it is better to take help of automated monitor and restart utility. Last 4 days I was away from my server as I was enjoying my vacation. During this time due to load my lighttpd webserver died but it was restarted automatically within 2 minutes. I had utility configured for monitoring services on a Linux system called monit. It offers all features you ever needed for system monitoring and perform error recovery for UNIX like system.

Before monit I had my own shell and perl script for monitoring service. If service failed script will try to restart service and send an automated email to me. However monit is a superior solution.

monit is a utility for managing and monitoring processes, files, directories and devices on a Unix system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations. For example, monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses to much resources. You may use monit to monitor files, directories and devices for changes, such as timestamps changes, checksum changes or size changes.

Monit logo

You may also use monit to monitor files, directories and devices on localhost. Monit can monitor these items for changes, such as timestamps changes, checksum changes or size changes. This is also useful for security reasons you can monitor the md5 checksum of files that should not change.

Personally, I always install and configure monit on all boxes which are under my control.

Install monit under Debian or Ubuntu Linux

Use apt-get command to install monit
# apt-get install monitOR$ sudo apt-get install monit

Install monit under Red Hat enterprise Linux / CentOS Linux (source code installation)

Many distributions include monit. However monit is not included in official Red hat enterprise Linux. Just download monit source code from official web site using wget command:
# cd /opt
# wget http://www.tildeslash.com/monit/dist/monit-4.8.2.tar.gz
Untar monit
# tar -zxvf monit-4.8.2.tar.gz
# cd monit-4.8.2

Configure and compile monit:

# ./configure
# make

Install monit

# make install

Copy monit configuration file:

# cp monitrc /etc/monitrc

By default monit is located at /usr/local/bin/monit

How do I Configure monit?

monitrc is name of monit configuration file and it is by default located at /etc/monitrc location. However each distribution places file in different location: .
=> Source code installation : /etc/monitrc
=> Debian / Unentu Linux installation : /etc/monit/monitrc

Open monit configuration file and setup values as follows:
# vi /etc/monitrc

a) Run it as daemon and check the services (such as web, mysql, sshd) at 2-minute
intervals.
set daemon 120

b) Set syslog logging with the 'daemon' facility:
set logfile syslog facility log_daemon

c) Set mail server name to send email alert
set mailserver mail.cyberciti.biz
Set email format such as from email
set mail-format { from: alert@nixcraft.in
subject: $SERVICE $EVENT at $DATE
message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
}

d) Now most important part, restart lighttpd or apache web server if failed or killed by Linux kernel due to any causes:
check process lighttpd with pidfile /var/run/lighttpd.pid
group lighttpd
start program = "/etc/init.d/lighttpd start"
stop program = "/etc/init.d/lighttpd stop"
if failed host 75.126.43.232 port 80
protocol http then restart
if 5 restarts within 5 cycles then timeout

Where,

  • check process lighttpd with pidfile /var/run/lighttpd.pid : You are specifying lighttpd pid file and daemon name
  • group lighttpd: Specify group name, which is allowed or used to start/restart lighttpd
  • start program = "/etc/init.d/lighttpd start" : Command to start lighttpd server
  • stop program = "/etc/init.d/lighttpd stop" : Command to stop lighttpd server
  • if failed host 127.0.0.1 port 80 : Server IP address and port number (80)
  • protocol http then restart : If above IP and port failed restart the webserver
  • if 5 restarts within 5 cycles then timeout : Try to restart 5 times; if monit cannot restart webserver 5 times; just time out to avoid race condition.

Here is my mysql server restart configuration directives:
check process mysqld with pidfile /var/run/mysqld/mysqld.pid
group database
start program = "/etc/init.d/mysqld start"
stop program = "/etc/init.d/mysqld stop"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout

Here is my sshd server configuration directives:
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/sshd start"
stop program "/etc/init.d/sshd stop"
if failed host 127.0.0.1 port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

Here is my Apache serverrestart configuration directives:
check process httpd with pidfile /var/run/httpd.pid
group apache
start program = "/etc/init.d/httpd start"
stop program = "/etc/init.d/httpd stop"
if failed host 127.0.0.1 port 80
protocol http then restart
if 5 restarts within 5 cycles then timeout

Replace IP address 127.0.0.1 with your actual IP address. If you are using Debian just start monit:
# /etc/init.d/monit start

If you are using Red Hat Enterprise Linux, start monit from /etc/inittab file:
Open /etc/inittab file:
# vi /etc/inittab
Append following line:
mo:2345:respawn:/usr/local/bin/monit -Ic /etc/monitrc

Now start monit:
# init -qOR
# telinit -q

You can verify that monit is started from /var/log/messages log file:
# tail -f /var/log/messagesOutput:

Nov 21 04:39:21 server monit[8759]: Starting monit daemon
Nov 21 04:39:21 server monit[8759]: Monit started

If lighttpd died, you will see something as follows in log file:

Nov 21 04:45:13 server monit[8759]: 'lighttpd' process is not running
Nov 21 04:45:13 server monit[8759]: 'lighttpd' trying to restart
Nov 21 04:45:13 server monit[8759]: 'lighttpd' start: /etc/init.d/lighttpd

You may use monit to monitor daemon processes or similar programs running on localhost or started from /etc/init.d/ location such as
=> Apache Web Server
=> SSH Server
=> Postfix/Sendmail MTA
=> MySQL etc

Further readings

List of open source cluster management systems

M. Shuaib Khan has published a list of open-source cluster management systems.

Personally, I had used openMosix and Red Hat Cluster software (which is also based upon open source software funded by Red Hat).

From the article: In computing world, the term "cluster" refers to a group of independent computers combined through software and networking, which is often used to run highly compute-intensive jobs. With a cluster, you can build a high-speed supercomputer out of hundreds or even thousands of relatively low-speed systems. Cluster management software offers an easy-to-use interface for managing clusters, and automates the process of queuing jobs, matching the requirements of a job and the resources available to the cluster, and migrating jobs across the cluster:

=> openMosix
=> Kerrighed
=> OpenSSI
=> Gluster
=> BOINC

Read this article it offers feature, cons and pros of each solution.

My friend wanted to know how to change or convert DHCP network configuration to static configuration. After initial installation, he wanted to change network settings. Further, his system is w/o GUI system aka X Windows. Here is quick way to accomplish the same:

Your main network configuration file is /etc/network/interfaces

Desired new sample settings:
=> Host IP address 192.168.1.100
=> Netmask: 255.255.255.0
=> Network ID: 192.168.1.0
=> Broadcast IP: 192.168.1.255
=> Gateway/Router IP: 192.168.1.254
=> DNS Server: 192.168.1.254

Open network configuration file
$ sudo vi /etc/network/interfacesOR$ sudo nano /etc/network/interfaces

Find and remove dhcp entry:
iface eth0 inet dhcp

Append new network settings:

iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.254

Save and close the file. Restart the network:
$ sudo /etc/init.d/networking restart

Task: Define new DNS servers

Open /etc/resolv.conf file
$ sudo vi /etc/resolv.conf

You need to remove old DNS server assigned by DHCP server:
search myisp.com
nameserver 192.168.1.254
nameserver 202.54.1.20
nameserver 202.54.1.30

Save and close the file.

Task: Test DNS server

$ host cyberciti.biz

Network command line cheat sheet

You can also use commands to change settings. Please note that these settings are temporary and not the permanent. Use above method to make network changes permanent or GUI tool as described below.

Task: Display network interface information

$ ifconfig

Task: Take down network interface eth0 / take a network interface down

$ sudo ifconfig eth0 downOR $ sudo ifdown eth0

Task: Bring a network interface eth0 up

$ sudo ifconfig eth0 upOR$ sudo ifup eth0

Task: Change IP address and netmask from command line

Activate network interface eth0 with a new IP (192.168.1.50) / netmask:
$ sudo ifconfig eth0 192.168.1.50 netmask 255.255.255.0 up

Task: Display the routing table

$ /sbin/route OR$ /sbin/route -n
Output:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
localnet        *               255.255.255.0   U     0      0        0 ra0
172.16.114.0    *               255.255.255.0   U     0      0        0 eth0
172.16.236.0    *               255.255.255.0   U     0      0        0 eth1
default         192.168.1.254   0.0.0.0         UG    0      0        0 ra0

Task: Add a new gateway

$ sudo route add default gw 172.16.236.0

Task: Display current active Internet connections (servers and established connection)

$ netstat -nat

Task: Display open ports

$ sudo netstat -tulpOR$ sudo netstat -tulpn

Task: Display network interfaces stats (RX/TX etc)

$ netstat -i

Task: Display output for active/established connections only

$ netstat -e
$ netstat -te
$ netstat -tue

Where,

  • -t : TCP connections
  • -u : UDP connections
  • -e : Established

Task: Test network connectivity

Send ICMP ECHO_REQUEST to network hosts, routers, servers etc with ping command. This verifies connectivity exists between local host and remote network system:
$ ping router
$ ping 192.168.1.254
$ ping cyberciti.biz

See simple Linux system monitoring with ping command and scripts for more information.

Task: Use GUI (Graphical Configuration) network Tool

If you are new, use GUI configuration tool, type the following command at terminal:
$ network-admin &

Above command is Ubuntu's GUI for configuring network connections tool.

Final tip - Learn how find out more information about commands

A man page is your best friend when you wanted to learn more about particular command or syntax. For example, read detailed information about ifconfig and netstat command:
$ man ifconfig
$ man netstat

Just get a short help with all command options by appending --help option to each command:
$ netstat --help

Find out what command is used for particular task by searching the short descriptions and manual page names for the keyword:
$ man -k 'delete directory'
$ apropos -s 1 remove

Display short descriptions of a command:
$ whatis rm
$ whatis netstat

Linux offers an excellent collection of utilities, which can be use to finding the files and executables, remember you cannot memorize all the commands and files ;)