Sunday, December 27, 2009

Port Forwarding Rule Setup in Actiontec router (VZ WIRELESS ROUTER)

First of all login in router access page; most often it is http://92.168.1.1

In my case

public IP: 72.B.C.D (I haven't provied my public ip for my privacy)
private IP: 192.168.1.x

Step: 1 Click on Firewall Setting--> Port Forwarding --> New Entry


step: 2 Give the device name (LAN device) where your outer world need to have access; for e.g Web server in LAN hosted on computer named as 'windows' with IP add 192.168.1.16



step 3: We selected "Forward to Port : User Defined " so that we can customize the way (I mean the Port) we can access LAN service from outside world. I named my WebServer application as DevApp.



step 4: Now configure the service/Application. The simplest rule would be: Any one can access through the my defined Port (say 8081) using TCP protocol



step 5: now we should select OK



step 6: Forward to Port : the port where my web server is listening. In my case my web server is listening at 192.168.1.16:8081 (FYI - Listen port can be changed in httpd.conf e.g Listen 192.168.1.16:8081)



step 7:




step 8: Once the rule is defined, it should be refreshed in router or applied.



step 9: Click Refresh/Apply

Sunday, October 11, 2009

My Guest OS cannot ping My Host OS in Virtual Box

The default networking setup for VirtualBox is NAT, which means basically that your host computer is acting like a router, creating a virtual network for your virtual machine to connect to. Naturally, this network has it's own IP scheme.

I have a router(gateway) 192.168.1.1 (255.255.255.0)
host computer 192.168.1.5

I was trying to manually set up my guest to static ip 192.168.1.12 and found it cannot ping my gateway, neither can access internet.
By default the ip of guest is 10.0.2.15, it can access internet and my router(192.168.1.1)

To fix the issue, I had to use Bridge Network.
1) Virtual Box -> SETTINGS -> NETWORK -> Bridge -> Edit Setting -> Add your active adapter for internet/network (in my case I am using Wireless Adapter en1: AirPort of my MacBook )

2) Then I started my guest OS. Say I have Windows XP as my guest OS. I need to edit the network settings. Manually add the IP ADD, DEFAULT GATEWAY, DNS. Since my router act as DNS for my LAN, I used DNS same as my DEFAULT GATEWAY.

Friday, April 17, 2009

System Administrator's Role

System Administrator's Role: (BASIC ROLES)
  • Preinstallation planning
  • Install - hardware, software, network
  • Manage - user accounts, system resources, licenses
  • Backup/recovery
  • Define subsystems
  • Performance monitoring, capacity planning
SAN Requirements:

IBM DS8300 frame
SVC (SAN Volume Controller)
EMC Symmetrix 8830
EMC Clariion CX700 & CX300
Cisco and Brocade Switches
IBMs TSM (Tivoli Storage Manager) and TPC (TotalProductivity Center)

Some fundametals and tweaks in AIX

Default Multi-user runlevel in AIX : runlevel 2

To bring down system in Maintenance mode/Single user mode
#shutdown -m

To bring back system in runlevel 2
#telinit 2

*********************************
SRC ( System Resource Controller) for easy management of group of Deamon/Subsystem in AIX

#lssrc -a
#ps -ef

notice the output of above commands

#stopsrc -s
#startsrc -s
#refresh -s : this command enables deamon to reread any of it's configuration file; so whenever we made any changes in deamon config files, we can use refresh command to bring the changes into effect.

Not all process are controller by SRC/ srcmstr; those process which are not controlled by SRC can be killed by
#kill

*****************************

Manage the System Environment (e.g time, license, characteristics of OS etc)

#smit system

Manage the system language environment

#smit mlang

***************************
SU command:
The su command allows you to assume the permissions of any user whose password you
know.
Every time the su command is used an entry is placed in the file /var/adm/sulog (this is an
ASCII text file). This makes it easy to record access as the superuser. Normal logins are
recorded in the file /var/adm/wtmp. To read the contents of this file use the command:
who /var/adm/wtmp.
The su command can also be specified with the - option. The - specifies that the process
environment is to be set as if the user had logged into the system using the login
command. Nothing in the current environment is propagated to the new shell. For
example, using the su command without the - option, allows you to have all of the
accompanying permission of root while keeping your own working environment.

Boot Image of AIX

Using Bootlist from System ROS/BIOS/EFI (whatever you say) , System locates the boot device and attempts to load the Boot Image of OS to the Memory. So, the question comes: What is the Boot Image?

Boot image of AIX contains the files required to boot the AIX system, including the AIX kernel, the RAMFS (RAM file system), and the copy of Base ODM (Object Data Manager)


ROS : Read Only Storage
BIOS : Basic Input Output System
EFI : Extensible Firmware Interface

System Initialization in Brief:

In General
Hardware Initialization -- Low Level Configuration -- Load Boot Image -- AIX Initialization

For POWER servers:
System ROS ---- SMS/BOOTLIST ---- Software ROS------ BLV----INIT

For Intel Itanium -based Servers
BIOS/EFI --- Set up EFI boot manager --- EFI system partition contains bootloader boot.efi ---physical partition contains BLV -- AIX Initialization

Thursday, April 16, 2009

Startup modes in AIX

Basically there are 4 startup modes in AIX

 

1. NORMAL MODE : Multiuser mode; All process are running


2. SYSTEM MANAGEMENT SERVICES : it runs from FIRMWARE and sets bootlist; it's not AIX


3. MAINTENANCE : Singer User mode; password recovery and system recovery for the system which can't undergo normal boot.


4. DIAGNOSTICS : AIX diagnostics

Monday, April 13, 2009

NIM on LINUX for AIX

Real Good explanation.. seems to be perfect.. but i don't know it will work or not.

http://www.unix.com/aix/44512-nim-linux-machine-real.html


http://www.nasi.com/servers.php

Sunday, April 12, 2009

Snapshot : quick magic backup

Snapshots

This is a very useful feature. Many of us have the situation where important data needs to be backed up, but it cannot be used while the backup is running because then the backed up files would be out of sync with each other. For example, you have an accounting system that is recording orders. The accounts receivable file gets backed up now, and you take an order. Both a/r and the customer file get updated to reflect the new order, but a/r has already been backed up. When the customer file finally makes it to tape, it's not consistent with a/r, and of course it needs to be. Without snapshots, your only recourse is to stop taking orders while the backup runs. If you have lots of disk space, you could copy the whole accounting system and backup the copy, but that can take a lot of time too, and you may not have the space. Snapshots are the solution. Before you do the next step, make sure you've put a few files in /little, and make at least one of them unimportant. Then create the snapshot.



lvcreate --size 200M --snapshot -n mysnap /dev/Volume00/mylv
mkdir /mylvsnap
mount /dev/Volume00/mysnap /mylvsnap
df


Right off the bat you should have noticed something strange. We created mysnap very specifically with a size of 200MB, and trust me, that's all it took away from us, but df shows it being the same size (6GB) as mylv. We'll get back to why this is in a minute, but first take a look at the files in /snap. They are identical to the files in /mylv, right? OK, now go edit a file in /mylv. Does it change in /snap? No, it does not. Remove a file in /mylv - it's still there in /snap. Add a new file to /mylv, and that does NOT appear in /snap. How is this done, and most especially how is it done in 200MB?

It's not magic

OK, it is magic. What is going on is that /snap contains absolutely nothing UNLESS something changes back at /mylv. If you ask for a file from /snap that has not changed, the data is read right from /mylv. But if a file IS changed, before the change is written, the data blocks that don't yet have the changes are written to /snap. Note that entire files are NOT written, just data blocks that are about to change. So, as long as we don't change more than 200MB worth of data in /mylv, we can have our cake and eat it too. Our procedure will be:

  • Stop using the filesystem, shut down any databases that need to be shutdown etc.
  • Create the snapshot
  • Start up our databases, go back to work.
  • Start backing up /snap


Our time without access is minutes or seconds - just however long it takes to stop the processes and restart them, basically. The backup can take its sweet time. Well it can if it doesn't take so long that we need more than 200 MB to store our data that is changing. That does mean that the size of mysnap does have to be a bit of an educated guess. It also means that as soon as you are done with the backup, mysnap should be removed:



umount /snap
lvremove /dev/Volume00/msnap


If you don't remove it, it will go on copying data as it is changed and eventually it will run out of room. You can't just leave it there for next time!

Some other helpful links:

http://tldp.org/HOWTO/LVM-HOWTO/index.html
http://ds9a.nl/lvm-howto/HOWTO/cvs/lvm-howto/output/lvm-howto.html

http://aplawrence.com/Linux/lvm.html


Thursday, April 9, 2009

Backup and Restore

Tar (Tape Archive)

It's a backup utility to create archive in Tape.

Syntax:
tar [options] [archive name/device name/destination] [files to be archived/source]

options can be : -c create
-v verbose
-x extract
-t show the contents
-z to zip the content

eg. #tar -cvf /dev/st0 /home


Using dump and restore:

dump: it's utility to make a backup of files in ext filesystem

syntax:
#dump [options] [destination] [source]
restore: it's utility to restore a backup

Type of backup:
1. Full Backup --> 0
2. Incremental Backup --> 1-9
e.g #dump -0uf /dev/st0 /home

0--> for full backup
u--> Update the file /etc/dumpdates after a successful dump
f --> Write the backup to file; file may be a special device file like /dev/st0 (a tape drive), /dev/rsd1c (a floppy disk drive), an ordinary file, or - (the standard output)


#dump -1uf /dev/st0 /home

1--> for first incremental backup

RESTORE:

#cd / ; mkdir extract
#cd /extract
#restore -rf /dev/st0

Shell Scripting plus AWK and SED

Shell Script is series of command written in plain text file. Shell script is just like batch file is MS-DOS but have more power than the MS-DOS batch file

==========================================================
awk utility is powerful data manipulation/scripting programming language (In fact based on the C programming Language). Use awk to handle complex task such as calculation, database handling, report creation etc.

General Syntax of awk:

Syntax:awk -f {awk program file} filename

awk Program contains are something as follows:

Pattern
{
action 1
action 2
action N }

awk reads the input from given file (or from stdin also) one line at a time, then each line is compared with pattern. If pattern is match for each line then given action is taken. Pattern can be regular expressions.

======================================================

SED is a stream editor. A stream editor is used to perform basic text transformations on an input stream (a file or input from a pipeline). SED works by making only one pass over the input(s), and is consequently more efficient.

General Syntax of sed
Syntax:
sed -option 'general expression' [data-file]
sed -option sed-script-file [data-file]

http://freeos.com/guides/lsst/index.html

Sunday, March 29, 2009

AIX Backup in short and sweet

Aix is a unix based os developed by IBM and was originally released in the mid 80s for PC RT. When IBM released the RS/6000 in 1992, it released AIX 3.1 and built in is a mksysb script to do a full rootvg or OS backup. Other volume groups are not touched by this script. It was aimed at scsi tape drives. When booted from tape, the system would be restore rootvg to exactly what it contained when it was backed up. When finished, the system reboots. IBM never supported writing to cd but went directly to dvd. A mksysb can be written to dvd and then booted and restored from dvd. This function would be VERY helpful to linux releases or unix released. What was described earlier is simillar to a product in AIX called Network Install Manager - nim. Using nim, a root user can do a bootable backup to a remote system and then restore from that system. A nim restore is the fastest form of installing AIX and is used by manufacturing to preload systems. Today, at AIX 6.1, nim and mksysb are mature and trusted processes. Non rootvg volume groups are backed up using savevg. savevg is better than tar as it creates logical volumes the correct size and correctly names the mount points and then restores the data. Again, its a mature process. Even open files are backed up with mksysb and savevg although any save to the file after its backed up isn't reflected. A mksysb has 3 components, A boot image, a complete list of files and the actual backup. When the mksysb is taken, it compares what is on the list to what is on the tape in the backup. They must agree.

Another option is LVM snapshot for your system/important directories and then tar/pipe them to lzma (faster/better than bzip2). You can write the scripts yourself or search for somebody else's on google.LVM snapshotting allows you to also capture the logical volumes and only needs the space that the delta data would require. You can back up the snapshot and ensure a consistent state, then destroy the snapshot.

OPEN SOURCE DISASTER RECOVERY SOFTWARE: http://www.mondorescue.org/

You can also try STORIX but it's not free

Sunday, February 1, 2009

Ciphering/Encryption

In RHEL 5.2 we can see SHA-1 being used for the ciphering/encryption. It produces 160 bit digest from a message of width max length: (2^64-1) and based on the principles of MD4, MD5 message digest algorithms.

http://en.wikipedia.org/wiki/Sha1

To view the installed cryptographic ciphers in Linux

#cat /proc/crypto
name : crc32c
driver : crc32c-generic
module : kernel
priority : 0
type : digest
blocksize : 32
digestsize : 4

name : sha1
driver : sha1-generic
module : kernel
priority : 0
type : digest
blocksize : 64
digestsize : 20

Friday, January 30, 2009

Major and Minor numbers

Linux kernel treats all devices as file; they can be opened, closed, read and written using the same standard system calls. For every kind of Block and Character Devices, system creates the device files using mknod command and they define the device as major and minor number.

?? what... major and minor number....

Don't worry, I am going to tell about major and minor number... ;-)

To access any device, Operating System must be told what to do. All the routines for the specific device is jointly referred as Device Driver.

All devices controlled by the same device driver have common MAJOR number. MINOR number is used to identify the different devices and their controllers.

In another language, it can be said that: MAJOR number tells what kind of device it is and MINOR number tells about the characterstics/location of the device.

http://www.linux-tutorial.info/modules.php?name=MContent&pageid=94

Sunday, January 4, 2009

Concept on SAN and Switches





In above block diagram of SAN system, we can see mulitple servers : AIX, HP, LINUX and may be SUN, WINDOWS etc connected to storage like EMC, SAN, HITACHI (HDS) through Fibre Channel.

In between Servers and Storage, we can see Switches also called as Fabric. This switch allows the soft zoning in between the servers and storage avoiding direct connection between Servers and Storage.

(SOFT ZONING: It is the logical connection rather than hard connection between the servers and storage )

In switch, we can activate and deactivate the created the zone in between Servers and Storage.

Wait!!! I am missing something..
To create the zoning in between the Server and the Storage, you must have WWPN (World Wide Port Name) of either ends.

FYI there is a GUI software called as EFCM for SAN managementt.

==============================================================
Another thing to notice in above block diagram is that, each server goes to storage via two switches. Why should we use multi path?
Simple answer: For redundancy and multi path allows 2X speed of the data transfer.

Now the next question arises: What controls the multipath?
It's the multi-pathing software installed in the Servers. There are various types of mulitpating softwares. Basically there is MPIO (Multi Path I/O) which is default installed in AIX server.
There is another software: SDD (Subsystem Device Driver) that also controls multipath.
It really depends upon your choice to use either MPIO or SDD.

Multipath can also be considered as the technique employed for Load Balancing.

=============================================================

You know there are many questions in my mind.. ;-)
Now how does the Server recognize the different vendors Storage devices?

It's real easy answer.... It's again the software/filesets.. It's like a device driver which we call Host Attachment Software/Package.


Now the bottom line concept for the SAN system to work, there are three softwares running in the servers: OS, Multipathing software and Host Attachment Software.

================================================================

Are you interested in Switch Trunking? If yes, you can go through it, ok.. Otherwise skip it.. :-)


In above block diagram it says ISL (Inter Switch Link). If the two switches are connected via ISL then this is called as Trunking. And both of the switches behave as a single switch. This increases number of possible switching. This also helps in load balancing.

(FYI: If the ports connected by ISL, the port is called as E Port. Similarly if connected by Fiber, the port is called as F Port. If nothing connected , the port is called G Port)


There can be more trunking lines in between two switches for efficient load balancing and efficient switching.

In SAN system, Domain ID represents Switch. Usually you will find the following notation:
97(1) which implies Switch 1 Port 97

Go and find about QLogic and Emulex...

Hey by the way, I am trying to share only my knowledge. Don't rely 100% in it.. bcoz technology is ever changing. I am trying to update my every postings.





Saturday, January 3, 2009

WWPN (World Wide Port Name)

(WorldWide Port Name) The unique serial number burned into Fibre Channel adapters that identifies that network port from all others. The WWPN is the Fibre Channel counterpart of the MAC address in Ethernet adapters.

For the pretty clear concept of FIBRE CHANNEL go to :

http://www.pcmag.com/encyclopedia_term/0,2542,t=Fibre+Channel&i=43129,00.asp

IBM server series

P series: POWER series (Performance Enhanced With Enhanced RISC)
To run AIX server


i series: To run ios
Power Systems including AS/400, iSeries, and System i

Z series: Mainframe computers (developed only by IBM)

http://www-03.ibm.com/systems/z/hardware/index.html

DS series: for data storage

X series: x86 architectures INTEL processors;
x86 servers for Windows and Linux
e.g for HMC (Hardware Management Console) server