I don't Think so.
Senin, 17 Desember 2012
Minggu, 16 Desember 2012
How to configure Dynamic Host Configuration Protocol (DHCP) in Linux
Dynamic Host Configuration Protocol (DHCP) Lease Process
The process of leasing an IP address occurs in the following four phases:
• Discovery (Message from DHCP client to DHCP Server): The DHCP client broadcasts a DHCP discover message on the network containing its MAC address to find a DHCP server running in the network.
• Offer (Message from DHCP server to DHCP client): Each DHCP server on the network that receives the request responds with a DHCP offer message. An offered IP address is included in the message.
• Request (Message from DHCP client to DHCP Server): When a DHCP client receives a DHCPOffer packet, it responds by broadcasting a DHCPRequest packet that contains the offered IP address, and shows acceptance of the offered IP address. If multiple DHCP servers respond, the client selects the first offer it receives and broadcasts a DHCP request for the IP address. The message is broadcast on the network because the client has not yet been assigned an IP address; it has only been offered one.
• Acknowledge (Message from DHCP server to DHCP client): The DHCP server responds with a DHCPACK (acknowledgment) granting the client's request to use the IP address. The DHCPACK also contains information about any DHCP options that have been configured on the server (such as the IP address of the DNS server).
Dynamic Host Configuration Protocol (DHCP) configuration file (/etc/dhcpd.conf)
A sample Linux dhcpd.conf file is copied below.
ddns-update-style interim;
ignore client-updates;
ignore client-updates;
subnet 192.168.1.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
# option nis-domain "domain.org";
option domain-name "omnisecu.com";
option domain-name-servers 192.168.1.1;
option domain-name "omnisecu.com";
option domain-name-servers 192.168.1.1;
# option time-offset + 19800; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
# range dynamic-bootp 192.168.0.128 192.168.0.254;
range 192.168.1.210 192.168.1.220;
default-lease-time 21600;
max-lease-time 43200;
range 192.168.1.210 192.168.1.220;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
• ddns-update-style interim: Confirms Dynamic DHCP.
• ignore client-updates: This setting don't allow users on client computers to change their host names.
• subnet 192.168.0.0 netmask 255.255.255.0 Describes a network with an address of 192.168.0.0 and a subnet mask of 255.255.255.0. This allows the local DHCP server to assign addresses in the range 192.168.0.1 to 192.168.0.254 to different computers on this network. If you've configured a different network IP address, you'll want to change these settings accordingly.
• option routers: Lists the default router.
• option subnet-mask: Specifies the subnet mask for the local network.
• option nis-domain: Specifies the NIS domain name
• option domain-name: Domain name for the network
• option domain-name-servers DNS Server for the network
• option time-offset: Lists the difference from Greenwich Mean Time.
• option ntp-servers Network Time Protocol (NTP) servers
• option netbios-name-servers: WINS (Windows Internet Name Servers) Servers. Used for NetBIOS name resolution.
• range dynamic-bootp: BOOTP range
• default-lease-time: Specifies the lease time for IP address information, in seconds.
• max-lease-time Specifies the maximum lease time for IP address information, in seconds.
• next-server: Boot server for network computers
Linux Dynamic Host Configuration Protocol (DHCP) leases file is /var/lib/dhcpd/dhcpd.leases.
Sabtu, 08 Desember 2012
Essential Tricks
Checking your bandwidth
Imagine this: Company A has a storage server named ginger and it is being NFS-mounted by a client node named beckham. Company A has decided they really want to get more bandwidth out of ginger because they have lots of nodes they want to have NFS mount ginger's shared filesystem.
The most common and cheapest way to do this is to bond two Gigabit ethernet NICs together. This is cheapest because usually you have an extra on-board NIC and an extra port on your switch somewhere.
So they do this. But now the question is: How much bandwidth do they really have?
Gigabit Ethernet has a theoretical limit of 128MBps. Where does that number come from? Well,
1Gb = 1024Mb; 1024Mb/8 = 128MB; "b" = "bits," "B" = "bytes"
But what is it that we actually see, and what is a good way to measure it? One tool I suggest is iperf. You can grab iperf like this:
You'll need to install it on a shared filesystem that both ginger and beckham can see. or compile and install on both nodes. I'll compile it in the home directory of the bob user that is viewable on both nodes:
On ginger, run:
This machine will act as the server and print out performance speeds in MBps.
On the beckham node, run:
You'll see output in both screens telling you what the speed is. On a normal server with a Gigabit Ethernet adapter, you will probably see about 112MBps. This is normal as bandwidth is lost in the TCP stack and physical cables. By connecting two servers back-to-back, each with two bonded Ethernet cards, I got about 220MBps.
In reality, what you see with NFS on bonded networks is around 150-160MBps. Still, this gives you a good indication that your bandwidth is going to be about what you'd expect. If you see something much less, then you should check for a problem.
Imagine this: Company A has a storage server named ginger and it is being NFS-mounted by a client node named beckham. Company A has decided they really want to get more bandwidth out of ginger because they have lots of nodes they want to have NFS mount ginger's shared filesystem.
The most common and cheapest way to do this is to bond two Gigabit ethernet NICs together. This is cheapest because usually you have an extra on-board NIC and an extra port on your switch somewhere.
So they do this. But now the question is: How much bandwidth do they really have?
Gigabit Ethernet has a theoretical limit of 128MBps. Where does that number come from? Well,
1Gb = 1024Mb; 1024Mb/8 = 128MB; "b" = "bits," "B" = "bytes"
But what is it that we actually see, and what is a good way to measure it? One tool I suggest is iperf. You can grab iperf like this:
# wget http://dast.nlanr.net/Projects/Iperf2.0/iperf-2.0.2.tar.gz You'll need to install it on a shared filesystem that both ginger and beckham can see. or compile and install on both nodes. I'll compile it in the home directory of the bob user that is viewable on both nodes:
tar zxvf iperf*gz
cd iperf-2.0.2
./configure -prefix=/home/bob/perf
make
make install On ginger, run:
# /home/bob/perf/bin/iperf -s -f M This machine will act as the server and print out performance speeds in MBps.
On the beckham node, run:
# /home/bob/perf/bin/iperf -c ginger -P 4 -f M -w 256k -t 60 You'll see output in both screens telling you what the speed is. On a normal server with a Gigabit Ethernet adapter, you will probably see about 112MBps. This is normal as bandwidth is lost in the TCP stack and physical cables. By connecting two servers back-to-back, each with two bonded Ethernet cards, I got about 220MBps.
In reality, what you see with NFS on bonded networks is around 150-160MBps. Still, this gives you a good indication that your bandwidth is going to be about what you'd expect. If you see something much less, then you should check for a problem.
Essential tricks
Poking a hole in the firewall
Here's how to proceed:
Here's how to proceed:
- Check that what you're doing is allowed, but make sure you ask the right people. Most people will cringe that you're opening the firewall, but what they don't understand is that it is completely encrypted. Furthermore, someone would need to hack your outside machine before getting into your company. Instead, you may belong to the school of "ask-for-forgiveness-instead-of-permission." Either way, use your judgment and don't blame me if this doesn't go your way.
- SSH from ginger to blackbox.example.com with the
-Rflag. I'll assume that you're the root user on ginger and that tech will need the root user ID to help you with the system. With the-Rflag, you'll forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH tunnel. Note that only SSH traffic can come into ginger: You're not putting ginger out on the Internet naked. You can do this with the following syntax:
~# ssh -R 2222:localhost:22 thedude@blackbox.example.com
Once you are into blackbox, you just need to stay logged in. I usually enter a command like:
thedude@blackbox:~$ while [ 1 ]; do date; sleep 300; done
to keep the machine busy. And minimize the window.
- Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH flags. You'll have to give them your password:
root@tech:~# ssh thedude@blackbox.example.com.
- Once tech is on the blackbox, they can SSH to ginger using the following command:
thedude@blackbox:~$: ssh -p 2222 root@localhost
- Tech will then be prompted for a password. They should enter the root password of ginger.
Jumat, 07 Desember 2012
Kubuntu 12.10 is Released
The Kubuntu community is proud to announce the release of 12.10, the Quantal Quetzal. This is the first release to burst free from the limits of CD sizes giving us some more space for goodies on the image.
It also does away with the alternate installer images, adding advanced partitioning options to the desktop image.
Built on Ubuntu's core and polished with KDE’s applications and workspaces, Kubuntu 12.10 is a grand example of friendly, fast and beautiful software. We recommend it as the perfect OS for casual users, students, Linux gamers, software developers, professionals and anyone interested in a free, open platform that is both beautiful and useful.
For a more technical overview see the Kubuntu 12.10 Release Notes
Getting Kubuntu 12.10
Upgrading from Previous Versions
To upgrade to Kubuntu 12.10 from 12.04 LTS, follow the Upgrade Instructions.Download a Disk Image
Instructions for burning the image to a DVD or USB flash drive can be found on the Burning ISO Howto or Installation for USB Stick.We recommend you learn how to check your image file to ensure it has downloaded correctly. Compare your MD5 checksum with the correct ones found alongside the images.
Langganan:
Postingan (Atom)