Thursday, November 24, 2011

NIC Bonding in Linux


Linux allows binding multiple network interfaces into a single channel/NIC using special kernel module called bonding. The behavior of the bonded interfaces depends upon the mode; generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed.

Step 1: Create a bond0 configuration file

# vi /etc/sysconfig/network-scripts/ifcfg-bond0
Append following lines to it:
DEVICE=bond0
IPADDR=192.168.0.100
NETWORK=192.168.0.0
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
Replace above IP address with your actual IP address. Save file and exit to shell prompt.

Step 2: Modify eth0 and eth1 config files:

# vi /etc/sysconfig/network-scripts/ifcfg-eth0
Modify/append directive as follows:
DEVICE=eth0
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
Save file and exit to shell prompt.

Step 3: Load bond driver/module

Make sure bonding module is loaded when the channel-bonding interface (bond0) is brought up. You need to modify kernel modules configuration file:
# vi /etc/modprobe.conf
Append following two lines:
alias bond0 bonding
options bond0 mode=1 miimon=1000              ###Note: mode 1 is “active-backup”
{Please consider removing the line 'options bonding miimon=100 mode=0' from modprobe.conf and place this line in ifcfg-bond0
BONDING_OPTS="miimon=100 mode=1"
RHEL5 and later support setting the bonding options in the ifcfg-bondX file, not in modprobe.conf.}

Step 4: Probe bonding module and test configuration


# /etc/init.d/network stop
# modprobe -r bonding
# lsmod |grep -i bond
# modprobe bonding

Restart networking service in order to bring up bond0 interface:

# /etc/init.d/network restart

If you get the below output, then everything is fine.

# cat /proc/net/bonding/bond0

Bonding Mode: active-backup
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
 
Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:00:00:00:00:00
 
Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:00:00:00:00:00

===============================================================

Options for mode types:

You can set up your bond interface according to your needs. In order to do this, you simply change the mode type depicted in the examples below (mode=X). There are seven mode types available. They are as follows:
mode=0
This mode uses the Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.
mode=1
This mode uses an Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.
mode=2
Transmit based on [(source MAC address XOR'd with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.
mode=3
Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.
mode=4
IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.
          *Pre-requisites:
1. Ethtool support in the base drivers for retrieving the speed and duplex of each slave.
2. A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require    some type of configuration to enable 802.3ad mode
mode=5
Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.
*Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave.
mode=6
Adaptive load balancing: includes balance-transmit load balancing plus receive load balancing for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.

Wednesday, November 23, 2011

Add Dag RPM Repository in RHEL5


Add Dag RPM Repository for yum because that has many useful packages.

[root@dns ~]# wget http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
[root@dns ~]# rpm --import RPM-GPG-KEY.dag.txt
[root@dns ~]# rm -f RPM-GPG-KEY.dag.txt
[root@dns ~]# vi /etc/yum.repos.d/dag.repo ###Create this file and add following lines:
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el5/en/$basearch/dag/
gpgcheck=1
enabled=0

# When you use dag repository, Input yum command like below.

[root@dns ~]# yum --enablerepo=dag install [package]


[root@dns ~]# wget http://download.fedora.redhat.com/pub/epel/RPM-GPG-KEY-EPEL

[root@dns ~]# rpm --import RPM-GPG-KEY-EPEL
[root@dns ~]# rm -f RPM-GPG-KEY-EPEL
[root@dns ~]# vi /etc/yum.repos.d/epel.repo           ###Create this file and add following lines:
[epel]
name=EPEL RPM Repository for Red Hat Enterprise Linux
baseurl=http://download.fedora.redhat.com/pub/epel/$releasever/$basearch/
gpgcheck=1
enabled=0

[root@jbox01 ~]# rpm -qa|grep gpg-pubkey*
gpg-pubkey-217521f6-45e8a532

[root@jbox01 ~]# rpm -qi gpg-pubkey-217521f6-45e8a532

# When you use dag repository, Input yum command like below.

[root@dns ~]# yum --enablerepo=epel install [package]

Repository Configuration


This are the only third repositories I use, I contribute to and I recommend.

1. Download

It is preferable to use YUM to download and install RPM available on this site, however il can be useful to download a RPM for a futher use or for another computer.
Locations :

2. Package manager configuration

This repository use the YUM format, it can also be used with APT and SMART. It need to be declared.
Notes :
  • ppc64 (PowerPC 64 bits) repositories are only open for Fedora 8 and newer.
  • x86_64 (64 bits) and ppc (PowerPC) repositories are only open for Fedora Core 6 and newer.
  • For older releases only the i386 (32 bits) repository is open.
  • 2008-05-17 : The Fedora Core 3 repository is closed (it stay available but will not be updated).
  • 2009-04-19 : The Fedora Core 4 and 5 repositories are closed.
  • 2010-10-11 ; The Fedora Core 6 and Fedora 7 repositories are closed.
  • 2011-09-16 ; The Fedora 8 and Fedora 9 repositories are closed.
2.1. YUM automatic configuration
The simplest way is to install the remi-release package which provides the repository configuration for YUM and the GPG key used to sign the RPM.
Fedora 15 i386 or x86_64
rpm -Uvh http://rpms.famillecollet.com/remi-release-15.rpm
Fedora 14 i386 or x86_64
rpm -Uvh http://rpms.famillecollet.com/remi-release-14.rpm
Fedora 13 i386 or x86_64
rpm -Uvh http://rpms.famillecollet.com/remi-release-13.rpm
Fedora 12 i386, ppc, ppc64 or x86_64
rpm -Uvh http://rpms.famillecollet.com/remi-release-12.rpm
Fedora 11 i386, ppc, ppc64 or x86_64
wget http://rpms.famillecollet.com/remi-release-11.rpm
rpm -Uvh remi-release-11.rpm
Fedora 10 i386, ppc, ppc64 or x86_64
wget http://rpms.famillecollet.com/remi-release-10.rpm
rpm -Uvh remi-release-10.rpm
Enterprise Linux 6 (with EPEL)
wget http://download.fedora.redhat.com/pub/epel/beta/6/i386/epel-release-6-5.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
Enterprise Linux 5 (with EPEL)
wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh remi-release-5*.rpm epel-release-5*.rpm
Enterprise Linux 4 (with EPEL)
wget http://download.fedora.redhat.com/pub/epel/4/i386/epel-release-4-10.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-4.rpm
rpm -Uvh remi-release-4*.rpm epel-release-4*.rpm
2.2. APT configuration
As for YUM, install the automatic configuration package. To enable the repository, you need to uncomment, in /etc/apt/sources.list.d/remi.list file, the line :
repomd http://rpms.famillecollet.com/ fc$(VERSION).$(ARCH)
2.3. SMART configuration
As for YUM, install the automatic configuration package. To enable the repository, you have to select it in the Edition / Channel menu.
2.3. YUM manual configuration
You just have to download the repository file configuration and to save it in the appropriate direcotry.
Fedora :
su -
cd /etc/yum.repos.d
wget http://rpms.famillecollet.com/fedora/remi.repo
Enterprise Linux (RHEL, CentOS) :
su -
cd /etc/yum.repos.d
wget http://rpms.famillecollet.com/enterprise/remi.repo
This file provides configuration for remi and remi-test repositories.
Notice : the repository is not enabled on install (enabled=0). You need to enable it when you need it, for example :
yum --enablerepo=remi install firefox-langpack-fr

3. Compatibility with other repositories

On Fedora, available RPM mainly use dependencies from  fedora, and updates repositories, sometime from Livna. (And, from Extras when Fedora <= 6) and now from Rpmfusion.
On Redhat and CentOS dépendencies are in main repositories and in EPEL. I really discourage you from using Rpmforge (well known conflicts with EPEL).
Exceptions are explained on the blog article of each RPM.

4. Remi's signature Installation (GPG Key)

This step is not required if you use a package manager (Yum of Apt).
The RPM validity check requires my key to be imported on your system before use. Download This GPG key and install it with :
rpm --import RPM-GPG-KEY-remi
YUM will propose you to automatic install it on first installation of a RPM from my repository.
You can list the installed key with :
rpm -q gpg-pubkey --qf "%{summary} ->%{version}-%{release}\n"
My old key fingerprint was : 00f97f56-4267cb5c
My new key fingerprint is : 00f97f56-467e318a

Monday, November 21, 2011

10 things you must teach new Linux users


1: It's just an operating system
Only two years ago, this issue wouldn't even have been mentioned. The thing is, the vast majority of work now is done through a Web browser. This makes the operating system almost irrelevant. So long as the operating system can run a browser, it will most likely live in the background, working away without so much as being noticed. Of course, this should be the case anyway, as an operating system is nothing more than a layer between user applications and hardware.
2: It's not Windows
Many new users aren't exactly aware that there is a difference between Windows, Linux, and Mac. But they need to know that they shouldn't always expect Windows-like behavior. When a user expects an operating system to behave like another operating system, trouble will most certainly ensue. Does this mean you need to give them the rundown on every difference between the operating systems? No. They just need to be prepared to encounter different behaviors from what they expect.
3: There is no "C"
Windows users are accustomed to a file system structure that never really made sense. Linux, on the other hand, has a perfectly logical directory hierarchy. This is one issue users will need to understand. However, there really is only one main directory they need to know about: /home/USERNAME (Where USERNAME is their name). Most modern distributions create the following directories within the users home directory: Documents, Pictures, Music, Video. Those subdirectories speak for themselves, and new users only need know where they are located to function properly. They also need to know that their home directory is the only place on the file system where they can save files.
4: Installing software is a different process
This one can trip up the new user more than anything. PC users are accustomed to searching for software on the 'net, downloading the .exe file, double-clicking it, and waiting for the software installation to complete. So they need to understand that Linux distributions come complete with their own special tool that will do all of that for them. All they have to do is open the Add/Remove Software tool (such as the Ubuntu Software Center, PackageKit, or Synaptic), search for a piece of software, and install it. New users tend to love the sheer amount of software that's available to install. Naturally some of it is useless, but the majority of those titles are good pieces of software that serve their purpose.
5: The command line is not necessary
When new uses are handed a Linux box, one of the first things to come out of their mouths is often, "Am I going to have to learn a bunch of commands?" The answer is no. In fact, modern Linux distributions are created in such a way that users could live their entire Linux lives and never touch the command line. This is now a non-issue. The command line is there (and always will be), but only those who want to use it need ever open up a terminal window. Outside of that, users can rest assured that they will not have to grep, ls, mkdir, chmod, or chown. Nearly every action in Linux can be handled through a GUI.
6: There's no need to worry about infection
We're no longer dealing with Windows--so all that concern for viruses and malware is a thing of the past. You don't see AVG or SEP in the notification tray? That's normal. Your machine will not be at risk without them. But it's still important to make sure users know that their colleagues may still be using Windows, so they shouldn't  be cavalier about forwarding email attachments to them. Just because those attachment won't harm the Linux box doesn't mean they won't harm the Windows box.
7: It's free
I'm always shocked at how much trouble users have understanding the concept of open source and the fact that most open source software has no cost attached. "Well then it must not be any good!," is most often the reaction. Not so. Of course, a consumerist society would have trouble with the idea that "free can be good," but it's one we should get used to. In many cases, open source software is not only better for society, it's better for your computer.
8: If you don't like it, you can change it
This is another strange concept for new users, but one they should understand. Unlike Windows and Mac, if you don't like a Linux desktop, you can change it. Granted, this isn't something a new user is going to just automatically do. But knowing that it is a possibility helps new users understand just how much flexibility they have. Besides, working with a desktop you don't like can make for a frustrating experience. I prefer to demonstrate for new users the types of desktops available for them and let them choose. Most times, they will go with what they're somewhat familiar with (KDE being a good choice for most), but on occasion a new user will go with something completely different just for the experience.
9: Not all hardware is created equal
That's right -- not every piece of shiny new hardware will actually function properly with the Linux operating system. This is not nearly the issue it once was, but for some pieces of hardware (such as multi-function printers, some wireless cards, and laptop displays,) the problems still persist. For those pieces of hardware, it is sometimes as simple as downloading proprietary drivers (something new users won't mind, but you will want to take care of). Other times, it may be as involved as switching to a different distribution all together. The good news is that Linux has come a long, long way in this area and continues to expand and improve.
10: Google is your friend
The single most important thing you can do for yourself and your new users is to ensure that they understand just how helpful Google can be. When there is a problem or an aspect of Linux they don't understand, they should know that someone else has probably documented this issue, and helpful info is just a search away. Show new users how to make the most out of a Google search so they are not inundated with worthless results. In the end, they might come to you with fewer request, and even more important -- they'll be learning along the way.
Easing the transition
People fear change. And it's become clear that the more things do change, the more people react. (Just watch Facebook long enough and you'll see this in action.) But change doesn't have to be avoided or handled improperly. With just a little preparation on your part, the new Linux user will have a positive experience and will most likely not look back.
A writer for more than 12 years, Jack's primary focus is on the Linux operating system and its effects on the open source and non-open source communities.