it was with us for a year or so, now with all this virtualization fashion it’s time to become a virtual machine, good bye server, you were a great one !
hurt:~# halt
The system is going down for system halt NOW!et (pts/0) (Sat Dec 27 14:01:57
hurt:~# logout
bencer@hurt:~$ Connection to 91.121.73.19 closed by remote host.
Connection to 91.121.73.19 closed.
It’s a long time since I wanted to run something on the SUN SparcStations I got for Púlsar (unofficial site). Debian is not longer supported on sparc32 due to kernel upstream lack of interest. BSD was the choice then. After a few tries with OpenBSD, we were not able to network boot (diskless setup) the boxes so this morning I gave a try with NetBSD which gave a more verbose output on the start up boot. I’ll try to document all the steps to reproduce and maintain this on the wiki.
spark# uname -a
NetBSD spark 4.0.1 NetBSD 4.0.1 (GENERIC) #0: Wed Oct 8 01:06:02 PDT 2008 builds@wb28:/home/builds/ab/netbsd-4-0-1-RELEASE/sparc/200810080053Z-obj/home/builds/ab/netbsd-4-0-1-RELEASE/src/sys/arch/sparc/compile/GENERIC sparc
It’s some weeks since it’s working, it doesn’t bring too many advantages for me, but it rocks:
bencer@amnesiac:~$ traceroute6 sixxs.net
traceroute to sixxs.net (2001:838:1:1:210:dcff:fe20:7c7c), 30 hops max, 40 byte packets
1 2001:b18:XXX:XXX:XXX (2001:b18:XXX:XXX:XXX) 7.144 ms 7.878 ms 9.067 ms
2 gw-XX.lis-XX.pt.sixxs.net (2001:b18:2000:XXX:XXX:XXX) 130.502 ms 132.025 ms 136.774 ms
3 2001:b18:0:1000::1 (2001:b18:0:1000::1) 139.429 ms 142.619 ms 145.777 ms
4 2001:5a0:1500::1 (2001:5a0:1500::1) 148.324 ms * *
5 2001:5a0:2000:200::1 (2001:5a0:2000:200::1) 184.778 ms * *
6 2001:5a0:2b00::1 (2001:5a0:2b00::1) 237.050 ms 154.980 ms 109.159 ms
7 2001:5a0:2b00::6 (2001:5a0:2b00::6) 115.521 ms * *
8 if-6-0.core1.ad1-amsterdam.ipv6.teleglobe.net (2001:5a0:1300::2) 135.460 ms 135.927 ms 141.817 ms
9 2001:5a0:200::5 (2001:5a0:200::5) 142.443 ms 145.060 ms 147.657 ms
10 2001:7f8:1::a500:3257:1 (2001:7f8:1::a500:3257:1) 156.844 ms 144.081 ms 147.390 ms
11 ge6-2-0.br0.ams3.nl.gbxs.net (2001:7f8:1::a500:9009:1) 150.832 ms 154.401 ms 158.136 ms
12 ams-ix2.ipv6.concepts.nl (2001:7f8:1::a501:2871:2) 178.450 ms 181.350 ms 194.674 ms
13 2001:838:0:13::1 (2001:838:0:13::1) 195.892 ms 219.280 ms 228.867 ms
14 2001:838:0:12::2 (2001:838:0:12::2) 234.728 ms 273.361 ms 276.879 ms
15 noc.sixxs.net (2001:838:1:1:210:dcff:fe20:7c7c) 283.812 ms 291.269 ms 159.547 ms
I wish my tunnel broker supported ipv6 multicast … but anyway, thanks SixXS.
$ ls file-that-does-not-exist 2>&1 >/dev/null
ls: file-that-does-not-exist: No such file or directory
$ ls file-that-does-not-exist >/dev/null 2>&1
$
If you want both stderr and stdout to go to /dev/null then “>/dev/null 2>&1″, but if you want stdout to go to /dev/null and stderr to go to whereever stdout used to go to, then “2>&1 >/dev/null”.
This morning I’ve replaced an old Red Hat 5.2 with eBox-Platform. You may find usefull those scripts:
Many thanks guys@warp :=)
The last 24H have been a nightmare for cauterized.net. Yesterday the machine got frozen, too many process running and a huge HTTP traffic. What we thought it was some kind of DoS after a closer look just were the eBox-Platform users downloading lastest iso images from mirrors.cauterized.net.
The system logs where not reporting anything related to the hangs and due to these busy days (exams) wasn’t until this morning when I discovered that some files of the IMEMC site where corrupted and just a stat() on them made the server freeze.
We have repaired the disk issues and the whole server is online again after a couple of hours offline this morning.
Llévate tu datacenter allá donde vayas, Blackbox Project, de Sun.
This morning I was uploading by scp Macaco - Ingravitto for soraya and all my http, ssh and im connections felt down, very annoying. It was time to setup quality of service at my home server.
It has been a very easy task and with a few lines in your firewall script you can get aceptable results:
# qos
# add new htb handler on eth0, default for traffic is 20
tc qdisc add dev eth0 root handle 1: htb default 20
# root class
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit ceil 100mbit
# ethernet class 1:10
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 99mbit ceil 100mbit
# internet. be carefull, this is the upload queue!
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 60kbps ceil 60kbps
# we use this class for the bulk traffic
tc class add dev eth0 parent 1:11 classid 1:20 htb rate 20kbps ceil 60kbps
# high priority internet traffic
tc class add dev eth0 parent 1:11 classid 1:21 htb rate 40kbps ceil 60kbps
# mldonkey's class
tc class add dev eth0 parent 1:11 classid 1:22 htb rate 20kbps ceil 40kbps
## sfq for beneath these classes
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth0 parent 1:21 handle 21: sfq perturb 10
tc qdisc add dev eth0 parent 1:22 handle 22: sfq perturb 10
# high priority (small packets), used for ACKs
iptables -A POSTROUTING -t mangle -o eth0 -p tcp -m length --length :64 -j MARK --set-mark 21
# ssh, imaps, https and im traffic
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 22 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 46814 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 46822 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 993 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 443 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 1863 -j MARK --set-mark 21
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --dport 5190 -j MARK --set-mark 21
# mldonkey
#iptables -A OUTPUT -t mangle -o eth0 -m owner --uid-owner 1000 -j MARK --set-mark 22
# at the end, mark all traffic that is for the local LAN to be put into 10
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --sport 2728 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p udp --sport 2728 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --sport 4662 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p udp --sport 4666 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --sport 6881 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --sport 6882 -j MARK --set-mark 22
iptables -A POSTROUTING -t mangle -o eth0 -p tcp --sport 6998 -j MARK --set-mark 22
# flow handling (after marking)
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
These lines define 3 classes for internet upload: bulk traffic (http and so on), high priority (ssh, https, imaps and im) and p2p from mldonkey. HTB for each one (defines a max bandwith usage and how much can borrow from other classes) and SFQ inside in order to give the same oportunity to every connection in the class.
With this little script you can see a top-like view of class usage:
16:11:05 up 19 days, 4:09, 2 users, load average: 0.00, 0.00, 0.00
Interval Cumulated Total
Dev Classid Tokens Ctokens Rate Speed Send Send
-------------------------------------------------------------------------
eth0 1:1 3983 3983 269.40KB 33.12KB/s 17.35MB 340.34MB
eth0 1:10 4228 4227 0B 0B/s 0B 0B
eth0 1:11 -33312 -33312 269.82KB 33.12KB/s 17.35MB 340.34MB
eth0 1:20 82740 30310 4.25KB 140B/s 346.53KB 6.88MB
eth0 1:21 43418 30310 1000B 45B/s 132.36KB 89.18MB
eth0 1:22 -13924 -66144 264.56KB 30.04KB/s 16.88MB 244.29
Thinking about switching to RSAC and not SELinux I’ve found this Access Control Comparison Table.
I has been a long time since I wanted to try xen, the free virtualization system for Linux. A few days ago it was published on howtoforge an step by step tutorial. Just a line and you have a clean system to play and destroy :D