UNIX / Linux: 10 Netstat Command Examples

Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc.,
In this article, let us review 10 practical unix netstat command examples.

1. List All Ports (both listening and non listening ports)

List all ports using netstat -a

# netstat -a | more
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
udp        0      0 *:bootpc                *:*                                

Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     6135     /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     5140     /var/run/acpid.socket

List all tcp ports using netstat -at

# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN

List all udp ports using netstat -au

# netstat -au
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 *:bootpc                *:*
udp        0      0 *:49119                 *:*
udp        0      0 *:mdns                  *:*

2. List Sockets which are in Listening State

List only listening ports using netstat -l

# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:ipp           *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN
udp        0      0 *:49119                 *:*

List only listening TCP Ports using netstat -lt

# netstat -lt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:30037         *:*                     LISTEN
tcp        0      0 *:smtp                  *:*                     LISTEN
tcp6       0      0 localhost:ipp           [::]:*                  LISTEN

List only listening UDP Ports using netstat -lu

# netstat -lu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
udp        0      0 *:49119                 *:*
udp        0      0 *:mdns                  *:*

List only the listening UNIX Ports using netstat -lx

# netstat -lx
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     6294     private/maildrop
unix  2      [ ACC ]     STREAM     LISTENING     6203     public/cleanup
unix  2      [ ACC ]     STREAM     LISTENING     6302     private/ifmail
unix  2      [ ACC ]     STREAM     LISTENING     6306     private/bsmtp

3. Show the statistics for each protocol

Show statistics for all ports using netstat -s

# netstat -s
Ip:
    11150 total packets received
    1 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    11149 incoming packets delivered
    11635 requests sent out
Icmp:
    0 ICMP messages received
    0 input ICMP message failed.
Tcp:
    582 active connections openings
    2 failed connection attempts
    25 connection resets received
Udp:
    1183 packets received
    4 packets to unknown port received.
.....

Show statistics for TCP (or) UDP ports using netstat -st (or) -su

# netstat -st

# netstat -su

4. Display PID and program names in netstat output using netstat -p

netstat -p option can be combined with any other netstat option. This will add the “PID/Program Name” to the netstat output. This is very useful while debugging to identify which program is running on a particular port.

# netstat -pt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        1      0 ramesh-laptop.loc:47212 192.168.185.75:www        CLOSE_WAIT  2109/firefox
tcp        0      0 ramesh-laptop.loc:52750 lax:www ESTABLISHED 2109/firefox

5. Don’t resolve host, port and user name in netstat output

When you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name.
This also speeds up the output, as netstat is not performing any look-up.

# netstat -an

If you don’t want only any one of those three items ( ports, or hosts, or users ) to be resolved, use following commands.

# netsat -a --numeric-ports

# netsat -a --numeric-hosts

# netsat -a --numeric-users

6. Print netstat information continuously

netstat will print information continuously every few seconds.

# netstat -c
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 ramesh-laptop.loc:36130 101-101-181-225.ama:www ESTABLISHED
tcp        1      1 ramesh-laptop.loc:52564 101.11.169.230:www      CLOSING
tcp        0      0 ramesh-laptop.loc:43758 server-101-101-43-2:www ESTABLISHED
tcp        1      1 ramesh-laptop.loc:42367 101.101.34.101:www      CLOSING
^C

7. Find the non supportive Address families in your system

netstat --verbose

At the end, you will have something like this.

netstat: no support for `AF IPX' on this system.
 netstat: no support for `AF AX25' on this system.
 netstat: no support for `AF X25' on this system.
 netstat: no support for `AF NETROM' on this system.

8. Display the kernel routing information using netstat -r

# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     *               255.255.255.0   U         0 0          0 eth2
link-local      *               255.255.0.0     U         0 0          0 eth2
default         192.168.1.1     0.0.0.0         UG        0 0          0 eth2

Note: Use netstat -rn to display routes in numeric format without resolving for host-names.

9. Find out on which port a program is running

# netstat -ap | grep ssh
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        1      0 dev-db:ssh           101.174.100.22:39213        CLOSE_WAIT  -
tcp        1      0 dev-db:ssh           101.174.100.22:57643        CLOSE_WAIT  -

Find out which process is using a particular port:

# netstat -an | grep ':80'

10. Show the list of network interfaces

# netstat -i
Kernel Interface table
Iface   MTU Met   RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500 0         0      0      0 0             0      0      0      0 BMU
eth2       1500 0     26196      0      0 0         26883      6      0      0 BMRU
lo        16436 0         4      0      0 0             4      0      0      0 LRU

Display extended information on the interfaces (similar to ifconfig) using netstat -ie:

# netstat -ie
Kernel Interface table
eth0      Link encap:Ethernet  HWaddr 00:10:40:11:11:11
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Memory:f6ae0000-f6b00000

How to update Gateway, network settings on RHEL

Changing Your IP Address

If you wanted, you could give this eth0 interface an IP address using the ifconfig command.

[root@bigboy tmp]# ifconfig eth0 10.0.0.1 netmask 255.255.255.0 up

The "up" at the end of the command activates the interface. To make this permanent each time you boot up you'll have to add this command in your /etc/rc.local file which is run at the end of every reboot.

How to View Your Current Routing Table 

[root@bigboy tmp]# netstat -nr

Kernel IP routing table
Destination     Gateway     Genmask         Flags MSS Window irtt Iface
255.255.255.255 0.0.0.0     255.255.255.255 UH    40  0      0    wlan0
192.168.1.0     0.0.0.0     255.255.255.0   U     40  0      0    wlan0
127.0.0.0       0.0.0.0     255.0.0.0       U     40  0      0    lo
0.0.0.0         192.168.1.1 0.0.0.0         UG    40  0      0    wlan0

How to Configure Two Gateways

Some networks may have multiple router/firewalls providing connectivity. Here's a typical scenario:

• You have one router providing access to the Internet that you'd like to have as your default gateway (see the default gateway example earlier)

• You also have another router providing access to your corporate network using addresses in the range 10.0.0.0 to 10.255.255.255. Let's assume that this router has an IP address of 192.168.1.254

The Linux box used in this example uses interface wlan0 for its Internet connectivity. You might be most likely using interface eth0, please adjust your steps accordingly.
There are a number of ways to add this new route.

Adding Temporary Static Routes

The route add command can be used to add new routes to your server that will last till the next reboot. It has the advantage of being univeral to all versions of Linux and is well documented in the man pages. In our example the reference to the 10.0.0.0 network has to be preceded with a -net switch and the subnet mask and gateway values also have to be preceded by the netmask and gw switches respectively.
[root@bigboy tmp]# route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 wlan0 If you wanted to add a route to an individual server, then the "-host" switch would be used with no netmask value. (The route command automatically knows the mask should be 255.255.255.255). Here is an example for a route to host 10.0.0.1.
[root@bigboy tmp]# route add -host 10.0.0.1 gw 192.168.1.254 wlan0 A universal way of making this change persistent after a reboot would be to place this route add command in the file /etc/rc.d/rc.local, which is always run at the end of the booting process.

Adding Permanent Static Routes

In Fedora Linux, permanent static routes are added on a per interface basis in files located in the /etc/sysconfig/network-scripts directory. The filename format is route-interface-name so the filename for interface wlan0 would be route-wlan0.
The format of the file is quite intuitive with the target network coming in the first column followed by the word via and then the gateway's IP address. In our routing example, to set up a route to network 10.0.0.0 with a subnet mask of 255.0.0.0 (a mask with the first 8 bits set to 1) via the 192.168.1.254 gateway, we would have to configure file /etc/sysconfig/network-scripts/route-wlan0 to look like this:
# # File /etc/sysconfig/network-scripts/route-wlan0 # 10.0.0.0/8 via 192.168.1.254 Note: The /etc/sysconfig/network-scripts/route-* filename is very important. Adding the wrong interface extension at the end will result in the routes not being added after the next reboot. There will also be no reported errors on the screen or any of the log files in the /var/log/ directory.
You can test the new file by running the /etc/sysconfig/network-scripts/ifup-routes command with the interface name as the sole argument. In the next example we check the routing table to see no routes to the 10.0.0.0 network and execute the ifup-routes command, which then adds the route:

[root@bigboy tmp]# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 [root@bigboy tmp]# ./ifup-routes wlan0 [root@bigboy tmp]# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0 10.0.0.0 192.168.1.254 255.0.0.0 UG 0 0 0 wlan0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 [root@bigboy tmp]# Note: In Debian based systems, permanent static routes are configured using the /etc/network/interfaces file. See the section "Debian / Ubuntu Network Configuration" later in this chapter for more details.

How to Delete a Route

Here's how to delete the routes added in the previous section.
[root@bigboy tmp]# route del -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 wlan0 The file /etc/sysconfig/network-scripts/route-wlan0 will also have to be updated so that when you reboot the server will not reinsert the route. Delete the line that reads:
10.0.0.0/8 via 192.168.1.254

Changing NIC Speed and Duplex

There is no better Linux investment than the purchase of a fully Linux compatible NIC card. Most Linux vendors will have a list of compatible hardware on their Web sites: read this carefully before you start hooking up you machine to the network. If you can't find any of the desired models in your local computer store, then a model in the same family or series should be sufficient. Most cards will work, but only the fully compatible ones will provide you with error-free, consistent throughput.
Linux defaults to automatically negotiating the speed and duplex of it's NIC automatically with that of the switch to which it is attached. Configuring a switch port to auto-negotiate the speed and duplex often isn't sufficient because there are frequently differences in the implementation of the protocol standard.
Typically, NICs with failed negotiation will work, but this is usually accompanied by many collision type errors being seen on the NIC when using the ifconfig -a command and only marginal performance. Don't limit your troubleshooting of these types of errors to just failed negotiation; the problem could also be due to a bad NIC card, switch port, or cabling.

Using mii-tool

One of the original Linux tools for setting the speed and duplex of your NIC card was the mii-tool command. It is destined to be deprecated and replaced by the newer ethtool command, but many older NICs support only mii-tool so you'll need to be aware of it. Issuing the command without any arguments gives a brief status report, as seen in the next example, with unsupported NICs providing an Operation not supported message. NICs that are not compatible with mii-tool often will still work, but you have to refer to the manufacturer's guides to set the speed and duplex to anything but auto-negotiate.
[root@bigboy tmp]# mii-tool SIOCGMIIPHY on 'eth0' failed: Operation not supported eth1: 100 Mbit, half duplex, link ok [root@bigboy tmp]# By using the verbose mode -v switch you can get much more information. In this case, negotiation was OK, with the NIC selecting 100Mbps, full duplex mode (FD):
[root@bigboy tmp]# mii-tool -v eth1: negotiated 100baseTx-FD, link ok product info: vendor 00:10:18, model 33 rev 2 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control [root@bigboy tmp]#

Setting Your NIC's Speed Parameters with mii-tool

You can set your NIC to force itself to a particular speed and duplex by using the -F switch with any of the following options: 100baseTx-FD, 100baseTx-HD, 10baseT-FD, or 10baseT-HD. Remember that you could lose all network connectivity to your server if you force your NIC to a particular speed/duplex that doesn't match that of your switch:
[root@bigboy tmp]# mii-tool -F 100baseTx-FD eth0 Unfortunately there is no way to set this on reboot permanently except by placing it the command in the /etc/rc.local file to let it be run at the very end of the booting process or by creating your own startup script if you need it set earlier. Creating your own startup scripts is covered in Chapter 7, "The Linux Boot Process".

Using ethtool

The ethtool command is slated to be the replacement for mii-tool in the near future and tends to be supported by newer NIC cards.
The command provides the status of the interface you provide as its argument. Here we see interface eth0 not doing autonegotiation and set to a speed of 100 Mbps, full duplex. A list of supported modes is also provided at the top of the output.
[root@bigboy tmp]# ethtool eth0 Settings for eth0: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised auto-negotiation: No Speed: 100Mb/s Duplex: Full Port: MII PHYAD: 1 Transceiver: internal Auto-negotiation: off Supports Wake-on: g Wake-on: g Current message level: 0x00000007 (7) Link detected: yes [root@bigboy tmp]#

Setting Your NIC's Speed Parameters with ethtool

Unlike mii-tool, ethtool settings can be permanently set as part of the interface's configuration script with the ETHTOOL_OPTS variable. In our next example, the settings will be set to 100 Mbps, full duplex with no chance for auto-negotiation on the next reboot:


# # File: /etc/sysconfig/network-scripts/ifcfg-eth0 # DEVICE=eth0 IPADDR=192.168.1.100 NETMASK=255.255.255.0 BOOTPROTO=static ONBOOT=yes ETHTOOL_OPTS="speed 100 duplex full autoneg off" You can test the application of these parameters by shutting down the interface and activating it again with the ifup and ifdown commands. These settings can also be changed from the command line using the -s switch followed by the interface name and its desired configuration parameters.
[root@bigboy tmp]# ethtool -s eth1 speed 100 duplex full autoneg off [root@bigboy tmp]# The Linux man pages give more details on other ethtool options, but you can get a quick guide by just entering the ethtool command alone, which provides a quicker summary.
[root@bigboy tmp]# ethtool ... ... ethtool -s DEVNAME \ [ speed 10|100|1000 ] \ [ duplex half|full ] \ [ port tp|aui|bnc|mii|fibre ] \ ... ... [root@bigboy tmp]#

A Note About Duplex Settings

By default, Linux NICs negotiate their speed and duplex settings with the switch. This is done by exchanging electronic signals called Fast Link Pulses (FLP). When the speed and duplex are forced to a particular setting the FLPs are not sent. When a NIC is in auto-negotiation mode and detects a healthy, viable link but receives no FLPs, it errs on the side of caution and sets its duplex to half-duplex and sometimes it will also set its speed to the lowest configurable value. It is therefore possible to force a switch port to 100 Mbps full duplex, but have the auto-negotiating server NIC set itself to 100Mbps half-duplex which will result in errors. The same is true for the switch if the switch port is set to auto-negotiate and server NIC is set to 100 Mbps full duplex. It is best to either force both the switch port and server NIC to either auto-negotiate or the same forced speed and duplex values.

How to Convert Your Linux Server into a Simple Router

Router/firewall appliances that provide basic Internet connectivity for a small office or home network are becoming more affordable every day, but when budgets are tight you might seriously want to consider modifying an existing Linux server to do the job.
Details on how to configure Linux firewall security are covered in Chapter 14, "Linux Firewalls Using iptables", but you need to understand how to activate routing through the firewall before it can become a functioning networking device.

Configuring IP Forwarding

For your Linux server to become a router, you have to enable packet forwarding. In simple terms packet forwarding enables packets to flow through the Linux box from one network to another. The Linux kernel configuration parameter to activate this is named net.ipv4.ip_forward and can be found in the file /etc/sysctl.conf. Remove the "#" from the line related to packet forwarding.
Before: # Disables packet forwarding net.ipv4.ip_forward=0 After: # Enables packet forwarding net.ipv4.ip_forward=1 This enables packet forwarding only when you reboot at which time Linux will create a file in one of the subdirectories of the special RAM memory-based /proc filesystem. To activate the feature immediately you have to force Linux to read the /etc/sysctl.conf file with the sysctl command using the -p switch. Here is how it's done:
[root@bigboy tmp] sysctl -p sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 kernel.sysrq = 0 kernel.core_uses_pid = 1 [root@bigboy tmp]#

Configuring Proxy ARP

If a server needs to send a packet to another device on the same network, it sends out an ARP request to the network asking for the MAC address of the other device.
If the same server needs to send a packet to another device on a remote network the process is different. The server first takes a look at its routing table to find out the IP address of the best router on its network that will be able to relay the packet to the destination. The server then sends an ARP request for the MAC address that matches the router's IP address. It then sends the packet to the router using the router's MAC address and a destination IP address of the remote server.
If there is no suitable router on its network, the server will then send out an ARP request for the MAC address of the remote server. Some routers can be configured to answer these types of ARP requests for remote networks. This feature is called proxy ARP. There are some disadvantages with this. One of the most common problems occurs if two routers are on the network configured for proxy ARP. In this scenario there is the possibility that either one will answer the local server's ARP request for the MAC address of the remote server. If one of the routers has an incorrect routing table entry for the remote network, then there is the risk that traffic to the remote server will occasionally get lost. In other words you can lose routing control.
Note: It is for this and other reasons that it is generally not a good idea to configure proxy ARP on a router. It is also good to always configure a default gateway on your server and use separate routing entries via other routers for all networks your default gateway may not know about.
Some types of bridging mode firewalls need to have proxy ARP enabled to operate properly. These devices are typically inserted as part of a daisy chain connecting multiple network switches together on the same LAN while protecting one section of a LAN from traffic originating on another section. The firewall typically isn't configured with an IP address on the LAN and appears to be an intelligent cable capable of selectively blocking packets.
If you need to enable proxy ARP on a Linux server the /proc filesystem comes into play again. Proxy ARP is handled by files in the /proc/sys/net/ipv4/conf/ directory. This directory then has subdirectories corresponding to each functioning NIC card on your server. Each subdirectory then has a file called proxy_arp. If the value within this file is 0, then proxy ARP on the interface is disabled; if the value is 1 then it is enabled.
You can use the /etc/sysctl.conf file mentioned in " Appendix I, Miscellaneous Linux Topics" to activate or disable proxy ARP. The next example activates proxy ARP, first for all interfaces and then for interfaces eth0 and wlan0.
# # File: /etc/sysctl.conf # # Enables Proxy ARP on all interfaces net/ipv4/conf/all/proxy_arp = 1 # Enables Proxy ARP on interfaces eth1 and wlan0 net/ipv4/conf/eth1/proxy_arp = 1 net/ipv4/conf/wlan0/proxy_arp = 1 You can then activate these settings with the sysctl command.
[root@bigboy tmp] sysctl -p

Configuring Your /etc/hosts File

The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically check this file before referencing DNS. If the name is found with a corresponding IP address then DNS won't be queried at all. Unfortunately, if the IP address for that host changes, you also have to also update the file. This may not be much of a concern for a single server, but can become laborious if it has to be done companywide. For ease of management, it is often easiest to limit entries in this file to just the loopback interface and also the server's own hostname, and use a centralized DNS server to handle most of the rest. Sometimes you might not be the one managing the DNS server, and in such cases it may be easier to add a quick /etc/hosts file entry till the centralized change can be made.
192.168.1.101 smallfry In the example above server smallfry has an IP address of 192.168.1.101. You can access 192.168.1.101 using the ping, telnet or any other network aware program by referring to it as smallfry. Here is an example using the ping command to see whether smallfry is alive and well on the network:
[root@bigboy tmp]# ping smallfry PING zero (192.168.1.101) 56(84) bytes of data. 64 bytes from smallfry (192.168.1.101): icmp_seq=0 ttl=64 time=0.197 ms 64 bytes from smallfry (192.168.1.101): icmp_seq=1 ttl=64 time=0.047 ms --- smallfry ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 2017ms rtt min/avg/max/mdev = 0.034/0.092/0.197/0.074 ms, pipe 2 [root@bigboy tmp]# You can also add aliases to the end of the line which enable you to refer to the server using other names. Here we have set it up so that smallfry can also be accessed using the names tiny and littleguy.
192.168.1.101 smallfry tiny littleguy You should never have an IP address more than once in this file because Linux will use only the values in the first entry it finds.
192.168.1.101 smallfry # (Wrong) 192.168.1.101 tiny # (Wrong) 192.168.1.101 littleguy # (Wrong)

The loopback Interface's localhost Entry

Usually the first entry in /etc/hosts defines the IP address of the server's virtual loopback interface. This is usually mapped to the name localhost.localdomain (the universal name used when a server refers to itself) and localhost (the shortened alias name). By default, Fedora inserts the hostname of the server between the 127.0.0.1 and the localhost entries like this:
127.0.0.1 bigboy localhost.localdomain localhost When the server is connected to the Internet this first entry after the 127.0.0.1 needs to be the fully qualified domain name (FQDN) of the server. For example, bigboy.mysite.com, like this:
127.0.0.1 bigboy.my-site.com localhost.localdomain localhost Some programs such as Sendmail are very sensitive to this and if they detect what they feel is an incorrect FQDN they will default to using the name localhost.localdomain when communicating with another server on the network. This can cause confusion, as the other server also feels it is localhost.localdomain.
Note: You must always have a localhost and localhost.localdomain entry mapping to 127.0.0.1 for Linux to work properly and securely.

Creating Interface Aliases

IP aliases can be easily created in the /etc/network/interfaces file once the main interface has already been defined. A modified duplicate of the main interfaces' iface stanza is required. A colon followed by the sub interface number needs to be added to the first line, and only the subnet mask and the new IP address needs to follow as can be seen in this example for interface eth1:1 with the IP address 216.10.119.239.
auto eth1:1 iface eth1:1 inet static address 216.10.119.239 netmask 255.255.255.224

Adding Permanent Static Routes

The up option in the appropriate iface stanza of the /etc/network/interfaces file allows you to selectively run commands once the specified interface becomes activated with the ifup command. This makes it useful when adding permanent static routes.
In this example, a route to the 10.0.0.0/8 network via router address 216.10.119.225 has been added. Remember, the up option and the command must reside on the same line of the stanza.
# The primary network interface auto eth1 iface eth1 inet static ... ... ... up route add -net 10.0.0.0 netmask 255.0.0.0 gw 216.10.119.225 eth1

A complete /etc/network/interfaces file

We can now construct a complete file based on the previous examples we discussed. Just like in Fedora, interfaces can be activated with the ifup and ifdown commands.
# # Debian / Ubuntu # # # File: /etc/network/interfaces # # The loopback network interface auto lo iface lo inet loopback # This is a list of hotpluggable network interfaces. # They will be activated automatically by the hotplug subsystem. mapping hotplug script grep map eth0 eth0 map eth1 eth1 # The primary network interface auto eth1 iface eth1 inet static address 216.10.119.240 netmask 255.255.255.224 network 216.10.119.224 broadcast 216.10.119.255 gateway 216.10.119.241 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 216.10.119.241 wireless-key 98d126d5ac wireless-essid schaaffe up route add -net 10.0.0.0 netmask 255.0.0.0 gw 216.10.119.225 eth1 auto eth1:1 iface eth1:1 inet static address 216.10.119.239 netmask 255.255.255.224 # The secondary network interface auto eth0 iface eth0 inet dhcp For more information on the /etc/network/interfaces file just issue the command man interfaces from the command line.

Howto install GlusterFS on Centos/RHEL

1. Introduction
GlusterFS is a clustered file­system capable of scaling to several peta­bytes. It aggregates various storage
bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. Storage
bricks can be made of any commodity hardware such as x86­64 server with SATA­II RAID and
Infiniband HBA.
2. Installation
First you need to install some software :
yum install make gcc gcc-c++
yum install flex bison byacc
We need to do a dirty trick to get the package fuse­sshfs :
vi /etc/yum.repos.d/CentOS-Base.repo
and add this at the end of the file :
[extras_fedora]
name=Fedora Core 6 Extras
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=extras-6&arch=$basea
rch
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-extras
gpgcheck=0
Next do :
yum install fuse-sshfs --enablerepo=extras_fedora
Now we will install GlusterFS :
Get the same exact version, otherwise there is good chances it wont work. I tried with 2.0.0rc1 and 1.3.12
and there was some issues.
cd /root/
wget http://ftp.gluster.com/pub/gluster/glusterfs/2.0/LATEST/glusterfs-
2.0.0rc2.tar.gz
tar -zxvf glusterfs-2.0.0rc2.tar.gz
cd /root/glusterfs-2.0.0rc2/
Take a minute break and compile :
./configure
make && make install
For some reasons, libraries are going in the wrong directory so we need to (if someone has a clean fix to
this please post it!) :
cp /usr/local/lib/* -R /usr/lib/
Now we create some folders that will be used later on :
mkdir    /mnt/glusterfs
mkdir    /data/
mkdir    /data/export
mkdir    /data/export-ns
mkdir    /etc/glusterfs/
The fun begins on the next page :)
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
3. Servers configuration
Before you go further, you need to know that GlusterFS works in a client/server way. What we will do is
to make our servers both client and server for GlusterFS.
Lets start with the server configuration file ON ALL SERVERS:
vi /etc/glusterfs/glusterfs-server.vol
and make it look like this :
# file: /etc/glusterfs/glusterfs-server.vol

volume posix
  type storage/posix
  option directory /data/export
end-volume

volume locks
  type features/locks
  subvolumes posix
end-volume

volume brick
  type performance/io-threads
  option thread-count 8
  subvolumes locks
end-volume

volume posix-ns
  type storage/posix
  option directory /data/export-ns
end-volume

volume locks-ns
  type features/locks
  subvolumes posix-ns
end-volume

volume brick-ns
  type performance/io-threads
  option thread-count 8
  subvolumes locks-ns
end-volume

volume server
  type protocol/server
  option transport-type tcp
  option auth.addr.brick.allow *
  option auth.addr.brick-ns.allow *
  subvolumes brick brick-ns
end-volume
Now do :
glusterfsd -f /etc/glusterfs/glusterfs-server.vol
to start the server daemon.
­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­­
4. Clients configuration
In these example files, I will use the following hosts :
server1 : 192.168.0.1
server2 : 192.168.0.2
server3 : 192.168.0.3
server4 : 192.168.0.4
[...]
Now we edit the client configuration file ON ALL SERVERS (because servers are client as well in this
howto):
vi /etc/glusterfs/glusterfs-client.vol
2 servers configuration
### Add client feature and attach to remote subvolume of server1
volume brick1
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.1                      # IP address of the remote brick
 option remote-subvolume brick                           # name of the remote volume
end-volume

### Add client feature and attach to remote subvolume of server2
volume brick2
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.2                         # IP address of the remote brick
 option remote-subvolume brick                           # name of the remote volume
end-volume

### The file index on server1
volume brick1-ns
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.1    # IP address of the remote brick
 option remote-subvolume brick-ns        # name of the remote volume
end-volume

### The file index on server2
volume brick2-ns
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.2      # IP address of the remote brick
 option remote-subvolume brick-ns        # name of the remote volume
end-volume

#The replicated volume with data
volume afr1
 type cluster/afr
 subvolumes brick1 brick2
end-volume

#The replicated volume with indexes
volume afr-ns
 type cluster/afr
 subvolumes brick1-ns brick2-ns
end-volume

#The unification of all afr volumes (used for > 2 servers)
volume unify
  type cluster/unify
  option scheduler rr # round robin
  option namespace afr-ns
  subvolumes afr1
end-volume
4 servers configuration
### Add client feature and attach to remote subvolume of server1
volume brick1
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.1    # IP address of the remote brick
 option remote-subvolume brick        # name of the remote volume
end-volume

### Add client feature and attach to remote subvolume of server2
volume brick2
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.2      # IP address of the remote brick
 option remote-subvolume brick        # name of the remote volume
end-volume

### Add client feature and attach to remote subvolume of server3
volume brick3
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.3                 # IP address of the remote brick
 option remote-subvolume brick                   # name of the remote volume
end-volume

### Add client feature and attach to            remote subvolume of server4
volume brick4
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.4                 # IP address of the remote brick
 option remote-subvolume brick                   # name of the remote volume
end-volume

### Add client feature and attach to            remote subvolume of server1
volume brick1-ns
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.1              #  IP address of the remote brick
 option remote-subvolume brick-ns                   # name of the remote volume
end-volume

### Add client feature and attach to            remote subvolume of server2
volume brick2-ns
 type protocol/client
 option transport-type tcp/client
 option remote-host 192.168.0.2                 # IP address of the remote brick
 option remote-subvolume brick-ns                   # name of the remote volume
end-volume

volume afr1
 type cluster/afr
 subvolumes brick1 brick4
end-volume

volume afr2
 type cluster/afr
 subvolumes brick2 brick3
end-volume

volume afr-ns
 type cluster/afr
 subvolumes brick1-ns brick2-ns
end-volume

volume unify
  type cluster/unify
  option scheduler rr # round robin
  option namespace afr-ns
  subvolumes afr1 afr2
end-volume
So on and so forth... For configuration over 4 servers, simply add brick volumes 2 by two, replicate them
and dont forget to put them in the "unify" volume.
Now mount the GlusterFS on all servers in the cluster :
glusterfs -f /etc/glusterfs/glusterfs-client.vol /mnt/glusterfs
------------------------------------------------------------------------------------
---
5. Testing
Once you mounted the GlusterFS to /mnt/glusterfs you can start copying files and see what is happening.
Below are my tests on 4 servers. Everything works as it should, files in /data/export only show in 2 out of
4 server and everything is there under /mnt/glusterfs and /data/export­ns :
server 1 (ls    -la /data/export)
-rwxrwxrwx 1    marc marc 215663 2007-09-14         14:14   6-instructions2.pdf
-rwxrwxrwx 1    marc marc       2256 2008-12-18     11:54   budget.ods
-rwxr--r-- 1    marc marc 21281 2009-02-18          16:45   cv_nouveau.docx
-rwxrwxrwx 1    marc marc 13308 2009-01-26          10:49   cv.pdf
-rwxrwxrwx 1    marc marc 196375 2008-04-02         18:48   odometre.pdf
-rwxrwxrwx 1    marc marc       5632 2008-05-23     19:42   Thumbs.db

server 4 (ls    -la /data/export)
-rwxrwxrwx 1    marc marc 215663 2007-09-14         14:14   6-instructions2.pdf
-rwxrwxrwx 1    marc marc       2256 2008-12-18     11:54   budget.ods
-rwxr--r-- 1    marc marc 21281 2009-02-18          16:45   cv_nouveau.docx
-rwxrwxrwx 1    marc marc 13308 2009-01-26          10:49   cv.pdf
-rwxrwxrwx 1    marc marc 196375 2008-04-02         18:48   odometre.pdf
-rwxrwxrwx 1    marc marc       5632 2008-05-23     19:42   Thumbs.db

server 2 (ls    -la /data/export)
-rwxr--r-- 1    marc marc 135793 2009-02-02         15:26   bookmarks.html
-rwxrwxrwx 1    marc marc 112640 2008-11-17         21:41   cv.doc
-rwxrwxrwx 1    marc marc 13546 2007-09-11          15:43   cv.odt
-rwxrwxrwx 1    marc marc 25088 2006-07-03          17:07   menulaurentien.doc
-rwxr--r-- 1    marc marc 33734 2009-02-06          12:58   opera6.htm

server 3 (ls    -la /data/export)
-rwxr--r-- 1    marc marc 135793 2009-02-02         15:26   bookmarks.html
-rwxrwxrwx 1    marc marc 112640 2008-11-17         21:41   cv.doc
-rwxrwxrwx 1    marc marc 13546 2007-09-11          15:43   cv.odt
-rwxrwxrwx 1    marc marc 25088 2006-07-03          17:07   menulaurentien.doc
-rwxr--r-- 1    marc marc 33734 2009-02-06          12:58   opera6.htm

server x (ls    -la /mnt/glusterfs)
-rwxrwxrwx 1    marc marc 215663 2007-09-14         14:14   6-instructions2.pdf
-rwxr--r-- 1    marc marc 135793 2009-02-02         15:26   bookmarks.html
-rwxrwxrwx 1    marc marc       2256 2008-12-18     11:54   budget.ods
-rwxrwxrwx 1    marc marc 112640 2008-11-17         21:41   cv.doc
-rwxr--r-- 1    marc marc 21281 2009-02-18          16:45   cv_nouveau.docx
-rwxrwxrwx 1    marc marc 13546 2007-09-11          15:43   cv.odt
-rwxrwxrwx 1    marc marc 13308 2009-01-26          10:49   cv.pdf
-rwxrwxrwx 1    marc marc 25088 2006-07-03          17:07   menulaurentien.doc
-rwxrwxrwx 1    marc marc 196375 2008-04-02         18:48   odometre.pdf
-rwxr--r-- 1    marc marc 33734 2009-02-06          12:58   opera6.htm
-rwxrwxrwx 1    marc marc       5632 2008-05-23     19:42   Thumbs.db

server 1 (ls    -la /data/export-ns)
-rwxrwxrwx 1    marc marc        0 2007-09-14 14:14 6-instructions2.pdf
-rwxr--r-- 1    marc   marc      0  2009-02-02    15:26  bookmarks.html
-rwxrwxrwx 1    marc   marc      0  2008-12-18    11:54  budget.ods
-rwxrwxrwx 1    marc   marc      0  2008-11-17    21:41  cv.doc
-rwxr--r-- 1    marc   marc      0  2009-02-18    16:45  cv_nouveau.docx
-rwxrwxrwx 1    marc   marc      0  2007-09-11    15:43  cv.odt
-rwxrwxrwx 1    marc   marc      0  2009-01-26    10:49  cv.pdf
-rwxrwxrwx 1    marc   marc      0  2006-07-03    17:07  menulaurentien.doc
-rwxrwxrwx 1    marc   marc      0  2008-04-02    18:48  odometre.pdf
-rwxr--r-- 1    marc   marc      0  2009-02-06    12:58  opera6.htm
-rwxrwxrwx 1    marc   marc      0  2008-05-23    19:42  Thumbs.db


server 2 (ls    -la /data/export-ns)
-rwxrwxrwx 1    marc marc        0 2007-09-14     14:14  6-instructions2.pdf
-rwxr--r-- 1    marc marc        0 2009-02-02     15:26  bookmarks.html
-rwxrwxrwx 1    marc marc        0 2008-12-18     11:54  budget.ods
-rwxrwxrwx 1    marc marc        0 2008-11-17     21:41  cv.doc
-rwxr--r-- 1    marc marc        0 2009-02-18     16:45  cv_nouveau.docx
-rwxrwxrwx 1    marc marc        0 2007-09-11     15:43  cv.odt
-rwxrwxrwx 1    marc marc        0 2009-01-26     10:49  cv.pdf
-rwxrwxrwx 1    marc marc        0 2006-07-03     17:07  menulaurentien.doc
-rwxrwxrwx 1    marc marc        0 2008-04-02     18:48  odometre.pdf
-rwxr--r-- 1    marc marc        0 2009-02-06     12:58  opera6.htm
-rwxrwxrwx 1    marc marc        0 2008-05-23     19:42  Thumbs.db
Now let say we want to test how redundant is the setup. Lets reboot server1 and create new files while its
down :
> /mnt/glusterfs/testfile
> /mnt/glusterfs/testfile2
> /mnt/glusterfs/testfile3
> /mnt/glusterfs/testfile4
Once server1 is back, lets check file consistency :
server 1 (ls    -la /data/export)
-rwxrwxrwx 1    marc marc 215663 2007-09-14          14:14 6-instructions2.pdf
-rwxrwxrwx 1    marc marc       2256 2008-12-18      11:54 b4udget.ods
-rwxr--r-- 1    marc marc 21281 2009-02-18           16:45 cv_nouveau.docx
-rwxrwxrwx 1    marc marc 13308 2009-01-26           10:49 cv.pdf
-rwxrwxrwx 1    marc marc 196375 2008-04-02          18:48 odometre.pdf
-rwxrwxrwx 1    marc marc       5632 2008-05-23      19:42 Thumbs.db

server 4 (ls    -la /data/export)
-rwxrwxrwx 1    marc marc 215663 2007-09-14          14:14 6-instructions2.pdf
-rwxrwxrwx 1    marc marc       2256 2008-12-18      11:54 budget.ods
-rwxr--r-- 1    marc marc 21281 2009-02-18           16:45 cv_nouveau.docx
-rwxrwxrwx 1    marc marc 13308 2009-01-26           10:49 cv.pdf
-rwxrwxrwx 1    marc marc 196375 2008-04-02          18:48 odometre.pdf
-rw-r--r-- 1    root root           0 2009-02-19     11:32 testfile
-rw-r--r-- 1    root root           0 2009-02-19     11:32 testfile3
-rwxrwxrwx 1    marc marc       5632 2008-05-23      19:42 Thumbs.db

server 1 (ls    -la /data/export-ns)
-rwxrwxrwx 1    marc marc        0 2007-09-14 14:14 6-instructions2.pdf
-rwxr--r-- 1    marc marc        0 2009-02-02 15:26 bookmarks.html
-rwxrwxrwx 1    marc marc        0 2008-12-18 11:54 budget.ods
-rwxrwxrwx     1  marc   marc      0  2008-11-17     21:41   cv.doc
-rwxr--r--     1  marc   marc      0  2009-02-18     16:45   cv_nouveau.docx
-rwxrwxrwx     1  marc   marc      0  2007-09-11     15:43   cv.odt
-rwxrwxrwx     1  marc   marc      0  2009-01-26     10:49   cv.pdf
-rwxrwxrwx     1  marc   marc      0  2006-07-03     17:07   menulaurentien.doc
-rwxrwxrwx     1  marc   marc      0  2008-04-02     18:48   odometre.pdf
-rwxr--r--     1  marc   marc      0  2009-02-06     12:58   opera6.htm
-rwxrwxrwx     1  marc   marc      0  2008-05-23     19:42   Thumbs.db
Oups, we have an inconstency here. To fix that, gluster documentation says missing files have to be read.
So lets do this simple command to read all files :
ls -lR /mnt/glusterfs/
Now, lets check what we have on server1 :
server1 (ls -la /data/export)
-rwxrwxrwx 1 marc marc 215663 2007-09-14 14:14 6-instructions2.pdf
-rwxrwxrwx 1 marc marc            2256 2008-12-18 11:54 budget.ods
-rwxr--r-- 1 marc marc 21281 2009-02-18 16:45 cv_nouveau.docx
-rwxrwxrwx 1 marc marc 13308 2009-01-26 10:49 cv.pdf
-rwxrwxrwx 1 marc marc 196375 2008-04-02 18:48 odometre.pdf
-rw-r--r-- 1 root root                0 2009-02-19 11:32 testfile
-rw-r--r-- 1 root root                0 2009-02-19 11:32 testfile3
-rwxrwxrwx 1 marc marc            5632 2008-05-23 19:42 Thumbs.db

server1 (ls -la /data/export-ns)
-rwxrwxrwx 1 marc marc             0 2007-09-14 14:14 6-instructions2.pdf
-rwxr--r-- 1 marc marc             0 2009-02-02 15:26 bookmarks.html
-rwxrwxrwx 1 marc marc             0 2008-12-18 11:54 budget.ods
-rwxrwxrwx 1 marc marc             0 2008-11-17 21:41 cv.doc
-rwxr--r-- 1 marc marc             0 2009-02-18 16:45 cv_nouveau.docx
-rwxrwxrwx 1 marc marc             0 2007-09-11 15:43 cv.odt
-rwxrwxrwx 1 marc marc             0 2009-01-26 10:49 cv.pdf
-rwxrwxrwx 1 marc marc             0 2006-07-03 17:07 menulaurentien.doc
-rwxrwxrwx 1 marc marc             0 2008-04-02 18:48 odometre.pdf
-rwxr--r-- 1 marc marc             0 2009-02-06 12:58 opera6.htm
-rw-r--r-- 1 root root             0 2009-02-19 11:29 testfile
-rw-r--r-- 1 root root             0 2009-02-19 11:29 testfile2
-rw-r--r-- 1 root root             0 2009-02-19 11:29 testfile3
-rw-r--r-- 1 root root             0 2009-02-19 11:29 testfile4
-rwxrwxrwx 1 marc marc             0 2008-05-23 19:42 Thumbs.db
Now everything is as it should be.
------------------------------------------------------------------------------------
6. Conclusion
GlusterFS has a lot of potential. What you saw here is a small portion of what GlusterFS can do. As I said
in the first page, this setup was not tested on a live webserver and very little testing was done. If you plan
to put this on a live server and test this setup in depth, please share your experience in the forums or
simply post a comment on this page. Also, it would be very interesting if someone can post benchmarks
to see how well it scale.
Further reading : http://www.gluster.org

Detect and Configure / Install Modem on UBUNTU

 

To find out what kind of software modem you are using, go to linmodems.org, read the page, and download the scanModem tool (which will only recognize PCI and USB modems, not ISA modems). Copy it to your desktop in your Ubuntu machine, then open a command line and enter:

• 
  
  

  $ cd ~/Desktop
   $ gunzip scanModem.gz
   $ chmod +x scanModem
   $ ./scanModem
   $ gedit Modem/ModemData.txt

  
  
  

The program gunzip will decompress the file, chmod will mark it as executable, and ./scanModem will run it. If it tells you to do something as root by issuing su - root, instead just enter the commands it wants following a "sudo", e.g. $ sudo modprobe snd-intel8x0m. scanModem will scan your modem and tell you what it is and how to configure it. It will not configure it for you. But after running, you will see a number of new folders, including a Modem folder. Read 1stRead.txt and ModemData.txt in there, and see if you modem was recognized. This is admittedly not a straight-forward read and might need some more reading around on above mentioned page to find out which drivers your modem needs. Then scan through the following sections to find out about the easiest way to install that driver under Ubuntu.

Note: For many of the following drivers, you will need to enable the universe and or the multiverse repositories. See AddingRepositoriesHowto. This requires you to have working network connection. You can also search for packages to download in another system and transfer to your Ubuntu installation at http://packages.ubuntu.com/ . Be careful with the dependencies... Check out this forum post for another way to get packages using the LiveCD on another system with network connection and a CD burner: http://www.ubuntuforums.org/showpost.php?p=893732&postcount=6

Now that you know what modem you have, please return to DialupModemHowto to continue.

How do I find open ports on Linux server?

There are different commands on both Linux and UNIX server to find out what tcp/udp ports are listening or open on your own server. You can use netstat command, which print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships etc. Another (and suggested) option is to use lsof command, which list open files, and ports on Linux, FreeBSD, Solaris and other Unixish systems.

netstat command to find open ports

# netstat --listenDisplay open ports and established TCP connections:$ netstat -vatnFor UDP port try following command:$ netstat -vaunIf you want to see FQDN, remove -n flag:$ netstat -vat

lsof Command Examples

Display list of open ports
# lsof -iTo display all open files, use:# lsofTo display all open IPv4 network files in use by the process whose PID is 9255, use:
# lsof -i 4 -a -p 9255

Linux bond or team multiple network interfaces into single

Finally today I had implemented NIC bounding (bind both NIC so that it works as a single device).My idea is to improve performance by pumping out more data from both NIC without using any other method.

Linux allows binding multiple network interfaces into a single channel/NIC using special kernel module called bonding. "The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical "bonded" interface. The behavior of the bonded interfaces depends upon the mode; generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed."

Note:-What is bonding?

Bonding allows you to aggregate multiple ports into a single group, effectively combining the bandwidth into a single connection. Bonding also allows you to create multi-gigabit pipes to transport traffic through the highest traffic areas of your network. For example, you can aggregate three megabits ports (1 mb each) into a three-megabits trunk port. That is equivalent with having one interface with three megabits speed.



Setting up bounding is easy with RHEL v5.0.and above

Step #1:
Create a bond0 configuration file

Red Hat Linux stores network configuration in /etc/sysconfig/network-scripts/ directory. First, you need to create bond0 config file:
Code:
# vi /etc/sysconfig/network-scripts/ifcfg-bond0
Append following lines to it:
DEVICE=bond0
IPADDR=192.168.1.59
NETWORK=192.168.1.0
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes


Note:Replace above IP address with your actual IP address. Save file and exit to shell prompt

Step #2:
Modify eth0 and eth1 config files:

Open both configuration using vi text editor and make sure file read as follows for eth0 interface
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
Modify/append directive as follows:
DEVICE=eth0
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none


Open eth1 configuration file using vi text editor:
# vi /etc/sysconfig/network-scripts/ifcfg-eth1
Make sure file read as follows for eth1 interface:
DEVICE=eth1
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none


Save file and exit to shell prompt

Step # 3:
Load bond driver/module


Make sure bonding module is loaded when the channel-bonding interface (bond0) is brought up. You need to modify kernel modules configuration file:
# vi /etc/modprobe.conf
Append following two lines:
alias bond0 bonding
options bond0 mode=balance-alb miimon=100


Note:-Save file and exit to shell prompt. You can learn more about all bounding options at the end of this document

Step # 4:
Test configuration

First, load the bonding module:

# modprobe bonding

Restart networking service in order to bring up bond0 interface:

# service network restart

Verify everything is working:

# less /proc/net/bonding/bond0

Output:

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:0c:29:XX:XX:X1

Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:0c:29:XX:XX:X2


List all interfaces:

# ifconfig

Output:

bond0     Link encap:Ethernet  HWaddr 00:0C:29:XX:XX:XX
inet addr:192.168.1.59 Bcast:192.168.1.255  Mask:255.255.255.0
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST  MTU:1500  Metric:1
RX packets:2804 errors:0 dropped:0 overruns:0 frame:0
TX packets:1879 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250825 (244.9 KiB)  TX bytes:244683 (238.9 KiB)

eth0      Link encap:Ethernet  HWaddr 00:0C:29:XX:XX:XX
inet addr:192.168.1.59  Bcast:192.168.1.255  Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec6:be59/64 Scope:Link
UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
RX packets:2809 errors:0 dropped:0 overruns:0 frame:0
TX packets:1390 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:251161 (245.2 KiB)  TX bytes:180289 (176.0 KiB)
Interrupt:11 Base address:0x1400

eth1      Link encap:Ethernet  HWaddr 00:0C:29:XX:XX:XX
inet addr:192.168.1.59  Bcast:192.168.1.255  Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec6:be59/64 Scope:Link
UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:502 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:258 (258.0 b)  TX bytes:66516 (64.9 KiB)
Interrupt:10 Base address:0x1480



Note:-If the administration tools of your distribution do not support master/slave
notation in configuration of network interfaces, you will need to configure
the bonding device with the following commands manually:


# /sbin/ifconfig bond0 192.168.1.59 up
# /sbin/ifenslave bond0 eth0
# /sbin/ifenslave bond0 eth1


Que:-What are the other MODE options in modprobe .conf file

Ans:-You can set up your bond interface according to your needs. Changing one parameters (mode=X) you can have the following bonding types:

mode=0 (balance-rr)
Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.

mode=1 (active-backup)
Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

mode=2 (balance-xor)
XOR policy: Transmit based on [(source MAC address XOR'd with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.

mode=3 (broadcast)
Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

mode=4 (802.3ad)
IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.

mode=5 (balance-tlb)
Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.

mode=6 (balance-alb)
Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.

collaborate the screen

Suppose you want to show your your friend how to solve a problem, but you are on a remote location.

Solution is to collaborate the screen.

STEP #1 Should have "screen" package installed on machines, using yum or rpm, then

ssh -Y yourusername@remote-machine

(normally you need to login as root)

STEP #2 Once you are there run

screen -S anyname

STEP #3 - Then tell your friend to run this command

screen -x anyname

This will make your and your friend's sessions joined together in the Linux shell.
You can type or he can type, but you'll both see what the other is doing.
The benefit is that your friend can watch your troubleshooting skills and see exactly how you solve problems.

The one caveat to this trick is that you both need to be logged in as the same user.

To detach from it and leave it open, type: Ctrl-A+D.

You can then reattach by running the

screen -x anyname

command again.

Can read more information using "

man screen

Enjoy the spirit of SHARING and COLLABORATING.

How to set up RTL8101 Ethernet Driver in RHEL5

it is a enthernet driver required when u have installed RHEL5 into your machine, if your LAN is working proprely ...then no problem if not working follow these steps care fully,first you need to know is what driver you have in your syytem
[edit]
knowing drivers

#lspci

will give u over idea about wht u r looking for...


in the bottom of the output u will find wht driver u have.... Ex:06:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8101E PCI Express Fast Ethernet controller (rev 01)

its very simple the way is you need to download RTL8101E from realtek web-site here is the link here

[step 1:]
$su -
#tar -xvf

[step 2:]
go to extracted folder
#make clean modules
#make install
#depmod -a
#insmod ./src/r8101.ko (or r8101.o for kernel 2.4.x)
#reboot

after rebooting the system your system able to connect to internet through LAN,if not type this command in terminal

#/sbin/services network restart

Improve Firefox speed by 5x

Just fit the NOS in your firefox (The Fast and the Furious)

1. Open Firefox and in the address bar type about:config.
2. Click on “I’ll be careful, I promise“
3. Use the search bar above to look for network.http.pipelining and double click on it to set it’s value to True.
4. Create a new boolean value named network.http.pipelining.firstrequest and set that to True, as well.
5. Find network.http.pipelining.maxrequests, double click on it, and change its value to 8.
6. Look for network.http.proxy.pipelining and set it to True.
7. Create two new integers named nglayout.initialpaint.delay and content.notify.interval, set them to 0.
8. Restart your browser.

All done. You should feel the browser is 5x more responsive than before while navigating websites.

dns tips while configuring

Just sharing some DNS tips, which needs to keep on mind while configuring your DNS server.

1. An A Record must ALWAYS contain IP address (map host to IP)

Whenever you specify A record it must contain IP address on the Right side. The A record is so important in DNS without which the meaning of mapping hostnames to IP would be absurd. So remember this!

2. CNAME (Alias) must contain hostnames. No IPs here

3. NS an MX records must contain host names. No IPs allowed.

4. Use the DOT in the end, whenever you specify a domain name in the DNS zone file. This DOT is so important and if you forget this you will have nightmares with your dns configuration.
For example
example.com. IN NS ns1.example.com.

Why DOT? simply because it tells to start query from root servers (denoted by dot)

5. MX records (for mail servers) should contain hostnames NOT IPs.

6. Allow Port 53 for both UDP and TCP connections
If you use firewall make sure you do not block port 53 for DNS tcp and udp requests. By default dns lookups use UDP protocol while zone transfers and notifications use TCP protocol of port 53.
-Port 53 UDP = Dns Requests
-Port 53 TCP = Zone transfers

7. CNAMEs cannot co-xist with MX hosts.
Do not specify CNAME or aliases pointing to MX records.

domain.com. IN MX 10 mail.domain.com.
mail IN CNAME domain.com. ----------> WRONG

Instead use A record to map directly to IP address.

mail IN A 11.33.55.77 ---> CORRECT

8. No duplicate MX records
domain.com. IN MX mail.domain.com.
domain.com. IN MX mail.domain.com ----> DUPLICATE

In case if some information provided above is incorrect, please feel free to update me.
Will surely add more tips & tricks in the coming future.

Execute command in SSH without opening shell

Generally whenever we intend to run some command on remote machine, we first do a ssh and then type the command to be executed.

Here is a very small "trick" to be more smarter.

Lets say you want to run "top" command on the machine x.x.x.x using SSH.

First find out the path of the top command using -

whereis top

Once you get the path. Now just type this -

ssh user@x.x.x.x /path/to/the/command

Squid Proxy Server Limit the number of simultaneous

Squid Proxy Server Limit the number of simultaneous Web connections from a client with maxconn ACL

So how do you limit the number of simultaneous web connections from a client browser system using the open source Squid proxy server?

You need to use squid ACCESS CONTROLS feature called maxconn. It puts a limit on the maximum number of connections from a single client IP address. It is an ACL that will be true if the user has more than maxconn connections open. It is used in http_access to allow/deny the request just like all the other acl types.

Step # 1: Edit squid conf file

Open /etc/squid/squid.conf file:
# vi /etc/squid/squid.conf

Step # 2: Setup maxconn ACL

Locate your ACL section and append config directive as follows:
acl ACCOUNTSDEPT 192.168.5.0/24
acl limitusercon maxconn 3
http_access deny ACCOUNTSDEPT limitusercon
Where,

1. acl ACCOUNTSDEPT 192.168.3.0/24 : Our accounts department IP range
2. acl limitusercon maxconn 3 : Set 3 simultaneous web access from the same client IP
3. http_access deny ACCOUNTSDEPT limitusercon : Apply ACL

Save and close the file.

Restart squid

Restart the squid server, enter:
# /etc/init.d/squid restart

SSHFS: How do you install sshfs on CentOS/Linux/Redhat

What is sshfs and why would you want it? Well simply put, sshfs allows you to mount another server’s filesystem into a folder on your local system which in the background is doing ssh commands and transfers.
As a mounted folder, you are able to move about and copy files back and forth as everything was on local server. As you can see this makes it very easy for you to work with files on multiple servers.

Note: you only have to do the following installations on the server where you are doing the mounts on.

Let us download and install the filesystem framework which is a requirement for sshfs called fuse.


yum -y install kernel-devel fuse fuse-ntfs-3g dkms dkms-fuse


Once installed, you will have to find out the directory it is installed in


At this point we can try doing the mount again.
cd /mnt
sshfs 10.0.0.2:/ test

If you do not get any errors, do df -h to see the mount:
...
sshfs#10.0.0.2:/ 1000G 0 1000G 0% /mnt/test