Black Ops of TCP IP

Sekolahlinux.com:
Say Google is 50ms slower than Bing. Is this because of the ISP, or the routers and myriad server and path differentials between the ISP and Google, vs. the ISP and Bing? Can’t tell, it’s all conflated. We have to normalize the connection between the two sites, to measure if the ISP is using policy to alter QoS. Here’s how we do this with n00ter.

Start with a VPN, that creates an encrypted link from a Client to a broker/concentrator. An IP at the Broker talks plaintext with Google and Bing, who replies to the Broker. The Broker now encrypts the traffic back to the Client.

Policy can’t differentiate Bing traffic from Google traffic, it’s all encrypted.

Now, lets change things up — let’s have the Broker push the response traffic from Google and Bing, completely in the open. In fact, lets have it go so far as to spoof traffic from the original sources, making it look like there isn’t even a Broker in place. There’s just nice clean streams from Google and Bing.

If traffic from the same host, being sent over the same network path, but looking like Google, arrives faster (or slower) than traffic that looks like it came from Bing, then there’s policy differentiating Google from Bing.

Now, what if the policy is only applied to full flows, and not half flows? Well, in this case, we have one session that’s a straight normal download from Bing. Then we have another, where the entire client->server path is tunneled as before, but the Broker immediately emits the tunneled packets to Bing *spoofing the Client’s IP address*. So basically we’re now comparing the speed of a full legitimate flow to Bing, with a half flow. If QoS differs — as it would, if policy is only applied to full flows, then once again the policy is detected.

I call this client->server spoofing mode Roto-N00ter.

There’s more tricks, but this is what N00ter’s up to in a nutshell. It should work for anything IP based — if you want to know if XBox360 traffic routes faster than PS3 traffic, this’ll tell you.

more from dan kaminsky

Technorati Tags: ,

how linux affecting your life

As business become a bit though. We need to optimize our business. Many big player do anything to optimize their business.
As a new player its seems hard to compete those big boys, but not today. With the growing of open source product we can use the same technology at lowest cost. So we can get focus more on doing business rather than thinking what technology we should adopt.
yeah linux could change the way we do business.

Technorati Tags: , ,

Financing your business | Payday Loans

It is easy to find yourself in a cash dilemma, maybe you made a critical math mistake while balancing your checking account or your big commission check has been unexpectedly delayed a week. There are many ways you can get yourself into a temporarily short-on-funds situation. Luckily, there are ways to make it through until your next payday.

Instant payday loans offer short–term loans to get people through to their next paycheck if they have found themselves in a critical predicament.

Here are a few other reasons people apply for payday loans online:

  • Save Time – Instead of searching the yellow pages or driving around town, spend less than 10 minutes online to find a lender. Some services even work with many providers and can refer you to one licensed to operate in your state.
  • Save Money – Sometimes bank charges, over–the–limit fees or late fees can add up to more than it would cost you to take out a payday loan to pay your bills on time. Additionally, reactivation charges can be costly if your cell phone, utilities or other service are turned off.
  • Save Your Credit – If you are trying to buy a house or fix your credit problems, you may not want to add new bad marks to your credit record by not paying a bill or paying it late.
  • Save Face – Nobody likes to ask friends, family or an employer for a loan. Nor do you want to ruin a business relationship with a bounced check. Through a payday loans no faxing, you can pay your bills without adding pressure to your personal relationships.

In this site, you’ll find payday loans online advice and cash money tips, as well as comprehensive reviews and a side–by–side comparison to help you make an informed decision on which service is right for your short–term loan needs.

Life insurance for goods

Nowadays many people seems looking for cover for their life. Since they live in the unpredictable world where anything could just happened to their live. Buy Life Insurance is a smarter way to live, you can put aside your risk and live with better comfort.

Term Life Insurance, many insurance company has different policy to their product. You should ask a lot to their agent to get better understanding about their products. a good agent will be happy to help you, so you can get the best benefit from insurance. Please read our term carefully so you can get a clear understanding about our strength and products.

Online Life Insurance, We understand about your busy schedule just feel free to contact our toll free number at 1-800-939-0710. Our agent will help you as soon as possible. Best of all you reach our web site to ask free quotation online.

Red Hat Linux Commands – How to Understand Linux Directory and File Listings 

Interpreting Linux Directory and File Listings – From the Output of the Linux ls Command

In this linux tutorial we will learn how to running the Linux ls command at the Linux command line prompt shows a listing of directories and files.

The following is an example of a listing at the shell prompt of a directory named bin:

  • drwxr-x— 22 root root 4096 May 22 16:14 bin

The name of the directory (bin) appears at the far right.

At the left of this name is the time (16:14). If the directory were not created this year, the year would appear in place of the time. Next at the left is the date (May 22). At the left is the size of the directory, which is 4,096 bytes (4 K).

At the far left is a “d” and this indicates that the item is a directory.

The other items shown above, such as “rwxr-x— 22 root root”, are permissions.

The following is a Linux ls command output example of a file named grep.1.gz:

  • -rw-r–r– 1 root root 5907 Jul 17 2007 grep.1.gzThe name of the file appears at the far right (grep.1.gz).

At the left of the name is the date that the file was created (July 17, 2007). At the left of that is the size of the file, which is 5,907 bytes (approximately 5.9 K).

At the far left is a “-“. This indicates that the item is a file.

The above file was created in 2,007. If the file was created this year, then the time that the file was created, in the form of hh:mm, would appear in place of the year.

When you run ls command and use the -l option, you see a series of characters at the left of each item in the directory listing. The table below shows the meaning of the far left character in a directory listing.

The Leftmost Characters in a Listing from the Output of the Linux ls Command

When using the -l option of the ls command, the - (dash) for file and the d for directory appear most often in the list that is output when the ls command is run.

Remember that directory names have a “d” at the far left of them and files have a “-“.

The Linux concepts shown above apply to Slackware, Red Hat, Ubuntu, Fedora, and Debian Linux – and also ALL Linux distributions.

By the way…do you want to learn exactly how to use Linux and run Linux commands for Linux System Administration and get real, practical Linux training experience by running hundreds of examples of Linux commands? Stay tuned as more linux commands training tips will coming. speak soon.

Other related articles:

Technorati Tags: , , ,

Linux Tutorial for Beginner

Hello, are you looking for linux tutorial? whether you an expert or beginner every people who wants to learn linux will search for linux tutorial. Many source offering linux tutorial, you can get an e-book or printed material yes, you find it very useful.

As a beginner you may want to read your linux man page as the first source you need to operate your new operating system. Man page will provide you with basic linux commands and expert linux commands. This list of linux commands will help you to run and operate your new linux. No mater what kind of distribution you like you will always find it useful.

Another way to get linux tutorial is by attending linux training or linux seminar, you can also buy Linux books or video to watch and learn. Don't worry about your new operating system as this is more stable than the other operating system. You should join to mailing list or forum to broaden your network and gaining more information about linux.

Other related articles:

  • WordPress on Debian Linux · supriyadisw dot net – This tutorial is how to install WordPress on Debian Linux . Installing WordPress on Debian? What for? Are there many easy ways to install WordPress on our server (Web hosting)? Eventually, We don't need to know what distro that our …

  • wordpress Installation on Ubuntu with LAMP – This tutorial is how to install wordpress on Ubuntu Linux Desktop using LAMP. Why ? One reason is that you can do a lot of developing (playing around) much quicker as there is no need to use ftp. If… [[ This is a content summary only. ...

  • Online Linux Tutorial For Beginners - Online Linux Tutorial for beginners is a basic guide to the Unix and Linux operating system. Eight simple tutorials which cover the basics of UNIX / Linux commands. Introduction to The UNIX operating system What is UNIX?

  • Linux Makefile Tutorial - Procyon AVR Library for Atmel AVR Processors · Online Linux Tutorial For Beginners · FreeRTOS porting on Code Composer Studio 4 (LM3Sxxxx processor) · [Error Solved] fatal error C1189: #error : This file requires _WIN32_WINNT …

  • Linux tutorial: How to rotate a video – Many people take video's on there mobiles and end up with a rotated video. If you wonder how to rotate it to a normal view under Linux, this tutorial is for you. This is why I love open source, you get a lot of possibilities for free!

  • Rapidshare Downloads on Linux Tutorial – Rapidshare Downloads on Linux Tutorial ubuntuforums.org.

  • Linux Tutorial: Raising Microphone Volume in Ubuntu – You might have noticed that Ubuntu has a very low microphone volume by default. This quick tutorial shows you how to make your microphone record at a higher volume. If you'd like more Linux tutorials check out my site: …

  • Hosting Directory #1 – Practical Guide to Linux Commands, Editors … – Expert primer on automating tasks with Perl The Most Useful Linux Tutorial and Reference, with… More >> · Practical Guide to Linux Commands, Editors, and Shell Programming, A. Subscribe to Hosting Directory #1 by Email: under: Platform …

  • Ubuntu Tweak .5.6 Desktop Recovery Backup Restore Reset Settings … – 10 Technology Messes That Need Fixing How to Get Help in Linux Software Provider Calls Citrix Online Backbone of His Firm Linux Tutorial: Raising Microphone Volume in Ubuntu Share and Enjoy:

  • How to update your java version on Linux. Linux tutorial. – www.opensourcebistro.com This is a walk through of a recent Java update I completed on my Vectorlinux box. Keeping Java up to date is usually a good security precaution as well as just getting you a better version of Java. …

Technorati Tags: , , , ,

Basic Linux Commands With Man Pages for Beginner

Here are some basic commands to get you started in the wonderful world of Linux and other UNIX variants. All of these commands should work from your command prompt (regardless which shell you’re using).You MUST press enter to invoke the command.All UNIX and Linux commands are case sensitive. There are of course thousands of Linux related commands and procedures.

You can also execute multiple commands by separating each one with a ; for example cd newdir; mkdir thatdir ; ls -la will first change directories to the newdir directory, then create a directory called thatdir, then list all the files in long format. You can string together as many commands as you like but caution should be used not to inadvertently do anything harmful.

If you think some thing need to be added to this list let me know.

access determine whether a file can be accessed

Syntax

access -mode file

For more options and how to use check access man page

alias define or display aliases

Syntax

alias [alias-name[=string] ]

For more options and how to use check alias man page

bg run jobs in the background

Syntax

bg [job_id ...]

For more options and how to use check bg man page

cal displays a calendar

Syntax

cal [-smjy13 ] [[ month ] year ]

For more options and how to use check cal man page

cd change directories

Use cd to change directories. Type cd followed by the name of a directory to access that directory.Keep in mind that you are always in a directory and can navigate to directories hierarchically above or below.

Syntax

cd [-L | -P] [directory]

For more options and how to use check cd man page

chown change file owner and group

Syntax

chown [OPTION] OWNER[:[GROUP]] FILE

chown [OPTION] :GROUP FILE

chown [OPTION] reference=RFILE FILE

For more options and how to use check chown man page

chmod change file access permissions

Syntax

chmod [-r] permissions filenames

Options

r Change the permission on files that are in the subdirectories of the directory that you are currently in. permission Specifies the rights that are being granted. Below is the different rights that you can grant in an alpha numeric format.filenames File or directory that you are associating the rights with Permissions

u User who owns the file.

g Group that owns the file.

o Other.

a All.

r Read the file.

w Write or edit the file.

x Execute or run the file as a program.

Numeric Permissions:

CHMOD can also to attributed by using Numeric Permissions:

400 read by owner

040 read by group

004 read by anybody (other)

200 write by owner

020 write by group

002 write by anybody

100 execute by owner

010 execute by group

001 execute by anybody

For more options and how to use check chmod man page

cp Copy files and directories

Syntax

cp [OPTION] SOURCE DEST
cp [OPTION] SOURCE DIRECTORY
cp [OPTION] target-directory=DIRECTORY SOURCE

Options

cp myfile yourfile

Copy the files myfile to the file yourfile in the current working directory. This command will create the file yourfile if it doesn’t exist. It will normally overwrite it without warning if it exists.

cp -i myfile yourfile

With the -i option, if the file yourfile exists, you will be prompted before it is overwritten.

cp -i /data/myfile

Copy the file /data/myfile to the current working directory and name it myfile . Prompt before overwriting the file.

cp -dpr srcdir destdir

Copy all files from the directory srcdir to the directory destdir preserving links (-poption), file attributes (-p option), and copy recursively (-r option). With these options, a directory and all it contents can be copied to another dir

For more options and how to use check cp man page

clear Clears the terminal screen.

Syntax

clear

For more options and how to use check clear man page

cmp Compares two files, reporting all discrepancies. Similar to the diff command, though the output format differs.

Syntax

cmp [-clsv] [-i NUM] [--help] [--print-chars] [--ignore-initial=NUM] [--verbose] [--quiet] [--silent] [--version] -I FILE1 [FILE2 [RANGE1 [RANGE2]]]

For more options and how to use check cmp man page

cat – Sends file contents to standard output. This is a way to list the contents of short files to the screen. It works well with piping.

Syntax

cat [OPTION] [FILE]

For more options and how to use check cat man page

diff find differences between two files

Syntax

diff [options] from-file to-file

For more options and how to use check diff man page

dmesg Prints the messages resulting from the most recent system boot.

Syntax

dmesg [ -c ] [ -n level ] [ -s bufsize ]

For more options and how to use check dmesg man page

du estimate file space usage

Syntax

du [OPTION] [FILE]

For more options and how to use check du man page

df report filesystem disk space usage

Syntax

df [OPTION] [FILE]

For more options and how to use check df man page

exit – cause the shell to exit

syntax

exit [n]

For more options and how to use check exit man page

eject eject removable media

Syntax

eject -h
eject [-vnrsfqp] []
eject [-vn] -d
eject [-vn] -a on|off|1|0 []
eject [-vn] -c slot []
eject [-vn] -t []
eject [-vn] -x []
eject -V

For more options and how to use check eject man page

fuser identify processes using files or sockets

Syntax

fuser [-a|-s|-c] [-4|-6] [-n space] [-k [-i] [-signal] ] [-muvf] name
fuser -l
fuser -V

For more options and how to use check fuser man page

fsck check and repair a Linux file system

Syntax

fsck [ -sACVRTNP ] [ -t fstype ] filesys [ ... ] [--] [ fsck-options ]

For more options and how to use check fsck man page

fdisk Partition table manipulator for Linux

Syntax

fdisk [-u] [-b sectorsize] [-C cyls] [-H heads] [-S sects] device
fdisk -l [-u] device
fdisk -s partition
fdisk -v

For more options and how to use check fdisk man page

fg run jobs in the foreground

Syntax

fg [job_id]

For more options and how to use check fg man page

file determine file type

Syntax

file [ -bciknsvzL ] [ -f namefile ] [ -m magicfiles ] file
file -C [ -m magicfile ]

For more options and how to use check file man page

find search for files in a directory hierarchy

Syntax

find [path...] [expression]

For more options and how to use check find man page

finger Prints descriptions of the specified users.

Syntax

finger [-lmsp ] [user ... ] [user@host ... ]

For more options and how to use check finger man page

free Displays the amount of used and free system memory.

Syntax

free [-b | -k | -m] [-o] [-s delay ] [-t] [-V]

For more options and how to use check free man page

ftp A File Transfer Protocol client

Syntax

ftp hostname or ipaddress

For more options and how to use check ftp man page

grep, egrep, fgrep print lines matching a pattern

Syntax

grep [options] PATTERN [FILE...]
grep [options] [-e PATTERN | -f FILE] [FILE...]

For more options and how to use check grep, egrep, fgrep man page

head output the first part of files

Syntax

head [OPTION] [FILE]

For more options and how to use check head man page

history Manipulate the history list

Syntax

history option arg arg

For more options and how to use check history man page

!!

use the ! option. To automatically re-display the last command you typed at the prompt, type: !! and press enter. Press again to invoke the command. You can also automatically re-display a command you typed earlier by using the ! and the first few letters of the command.  Find more Linux Commands here.

Other related articles:

  • Basic Linux Commands With Man Pages – 15 Responses to “Basic Linux Commands With Man Pages”. abhi kalyan says: October 26, 2006 at 12:56 pm. Great Work, I hope i could contribute, and in the coming days i might. Made a very good help. Thank you. Admin says: …
  • Learn basic linux/unix commands | Tutorial Staff | TutorialStaff.com – I hope you understand these 5 basic linux commands. There will be more tutorials coming soon about using linux so stay tuned and don`t forget if you have any questions feel free to post them in the comment section below. …
  • The Basics of The Palm Pre Linux – Basic Linux commands. Installation of additional utilities (sudo, package manager etc.). Configuration of the virtual machine (virtualbox). Install\remove packages. Short description of the system files and directories specific for Palm …
  • What does it mean for Windows users, if the basic knowledge of … – So this indicates that some basic Linux commands konwledge necessary. However, I am a Windows user … best answer: Answer. The Beast means you know how to navigate the Linux without a GUI. Enter the answer to this question below!
  • NTBrad.com – Not just for Windows anymore! » Monitoring Citrix … – This adds Nagios NRPE support for Citrix XenServer 5.5. I’ve tested this with the current patches as of 3/12/2010, but if it breaks and explodes and blows the hair off your cat, well, you’ve been warned.The rpm’s are either from CentOS …
  • NTBrad.com – Not just for Windows anymore! » Xen Import and Export … – Uncategorized. Since the new bits are all at the other end of a relatively slow pipe (8Mb DSL or 17Mb WiFi) shuffling templates and exports around is no fun at all. Trying this from a XenConsole running on the XenServer itslef was no …
  • Guides and help on using basic Linux commands & basic Unix … – When you talk about using Linux as Operating System, at least you need to know some of the basic Linux commands that could help you do the configurations, setup and manage your Linux box using the Linux shell (or command line …

Technorati Tags: , ,

Link Exchange The Need For Web Promotion

When you have a business on the Internet today, you need to give it every opportunity to thrive. Having a web site that displays your products and services is a great way to alert internet surfers of your site, however, you can have the best site on the internet, but business will ultimately fail if no one knows you are there.

Most of us realize that there is not a better way to get people visiting your web site while waiting to be listed by search engines is through being linked to by other quality sites.

Advertising your web site is what will draw customers to your site. There are many ways to advertise your site, however the best way to do this is through link exchange.

Link Exchange (“Reciprocal Link Exchange”) is the practice of exchanging links with other websites. It has been a long time practice by website owners since the beginning of the web. Exchanging links can save a lot of money that you otherwise would have spent on other means of Internet advertising.

Link exchange is a very effective and inexpensive approach of gaining popularity and prosperity on the world wide web. It have been used by a lot of webmasters for years as a means of direct marketing.

If you exchange links with relevant websites increases your link popularity and in part, improves search engine optimization. It is an easy and very effective way to trade links.

This powerful link exchange network will give your website thousands of backlinks to boost your link popularity and search engine ranking. As an experience SEO company they know exactly what to do to increase your web site rank. Using a unique technique this company can give you natural link to your web site. You can get your free link exchange here.

If you have any question about link exchange, link exchange service or link exchange network please contact this company as they know exactly what to do.

Technorati Tags: , ,

Linux Tutorial: Deploying OpenSIPS (OpenSer) Under Linux-HA – Heartbeat v2.0

Heartbeat (or more formally, Linux-HA) provides application monitoring with the ability to restart or migrate a service (like OpenSIPS or OpenSER) and dependent resources (like IP addresses) to other machines in the event of a failure. Typically a monitoring process returns the status of a resource. (can be as simple as a ping or as complex as a full fledged application level test) In the event of a failure, a tree of services (typically the IP alias and the service that runs on top of it) are restarted or migrated to a new, more desirable node.

The Linux-HA project started as a simple process monitoring and failover application that didn't take service hierarchy into account among other things. Version 2 of Linux-HA was major rewrite of the application which added hierarchically defined services and used the industry standard OCF definition to describe service monitoring tools and dependency trees.

OCF files for the services are kept in /usr/lib/ocf/resource.d and are grouped by directories named after each provider. The included provider is heartbeat which supplies (among other things) IPaddr2 which I use for IP address setup, teardown and monitoring. It differs from IPaddr (also in that directory) in that it is iproute2 aware. The other provider I use is anders.com which contains the OpenSIPS OCF provider. This process controls and monitors OpenSIPS on the application level. (by using sipsak to send test calls to the application layer)

The service definition hierarchy is maintained in the /var/lib/heartbeat/crm/cib.xml file. This is the main file for configuring Linux-HA. It is VERY finicky.

During normal operation, the cib.xml file will be synchronized between all the nodes which means it will get rewritten. It contains the state information for the services being monitored and hashes for each of the nodes in the group. If you need to make a change to the cib.xml file, start by shutting down all of the nodes in the group. Make sure you keep all IDs unique across the file and be aware of the backup files in the same directory. It doesn't hurt to blow everything except for the cib.xml file away on all machines when heartbeat is stopped to make sure all nodes are in sync. Once you have made the changes you wish to make, increment the admin_epoch number in the cib.xml and copy it to each of the participating nodes. Start the preferred node before any others to minimize service migration.

The ha.cf file in /etc/ha.d configures some very basic heartbeat options. Most significantly, it dictates wither or not the CRM engine is on. This essentially differentiates between the old heartbeat version 1 and the new heartbeat version 2 with CRM support. (I use v2 with CRM) The ha.cf file also lists all the nodes that will be participating in the cluster and how inter-cluster communication will work. In this case we will be sending broadcasts from eth0.10, or VLAN 10 on eth0.

Note: It is very important to name the nodes what the output of the uname -a command reports. You can't just pick whatever name might sounds good to you unless you rename the machine itself.

/etc/ha.d/ha.cf

udpport 469
bcast eth0.10
node sip-a sip-b
crm on

When running multiple heartbeat setups on the same broadcast segment you must use a separate port for each setup.

Authkeys

As the name implies, the authkeys file lists the private strings the nodes will use as keys to authenticate communication between the nodes. As this is private data, the file should only be readable by root.

chown root:root /etc/ha.d/authkeys
chmod 600 /etc/ha.d/authkeys

The file lists the encryption method (md5) and the string to be used.

/etc/ha.d/authkeys

auth 1
1 md5 a0ff2cc2bbdff6c7a55090ea4f55400f

The cib.xml File

This is an example cib.xml file that assumes two IP addresses and runs OpenSIPS on them. In the event of a migration, the new node will start the IP addresses (sending a gratuitous arp) and then start OpenSIPS. The order of services (what depends on what) is described in this example.

/var/lib/heartbeat/crm/cib.xml

We verify cib files with crm_verify:

crm_verify -x /var/lib/heartbeat/crm/cib.xml

Make sure you set the ownership to cluster:cluster on that file and kill backup versions in the off chance they might conflict with the new cib.xml file.

rm /var/lib/heartbeat/crm/cib.xml.*
chown cluster:cluster -R /var/lib/heartbeat/crm/

OCF Files

I wrote my own OCF file for monitoring OpenSIPS which implements sipsak to do application level testing over 127.0.0.1. (make sure OpenSIPS listens on 127.0.0.1 as well)

/usr/lib/ocf/resource.d/OpenSIPS

#!/bin/sh

# Initialization:

. /usr/lib/ocf/resource.d/heartbeat/.ocf-shellfuncs

usage() {
cat

1.0

Resource Agent for the OpenSIPS SIP Proxy.

OpenSIPS resource agent

IP Address of the OpenSIPS Instance. This is only used for monitoring.

IP Address

Port of the OpenSIPS Instance. This is only used for monitoring.

Port

END

}

OpenSIPS_Status() {
#echo “/usr/bin/sipsak -s sip:test@$OCF_RESKEY_ip -H 127.0.0.1 2>/dev/null >/dev/null” > /tmp/a
/usr/bin/sipsak -s sip:test@$OCF_RESKEY_ip -H 127.0.0.1 2>/dev/null >/dev/null
rc=$?
if
[ $rc -ne 0 ]
then
return $OCF_NOT_RUNNING
else
return $OCF_SUCCESS
fi
}

OpenSIPS_Monitor( ) {
OpenSIPS_Status
}

OpenSIPS_Start( ) {
if
OpenSIPS_Status
then
ocf_log info “OpenSIPS already running.”
return $OCF_SUCCESS
else
/etc/init.d/opensips start >/dev/null
rc=$?
if
[ $rc -ne 0 ]
then
return $OCF_ERR_PERM
else
return $OCF_SUCCESS
fi
fi
}

OpenSIPS_Stop( ) {
/etc/init.d/opensips stop >/dev/null
return $OCF_SUCCESS
}

OpenSIPS_Validate_All( ) {
return $OCF_SUCCESS
}

if [ $# -ne 1 ]; then
usage
exit $OCF_ERR_ARGS
fi

case $1 in
meta-data) meta_data
exit $OCF_SUCCESS
;;
start) OpenSIPS_Start
;;
stop) OpenSIPS_Stop
;;
monitor) OpenSIPS_Monitor
;;
status) OpenSIPS_Status
;;
validate-all) OpenSIPS_Validate_All
;;
notify) exit $OCF_SUCCESS
;;
promote) exit $OCF_SUCCESS
;;
demote) exit $OCF_SUCCESS
;;
usage) usage
exit $OCF_SUCCESS
;;
*) usage
exit $OCF_ERR_ARGS
;;
esac
exit $?

We use the OCF tester to check the validity of this OCF file. (Make sure you set the IP to the service address on your system. Be aware that this will start the service so it can test application monitoring and shutdown so don't run it on production IPs unless you know what you are doing.)

/usr/lib/ocf/resource.d/ocf-tester -o ip=127.0.0.1 /usr/lib/ocf/resource.d/anders.com/OpenSIPS

Hacks to the Standard Gentoo Heartbeat Build

I don't emerge heartbeat but rather build it from source. (heartbeat-2.1.2 as of this writing) However, older installs may have left an incompatible version of heartbeat installed whose elements can conflict. Typically this will show up in the logs as a crash of pengine or some other process heartbeat spawns. To avoid these errors, rm -fr /usr/lib/heartbeat and re-install.

To configure from source, build and install:

./ConfigureMe configure
make
make install

This will configure and build a setup with config files in a Gentoo-ish layout. You will find most important configuration in:

/etc/ha.d
/usr/lib/ocf/resource.d
/usr/local/var/run/heartbeat/crm

/etc/init.d/heartbeat uses killproc but that could be a little too random if you run multiple instances of opensips on the same machine. However, it does write a PID file when it starts heartbeat so we change the killproc line to:

kill `cat $PIDFILE` /dev/null

Using killproc or killall might kill other instances of opensips on the same machine so killing the master PID is a much better solution.

If monit is on the box, it is usually start/stopped from within the /etc/init.d/opensips file. The conventional /etc/init.d/opensips start command starts monit in this case and it in turn executes /etc/init.d/opensips opensipsstart to get opensips running. When I use heartbeat, there is no reason to use monit but I still have to start opensips with /etc/init.d/opensips opensipsstart. (you might need to change this in the OCF file above)

Heartbeat with OpenSIPS Checklist

When activating a heartbeat controlled OpenSIPS setup make sure to:

* Blow away any only heartbeat installs

rm -fr /var/lib/heartbeat
rm -fr /usr/lib/heartbeat

* Compile from source and install the latest-greatest tested release. (heartbeat-2.1.2 as of this writing)

./ConfigureMe configure
make
make install

* Edit /var/lib/heartbeat/crm/cib.xml to taste.
* Kill all old cib.xml.* files:

rm /var/lib/heartbeat/crm/cib.xml.*

* Set the file ownership on the crm directory and files:

chown cluster:cluster -R /var/lib/heartbeat/crm/

* Edit /etc/init.d/opensips
o Make sure the correct version of opensips gets started.
o The OCF file will want to run a /etc/init.d/opensips start so make sure start will work or change the OCF to run the command opensipsstart instead if monit changed /etc/init.d/opensips.
o Make sure killproc isn't used. Instead, kill the pid from the pidfile as mentioned above.
* Edit /etc/ha.d/ha.cf to make it look something like this:

udpport 469
bcast eth0.10
node sip-a sip-b
crm on

* Make sure you have sipsak on your box in /usr/bin/sipsak.

which sipsak

* Make sure the same IPs are specified in the opensips.cfg and the cib.xml files.
* Make sure the IP used for monitoring is 127.0.0.1 in the cib.xml.
* Make sure that opensips is listening on 127.0.0.1 as well as it's production IPs.
* In the case where a nameserver isn't reachable, OpenSIPS will hang on trying to reverse resolve the production IPs so add entries for them in /etc/hosts that reflect the real names so there are as few external dependencies as possible.
* Make sure OpenSIPS is configured to respond to OPTIONS messages on 127.0.0.1 so the OCF Tester can test the application-level health of OpenSIPS.
* Test sipsak to make sure it succeeds / fails when the service is on / off.

/usr/bin/sipsak -s sip:test@127.0.0.1 -H 127.0.0.1

* Make sure OpenSIPS has libpg.so.5 for the PostGreSQL module if you are using PostGreSQL. If not, install PostGreSQL 8.2.5 or later. (as of this writing)
* Add the production IPs to the box (or comment them out of opensips.cfg) and use the OCF tester to make sure it can start / monitor / stop opensips.

ip address add 1.2.3.4/24 dev eth0.10
ip address add 1.2.3.5/24 dev eth0.10

/usr/lib/ocf/resource.d/ocf-tester -o ip=127.0.0.1 /usr/lib/ocf/resource.d/anders.com/OpenSIPS

Make sure it says “/usr/lib/ocf/resource.d/anders.com/OpenSIPS passed all tests”

If heartbeat yammers like this:

Nov 28 20:52:28 sip-a heartbeat: [22070]: WARN: nodename sip-a uuid changed to sip-b
Nov 28 20:52:28 sip-a heartbeat: [22070]: debug: displaying uuid table
Nov 28 20:52:28 sip-a heartbeat: [22070]: debug: uuid=9052abe5-87ee-4400-a008-c5f13205e94b, name=sip-a
Nov 28 20:52:28 sip-a heartbeat: [22070]: ERROR: should_drop_message: attempted replay attack [sip-b]? [gen = 10, curgen = 21]

then kill this file:

rm /var/lib/heartbeat/hb_uuid

Controlling Heartbeat

To get an overview of what's going on, run:

crm_mon

To list the resources under control:

crm_resource -L

To push a resource off of this box:

crm_resource -M -r OpenSIPS

This creates a constraint scored at INFINITY saying that a resource should not run on this host.

To remove an INFINITY constraint placed by the above command:

crm_resource -U -r OpenSIPS

When a resource is moved off of a node because it can't be started (for example when the opensips.cfg file is broken) the node is marked as bad and the resource is migrated to another node. After fixing the resource, you will need to clear the resource before it will migrate back to the primary. That is done like this:

crm_resource -C -r OpenSIPS

However, when a resource fails for whatever reason, it's failure count is incremented. To actually “fail-back” to the primary node you must also make sure the failure count is below the threshold for that resource. (A good practice is to set it back to 0)

To see the failure count:

crm_failcount -G -U sip-a -r OpenSIPS

To reset the failure count:

crm_failcount -v 0 -U aip-a -r OpenSIPS

Configuring when to move a service from node to node is done through scores assigned to individual nodes and the stickiness / failure-stickiness of resources.

The calculation is:

(sip-a score – sip-b score + stickiness) / abs(failure stickiness)

In our case, the settings are: sip-a = 100 sip-b = 10 default stickiness = 10 stickiness = 30 (10 for each resource: ip, ip, OpenSIPS) failure stickiness = -10 So: (sip-a – sip-b + stickiness) / abs(failure stickiness) = (100 – 10 + (10 + 10 + 10)) / 10 = 130 / 10 = 13 Therefore, in this case OpenSIPS can fail 13 times on sip-a before being moved to sip-b. Of course if a service fails to start, it is immediately moved and the node marked bad. This is desierable for a service that we don't want to see down because the service will in effect revert to the last known-good configuration running on the backup node. This allows us to fix our primary node while the service runs in backup. Manually Failing Back If OpenSIPS fails to start on a node, (for example when you have a broken config file) the node is marked as bad and a restart won't be attempted. To force a resource to fail back to the primary, you should reset the failure counts to 0 on the primary and backup: crm_failcount -v 0 -U sip-a -r OpenSIPS crm_failcount -v 0 -U sip-b -r OpenSIPS and clear the OpenSIPS resource so it forgets where it wasn't able to start. crm_resource -C -r OpenSIPS This should work in all cases. If the resource still migrates to the backup node, there is a good chance OpenSIPS is still broken on the primary node. lrmd CPU usage A patch for lrmd that reduces CPU usage is here: http://hg.linux-ha.org/dev/rev/0ded50597e97 

There is so many tutorial to learn linux like this. Thank for writing.

Other related articles:

  • WordPress on Debian Linux · supriyadisw dot net – This tutorial is how to install WordPress on Debian Linux . Installing WordPress on Debian? What for? Are there many easy ways to install WordPress on our server (Web hosting)? Eventually, We don't need to know what distro that our …

  • WordPress Installation on Ubuntu with LAMP · supriyadisw dot net – This tutorial is how to install WordPress on Ubuntu · Linux Desktop using LAMP. Why ? One reason is that you can do a lot of developing (playing around) much quicker as there is no need to use ftp. If You like me, play around with …

  • ionCube PHP on Debian · supriyadisw dot net – ionCube produces leading tools for PHP source code protection to secure your PHP software from prying eyes and to combat software piracy. In order to view encoded ionCube files on your server you need the ionCube loader. Featuring an advanced compiled-code encoding engine that translates source to highly efficient bytecodes, ionCube encoding tools deliver the ideal combination of maximum source code protection without sacrificing performance, reliability or language compatibility.

  • Installing Movable Type on Debian Server · supriyadisw dot net – Movable Type. Movable Type is a widely-used proprietary weblog publishing system developed by California-based Six Apart. Movable Type also supports most popular weblogging features, including user accounts, comments, categories, …

  • Gmail Notifier for Ubuntu Edgy Eft · supriyadisw dot net – Gmail Notifier. Gmail Notifier is a nice little tool to allow you to receive gmail notifications. This tutorial is how to install CheckGmail as Gmail Notifier into your Ubuntu Edgy Eft. …

  • Linux Tutorial: The Power of the Linux Find Command – Sadly in Linux, certainly Ubuntu, the default GUI file search is not always useful. With a little patience you'll find files quickly using the command line, where your options are most powerful: www.linuxhaxor.net …

  • Protect Your Web Assets – Is Linux Still Safe? | Online Security … – University of Georgia has a great Linux tutorial, and University of California at Berkeley has a tutorial for Windows. Problem: Compromised FTP passwords. FTP does not encrypt credentials when sent across the wire. …

  • Fastest Linux Shell | Beginner Linux Tutorial – Make Linux run even faster,on new or old computers. Use this Linux speed tweak to make your Linux computer faster. Use a very lightweight Linux shell!

  • Ubuntu Linux Tutorial – Multimedia, Codecs, Medibuntu! | Security … – Just installed Ubuntu and can't see videos? This is a quick tutorial to help you install multimedia codecs and non-open.

Technorati Tags: ,

Linux shell scripts | change picture size and resolution | Belajar Linux

Linux shell scripts often use to make our life easier, but not all people understand how it works. You can find dozen shell scripts to help you run linux faster and more user friendly. If you have any interest about linux shell scripts then you are on the right place. Below is one sample Linux shell scripts than we use to canvert picture size smaller before we can upload to the Internet.

The following code is an easy to  use script to convert pictures to smaller size, specially before uploading to internet.

copy this script to the photo folder and cd  to the directory from console; then execute (remember to chmode -a+rx ) by ./scriptname

for x in $(ls)
do
convert -size 500 $x new-$x
done

After you copy that script all picture in that folder will decrease it’s size so you can upload that picture to the Internet easier. More about Learn Linux subject can be found within this link or you may search to entire site.

Other related articles:

Technorati Tags:

« Older Entries
  
Copyright © Sekolah Linux Indonesia. All Rights Reserved. RSS: Entries/Comments. Powered by WordPress. Ali Han Natural Theme by Ali Han