Anaro's Network: 2011

Monday, August 29, 2011

Centos Static IP

/etc/sysconfig/network-scripts/ifcfg-eth1

with the following contents

DEVICE=eth1
BOOTPROTO=none
HWADDR="00:27:0E:1E:4B:38"
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
NETMASK=255.252.0.0
IPADDR=10.22.106.2
GATEWAY=10.20.0.254

Wednesday, August 10, 2011

InfoBlox default Username/Password

username -> admin
password -> infoblox

InfoBlox Lost Password

I have lost the password for my only Superuser account.  How do I reset the 
database without the admin password?

Please note that employing the following instructions will remove ALL data from 
the Infoblox device.  It is our suggestions that, in order to keep from 
resorting to such drastic measures, the default "admin" account be 
reserved only for emergency situations, and that additional Superuser accounts 
are created for the purpose of standard day-to-day administration.  Please make 
sure that the password set for the default “admin” is kept up-to-date with the 
other Superuser accounts.

Connect to the serial console port on the device (not via Remote Console 
or SSH), power cycle the device, after system goes through the initial boot-
up messages, it will display the following message:

"Wait 5 secs for login prompt. Hit "Esc", then "Enter" for 
Emergency prompt."

At this point, during the remaining 5 seconds, hit both the "Esc" key 
and the "Enter/return" key.  You will now be taken to the Emergency 
prompt at which time you can type "reset database" to reset the system. 
After a successful reset from the Emergency prompt, you can "exit" from 
the emergency prompt by entering command "exit" which will take you to 
the regular login prompt. At this point system configurations are completely 
reset to factory defaults and you can login with the default username and 
password.

InfoBlox Replacement

Steps needed to bring a replacement unit on-line in different scenarios: standalone / HA Pair / Grid

For replacing a faulty unit, please follow these steps: Adding IP information to the new appliance --Step 1: Connect a serial console cable (null modem cable) to the replacement appliance --Step 2: Access the replacement appliance (default login credentials are username -> admin; password -> infoblox) --Step 3: Configure it with the IP Address, Subnet mask and the Gateway using the command "set network" --Step 4: When prompted to join the grid, say "n" for no. Depending on the model number of the appliance, you may also enter this data by using the LCD/Front panel. You may also access the appliance by connecting a cross over cable from your workstation to the replacement appliance LAN1 interface. Configure the workstation NIC with any IP address in the network 192.168.1.0/24 except 192.168.1.2 (the default IP of the Infoblox appliance). Now access the GUI using a web browser (https://192.168.1.2). The LAN IP Address, Subnet mask and gateway can be configured from the GUI (GRID perspective- >expand members and select the appliance name->right click and select 'Edit Properties'->configure the settings from the ‘Node Properties tab') --Step 5: Verify if the NIOS version on the replacement appliance and the production Grid are the same. If the replacement unit is a single (non-grid, non-HA) device and you need a specific NIOS version installed, you will need to either upgrade, or downgrade the unit. Please refer to the section ‘Upgrading Software on an Independent Appliance or HA Pair’ in the Administrators Guide accessible from the support site [after logging in with your credentials] or the appliance GUI (help -> download admin guide) for upgrade steps. If you are replacing one node of an HA pair, or the device is part of a grid, the code will automatically syncronize when you connect the replacement to teh HA pair, or grid. Now, depending on your scenario please follow the next steps: Scenario 1: Unit is a standalone device Scenario 2: Unit is a part of independent HA pair Scenario 3: Unit is a part of the HA Grid Master Scenario 4: Unit is a standalone Grid Master with multiple members in the Grid Scenario 5: Unit is a part of HA Grid member Scenario 6: Unit is a standalone member in the Grid Scenario 1: Unit is a standalone device: ---------------------------------------- --Step 6: Take the current database backup from the faulty unit. If the unit is off-line and cannot be powered on, you may take the latest dataset backup downloaded prior to taking the unit off-line. --Step 7: Upload the backup to this replacement unit. While force restoring choose the option to obtain IP address from the backup. --Step 8: Remove the network cables running to the defective unit after powering it down. --Step 9: Connect the network cables removed from the defective unit to the replacement unit For instructions on backup and restore, you may please refer to the section 'Backing Up and Restoring a Configuration File' in our Admin Guide. Scenario 2: Unit is a part of independent HA pair ------------------------------------------------- --Step 6: Login to the HA pair and verify if the faulty unit is the ' Active' unit. If it is the Active unit of the HA pair do a 'forced failover' from the GUI to bring the faulty unit as the Passive unit. You will get disconnected from the GUI when doing a forced failover. Login back and confirm whether all the status indicators for the HA pair are green. --Step 7: Bring down [shutdown] the Passive unit from the HA pair --Step 8: Change the LAN configuration[IP address, Netmask, Gateway, Speed and Duplex settings] of the replacement unit to the same LAN configuration as that of the faulty unit --Step 9: Connect the replacement appliance to the network. Please ensure that the switch ports are configured as recommended by Infoblox in the KB articles 10411, 10270 etc. --Step 10: Join the replacement unit to the Grid using the command 'set membership' from the console or 'join Grid' option from the GUI [Grid perspective -> members -> select the grid master -> view option on the top menu -> select Detailed status]. In either case you will have to provide the IP address of the Grid Master, Grid Name & Shared secret [All of these are case sensitive] After the unit joins back, you will be able to view the status of the unit as 'normal' in the GUI and all the indicators for this unit will turn Green Scenario 3: Unit is a part of the HA Grid Master ------------------------------------------------ --Step 6: Login to the production grid and verify if the faulty unit is the 'Active' unit. If it is the Active unit of the HA pair do a 'forced failover' from the GUI to bring this node as the Passive unit. Before doing a failover make a note of all the units which are not on-line as you will have to verify the status of other members after the failover. You will get disconnected from the GUI when doing a forced failover. Login back and confirm whether all the status indicators for the Grid master and the members are green. If there are members are still communicating with the active grid master ( data sync/NTP sync etc), please wait until all the status indicators turn green. --Step 7: Take the faulty unit which the current Passive node of the grid master off-line from the network. --Step 8: Connect the replacement appliance to the network. Preferably use the same switch ports which were used by the defective appliance. Also please ensure that the switch ports are configured as recommended by Infoblox in the KB articles 10411, 10270 etc. --Step 9: Change the LAN configuration[IP address, Netmask, Gateway, Speed and Duplex settings] of the replacement unit to the same LAN configuration as that of the faulty unit --Step 10: Join the replacement unit to the Grid using the command 'set membership' from the console or 'join Grid' option from the GUI [Grid perspective -> members -> select the grid master -> view option on the top menu -> select Detailed status]. In either case you will have to provide the IP address of the Grid Master, Grid Name & Shared secret [All of these are case sensitive] After the unit joins back, you will be able to view the status of the unit as 'normal' in the GUI and all the indicators for this unit will turn Green Scenario 4: standalone Grid Master with a Grid Master Candidate in the Grid --------------------------------------------------------------------------- --Step 6: Check whether you have a Grid Master Candidate. If there is a Grid Master Candidate, then promote this member as a Grid Master by using the command 'set promote_master'. To get access to the GUI you need to connect to the VIP address of the new Grid Master. --Step 7: Remove the defective Grid Master from the network. --Step 8: Join the replacement unit to the Grid using the command 'set membership' from the console or 'join Grid' option from the GUI [Grid perspective -> members -> select the Grid Master -> view option on the top menu -> select Detailed status]. In either case you will have to provide the IP address of the Grid Master, Grid Name & Shared secret [All of these are case sensitive] --Step 9: If you want to make the replacement unit as the Grid Master again, you may please issue the command 'set promote_master' from the CLI of the Grid Master Candidate. --Step 10: Login to the Grid using the IP address of the new Grid Master and verify if all the members are online and services are up. Scenario 5: Standalone Grid Master with no Grid Master Candidate configured --------------------------------------------------------------------------- 5A) Grid Master is not completely down. --------------------------------------- Method 1: --Step 6: You may connect to the GUI and configure a member as a Grid Master Candidate (refer admin guide to GMC configuration). Ensure that the member being configured as a GMC has the same or better hardware platform than the Grid Master. Making the unit a GMC will force it to drop off the Grid and join back. --Step 7: You may refer to Scenario 4 for promoting the GMC as the Grid Master and replacing the Grid Master --Step 8: If required you may uncheck the option of Grid Master Candidate from the promoted Grid Master after bring it back as the Grid Master Candidate. Method 2: Configure the Grid Master as an HA pair. --Step 6: Join the replacement unit as the Passive of that HA pair. [Please refer admin guide for instructions to form an HA pair]. --Step 7: Once the replacement appliance joins as node 2, do a Forced Failover. This will bring the defective unit as the Passive unit. --Step 8: Now remove the defective appliance from the network. You can remove the HA configuration now. 5B) The Grid Master is completely down. --------------------------------------- In scenarios where you don't have a GMC and the Grid Master failed completely the only option left is to upload the latest backup file to the replacement appliance. --Step 6: Upload a backup to the replacement appliance. Please make sure to select the 'Obtain IP address from backup file' option and not to retain the existing IP address. The replacement appliance should have the same IP address as the grid master. Members will attempt to connect to this IP address. --Step 7: Remove the Grid Master from the network and connect the replacement appliance to the network. --Step 8: Launch the grid manager and verify that all the members are online. Scenario 6: Unit is a part of HA Grid member -------------------------------------------- --Step 6: Login to the production grid and check whether the node[of the member] to be replaced is the Active unit. If it is the Active unit, then do a forced failover (right click the member name -> select Forced failover) to bring this node as the Passive unit. Check the detailed status of this node and confirm that the node to be replaced has become the Passive unit. --Step 7: Remove the Passive unit of the grid member from the network. --Step 8: Change the LAN configuration [IP address, Netmask, Gateway, Speed and Duplex settings] of the replacement unit to the same LAN configuration as that of the faulty unit --Step 9: Connect the replacement appliance to the network. Please ensure that the switch ports are configured as recommended by Infoblox in the KB articles 10411, 10270 etc. --Step 10: Join the replacement unit to the Grid using the command 'set membership' from the console or 'join Grid' option from the GUI [Grid perspective -> members -> select the Grid Master -> view option on the top menu -> select Detailed status]. In either case you will have to provide the IP address of the Grid Master, Grid Name & Shared secret [All of these are case sensitive] After the unit joins back, you will be able to view the status of the unit as 'normal' in the GUI and all the indicators for this unit will turn Green Scenario 7: Unit is a standalone member in the Grid --------------------------------------------------- --Step 6: Remove the defective appliance from the network. --Step 7: Change the LAN configuration [IP address, Netmask, Gateway, Speed and Duplex settings] of the replacement unit to the same LAN configuration as that of the faulty unit. --Step 8: Connect the replacement appliance to the network. --Step 9: Join the replacement unit to the Grid using the command 'set membership' from the console or 'join Grid' option from the GUI [Grid perspective -> members -> select the Grid Master -> view option on the top menu -> select Detailed status]. In either case you will have to provide the IP address of the Grid Master, Grid Name & Shared secret [All of these are case sensitive] After the unit joins back, you will be able to view the status of the unit as 'normal' in the GUI and all the indicators for this unit will turn Green

Sunday, May 29, 2011

Load Balancing With A F5 GTM

Understanding load balancing on the Global Traffic Manager

When the Global Traffic Manager receives a name resolution request, the system employs a load balancing mode to determine the best available virtual server. Once the Global Traffic Manager identifies the virtual server, it constructs a DNS answer and sends that answer back to the requesting client's local DNS server. The DNS answer, or resource record, can be either an A record that contains the IP address of the virtual server, or a CNAME record that contains the canonical name for a DNS zone.

Within the Global Traffic Manager, you have two categories of load balancing modes from which to select: static and dynamic. A static load balancing mode selects a virtual server based on a pre-defined pattern. A dynamic load balancing mode selects a virtual server based on current performance metrics.

The Global Traffic Manager provides tiered load balancing system. A tiered load balancing system is a load balancing system that occurs at more than one point during the resolution process. The tiers within the Global Traffic Manager are as follows:

Wide IP-level load balancingWide IPs that contain two or more pools use a load balancing mode first to select a pool. Once the Global Traffic Manager selects a pool, the system then uses pool-level load balancing mode to choose a virtual server within the selected pool. If the Global Traffic Manager does not choose a virtual server in the first pool, it applies the load balancing mode to the next pool, either until it selects the best virtual server to respond to the request, or all the pools are tried.

Pool-level load balancingA pool contains one or more virtual servers. After the Global Traffic Manager uses wide IP-level load balancing to select the best available pool, it uses a pool-level load balancing to select a virtual server within that pool. If the first virtual server within the pool is unavailable, the Global Traffic Manager selects the next best virtual server based on the load balancing mode assigned to that pool.

For each pool that you manage, the Global Traffic Manager supports three types of load balancing methods: preferred, alternate, and fallback. The preferred load balancing method is the load balancing mode that the system will attempt to use first. If the preferred method fails to provide a valid resource, the system uses the alternate load balancing method. Should the alternate load balancing method also fail to provide a valid resource, the system uses the fallback method.

One of the key differences between the alternate methods and the other two load balancing methods is that only static load balancing modes are available from the alternate load balancing list. This limitation exists because dynamic load balancing modes, by definition, rely on metrics collected from different resources. If the preferred load balancing mode does not return a valid resource, it is highly likely that the Global Traffic Manager was unable to acquire the proper metrics to perform the load balancing operation. By limiting the alternate load balancing options to static methods only, the Global Traffic Manager can better ensure that, should the preferred method prove unsuccessful, the alternate method will return a valid result.

F5 GTM Topologies Load Balancing

Topologies are a way to load balance to a specific pool dependent on were the traffic comes from or is going.

This requires a topology record for the GTM, so that it knows how to handle DNS requests. This is made up of 3 parts. the Request Source, the Destination Source and Weight.

The reuqest source defines where the DNS request came from. the can use

A continent

A country (based on the ISO 3166 top-level domain codes)

An IP subnet (CIDR definition)

An Internet Service Provider (ISP)

A custom region

The destination defines the resource to which the GTM will direct the DNS request too.

A continent

A country (based on the ISO 3166 top-level domain codes)

A data center

An IP subnet (CDIR definition)

An Internet Service Provider (ISP)

A pool of virtual servers

A custom region

The last element of a topology record, called the topology score or weight, allows the Global Traffic Manager to evaluate the best resolution option for a DNS request. In the event that a name resolution request matches more than one topology record, the Global Traffic Manager uses the record with the highest weight attribute to determine which statement it uses to load balance the request

To set up a topology record

On the Main tab of the navigation pane, expand Global Traffic and then click Topology.
The main screen for topologies opens.

Click the Create button.
The New Record screen opens.

To create a request source statement, use the request resource settings:

Select an origin type from the corresponding list.

Select an operator, either is or is not.

Define the criteria for the request source statement. For example, if the statement focuses on a country, a list appears from which you select the country. If the statement focuses on an IP subnet, a box appears that allows you to define that subnet.

To create a destination statement, use the destination settings:

Select a destination type from the corresponding list.

Select an operator, either is or is not.

Define the criteria for the destination statement. For example, if the statement focuses on a country, a list would appear from which you select the country. If the statement focuses on an IP subnet, a box appears that allows you to define that subnet.

In the Weight box, specify the priority this record has over topology records.

Click the Create button to save the new topology.

Using topology load balancing in a wide IP

You can use the Topology load balancing mode to distribute traffic among the pools in a wide IP. To do this, you must have at least two pools configured in the wide IP. With topology load balancing, you send name resolution requests to specific data centers or other resources based on the origin of the request.

To configure a wide IP to use topology load balancing

On the Main tab of the navigation pane, expand Global Traffic and then click Wide IPs.
The Wide IPs screen opens.

Click the name of the wide IP for which you want to assign topology-based load balancing.
The properties screen for the wide IP opens.

On the menu bar, click Pools.
The pools screen opens. This screen contains a list of the pools currently assigned to the wide IP.

From the Load Balancing Method list, select Topology.

Click the Update button to save your changes.

Repeat this process for each wide IP as needed.

Tuesday, March 8, 2011

Install Net-SNMP

INSTALL

TABLE OF CONTENTS
=================

  Table Of Contents
  Quick Instructions
* Net-SNMP Specific Information
  Long (but you should read these) Instructions
  Installing the Perl/SNMP Module
* Compilers and Options
  Compiling For Multiple Architectures
  Installation Names
  Optional Features
  Sharing Defaults
  Operation Controls

  * = required reading

QUICK INSTRUCTIONS
==================

  1) Run ./configure
     (type "./configure --help" for a quick usage summary.)
     (--prefix=PATH will change the default /usr/local installation path.)
     (see "Compilers and Options" on changing the compiler to use)

  2) Optionally edit include/net-snmp/net-snmp-config.h
     (due to prompting done by the configure script, this is very rarely
      necessary.)

  3) make

  4) Run the next command as root:
  5) make install

  6) configure the agent
     (either using 'snmpconf' or by crafting an snmpd.conf file manually.
      The file 'EXAMPLE.conf' may be a suitable starting point)

Note: By default, everything will be installed in /usr/local.
      (see below for more instructions)

Net-SNMP Specific Information
=============================

As of UCD-SNMP V3.3.1 the configuration files are now looked for in
$(prefix)/share/snmp, where ($prefix) is defined as the value passed
to the --prefix argument of the configure script, or /usr/local if
undefined.  In version 3.0.3 till 3.3, the files were kept in
$(prefix)/lib/snmp

Optional features to pass to configure for Net-SNMP can be obtained by
running configure --help.

LONG (but you should read these) INSTRUCTIONS
=============================================

   The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation.  It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions.  Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, a file
`config.cache' that saves the results of its tests to speed up
reconfiguring, a file `config.log' containing compiler output
(useful mainly for debugging `configure') and a file `configure-summary'
containing the summary displayed at the end of the `configure' run.

   The file `include/net-snmp/net-snmp-config.h' is also generated
at this time.  It contains IMPORTANT information such as the location
of log and configuration files.  In some special cases you may need to
modify this file but it is prefererable to work out a way of getting
`configure' to set things up for your particular environment.

As the `configure' invocation often gets lengthy and difficult to
type or if you have several different ways you want to configure a
system, you may want to create a shell script containing your invocation.

   If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release.  If at some point `config.cache'
contains results you don't want to keep, you may remove or edit it.

   The file `configure.in' is used to create `configure' by a program
called `autoconf'.  You only need `configure.in' if you want to change
it or regenerate `configure' using a newer version of `autoconf'.

The simplest way to compile this package is:

  1. `cd' to the directory containing the package's source code and type
     `./configure' to configure the package for your system.  If you're
     using `csh' on an old version of System V, you might need to type
     `sh ./configure' instead to prevent `csh' from trying to execute
     `configure' itself.

     Running `configure' takes awhile.  While running, it prints some
     messages telling which features it is checking for.  When it
     completes it prints a short message (also available in configure-summary)
     indicating what functionality will be available when compiled.

  2. If necessary, edit include/net-snmp/net-snmp-config.h (see above).  

  3. Type `make' to compile the package.

  4. Type `make test' which runs a variety of tests to see what functionality
     has been incorporated and if it works.

  5. Type `make install' to install the programs and any data files and
     documentation.

  6. You can remove the program binaries and object files from the
     source code directory by typing `make clean'.  To also remove the
     files that `configure' created (so you can compile the package for
     a different kind of computer), type `make distclean'.

  7. You can remove the application by typing `make uninstall'.

There may be additional installation issues discussed in the 
README's for various platforms such as README.solaris.


Installing the Perl/SNMP Module
===============================

   The Perl/SNMP Module is now bundled with the net-snmp package
(which includes other Net-SNMP specific modules as well), all of which
are located in the net-snmp/perl directory. The Perl package provides
a high level abstract interface to the functionality found in the
Net-SNMP libraries and demon applications.

   It is recommended you install the perl modules as you build the
   Net-SNMP package.  The configure script can be run as follows to
   automatically find perl and use it to install the perl modules:

      ./configure --with-perl-modules

   If you wish to use the embedded perl support available in the
   Net-SNMP agent (and starting in Net-SNMP 5.2, the trap receiver),
   then use the following option instead:

      ./configure --enable-embedded-perl --enable-shared

   Starting with Net-SNMP 5.4, configure enables embedded Perl and the 
   Perl modules by default when possible unless explicitly disabled.

   If you wish to build the perl modules by hand, *install Net-SNMP
   first* and then change directories to the perl subdirectory and:

   Run:
            cd perl
            perl Makefile.PL
            make
            make test
            make install (as root)

http://www.net-snmp.org/docs/INSTALL.html

RPMForge Repo Add CentOS 5.5

The default RPMforge repository does not replace any CentOS base packages. In the past it used to, but those packages are now in a separate repository (rpmforge-extras) which is disabled by default.

You can find a complete listing of the RPMforge package packages at http://packages.sw.be/

Download the rpmforge-release package. Choose one of the two links below, selecting to match your host's architecture. If you are unsure of which one to use you can check your architecture with the command uname -i

The preferred rpmforge-release package to retrieve and to install in order to enable that repository is one of the two listed above.

Install DAG's GPG key

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

Verify the package you have downloaded

rpm -K rpmforge-release-0.5.2-2.el5.rf.*.rpm

Security warning: The rpmforge-release package imports GPG keys into your RPM database. As long as you have verified the md5sum of the key injection package, and trust Dag, et al., then it should be as safe as your trust of them extends.

Install the package

rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm

This will add a yum repository config file and import the appropriate GPG keys.

Then try to install something like this

yum install htop

http://wiki.centos.org/AdditionalResources/Repositories/RPMForge

Monday, March 7, 2011

Adding Servers to an Alteon 2424 with SSL Offloading

Filters for Redirection.

/c/slb/filt 69
   ena
   action redir
   ipver v4
   sip any
   smask 0.0.0.0
   dip xxx.xxx.xxx.xxx
   dmask 255.255.255.255
   proto tcp
   dport https
   group 5
   rport 0
   vlan any
/c/slb/filt 20/adv/redir
   fwlb ena

BackUp Servers

/c/slb/real xx
   ena
   ipver v4
   rip xxx.xxx.xxx.xxx
   name "ServBackup"

Creating VIP's

/c/slb/real 73
   ena
   ipver v4
   rip xxx.xxx.xxx.xxx
   retry 3

/c/slb/real 72
   ena
   ipver v4
   rip xxx.xxx.xxx.xxx
   retry 3

/c/slb/group 72
   ipver v4
   metric roundrobin
   health http
   content "/"
backup r69
   add 73
add 72

/c/slb/virt 72
   ena
   ipver v4
   vip xxx.xxx.xxx.xxx
/c/slb/virt 72/service https
   group 72
   dbind ena
/c/slb/virt 72/service http
   group 72
   dbind ena

Log into the SSL Offloading Processor

/cfg/ssl/server 31/.
   vips xxx.xxx.xxx.xxx
   standalone off
   port "443 (https)"
   rip 0.0.0.0
   rport "80 (http)"
   type http
   proxy on
   loopback on
   ena enabled
/cfg/ssl/server 31/trace/.
/cfg/ssl/server 31/ssl/.
   cert 1
   cachesize 4000
   cachettl 5m

   protocol ssl3
   verify none
   verifylog none
   ciphers RSA:!LOW:!EXPORT:!NULL:!SSLv2@STRENGTH
   ena enabled
/cfg/ssl/server 31/tcp/.
   cwrite 15m
   ckeep 15m
   swrite 15m
   sconnect 30s
   csendbuf auto
   crecbuf auto
   ssendbuf auto
   srecbuf 6000
/cfg/ssl/server 31/http/.
   redirect on
   downstatus unavailable
   securecookie off
   certcard off
   cookieonce off
   sslheader on
   sslxheader off
   sslsidheader off
   addxfor off
   addvia on
   addxisd off
   addfront on
   addbeassl off
   addbeacli off
   addclicert off
   addnostore off
   compress off
   cmsie on
   rhost off
   maxrcount 40
   maxline 8192
   urlobscure off
   sessioninfoheader off
/cfg/ssl/server 31/http/dynheader/.
/cfg/ssl/server 31/http/rewrite/.
   rewrite off
   ciphers HIGH:MEDIUM
   response iSD
   URI "/cgi-bin/weakcipher"
/cfg/ssl/server 31/http/auth/.
   mode basic
   realm
   proxy off
   ena disabled
/cfg/ssl/server 31/dns/.
/cfg/ssl/server 31/adv/.
/cfg/ssl/server 31/adv/pool/.
   timeout 15s
   ena disabled
/cfg/ssl/server 31/adv/traflog/.
   sysloghost 0.0.0.0
   udpport 514
   priority info
   facility local4
   ena disabled
/cfg/ssl/server 31/adv/loadbalancing/.
   type all
   persistence none
   metric hash
   health auto
   interval 10s
   ena disabled
/cfg/ssl/server 31/adv/loadbalancing/script/.
/cfg/ssl/server 31/adv/loadbalancing/remotessl/.
   protocol ssl3
   ciphers ALL
/cfg/ssl/server 31/adv/loadbalancing/remotessl/verify/.
   verify none
/cfg/ssl/server 31/adv/sslconnect/.
   protocol ssl3
   ciphers EXP-RC4-MD5:ALL!DH
   ena disabled
/cfg/ssl/server 31/adv/sslconnect/verify/.
   verify none

Sunday, March 6, 2011

Yum Install Perl Modules

An example of Perl Module Date::Format

yum provides "perl(Date::Format)"   returned:

perl-TimeDate.noarch : A Perl module for time and date manipulation

Then 'yum list perl-TimeDate.noarch'  returned:

Available Packages
perl-TimeDate.noarch                     1:1.16-5.el5           base

yum install perl-TimeDate.noarch

Another example

yum provides "perl(Config::IniFiles)" 

 returned:

perl-Config-IniFiles-2.39-1.2.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : rpmforge
Matched from:
Other       : perl(Config::IniFiles)



perl-Config-IniFiles-2.47-1.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : rpmforge
Matched from:
Other       : perl(Config::IniFiles)



perl-Config-IniFiles-2.47-2.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : rpmforge
Matched from:
Other       : perl(Config::IniFiles)



perl-Config-IniFiles-2.52-1.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : rpmforge
Matched from:
Other       : perl(Config::IniFiles)



perl-Config-IniFiles-2.56-1.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : rpmforge
Matched from:
Other       : perl(Config::IniFiles)



perl-Config-IniFiles-2.56-1.el5.rf.noarch : Module for reading .ini-style configuration files
Repo        : installed
Matched from:
Other       : Provides-match: perl(Config::IniFiles)



Yum install perl-Config-IniFiles-2.56-1.el5.rf.noarc
As easy as that!

Wednesday, February 16, 2011

Fault finding Commands for ServerIron

Show log (shows syslog info)

sh server conn (shows the connections for the cache farm)

rconsole virtual
sh server conn (shows the connections per Barrel Proccesor)
rconsole-exit

Adding a New port to a SLB Alteon

Go to the VLAN and define the new ports for the vlan

def X (where x is the new port number)

/c/l2/vlan 4090

learn ena

def 18

Configure the port itself

/c/port xx
pvid 4090
/c/port xx/fast
speed 100
mode full
auto off

setup server load balancing on the port by :

/c/slb/port xx
client ena
server ena

(Server if there moving servers behind this port, client if clients are going to come from it also.)

And turn filter processing on (even if there are no filters, it needs to be on for SLB)

/c/slb/port xx
filt ena