Posts Tagged ‘internet connection’

Neighbors stealing your Internet connection?

Wednesday, January 17th, 2007

Some of you might take it lightly, some of you might take it seriously, and encrypt your wireless network, block the network to specific MAC addresses, etc. This guy had one special treat for his neighbors. Maybe I should try that too…

Poor Man’s DRP + Snapshots – Linux only

Friday, October 6th, 2006

When you own a data storage, one of your major considerations is how to backup your data. Several solutions exist to answer this question.

When your data grows to a certain size, you encounter an additional issues – How to backup the data with minimum performance impact.

It is quite obvious that backup devices has a specific speed and performance. It is quite obvious that is you have more data than you can stream into your tape deviced during night, your backup would probably continue during working hours.

Several solutions exist to deal with this problem, amongst you can find the solution of faster backup tapes, broader bandwidth between your storage container and your backup devices. The issue I will demonstrate has to do with a third option – create a real-time replica on another server, and backup the replica only.

When it comes to Linux, I’ve always felt that the backup/restore software companies were rather slow to supply solutions fit for Linux, especailly compared to the widening usage of Linux-based systems in the market.

One of the more intriging solutions which grew in the OpenSource community is called DRBD – Distributed Redundant Block Device. It allows the creation of a logical block device which overlayes two physical block devices – one local and one remotely accessible via network. It can be easilly described as network Raid-1 solution.

The wonders of real-time volume replica between two servers should not be discussed here. The advantages are well known, as are the disadvantages, of which the largest one is the heavy performance toll on such a system.

The wonders of snapshots are also well known. NetApp gains its main capital based on their sophisticated snapshot technology (WAFL, etc). Other storage vendors have added the abilities to take snapshots with higher or lower effeciancy, however, one of the newer players in this under-the-spotlight area is the OpenSource LVM2 for Linux, with its snapshot capabilities. Although still not perfect, it does show a promise I will soon demonstrate, combined with DRBD, described above.

The combined wonders of volume replication together with scheduled snapshots can offer the ability to execute backup of consistant snapshot data, the ability to get back to a desired volume’s point-in-time and the power to reduce the load of backing up on mission-critical datacenters. All these, at the price of internet connection which will allow you to download the latest DRBD software.

I have tested it on a home-made setup – Two Virtual Linux server running on a single VMware-Server machine.

The host is Pentium4 1.8GHz, with 1GB RDRAM, and three IDE harddrives, running Centos 4.4

The guests are two Centos 4.4 machines, with 160MB RAM each, two virtual NICs – one public and one private, minimal installation, and Dag Wieers‘ YUM repositories added to them.

The guest will be called DRBD-test1 and DRBD-test2. The first will act as the mission-critical server, and the second will be the replica (target) server.

Both guests were updated to the latest updates available at this time. Both are running kernel version 2.6.9-42.0.2.EL, DRBD version 0.7.21-1.c4, and kernel-module-drbd-2.6.9-42.EL-0.7.21-1.c4

Installing the kernel-module package put the drbd.ko modules in /lib/modules/2.6.9-42.EL instead of my running kernel (2.6.9-42.0.2.EL), so after verifying that the modules were able to load into my running kernel, I have moved them to the kernel/drivers/block directory inside the modules tree, and run ‘depmod -a‘.

I decided to use a consistant configuraion, and defined the storage to replicate in a similar manner:

On /dev/sdb I’ve created PV (pvcreate /dev/sdb). Assigned this PV to VG named vg00, and created two LVs on it: meta (256MB) and source (2GB) on the guest acting as the mission critical server, and meta (256MB) and target (2GB) on the one acting as replica.

I have created the device /dev/drbd0, per DRBD’s Howto, built the configuration file drbd.conf, and loaded the modules.

Forced the Source guest to act as the primary, and replication began.

When replication has finished, I have created a snapshot of the LV target and mounted it correctly: "lvcreate -L 200M -s -n snap /dev/vg00/target && mount /dev/vg00/snap /mnt"

I was able to access the data inside the volume, without changing the Primary/Secondary order of the servers. I have created a script which used DD to stress the I/O of the DRBD volume on the source server, and created a script which took scheduled (every minute) snapshots of the target volume. I have learned the following:

1. It works, but

2. The size limitaion forced on snapshot (200MB in my case) should never be filled up. When running DD on the source volume (creating 50MB empty files), the space consumed by the snapshots increases, and if/when a snapshot exceeds the 100% utilization, it is inaccessible anymore. To view the current usage of a snapshot, run "lvdisplay /dev/vg00/snap" (in my example).

During that evaluation, one of my virtual server crushed, due to LVM2 snapshot problem. LVM2 is not yet perfect on RH based systems…

Performance on another time. I wan’t too happy with it, however on this experiment my goal was to find out if such a setup can be built rather than to measure the performance impact.

Generally speaking – I was rather happy with the results – It showed that this setup can actually work. It proved to me again that OSS innovations elevate Linux to the enterprise.

Now that I know that such a setup can be done, all left to do is to fine-tune it to minimum performance impact, and test again to see if it can actually be a well-suited solution for the questions I’ve started with.

Cables in Israel and L2TP on Fedora Core 3 Linux

Monday, November 7th, 2005

I have noticed there is no fixed guide for L2TP for cable connection in Israel. Since I’ve been doing just this thing today, I’ve decided to put online my own comments on the issue, with hope it would help other people too.

Subject: L2TP cables connection to an ISP called Actcom in Israel, using Fedora Core 3

Requirements: FC3 does not come with any L2TP tools and/or configuration packages.

Solution, strongly based upon this site

*) Download and install l2tp packages for FC2/3 from this site. Note that you have to download the rp-l2tp package.

*) Save, with run permissions, the fixroute.txt fixroute script. This script is required so you would have your routing table set correctly. Note, it is a txt file, but a script in the same time.

*) Save this following conf file in your /etc/l2tp as /etc/l2tp/l2tp.conf l2tp.conf.txt

*) Save this following rp-l2tp.txt startup script in /etc/init.d/ as /etc/init.d/rp-l2tp . Note – this script understands the command “chkconfig” . Also note that, as said inside this script, this script assumes l2tpd is running.

*) Make sure l2tpd is running! Add a line such as
lt:3:respawn:/usr/sbin/l2tpd -f

to your /etc/inittab file. It will make sure this daemon will always be resurracted.

*) To set automatic reconnection, replace your /etc/ppp/ip-down script with the following script ip-down.txt

*) Make sure (one of?) your network interface is connected correctly to the Cables modem, that there’s link, and that the interface is defined to use DHCP.

*) Set your /etc/ppp/pap-secrets with something which looks like this:

“username” * “password”

*) Add to /etc/ppp/options the lines:

lcp-echo-failure 2
lcp-echo-interval 30

*) Run init q to reload /etc/inittab, and force the loading of l2tpd.

*) Run /etc/init.d/rp-l2tp start to start the internet connection. With luck, you should be up and running. Add this script to the startup sequence by running “chkconfig –level 35 rp-l2tp on

Done and done. Good luck.