To enable jumbo frames on the nxge interface you need to edit the below file. There is option to enable frames per interface, but this didnt work out for me so I enable on all the interface.
/platform/sun4v/kernel/drv/nxge.conf
#------- Jumbo frame support ---------------------------------
# To enable jumbo support for all nxge interfaces,
accept_jumbo = 1;
#
# To disable jumbo support for all nxge interfaces,
# accept_jumbo = 0;
#
# Default is 0. See the example at the end of this file for
# enabling or disabling jumbo for a particular nxge interface.
#
#
root@husky # dladm show-link
nxge0 type: non-vlan mtu: 9194 device: nxge0
nxge1 type: non-vlan mtu: 9194 device: nxge1
nxge2 type: non-vlan mtu: 9194 device: nxge2
nxge3 type: non-vlan mtu: 9194 device: nxge3
Saturday, June 19, 2010
Monday, March 8, 2010
Sendmail disabling help, vrfy, expn and version information.
We have a security audit and auditor asked me to disable the help, VRFY and EXPN command and disable the version information displayed while login on the sendmail server.
1) To disable the version information from displaying, edit the sendmail.cf file. Make a backup copy of the file.
remove the " Sendmail $v/$Z " after $j. After editing the line looks like below.
Restart the service
2) To disable the VRFY and EXPN ,look for "PrivacyOptions" line in the /etc/mail/sendmail.cf file. Edit the PrivacyOptions line and append "novrfy,noexpn" to the line as below. Make sure you made a backup copy of the file before editing.
Restart the service
3) To disable the help, go to /etc/mail/ , move the helpfile to helpfile.old and touch an empty helpfile
Restart the service
After editing the configuration file telnet to port 25 will give the result as below
------------------------------------------------------------------------------
# telnet myhost 25
220 myhost ESMTP Mon, 8 Mar 2010 09:15:21 +0300 (AST)
help
214 2.0.0 End of HELP info
vrfy
252 2.5.2 Cannot VRFY user; try RCPT to attempt delivery (or try finger)
expn
502 5.7.0 Sorry, we do not allow this operation
quit
221 2.0.0 myhost closing connection
Connection to host lost.
----------------------------------------------------------------------
1) To disable the version information from displaying, edit the sendmail.cf file. Make a backup copy of the file.
# vi /etc/mail/sendmail.cf
look for the line " GreetingMessage"remove the " Sendmail $v/$Z " after $j. After editing the line looks like below.
O SmtpGreetingMessage=$j $b
Restart the service
2) To disable the VRFY and EXPN ,look for "PrivacyOptions" line in the /etc/mail/sendmail.cf file. Edit the PrivacyOptions line and append "novrfy,noexpn" to the line as below. Make sure you made a backup copy of the file before editing.
# privacy flags
O PrivacyOptions=authwarnings,novrfy,noexpn
O PrivacyOptions=authwarnings,novrfy,noexpn
Restart the service
3) To disable the help, go to /etc/mail/ , move the helpfile to helpfile.old and touch an empty helpfile
#pwd
/etc/mail
# mv helpfile helpfile.old
# touch helpfile
Restart the service
# /etc/init.d/sendmail restart
or
# svcadm refresh sendmailAfter editing the configuration file telnet to port 25 will give the result as below
------------------------------------------------------------------------------
# telnet myhost 25
220 myhost ESMTP Mon, 8 Mar 2010 09:15:21 +0300 (AST)
help
214 2.0.0 End of HELP info
vrfy
252 2.5.2 Cannot VRFY user; try RCPT to attempt delivery (or try finger)
expn
502 5.7.0 Sorry, we do not allow this operation
quit
221 2.0.0 myhost closing connection
Connection to host lost.
----------------------------------------------------------------------
Sunday, March 7, 2010
vSphere iommu error on dell optiplex 760
Once the installation of the vSphere is completed I got the following error on the console.
While loading its shows "Failed to load iommu driver"
cpu1:....: Initialization for vtd failed with -1"
To fix this disable the VT for Direct I/O from the BIOS
1) Reboot the esx host, press F12 and go to BIOS
disable "Virtualization support --VT for Direct I/O"
save and reboot
While loading its shows "Failed to load iommu driver"
cpu1:....: Initialization for vtd failed with -1"
To fix this disable the VT for Direct I/O from the BIOS
1) Reboot the esx host, press F12 and go to BIOS
disable "Virtualization support --VT for Direct I/O"
save and reboot
vSphere on dell optiplex 760, Not enough memory to load vmkernel
vSphere required minimum 2GB of memory ti install. I had a dell optiplex 760 with 2GB installed. While installing vSphere the installer stops and throws errors like
" vmnix...
there is not enough memory to load vmkernel. 2040384 KB of RAM
was detected. We require at least 2064384 KB of RAM to boot.
Aborting boot "
I swapped 1GB from other server and installed the vphere. Once the installation is completed you can edit the memory required meory value to desired value.
1) Login to the esx server through console or via putty and edit the below file
# vi /etc/vmware/init/init.d/00.vmnix
2) Find the below line and edit with required value
RequiredMemory=2064384
3) Shutdown the server and remove the extra 1gb memory added and boot the esx host
I'm yet to try on ESXi host. This is my test environment to study vSphere. I'm not sure about any other workaround.
" vmnix...
there is not enough memory to load vmkernel. 2040384 KB of RAM
was detected. We require at least 2064384 KB of RAM to boot.
Aborting boot "
I swapped 1GB from other server and installed the vphere. Once the installation is completed you can edit the memory required meory value to desired value.
1) Login to the esx server through console or via putty and edit the below file
# vi /etc/vmware/init/init.d/00.vmnix
2) Find the below line and edit with required value
RequiredMemory=2064384
3) Shutdown the server and remove the extra 1gb memory added and boot the esx host
I'm yet to try on ESXi host. This is my test environment to study vSphere. I'm not sure about any other workaround.
Tuesday, January 26, 2010
Automating sftp with expect script
I got a request to automate the sftp process. I find it difficult with shell script. I find an easy way to do with
expect script.
The following packages need to be installed on the SUN server for the expect script. I downloaded the x86packages from sun freeware as I'm running the script from an x86 server.
tcl-8.5.3-sol10-x86-local
libgcc-3.4.6-sol10-x86-local
expect-5.43.0-sol10-x86-local
1)pkgadd -d tcl-8.5.3-sol10-x86-local
2)pkgadd -d libgcc-3.4.6-sol10-x86-local
The following packages are available:
1 SMClgcc346 libgcc
(x86) 3.4.6
Installation of was successful.
3)pkgadd -d expect-5.43.0-sol10-x86-local
The following packages are available:
1 SMCexpect expect
(x86) 5.43.0
Installation of was successful.
The expect will installed in the /usr/local/bin directory.
----------------------------------------------------------------------------------------------------------
expect script.
The following packages need to be installed on the SUN server for the expect script. I downloaded the x86packages from sun freeware as I'm running the script from an x86 server.
tcl-8.5.3-sol10-x86-local
libgcc-3.4.6-sol10-x86-local
expect-5.43.0-sol10-x86-local
1)pkgadd -d tcl-8.5.3-sol10-x86-local
2)pkgadd -d libgcc-3.4.6-sol10-x86-local
The following packages are available:
1 SMClgcc346 libgcc
(x86) 3.4.6
Installation of
3)pkgadd -d expect-5.43.0-sol10-x86-local
The following packages are available:
1 SMCexpect expect
(x86) 5.43.0
Installation of
The expect will installed in the /usr/local/bin directory.
The script is as follows
----------------------------------------------------------------------------------------------------------
#!/usr/local/bin/expect -f
#This is the expect script wrote to automate the sftp process to pull files from a server as per the date and #then push the files to another server.
set timeout -1
set DATE [exec date "+%Y%m%d"]
log_file "/home/ftp/logs/sftp.log"
send_log -- "####-Starting SFTP script- [exec date] \n"
send_log -- "Today's date:[exec date] \n"
send_log -- "Downloading files through sftp \n"
spawn /usr/bin/sftp jim@172.20.1.86
expect "Password:"
#sleep 5
send "jim123\n"
expect "sftp>"
send "cd /export/home/jim \r"
expect "sftp>"
send "ls \r"
expect "sftp>"
send "get *.$DATE \r"
expect "sftp>"
send "quit \r"
sleep 5
send_log -- "Today's date:[exec date] \n"
send_log -- "Uploading files through sftp \n"
spawn /usr/bin/sftp jim@172.20.5.93
expect "Password:"
send "jim123\n"
expect "sftp>"
send "cd /export/home/jim \r"
expect "sftp>"
send "put *.$DATE \r"
expect "sftp>"
send "quit \r"
#END of SCRIPT
-----------------------------------------------------------------------------------------------------------
I can shell script from expect script. I have another requirement to pull yesterdays file through sftp server. Thank god that was a Linux server and to get yesterdays date in Linux is easy :)
set DATE [exec /home/ftp/date.sh ]
The above line will call the date.sh script to get yesterdays date.
date.sh script is as below
[root@]# cat date.sh
#!/bin/bash
echo $(date --date='1 day ago' "+%Y%m%d")
#End of script
#This is the expect script wrote to automate the sftp process to pull files from a server as per the date and #then push the files to another server.
set timeout -1
set DATE [exec date "+%Y%m%d"]
log_file "/home/ftp/logs/sftp.log"
send_log -- "####-Starting SFTP script- [exec date] \n"
send_log -- "Today's date:[exec date] \n"
send_log -- "Downloading files through sftp \n"
spawn /usr/bin/sftp jim@172.20.1.86
expect "Password:"
#sleep 5
send "jim123\n"
expect "sftp>"
send "cd /export/home/jim \r"
expect "sftp>"
send "ls \r"
expect "sftp>"
send "get *.$DATE \r"
expect "sftp>"
send "quit \r"
sleep 5
send_log -- "Today's date:[exec date] \n"
send_log -- "Uploading files through sftp \n"
spawn /usr/bin/sftp jim@172.20.5.93
expect "Password:"
send "jim123\n"
expect "sftp>"
send "cd /export/home/jim \r"
expect "sftp>"
send "put *.$DATE \r"
expect "sftp>"
send "quit \r"
#END of SCRIPT
-----------------------------------------------------------------------------------------------------------
I can shell script from expect script. I have another requirement to pull yesterdays file through sftp server. Thank god that was a Linux server and to get yesterdays date in Linux is easy :)
set DATE [exec /home/ftp/date.sh ]
The above line will call the date.sh script to get yesterdays date.
date.sh script is as below
[root@]# cat date.sh
#!/bin/bash
echo $(date --date='1 day ago' "+%Y%m%d")
#End of script
Tuesday, December 8, 2009
Installing Solaris x86 on HP DL385 G6
I had a hard time installing the Solaris u7 on the HP DL385 G6 server. The controller firmware is the issue.
OS installation is failing as its not able to find the disk. Below are the steps I followed for the successful installation
1) Download the driver from the HP support site for Solaris x86. The driver name is "CPQary3-2.3.0-solaris10-i386.tar.gz".
2) unzip the archive and burn the iso image(CPQary3.iso) inside the archive to a cd/dvd
3) Boot the machine from the Solaris OS and when the installation option appears choose option 5 (Applydriverupdates) for driver installation.
4) Eject the solaris media and insert the iso image burned media into the machine
5) Choose option C for cd/dvd and it will install the driver. This is only a temporary installation
6) choose option "e" to end and eject the media and resinsert the Solaris media and press enter
7) Continue with the OS installation. While partition the OS make sure that /usr and /var is not a seprate partition. everything should be under / filesystem
8) once the installation complete, reboot the machine into failsafe mode and reinsert the iso image cd and do the following
9) # install-du
10 # install-recovery ( this will search for the installed OS instance)
11) You will be asked to mount the root slice to /a , say yes and enter
12) Eject the cdrom and burn a new cd with the CPQary3-2.3.0-solaris10-i386.tar.gz archive. You may face an issue that you wont see the full name, go ahead with the name there.
13) mount the cdrom to /mnt
# mount -F hsfs -o ro,nrr,nomaplcase /dev/dsk/c0t0d0p0 /mnt
14) cd /mnt ; cp CPQary3-2.3.0-solaris10-i386.tar.gz /a/var/tmp
15) gunzip and untar the archive, you will get the directory CPQary3-2.3.0-solaris10-i386.
# gzcat CPQary3-2.3.0-solaris10-i386 - | tar xvf -
16) #cd CPQary3-2.3.0-solaris10-i386 ; ls
you will find the package file there with name " CPQary3.pkg"
Note: I'm getting the following errors when doing a pkgadd command
pkgadd: ERROR: unable to open admin file No such file or directory
17) create a file with the following parameters
# vi /tmp/admin
instance=overwrite
mail=
:wq!
18) cd to the directory CPQary3-2.3.0-solaris10-i386.
# pkgadd -a /tmp/admin -d `pwd`/CPQary3.pkg CPQary3
you will get the message Installation of CPQary3 was successful
19) cd /a ; touch reconfigure
20) init 6
Well I did this after a lot of trial and error, there may be some easy procedure avl I believe. i written what I did. If there is any easyway please comment here.
OS installation is failing as its not able to find the disk. Below are the steps I followed for the successful installation
1) Download the driver from the HP support site for Solaris x86. The driver name is "CPQary3-2.3.0-solaris10-i386.tar.gz".
2) unzip the archive and burn the iso image(CPQary3.iso) inside the archive to a cd/dvd
3) Boot the machine from the Solaris OS and when the installation option appears choose option 5 (Applydriverupdates) for driver installation.
4) Eject the solaris media and insert the iso image burned media into the machine
5) Choose option C for cd/dvd and it will install the driver. This is only a temporary installation
6) choose option "e" to end and eject the media and resinsert the Solaris media and press enter
7) Continue with the OS installation. While partition the OS make sure that /usr and /var is not a seprate partition. everything should be under / filesystem
8) once the installation complete, reboot the machine into failsafe mode and reinsert the iso image cd and do the following
9) # install-du
10 # install-recovery ( this will search for the installed OS instance)
11) You will be asked to mount the root slice to /a , say yes and enter
12) Eject the cdrom and burn a new cd with the CPQary3-2.3.0-solaris10-i386.tar.gz archive. You may face an issue that you wont see the full name, go ahead with the name there.
13) mount the cdrom to /mnt
# mount -F hsfs -o ro,nrr,nomaplcase /dev/dsk/c0t0d0p0 /mnt
14) cd /mnt ; cp CPQary3-2.3.0-solaris10-i386.tar.gz /a/var/tmp
15) gunzip and untar the archive, you will get the directory CPQary3-2.3.0-solaris10-i386.
# gzcat CPQary3-2.3.0-solaris10-i386 - | tar xvf -
16) #cd CPQary3-2.3.0-solaris10-i386 ; ls
you will find the package file there with name " CPQary3.pkg"
Note: I'm getting the following errors when doing a pkgadd command
pkgadd: ERROR: unable to open admin file
17) create a file with the following parameters
# vi /tmp/admin
instance=overwrite
mail=
:wq!
18) cd to the directory CPQary3-2.3.0-solaris10-i386.
# pkgadd -a /tmp/admin -d `pwd`/CPQary3.pkg CPQary3
you will get the message Installation of CPQary3 was successful
19) cd /a ; touch reconfigure
20) init 6
Well I did this after a lot of trial and error, there may be some easy procedure avl I believe. i written what I did. If there is any easyway please comment here.
Saturday, November 7, 2009
Enabling Jumbo Frames on bge interface V240/M4000 and Netapp Filer
I need to enable jumbo frames settings on the Sun server which is connected to the Netapp 3020 through iSCSI Lun's. These lun's are used for Oracle database. Initially the storage utilization was very high. Once the jumbo frames enabled, its reduced considerably. mtusize 9000 bytes seems to be the generally accepted size for jumbo frames.
To enable jumbo frames on this setup, the configuration on each point in the network must be configured to support jumbo frames.That means I need to enable jumbo frames on the host interface(s) and the Filer interface and on the switch if its connected through the switch else the network connection will not have jumbo frames enabled and may not succeed.
Here is how I enabled for the Sun Server bge interface:
1. Enabled jumbo frames on the server by editing the /etc/system file
set bge:bge_jumbo_enable = 1
2. Edit the file “/platform/sun4u/kernel/drv/bge.conf ”for Jumbo frame settings. Each line ends with a semi-column(;)
default_mtu = 9000;
To enable jumbo frames on this setup, the configuration on each point in the network must be configured to support jumbo frames.That means I need to enable jumbo frames on the host interface(s) and the Filer interface and on the switch if its connected through the switch else the network connection will not have jumbo frames enabled and may not succeed.
Here is how I enabled for the Sun Server bge interface:
1. Enabled jumbo frames on the server by editing the /etc/system file
set bge:bge_jumbo_enable = 1
2. Edit the file “/platform/sun4u/kernel/drv/bge.conf ”for Jumbo frame settings. Each line ends with a semi-column(;)
default_mtu = 9000;
name="bge" parent="/pci@0,600000" unitaddress="2" default_mtu=9000;
bge1: flags=201000843 mtu 9000 index 3
inet 172.168.0.20 netmask ffffff00 broadcast 172.168.255.255
ether 0:xx:xx:xx:xx:f1
Enabling Jumbo Frames on the Netapp FAS3020
filerA>ifconfig e0b mtusize 9000 mediatype 1000fx flowcontrol full
filerA> ifconfig e0b up
filerA> ifconfig -a
e0b: flags=948043 mtu 9000
inet 172.168.0.10 netmask 0xffffff00 broadcast 172.168.0.255
ether 00:xx:xx:xx:xx:87 (auto-1000t-fd-up) flowcontrol full
bash-3.00# ifconfig -a
bge1: flags=201000843
inet 172.168.0.20 netmask ffffff00 broadcast 172.168.255.255
ether 0:xx:xx:xx:xx:f1
Enabling Jumbo Frames on the Netapp FAS3020
filerA>ifconfig e0b mtusize 9000 mediatype 1000fx flowcontrol full
filerA> ifconfig e0b up
filerA> ifconfig -a
e0b: flags=948043
inet 172.168.0.10 netmask 0xffffff00 broadcast 172.168.0.255
ether 00:xx:xx:xx:xx:87 (auto-1000t-fd-up) flowcontrol full
Subscribe to:
Posts (Atom)