RHEL: Linux Bonding, Multiple Network Interfaces (NIC) Into a Single Interface

Bonding is nothing but Linux kernel feature that allows to aggregate multiple like interfaces (such as eth0, eth1) into a single virtual link such as bond0. The idea is pretty simple get higher data rates and as well as link failover. The following instructions were tested on:


RHEL v5 / 6,
CentOS v5 / 6.


 I am using Red Hat enterprise Linux version 5.0. 


Step - 1: Create a Bond0 Configuration File

Red Hat Enterprise Linux (and its clone such as CentOS) stores network configuration in /etc/sysconfig/network-scripts/ directory. First, you need to create a bond0 config file as follows:
# vi /etc/sysconfig/network-scripts/ifcfg-bond0Append the following linest:

 
DEVICE=bond0
IPADDR=192.168.1.20
NETWORK=192.168.1.0
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
 

You need to replace IP address with your actual setup. Save and close the file.

Step - 2: Modify eth0 and eth1 config files

Open both configuration using a text editor such as vi/vim, and make sure file read as follows for eth0 interface
# vi /etc/sysconfig/network-scripts/ifcfg-eth0Modify/append directive as follows:
DEVICE=eth0
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=noneOpen eth1 configuration file using vi text editor, enter:
# vi /etc/sysconfig/network-scripts/ifcfg-eth1Make sure file read as follows for eth1 interface:
DEVICE=eth1
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=noneSave and close the file.

Step - 3: Load bond driver/module

Make sure bonding module is loaded when the channel-bonding interface (bond0) is brought up. You need to modify kernel modules configuration file:# vi /etc/modprobe.conf
Append following two lines:alias bond0 bonding
options bond0 mode=balance-alb miimon=100Save file and exit to shell prompt. You can learn more about all bounding options by clickinghere).

Step - 4: Test configuration

First, load the bonding module, enter:
# modprobe bonding
Restart the networking service in order to bring up bond0 interface, enter:
# service network restart# ifconfigMake sure everything is working. Type the following cat command to query the current status of Linux kernel bounding driver, enter:
# cat /proc/net/bonding/bond0

What is Disk Quota ?

Disk space can be restricted by implementing disk quotas which alert a system administrator before a user consumes too much disk space or a partition becomes full. Disk quotas can be configured for individual users as well as user groups.

In addition, quotas can be set not just to control the number of disk blocks consumed but to control the number of inodes (data structures that contain information about files in UNIX file systems). Because inodes are used to contain file-related information, this allows control over the number of files that can be created.

Configuring Disk Quota

To implement disk quotas, use the following steps:

1. Enable quotas per file system by modifying the /etc/fstab file.

2. Remount the file system(s).

3. Create the quota database files and generate the disk usage table.

4. Assign quota policies.

Applying Disk Quota

• Step 1 - Open /etc/fstab file using vi editor
• vi /etc/fstab
• Step 2 - Add usrquota or grpquota to following line
• LABEL=/home /home ext3 defaults,usrquota 0 0
• Step 3 – Remount the /home folder or reboot your machine
• mount –o remount /home
• Step 4 – Create quota database file
• quotacheck –cug /home

• quotaon -vug /home
• Step 5 – Apply the quota to a user / group using following command
• edquota –u username
• or
• setquota -u username softHDDlimit hardHDDlimit softINODElimit hardINODElimit /location

Quota Commands

• quota : Run by user to check quota status
• repquota : Run by the root user to check the quota status for every user
• edquota –t : Assigns the grace period
• edquota -g groupname : Assigning Quotas on Group
• quotaoff -vaug : Disabling quota on everyone
• quotaon -vaug : Enabling quota on eve

Setting up a PXE-Boot Redhat Linux 5

This documents how to setup a PXE boot server for Linux.
a) The first thing to note is that you need to setup your own mini-network that is completely disconnected from the network, since part of this process requires setting up a DHCP server which could conflict with the corporate DHCP server if they were both running on the same network simultaneously. So get yourself a switch from IT up front. You do *NOT* need the switch immediately, so just put it aside.

b) Next you'll need to install the following packages using yum server
tftp-server
dhcp
httpd
syslinux

root@vijay~]# yum install tftp-server dhcp httpd syslinux

c) Now you need to setup the DHCP server. With the FC4 RPM for dhcp, all you need to do is create /etc/dhcpd.conf with the following contents:

root@vijay~]# vim /etc/dhcpd.conf

ddns-update-style interim;
ignore client-updates;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.63;
option subnet-mask 255.255.255.0;
option domain-name "";
option time-offset -18000;
range dynamic-bootp 192.168.0.160 192.168.0.191;
default-lease-time 21600;
max-lease-time 43200;
filename "/pxelinux.0";                              (add these two line in dhcpd.conf file)
next-server 192.168.0.1;
}

d) Next you need to activate tftp within xinetd. All that is neccesary is to change disable=yes to disable=no in /etc/xinetd.d/tftp . Then restart xinetd.
root@vijay~]# vim /etc/xinetd.d/tftp
                    disable=no

e) Next you need to copy the files from the given locaton.
root@vijay~]# cp -r   /usr/share/doc/syslinux-3.11/sample/*  /tftpboot/

root@vijay~]# mkdir  /tftpboot/pxelinux.cfg

f) Now Mount the DVD into /mnt and copy the content.
root@vijay~]# mount  /dev/cdrom /mnt

root@vijay~]# cp  -r /mnt/images/pxeboot/*    /tftpboot

root@vijay~]# cp  -r /mnt/isolinux/*      /tftpboot

root@vijay~]# cp /mnt/isolinux/isolinux.cfg /tftpboot/pxelinux.cfg/default

root@vijay~]# cp -r /usr/lib/syslinux/pxelinux.0  /tftpboot

root@vijay~]# cp -r /usr/lib/syslinux/menu.c32  /tftpboot/pxelinux.cfg

root@vijay~]# cp -r /usr/lib/syslinux/*  /tftpboot

g) Now install Kickstart Package and configure it according to Requirement. and save the file into /var/ftp/pub (if your are using FTP service).
root@vijay~]# yum install *kickstart*

root@vijay~]# system-config-kickstart

h) Now create the default pxelinux configuration inside the new file.

root@vijay~]# vim /tftpboot/pxelinux.cfg/default

 default kickstart
 prompt 0
 timeout 600
 display boot.msg
 F1 boot.msg
 F2 options.msg
 F3 general.msg
 F4 param.msg
 F5 rescue.msg
 MENU title network installation pxe  
 label linux
 kernel vmlinuz
 append initrd=initrd.img
 label kickstart
 kernel vmlinuz
 append initrd=initrd.img ks=ftp://192.168.0.11/dump/ks.cfg
 label ks
 kernel vmlinuz
 append ks initrd=initr

i) Now start dhcpd & vsftpd and activate tftp by running the following:
 
root@vijay~]#/etc/init.d/dhcpd  start
 
root@vijay~]#/etc/init.d/xinetd restart
 
root@vijay~]#/etc/init.d/vsftpd start


##################################################
                                Now Boot Client Machine with PXE
##################################################

ISCSI Creation

root@server~]# yum install scsi-target-utils*
 
root@server~]# /etc/init.d/tgtd restart
 
Now Create a New Partition in server machine

root@server~]# vim /etc/tgtd/targets.conf
####Sample target with one LUN only. Defaults to allow access for all initiators:####
uncomment the following three line and give target name and device address on backing-store######
<target VIJAY>
backing-store /dev/sda9
</target>
:wq

Now goto client system and install iscsi-init*
root@client~]# yum install iscsi-init*

root@client~]# iscsiadm -m discovery -t st -p IP_of_Iscsi_Server

root@client~]# iscsiadm -m node -l

(to display the login information)
###################Now you can create partition using iscsi partition##################
~]# fdisk /dev/sdb

and follow the step to create partition.
###################add the Partition parmanently in /etc/fstab##########
 
root@client~]# vim /etc/fstab
device        mountpoint     filesystem     permission       D.F.   F.F.
/dev/sdb1    /vijay                 ext4              _netdev           0       0
:wq
root@client~]#mount -a
root@client~]# iscsi -m node -u (to logout from iscsi server)

FTP Configuration

Understanding & Managing FTP Server

What is FTP?

FTP protocol (File Transfer Protocol) is, as its name indicates a protocol for transferring files. The implementation of FTP dates from 1971 when a file transfer system between MIT machines (Massachusetts Institute of Technology) was developed. Many RFC have since made improvements to the basic protocol, but the greatest innovations date from July 1973. FTP, the File Transfer Protocol, is one of the original network applications developed with the TCP/IP protocol suite. It follows the standard model for network services, as FTP requires a client and a server , FTP set out to solve the need to publish documents and software so that people could get them easily from other computer systems. On the FTP server, files were organized in a directory structure; users could connect to the server over the network ,and download files from (and possibly upload files to) the server.

The role of FTP protocol:

FTP protocol defines the way in which data must be transferred over a TCP/IP network.

The aim of FTP protocol is to:

 allow file sharing between remote machines
 allow independence between client and server machine system files
 enable efficient data transfer

The FTP model:

FTP protocol falls within a client-server model, i.e. one machine sends orders (the client) and the other awaits requests to carry out actions (the server).
During an FTP connection, two transmission channels are open:
 A channel for commands (control channel)
 A channel for data
So, both the client and server have two processes allowing these two types of information to be managed:
DTP (Data Transfer Process) is the process in charge of establishing the connection and managing the data channel. The server side DTP is called SERVER-DTP, the client side DTP is called USER-DTP.
PI (Protocol Interpreter) interprets the protocol allowing the DTP to be controlled using commands received over the control channel. It is different on the client and the server:
 The SERVER-PI is responsible for listening to the commands coming from a USER-PI over the control channel on a data port, establishing the connection for the control channel, receiving FTP commands from the USER-PI over this, responding to them and running the SERVER-DTP.
 The USER-PI is responsible for establishing the connection with the FTP server, sending FTP commands, receiving responses from the SERVER-PI and controlling the USER-DTP if needed. When an FTP client is connected to a FTP server, the USER-PI initiates the connection to the server according to the Telnet protocol. The client sends FTP commands to the server, the server interprets
them, runs its DTP, then sends a standard response. Once the connection is established, the server-PI gives the port on which data will be sent to the Client DTP. The client DTP then listens on the specified port for data coming from the server. It is important to note that since the control and data ports are
separate channels, it is possible to send commands from one machine and receive data on another. So, for example it is possible to transfer data between FTP servers by passing through a client to send control instructions and by transferring information between two server processes connected on the
right port. In this configuration, the protocol imposes that the control channels remain open throughout the data transfer. So a server can stop a transmission if the control channel is broken during transmission.

What is vsftpd?

 The Very Secure FTP Server (vsFTPd) is the only FTP server software included in the Red Hat Linux distribution , vsFTPd is becoming the FTP server of choice for sites that need to support thousands of concurrent downloads. It was also designed to secure your systems against most common attacks.

Configuration Files

 /etc/vsftpd/vsftpd.conf      :  Main Configuration File
 /etc/vsftpd/ftpusers           : Contains Users list to deny permanently
 /etc/vsftpd/user_list           : Contains Users list to allow or deny

 FTP uses TCP ports 20 (for ftp data) & 21 (ftp program).

Installing FTP service:

root@vijay~]# yum install vsftpd

root@vijay~]# vim /etc/vsftpd/vsftpd.conf

(if you want to deny all user from login) at the end of file write down the following line.

userlist_deny=NO

and add the name of user to whom you want to grant permission for login in user_list

Starting vsftpd service:

root@vijay~]#service vsftpd start;chkconfig vsftpd on

Client Side Commands For Connecting to FTP Server

root@vijay~]#ftp 0 (for local login)

root@vijay~]#ftp x.x.x.x (for remote login)

For Installing Packages from FTP server

root@vijay~]#rpm -ivh ftp://x.x.x.x/pub/Server/package.rpm

Limiting maximum connections

 VSFTPD allows unlimited connection from the same client IP address. You can easily force

vsftpd ftp server to use limited number of connection. There is a special directive called
 max_per_ip.

root@vijay~]# vim /etc/vsftpd/vsftpd.conf

max_per_ip=3
max_clients=2 ----- max simultaneous connections

Allowing “anonymous” upload to FTP

STEP – 1:

root@vijay~]# vi /etc/vsftpd/vsftpd.conf

anon_upload_enable=YES
chown_uploads=YES
chown_username=daemon
anon_umask=077

STEP -2: Create a directory under – 

root@vijay~]#mkdir /var/ftp/incoming

root@vijay~]#chmod  770  /var/ftp/incoming

root@vijay~]#chown  root:ftp   /var/ftp/incoming

root@vijay~]#setfacl -m u:vijay:rwx  /var/ftp/incoming

STEP – 3: Set the Boolean value:

root@vijay~]#setsebool  -P  allow_ftpd_full_access

root@vijay~]#service vsftpd restart

root@vijay~]# ftp 192.168.0.15

Connected to 192.168.0.14 (192.168.0.14).
220 (vsFTPd 2.2.2)
Name (192.168.0.14:root): vijay
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /var/ftp/pub
250 Directory successfully changed.
ftp> ls
227 Entering Passive Mode (192,168,0,14,67,118).
150 Here comes the directory listing.
-rw-r--r-- 10 0 0 Aug 02 04:35 h1
-rw-r--r-- 10 0 0 Aug 02 04:35 h2
-rw-r--r-- 10 0 0 Aug 02 04:35 h3-rw------- 12 50 0 Aug 02 04:40 popo
drwx------
2 14
50
4096 Aug 02 04:52 raj
226 Directory send OK.

KVM Configuration

KVM Installation and configuration
1. Install the RHEL FOR 64Bit.
2. Create the Yum Server For RHEL 64Bit.
3. Now check the virtualization flag
[root@vijay ~]# egrep '(vmx|svm)' --color=always /proc/cpuinfo
4. To install KVM and virtinst (a tool to create virtual machines), we run
[root@vijay ~]# yum install kvm* qemu* libvirt* python-virtinst*
5. Then start the libvirt daemon:
[root@vijay ~]# /etc/init.d/libvirtd start
6. To check if KVM has successfully been installed, run
[root@vijay ~]# virsh -c qemu:///system list
It should display something like this:
Id Name
State
----------------------------------
7. To do this, we install the package bridge-utils...
[root@vijay ~]# yum install bridge-utils*
8. I disable NetworkManager and enable "normal" networking. NetworkManager is good
for desktops where network connections can change (e.g. LAN vs. WLAN), but on a server
you usually don't change network connections:
[root@vijay ~]# /etc/init.d/NetworkManager stop
[root@vijay ~]# chkconfig NetworkManager off
[root@vijay ~]# /etc/init.d/network restart
9. To configure the bridge, create the file /etc/sysconfig/network-scripts/ifcfg-br0 (please
use the BOOTPROTO, DNS1 (plus any other DNS settings, if any), GATEWAY, IPADDR,
NETMASK and SEARCH values from the /etc/sysconfig/network-scripts/ifcfg-eth0 file):
[root@vijay ~]# vim /etc/sysconfig/network-scripts/ifcfg-br0
################################################################
DEVICE=br0
TYPE=Bridge
VIJAY SINGH
BOOTPROTO=static
GATEWAY=192.168.0.1
IPADDR=192.168.0.100
NETMASK=255.255.255.0
ONBOOT=yes
################################################################
10. Modify /etc/sysconfig/network-scripts/ifcfg-eth0 as follows (comment out
BOOTPROTO, DNS1 (and all other DNS servers, if any), GATEWAY, IPADDR,
NETMASK, and SEARCH and add BRIDGE=br0):
[root@vijay ~]# vim /etc/sysconfig/network-script/ifcfg-eth0
##############################################################
DEVICE=eth0
#BOOTPROTO=none
#DNS1=145.253.2.75
#GATEWAY=192.168.0.1
HWADDR=00:1e:90:f3:f0:02
#IPADDR=192.168.0.100
#NETMASK=255.255.255.0
ONBOOT=yes
TYPE=Ethernet
IPV6INIT=no
USERCTL=no
BRIDGE=br0
##############################################################
11. Then reboot the system:
[root@vijay ~]# init 6
12. Now install the “virt-manager”
[root@vijay ~]# yum install virt-manager*
13. Now run the following command to start virtual machine.
[root@vijay ~]# virt-manager
And Install Your KVM VIRTUAL MACHINE