# pvscan
PV /dev/disk/by-name/360060480000187720574444d36333944p1 VG vg01 lvm1 [33.71 GB / 0 free]
PV /dev/disk/by-name/360060480000190101659533032383041 lvm2 [25.29 GB]
Total: 2 [59.00 GB] / in use: 1 [33.71 GB] / in no VG: 1 [25.29 GB]
# vgconvert -M2 vg01
Volume group vg01 successfully converted
# pvscan
PV /dev/disk/by-name/360060480000187720574444d36333944p1 VG vg01 lvm2 [33.71 GB / 0 free]
PV /dev/disk/by-name/360060480000190101659533032383041 lvm2 [25.29 GB]
Total: 2 [59.00 GB] / in use: 1 [33.71 GB] / in no VG: 1 [25.29 GB]
# pvdisplay /dev/disk/by-name/360060480000190101659533032383041
--- NEW Physical volume ---
PV Name /dev/dm-3
VG Name
PV Size 25.29 GB
Allocatable NO
PE Size (KByte) 0
Total PE 0
Free PE 0
Allocated PE 0
PV UUID 7P5VhP-Bt8Z-jJPO-7j7I-0RCo-usbg-4ZRnVK
# vgextend vg01 /dev/dm-3
Volume group "vg01" successfully extended
# vgdisplay vg01
--- Volume group ---
VG Name vg01
System ID PV_IMPwdlbc64r021147289082
Format lvm2
Metadata Areas 2
Metadata Sequence No 2
VG Access read/write
VG Status resizable
MAX LV 256
Cur LV 1
Open LV 1
Max PV 256
Cur PV 2
Act PV 2
VG Size 59.00 GB
PE Size 4.00 MB
Total PE 15103
Alloc PE / Size 8629 / 33.71 GB
Free PE / Size 6474 / 25.29 GB
VG UUID Bf86re-OUES-xts3-LAL7-soW7-HpzU-KftWX4
# lvextend -l +6474 /dev/vg01/lvol1
Extending logical volume lvol1 to 59.00 GB
Logical volume lvol1 successfully resized
# vgdisplay vg01
--- Volume group ---
VG Name vg01
System ID PV_IMPwdlbc64r021147289082
Format lvm2
Metadata Areas 2
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 256
Cur LV 1
Open LV 1
Max PV 256
Cur PV 2
Act PV 2
VG Size 59.00 GB
PE Size 4.00 MB
Total PE 15103
Alloc PE / Size 15103 / 59.00 GB
Free PE / Size 0 / 0
VG UUID Bf86re-OUES-xts3-LAL7-soW7-HpzU-KftWX4
;For SuSE 9.X, an ext3 filesystem needs to be unmounted before it can be extended.
#umount /opt/SANdisk1
#e2fsck /dev/vg01/lvol1
#resize2fs /dev/vg01/lvol1
Friday, July 06, 2007
Wednesday, November 08, 2006
http://www.unixmexico.org/files/html/kore.hack.se/oreilly-networking/
http://www.unixmexico.org/files/html/kore.hack.se/oreilly-networking/
DNS Resources
The following is a list of resources you can use when configuring DNS:
info.bind newsgroup
This newsgroup contains discussions about DNS and BIND and announcements of various kinds from the BIND developers and the NIC. It is a good newsgroup to browse from time to time.
http://www.internic.net.
The web site of the INTERNIC contains information about how to register a domain, what the names of the official root servers are, and what various DNS procedures and policies are. It is the originating repository for all RFCs.
RFCs
There are many of RFCs on or related to DNS. The following list identifies a few of the more significant ones:
- RFC 1032 - Domain Administrator's Guide
- RFC 1033 - Domain Administrator's Operations Guide
- RFC 1034 - Domain Names - Concepts and Facilities
- RFC 1536 - Common DNS Implementation Errors and Suggested Fixes
- RFC 1713 - Tools for DNS Debugging
- RFC 1886 - DNS Extensions to Support IP Version 6
- RFC 1912 - Common DNS Operational and Configuration Errors
- RFC 2136 - Dynamic Updates in the Domain Name System (DNS UPDATE)
info.bind newsgroup
This newsgroup contains discussions about DNS and BIND and announcements of various kinds from the BIND developers and the NIC. It is a good newsgroup to browse from time to time.
http://www.internic.net.
The web site of the INTERNIC contains information about how to register a domain, what the names of the official root servers are, and what various DNS procedures and policies are. It is the originating repository for all RFCs.
RFCs
There are many of RFCs on or related to DNS. The following list identifies a few of the more significant ones:
- RFC 1032 - Domain Administrator's Guide
- RFC 1033 - Domain Administrator's Operations Guide
- RFC 1034 - Domain Names - Concepts and Facilities
- RFC 1536 - Common DNS Implementation Errors and Suggested Fixes
- RFC 1713 - Tools for DNS Debugging
- RFC 1886 - DNS Extensions to Support IP Version 6
- RFC 1912 - Common DNS Operational and Configuration Errors
- RFC 2136 - Dynamic Updates in the Domain Name System (DNS UPDATE)
Monday, October 09, 2006
DNS Advanced Topics
The 20th Large Installation System Administration Conferences
December 3-8, 2006 Washington, D.C.
Sponsored by USENIX and [SAGE]
Sunday Morning Half-Day Tutorials
S7 INTRODUCTION TO DOMAIN NAME SYSTEM ADMINISTRATION
William LeFebvre, Consultant
9:00 a.m.–12:30 p.m.
Who should attend: System or network administrators who have been exposed to the Domain Name System only as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial.
DNS, the primary method the Internet uses to name and number machines, is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS.
This tutorial will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the tutorial on "Intermediate Topics in Domain Name System Administration."
Topics include:
DNS and BIND
The DNS name hierarchy
The four components of the DNS protocol
Iterative vs. recursive querying
Essential resource records: SOA, A, PTR, CNAME, NS
Zone transfers and secondaries
Vendor-specific differences
William LeFebvre (S7, S10) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He wrote a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently an independent consultant. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.
Sunday Afternoon Half-Day Tutorials
S10 INTERMEDIATE TOPICS IN DOMAIN NAME SYSTEM ADMINISTRATION
William LeFebvre, Consultant
1:30 p.m.–5:00 p.m.
Who should attend: Network administrators with a basic understanding of DNS and its configuration who need to learn how to create and delegate subdomains, and administrators planning to install BIND8. Attendees are expected either to have prior experience with DNS, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration" tutorial.
Attendees will move beyond the basics into a more thorough understanding of the overall design and implementation of DNS.
Topics include:
Subdomains and delegation
Resource records: NS, RP, MX, TXT, AAAA
BIND views
DNS management tools
DNS design
DNS and firewalls
M5
ADVANCED TOPICS IN DNS ADMINISTRATIONMatt Larson, VeriSign, Inc.9:00 a.m.–5:00 p.m.
Who should attend: DNS administrators who wish to extend their understanding of how to configure and manage name servers running BIND 9. Attendees should have some experience of running a name server and be familiar with DNS jargon, resource records, and the syntax of zone files and named.conf.
This tutorial will answer the question, "I've set up master (primary) and slave (secondary) name servers. What else can I do with the name server?"
Topics include:
The BIND 9 logging subsystem
Getting the most from the name server's logs
Running the name server in debugging mode
Managing the name server with rndc
Configuring split DNS: internal and external versions of a domain
Using the views mechanism of BIND 9 to implement split DNS
Securing the name server
Running it chroot()ed
Using access control lists
Preventing unwanted access
Security
DNS vulnerability overview
Using Transaction Signatures (TSIG) to protect messages: cases and tools
Using DNSSEC to protect DNS data: cases, tools, implications
Dynamic DNS (DDNS)
Secure dynamic updates with nsupdate: policies and usage models
IPv6
Resolving and answering queries over IPv6 transport
Setting up AAAA records to resolve IPv6 addresses
Matt Larson (M5) works in the Advanced Products and Research Group of VeriSign Information Services as a specialist in DNS protocol and operational issues. He is the co-author of the O'Reilly & Associates Nutshell Handbooks DNS on Windows Server 2003, DNS on Windows 2000, and DNS on Windows NT. Matt joined VeriSign in June 2000 from Acme Byte & Wire, a company he started in 1997 with co-author Cricket Liu. Acme Byte & Wire specialized in DNS consulting and training, and its customers included more than 10% of the Fortune 100. Prior to Acme Byte & Wire, Matt worked for five years at Hewlett-Packard, first in the Corporate Network Services group, where he ran hp.com, one of the largest corporate domains in the world. He later joined HP's professional services organization.
December 3-8, 2006 Washington, D.C.
Sponsored by USENIX and [SAGE]
Sunday Morning Half-Day Tutorials
S7 INTRODUCTION TO DOMAIN NAME SYSTEM ADMINISTRATION
William LeFebvre, Consultant
9:00 a.m.–12:30 p.m.
Who should attend: System or network administrators who have been exposed to the Domain Name System only as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial.
DNS, the primary method the Internet uses to name and number machines, is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS.
This tutorial will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the tutorial on "Intermediate Topics in Domain Name System Administration."
Topics include:
DNS and BIND
The DNS name hierarchy
The four components of the DNS protocol
Iterative vs. recursive querying
Essential resource records: SOA, A, PTR, CNAME, NS
Zone transfers and secondaries
Vendor-specific differences
William LeFebvre (S7, S10) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He wrote a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently an independent consultant. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.
Sunday Afternoon Half-Day Tutorials
S10 INTERMEDIATE TOPICS IN DOMAIN NAME SYSTEM ADMINISTRATION
William LeFebvre, Consultant
1:30 p.m.–5:00 p.m.
Who should attend: Network administrators with a basic understanding of DNS and its configuration who need to learn how to create and delegate subdomains, and administrators planning to install BIND8. Attendees are expected either to have prior experience with DNS, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration" tutorial.
Attendees will move beyond the basics into a more thorough understanding of the overall design and implementation of DNS.
Topics include:
Subdomains and delegation
Resource records: NS, RP, MX, TXT, AAAA
BIND views
DNS management tools
DNS design
DNS and firewalls
M5
ADVANCED TOPICS IN DNS ADMINISTRATIONMatt Larson, VeriSign, Inc.9:00 a.m.–5:00 p.m.
Who should attend: DNS administrators who wish to extend their understanding of how to configure and manage name servers running BIND 9. Attendees should have some experience of running a name server and be familiar with DNS jargon, resource records, and the syntax of zone files and named.conf.
This tutorial will answer the question, "I've set up master (primary) and slave (secondary) name servers. What else can I do with the name server?"
Topics include:
The BIND 9 logging subsystem
Getting the most from the name server's logs
Running the name server in debugging mode
Managing the name server with rndc
Configuring split DNS: internal and external versions of a domain
Using the views mechanism of BIND 9 to implement split DNS
Securing the name server
Running it chroot()ed
Using access control lists
Preventing unwanted access
Security
DNS vulnerability overview
Using Transaction Signatures (TSIG) to protect messages: cases and tools
Using DNSSEC to protect DNS data: cases, tools, implications
Dynamic DNS (DDNS)
Secure dynamic updates with nsupdate: policies and usage models
IPv6
Resolving and answering queries over IPv6 transport
Setting up AAAA records to resolve IPv6 addresses
Matt Larson (M5) works in the Advanced Products and Research Group of VeriSign Information Services as a specialist in DNS protocol and operational issues. He is the co-author of the O'Reilly & Associates Nutshell Handbooks DNS on Windows Server 2003, DNS on Windows 2000, and DNS on Windows NT. Matt joined VeriSign in June 2000 from Acme Byte & Wire, a company he started in 1997 with co-author Cricket Liu. Acme Byte & Wire specialized in DNS consulting and training, and its customers included more than 10% of the Fortune 100. Prior to Acme Byte & Wire, Matt worked for five years at Hewlett-Packard, first in the Corporate Network Services group, where he ran hp.com, one of the largest corporate domains in the world. He later joined HP's professional services organization.
Monday, September 25, 2006
DNS Short Hand For Netmasks
The number in the "/xx" shorthand stands for the number of bits (technically, bits set to one) in the subnet mask. The convention is always to start at the left end of the 32-bit subnet mask. The table below shows the correspondence between the "/xx" notation and the actual numeric representation.
Subnet Mask # of Addresses
/1 128.0.0.0 2.1 billion
/2 192.0.0.0 1 billion
/3 224.0.0.0 536 million
/4 240.0.0.0 268 million
/5 248.0.0.0 134 million
/6 252.0.0.0 67 million
/7 254.0.0.0 34 million
/8 255.0.0.0 17 million (Class A)
/9 255.128.0.0 8.4 million
/10 255.192.0.0 4.2 million
/11 255.224.0.0 2.1 million
/12 255.240.0.0 1 million
/13 255.248.0.0 524 thousand
/14 255.252.0.0 262 thousand
/15 255.254.0.0 131 thousand
/16 255.255.0.0 65,534 (Class B)
/17 255.255.128.0 32,766
/18 255.255.192.0 16,382
/19 255.255.224.0 8,190
/20 255.255.240.0 4,094
/21 255.255.248.0 2,046
/22 255.255.252.0 1,022
/23 255.255.254.0 510
/24 255.255.255.0 254 (Class C)
/25 255.255.255.128 126
/26 255.255.255.192 62
/27 255.255.255.224 30 (254-224)
/28 255.255.255.240 14 (254-240)
/29 255.255.255.248 6 (254-248 or 2*2*2-2)
/30 255.255.255.252 2 (254-252 or 2*2-2)
/31 255.255.255.254 RFC 3021
/32 255.255.255.255 Loopback address
Subnet Mask # of Addresses
/1 128.0.0.0 2.1 billion
/2 192.0.0.0 1 billion
/3 224.0.0.0 536 million
/4 240.0.0.0 268 million
/5 248.0.0.0 134 million
/6 252.0.0.0 67 million
/7 254.0.0.0 34 million
/8 255.0.0.0 17 million (Class A)
/9 255.128.0.0 8.4 million
/10 255.192.0.0 4.2 million
/11 255.224.0.0 2.1 million
/12 255.240.0.0 1 million
/13 255.248.0.0 524 thousand
/14 255.252.0.0 262 thousand
/15 255.254.0.0 131 thousand
/16 255.255.0.0 65,534 (Class B)
/17 255.255.128.0 32,766
/18 255.255.192.0 16,382
/19 255.255.224.0 8,190
/20 255.255.240.0 4,094
/21 255.255.248.0 2,046
/22 255.255.252.0 1,022
/23 255.255.254.0 510
/24 255.255.255.0 254 (Class C)
/25 255.255.255.128 126
/26 255.255.255.192 62
/27 255.255.255.224 30 (254-224)
/28 255.255.255.240 14 (254-240)
/29 255.255.255.248 6 (254-248 or 2*2*2-2)
/30 255.255.255.252 2 (254-252 or 2*2-2)
/31 255.255.255.254 RFC 3021
/32 255.255.255.255 Loopback address
Friday, September 01, 2006
Reboot a Linux server without remote power access
Once a Linux box has a hung daemon in /proc, one will not be able to reboot the box in the normal manner. The 'ps' commands will hang - and an 'init 6' will not work because the running processes on the server cannot be killed. Without physical access and remote power control, a SA may use the "Magic System Request" method to force kernel operations like sync, remount of all filesystems read-only, and reboot. Solaris administrators may be familiar sys the 'uadmin' command which also does the same thing.
The short form:
If you're on the console, you must first enable the subsystem with a command:
echo 1 > /proc/sys/kernel/sysrq
Alternatively, you may use the equivalent sysctl command as follows:
sysctl -w kernel.sysrq="1"
kernel.sysrq = 1
Then you can press Alt+SysRq followed by one of the following commands
(and there are many more commands than these):
s Sync Forces a sync, and prints 'OK' to the console when complete.
u Umount Try to umount all filesystems & remount read-only
b Boot Reboot the system without killing any processes
Best if you use Alt+SysRq-s and Alt-SysRq-u first to avoid data loss
Similarly, you can also control sysrq via /proc/sysrq-trigger by:
echo ‘key’ > /proc/sysrq-trigger
Below are some examples:
echo s > /proc/sysrq-trigger (like Alt+SysRq-s)
echo u > /proc/sysrq-trigger (like Alt+SysRq-u)
echo b > /proc/sysrq-trigger (like Alt+SysRq-b)
Here is a list of ‘key’ available:
'r' - Turns off keyboard raw mode and sets it to XLATE.
'k' - Secure Access Key (SAK) Kills all programs on the current virtual console. NOTE: See important comments below in SAK section.
'b' - Will immediately reboot the system without syncing or unmounting your disks.
'c' - Intentionally crash the system without syncing or unmounting your disks.
'o' - Will shut your system off (if configured and supported).
's' - Will attempt to sync all mounted filesystems.
'u' - Will attempt to remount all mounted filesystems read-only.
'p' - Will dump the current registers and flags to your console.
't' - Will dump a list of current tasks and their information to your console.
'm' - Will dump current memory info to your console.'0'-'9' - Sets the console log level, controlling which kernel messages will be printed to your console.
'0', for example would make it so that only emergency messages like PANICs or OOPSes would make it to your console.
'e' - Send a SIGTERM to all processes, except for init.
'i' - Send a SIGKILL to all processes, except for init.
'l' - Send a SIGKILL to all processes, INCLUDING init. (Your system will be non-functional after this.)
'h' - Will display help ( actually any other key than those listed above will display help.
See sysrq.txt somewhere underneath /usr/src/linux-XXX/Documentation for more information.
The short form:
If you're on the console, you must first enable the subsystem with a command:
echo 1 > /proc/sys/kernel/sysrq
Alternatively, you may use the equivalent sysctl command as follows:
sysctl -w kernel.sysrq="1"
kernel.sysrq = 1
Then you can press Alt+SysRq followed by one of the following commands
(and there are many more commands than these):
s Sync Forces a sync, and prints 'OK' to the console when complete.
u Umount Try to umount all filesystems & remount read-only
b Boot Reboot the system without killing any processes
Best if you use Alt+SysRq-s and Alt-SysRq-u first to avoid data loss
Similarly, you can also control sysrq via /proc/sysrq-trigger by:
echo ‘key’ > /proc/sysrq-trigger
Below are some examples:
echo s > /proc/sysrq-trigger (like Alt+SysRq-s)
echo u > /proc/sysrq-trigger (like Alt+SysRq-u)
echo b > /proc/sysrq-trigger (like Alt+SysRq-b)
Here is a list of ‘key’ available:
'r' - Turns off keyboard raw mode and sets it to XLATE.
'k' - Secure Access Key (SAK) Kills all programs on the current virtual console. NOTE: See important comments below in SAK section.
'b' - Will immediately reboot the system without syncing or unmounting your disks.
'c' - Intentionally crash the system without syncing or unmounting your disks.
'o' - Will shut your system off (if configured and supported).
's' - Will attempt to sync all mounted filesystems.
'u' - Will attempt to remount all mounted filesystems read-only.
'p' - Will dump the current registers and flags to your console.
't' - Will dump a list of current tasks and their information to your console.
'm' - Will dump current memory info to your console.'0'-'9' - Sets the console log level, controlling which kernel messages will be printed to your console.
'0', for example would make it so that only emergency messages like PANICs or OOPSes would make it to your console.
'e' - Send a SIGTERM to all processes, except for init.
'i' - Send a SIGKILL to all processes, except for init.
'l' - Send a SIGKILL to all processes, INCLUDING init. (Your system will be non-functional after this.)
'h' - Will display help ( actually any other key than those listed above will display help.
See sysrq.txt somewhere underneath /usr/src/linux-XXX/Documentation for more information.
Subscribe to:
Comments (Atom)
