User talk:Prakashibm

Linux Server Administration Documents. -

--&gt;

I

Yum Repository setup on RHEL5

Yum in RedHat is a package handling utility. The first step is including the necessary repositories. Repositories are merely collections of softwares which are stored in a public location. By including the web address of these repositories, you are directing apt-get to search these locations for the desired software. You use the /etc/apt/sources.list file to list the addresses of the repositories.

Expecting We have an iso image for rhel5

Convert the iso images to normal files:


 * 1) mkdir /var/ftp/pub/RHEL5


 * 1) mkdir /tmp/iso


 * 1) mount -o loop /downloads/RHEL5-iso/RHEL5-Server-20070208.0-i386-disc1-ftp.iso /tmp/iso


 * 1) ls (can see the contents of files instead of an image)


 * 1) cp –rf /tmp/iso/* /var/ftp/pub/RHEL5


 * 1) umount /tmp/iso

Repeat the same steps for disc2, disc3, disc4 and disc5 iso images.If it is DVD we can do it in one step.

Create yum repository:


 * 1) cd /var/ftp/pub/RHEL5


 * 1) rpm -ivh Server/createrepo-0.4.4-2.fc6.noarch.rpm


 * 1) createrepo –v /var/ftp/pub/RHEL5/Server


 * 1) createrepo –v /var/ftp/pub/RHEL5/VT


 * 1) createrepo –v /var/ftp/pub/RHEL5/Cluster


 * 1) createrepo -v /var/ftp/pub/RHEL5/ClusterStorage/

Copy xml files.


 * 1) cp /var/ftp/pub/RHEL5/Server/repodata/comps-rhel5-server-core.xml /var/ftp/pub/RHEL5/Server/


 * 1) cp /var/ftp/pub/RHEL5/VT/repodata/comps-rhel5-vt.xml /var/ftp/pub/RHEL5/VT/


 * 1) cp /var/ftp/pub/RHEL5/Cluster/repodata/comps-rhel5-cluster.xml /var/ftp/pub/RHEL5/Cluster


 * 1) cp /var/ftp/pub/RHEL5/ClusterStorage/repodata/comps-rhel5-cluster-st.xml /var/ftp/pub/RHEL5/ClusterStorage/

Remove the newly created.olddata manually:


 * 1) rm -fR /var/ftp/pub/RHEL5/Server/.olddata/


 * 1) rm -fR /var/ftp/pub/RHEL5/VT/.olddata/


 * 1) rm -fR /var/ftp/pub/RHEL5/Cluster/.olddata/


 * 1) rm -fR /var/ftp/pub/RHEL5/ClusterStorage/.olddata/

Creating Group repository:


 * 1) createrepo -g comps-rhel5-server-core.xml /var/ftp/pub/RHEL5/Server/


 * 1) createrepo -g comps-rhel5-vt.xml /var/ftp/pub/RHEL5/VT/


 * 1) createrepo -g comps-rhel5-cluster.xml /var/ftp/pub/RHEL5/Cluster/


 * 1) createrepo -g comps-rhel5-cluster-st.xml /var/ftp/pub/RHEL5/ClusterStorage/

service vsftpd restart

Note: If ftp throws error while logging in as user (non anonymous) then this is due to SELinux enforcing mode. Hence set the respective Boolean value for ftp service.


 * 1) getsebool –a | grep ftp


 * 1) setsebool –P ftp_home_dir on


 * 1) setsebool –P ftpd_disable_trans on


 * 1) service vsftpd restart

Setting up Yum-Client Repositories to support installations:


 * 1) cd /etc/yum.repos.d


 * 1) vi /etc/yum.repos.d/client.repo

[Server]

name=RHEL 5 Server

baseurl=file:///var/ftp/pub/RHEL5/Server

enabled=1

gpgcheck=0

[VT]

name=RHEL 5 VT

baseurl=file:///var/ftp/pub/RHEL5/VT

enabled=1

gpgcheck=0

[Cluster]

name=RHEL 5 Cluster

baseurl=file:///var/ftp/pub/RHEL5/Cluster

enabled=1

gpgcheck=0

[ClusterStorage]

name=RHEL 5 Server

baseurl=file:///var/ftp/pub/RHEL5/ClusterStorage

enabled=1

gpgcheck=0

Note: If the client should be setup in some other system, then replace the lines with phrase:

baseurl=file:///var/ftp/pub/RHEL5/*

to

baseurl=ftp:///pub/RHEL5/*

To verify:

Clean the repository:


 * 1) yum clean all

Verify that yum is properly installed and configured using:


 * 1) yum list all

Other commands on Yum:

To list the package:


 * 1) yum list

To list the dependencies of a package:


 * 1) yum deplist

To list all the package containing a pattern:


 * 1) yum list **

To find the description of a package:


 * 1) yum info

To find what package is available under that group:


 * 1) yum groupinfo

To remove a package with dependencies:


 * 1) yum remove

To remove a group of packages with dependencies:


 * 1) yum remove

To install a package:


 * 1) yum install

To forcefully install a package:


 * 1) yum install –y

To install a group of packages:


 * 1) yum groupinstall

Sudo user Administration

If a server needs to be administered by a number of people it is normally not a good idea for them all to use the root account.

This is because it becomes difficult to determine exactly who did what, when and where if everyone logs in with the same credentials. The sudo utility was designed to overcome this difficulty.

The sudo utility allows users defined in the /etc/sudoers configuration file to have temporary access to run commands they would not normally be able to due to file permission restrictions. The commands can be run as user "root" or as any other user defined in the /etc/sudoers configuration file.

The privileged command you want to run must first begin with the word sudo followed by the command's regular syntax.

When running the command with the sudo prefix, you will be prompted for your regular password before it is executed.

You may run other privileged commands using sudo within a five-minute period without being re-prompted for a password.

All commands run as sudo are logged in the log file /var/log/messages.

The visudo command is a text editor that mimics the vi editor that is used to edit the /etc/sudoers configuration file.

It is not recommended that you use any other editor to modify your sudo parameters because the sudoers file isn't located in the same directory on all versions of Linux.

visudo uses the same commands as the vi text editor. The visudo command must run as user root and should have no arguments:

Groups are the same as user groups and are differentiated from regular users by a % at the beginning. The Linux user group "users" would be represented by %users.

You can have multiple usernames per line separated by commas.

Multiple commands also can be separated by commas. Spaces are considered part of the command.

The keyword ALL can mean all usernames, groups, commands and servers.

If you run out of space on a line, you can end it with a back slash (\) and continue on the next line.

sudo assumes that the sudoers file will be used network wide, and therefore offers the option to specify the names of servers which will be using it in the servername position in Table 9-1. In most cases, the file is used by only one server and the keyword ALL suffices for the server name.

The NOPASSWD keyword provides access without prompting for your password.

Groups are the same as user groups and are differentiated from regular users by a % at the beginning. The Linux user group "users" would be represented by %users.

You can have multiple usernames per line separated by commas.

Multiple commands also can be separated by commas. Spaces are considered part of the command.

The keyword ALL can mean all usernames, groups, commands and servers.

If you run out of space on a line, you can end it with a back slash (\) and continue on the next line.

sudo assumes that the sudoers file will be used network wide, and therefore offers the option to specify the names of servers which will be using it in the servername position in Table 9-1. In most cases, the file is used by only one server and the keyword ALL suffices for the server name.

The NOPASSWD keyword provides access without prompting for your password.

1)Granting All Access to Specific Users

bob, bunny ALL=(ALL) ALL

2)Granting Access To Specific Users To Specific Files.

peter and users in group operator can run the specified commands on all hosts.

peter, %operator ALL= /sbin/, /usr/sbin, /usr/local/apps/check.pl

3) Granting Access to Specific Files as Another User

The sudo -u entry allows allows you to execute a command as if you were another user

peter ALL =(accounts)  /sbin/, /usr/sbin, /usr/local/apps/check.pl

Command Alias

Access With out password.

Granting Access Without Needing Passwords

%operator ALL= NOPASSWD: /sbin/

For advanced options please refer

http://linux.die.net/man/5/sudoers

--&gt;

Installing and configuring Dns master server using bind on linux.

Please find the step by step procedure for Configuring Master Dns Server for domain linux.com for both forward and reverse lookup zone. This is just one method where all the zone information and acl will be ion same named.conf file. This server will be in jailed environment as I am using bind-chroot path for security.

Server IP - 10.30.109.126

Server host name -dns.linux.com

Master Server for linux.com

Configure host name of the DNS server properly. Host name will be nameserver.linux.com

[root@dns ~]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=dns.linux.com

[root@dns ~]# hostname dns.linux.com

Please execute the following command to install the required software by executing the following command.

[root@dns ~]# yum -y install bind* cachin*

Please find the software installed

=
================================================================

Package Arch Version Repository Size

=
================================================================

Installing:

bind i386 30:9.3.3-7.el5 rhel-debuginfo 954 k

bind-chroot i386 30:9.3.3-7.el5 rhel-debuginfo 38 k

bind-devel i386 30:9.3.3-7.el5 rhel-debuginfo 2.6 M

bind-libbind-devel i386 30:9.3.3-7.el5 rhel-debuginfo 440 k

bind-libs i386 30:9.3.3-7.el5 rhel-debuginfo 834 k

bind-sdb i386 30:9.3.3-7.el5 rhel-debuginfo 223 k

bind-utils i386 30:9.3.3-7.el5 rhel-debuginfo 162 k

caching-nameserver i386 30:9.3.3-7.el5 rhel-debuginfo 55 k

check for the ROOTDIR entry to confirm that the root directory is /var/named/chroot.

[root@dns ~]# cat /etc/sysconfig/named

ROOTDIR=/var/named/chroot

Creating configuration for zone linux.com

[root@dns ~]# cd /var/named/chroot/etc/

Add the following entries to the configuration file.

[root@dns named]# cat ../../etc/named.conf

options {

directory "/var/named";

};

zone "." IN {

type hint;

file "named.ca";

};

zone "linux.com" IN {

type master;

file "linuxFLZ";

};

zone "10.30.109.in-addr.arpa" IN {

type master;

file "linuxRLZ";

};

[root@dns etc]# chown named:named named.conf

Creating the resource record file for forward lookup zone.

[root@dns etc]# cd /var/named/chroot/var/named

[root@dns named]# cat localdomain.zone &gt; linuxFLZ

[root@dns named]# chown named:named linuxFLZ

See the file now and see after editing the same.

[root@dns named]# cat linuxFLZ

$TTL 86400

@ IN SOA localhost root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS localhost

localhost IN A 127.0.0.1

After editing, only added the name server (dns.linux.com) only.

[root@dns named]# cat linuxFLZ

$TTL 86400

@ IN SOA linux.com root (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS dns.linux.com.

localhost IN A 127.0.0.1

dns IN A 10.30.109.126

configure the reverse lookup zone resource record file.

[root@dns named]# pwd

/var/named/chroot/var/named

[root@dns named]# cat named.local &gt; linuxRLZ

[root@dns named]# chown named:named linuxRLZ

Please find the file before edit.

[root@dns named]# cat linuxRLZ

$TTL 86400

@ IN SOA localhost. root.localhost. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS localhost.

1 IN PTR localhost.

After adding hosts.

[root@dns named]# cat linuxRLZ

$TTL 86400

@ IN SOA linux.com. root.linux.com. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS dns.linux.com.

1 IN PTR localhost.

126 IN PTR dns.linux.com.

starting the service

[root@dns named]# /etc/init.d/named start

Starting named: [ OK ]

[root@dns named]# chkconfig named on

---making linux box as client of the Dns server.

[root@dns ~]# cat /etc/resolv.conf

nameserver 10.30.109.126

Now checking for forward lookup zone and reverse lookup zone.

[root@dns ~]# nslookup dns.linux.com

Server: 10.30.109.126

Address: 10.30.109.126#53

Name: dns.linux.com

Address: 10.30.109.126

Now checking for reverse lookup zone and reverse lookup zone.

[root@dns ~]# nslookup 10.30.109.126

Server: 10.30.109.126

Address: 10.30.109.126#53

126.109.30.10.in-addr.arpa name = dns.linux.com.

[root@dns ~]# host -al linux.com

Trying "linux.com"


 * -&gt;&gt;HEADER&lt;<- data-blogger-escaped-32904="32904" data-blogger-escaped-b="b" data-blogger-escaped-id:="id:" data-blogger-escaped-noerror="noerror" data-blogger-escaped-opcode:="opcode:" data-blogger-escaped-query="query" data-blogger-escaped-status:="status:">


 * flags: qr aa ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0


 * QUESTION SECTION:


 * linux.com. IN AXFR


 * ANSWER SECTION:

linux.com. 86400 IN SOA linux.com.linux.com. root.linux.com. 42 10800 900 604800 86400

linux.com. 86400 IN NS dns.linux.com.

dns.linux.com. 86400 IN A 10.30.109.126

localhost.linux.com. 86400 IN A 127.0.0.1

linux.com. 86400 IN SOA linux.com.linux.com. root.linux.com. 42 10800 900 604800 86400

Received 170 bytes from 10.30.109.126#53 in 0 ms

Note: We can keep on adding hosts part of the zone in the related resource record file and if we needed new zones also.

--&gt;

Linux Network configuration

Index:

Analysing Network Setting…………………………………………………………. Manual configuration…………………………………………………………………

By editing system configuration files and using linux utility

Permanent configuration…………………………………………………….

This kind of configuration will survive the rebooting of the machine.

Temporaryconfiguration…………………………………………………… Virtual interface and virtual IP configuration………………………………………. Permanent…………………………………………………………………... Temporary……………………………………………………………………

This kind of configuration will not survive the rebooting of the machine.

Dynamic configuration……………………………………………………………….

Need the support of a DHCP or BOOTP server.

Bonding……………………………………………………………………………

Here we will be discussing Ethernet devices only.

1) Analyzing Network settings

Ifconfig

Ifconfig will give you answer for the following questions.

1) How many devices detected

2) How many virtual interfaces and virtual IPs.

3) MTU of each device.

4) Hardware address of device.

5) Broad cast address

6) Net mask

7) Is it accessible to the internet layer?

8) Metric value

9) Transmitting and receiving (TX/RX)

[root@initsablovl3c ~]# ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:0C:29:80:20:02

inet addr:10.30.109.126 Bcast:10.30.109.255 Mask:255.255.254.0

inet6 addr: fe80::20c:29ff:fe80:2002/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:1381 errors:0 dropped:0 overruns:0 frame:0

TX packets:163 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:160936 (157.1 KiB) TX bytes:21557 (21.0 KiB)

Interrupt:5 Base address:0x2024

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:2911 errors:0 dropped:0 overruns:0 frame:0

TX packets:2911 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:4794964 (4.5 MiB) TX bytes:4794964 (4.5 MiB)

sit0 Link encap:IPv6-in-IPv4

NOARP MTU:1480 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

How to find out the network interface details like speed,duplex,autonegotiation,etc..

[root@initsablovl3c network-scripts]# ethtool eth0

How to check interface driver details

[root@localhost ~]# ethtool -i eth0

How to know the nic status

[root@localhost ~]# ethtool -S eth0

How to know Nic status.

[root@localhost ~]# ethtool -S eth0

Force the first NIC to operate at fix and non-negotiable speed at 100Mbps full duplex

[root@localhost ~]# ethtool -s eth0 speed 100 duplex full autoneg off

How to find out the Driver name.

[root@initsablovl3c ~]# grep eth /etc/modprobe.conf

Out put will be like

alias eth0

How to find the loaded module

[root@initsablovl3c ~]#lsmod | grep

How to remove driver/module

[root@initsablovl3c ~]# modprobe –r

How to reinstall the driver

[root@initsablovl3c ~]# modprobe

How to bring down interface

[root@initsablovl3c ~]# ifdown eth0

How to bring up interface

[root@initsablovl3c ~]# ifup eth0

NOTE-: This is the Location for the network modules.

[root@initsablovl3c ~]# ls -l /lib/modules/`uname -r`/kernel/drivers/net/

2)Manual configuration

Two types

Permanent

Temporary

a) Permanently

NOTE-: By editing system configuration files and/or using Linux utility.(setup,system-config-network etc..or we can take some help of customized shell scripts if need to configure more interfaces.)

NOTE-: Can configure IP address using Linux tools or manually. The important point is a configuration file per interface or per virtual interface should be present. In the location given bellow.


 * 1) This Location of the Configuration files and scripts for the network devices.

[root@initsablovl3c network-scripts]# pwd

/etc/sysconfig/network-scripts

[root@initsablovl3c network-scripts]# ls

ifcfg-eth0 ifdown-eth ifdown-isdn ifdown-sit ifup-aliases ifup-ipsec ifup-plip ifup-routes ifup-wireless network-functions-ipv6 ifcfg-lo ifdown-ippp ifdown-post ifdown-sl ifup-bnep ifup-ipv6 ifup-plusb ifup-sit init.ipv6-global ifdown ifdown-ipsec ifdown-ppp ifdown-tunnel ifup-eth ifup-ipx ifup-post ifup-sl net.hotplug ifdown-bnep ifdown-ipv6 ifdown-routes ifup ifup-ippp ifup-isdn ifup-ppp ifup-tunnel network-functions

Out of this ifcfg-* files represents the Ethernet devices.

Eg- ifcfg-lo -&gt; represents the loopback device lo.

Ifcfg-eth0 -&gt; represents first inter face eth0.

Configuring Network in formations using setup utility

[root@initsablovl3c ~]# setup

NOTE-: These command popup with a gui like tool shown below

a) Road map setup for IP settings -&gt;Network Configuration-&gt;Edit Devices-&gt;

--&gt;

NOTE-: Here you can choose either first and configure. I am taking “Edit Devoces” first.This option is new with RHEL5.4 I believe.

--&gt;

Choose eth0 for configuring existing devices and also we have an option to configuring new devices also.

--&gt;

NOTE-: If we choose DHCP, All the configurations will be pulled from a dhcp server which we will be discussion in the Dynamic IP setting.

Will be looking like this.

--&gt; NOTE-: Add IP,NETMASK.,DEFAULT GATEWAY etc… Now go back and Edit the dns settings also, there you can configure three levels of name servers. Then start/restart the service according to the situation.

[root@initsablovl3c ~]# /etc/init.d/network restart

Shutting down interface eth0: [ OK ]

Shutting down loopback interface: [ OK ]

Bringing up loopback interface: [ OK ]

Bringing up interface eth0: [ OK ]

[root@initsablovl3c ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:0C:29:80:20:02

inet addr:192.168.0.22 Bcast:192.168.0.255 Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fe80:2002/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:9045 errors:0 dropped:0 overruns:0 frame:0

TX packets:1437 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:997243 (973.8 KiB) TX bytes:376670 (367.8 KiB)

Interrupt:5 Base address:0x2024

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:2959 errors:0 dropped:0 overruns:0 frame:0

TX packets:2959 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:4802003 (4.5 MiB) TX bytes:4802003 (4.5 MiB)

NOTE-: when I was doing above step actually a configuration file eth0 is edited with the following details.

[root@initsablovl3c ~]# cd /etc/sysconfig/network-scripts/

[root@initsablovl3c network-scripts]# ls

ifcfg-eth0 ifdown-bnep ifdown-ipsec ifdown-post ifdown-sit ifup ifup-eth ifup-ipv6 ifup-plip ifup-ppp ifup-sl ifcfg-lo ifdown-eth ifdown-ipv6 ifdown-ppp ifdown-sl ifup-aliases ifup-ippp ifup-ipx ifup-plusb ifup-routes ifup-tunnel ifdown ifdown-ippp ifdown-isdn ifdown-routes ifdown-tunnel ifup-bnep ifup-ipsec ifup-isdn ifup-post ifup-sit ifup-wireless

[root@initsablovl3c network-scripts]# cat ifcfg-eth0


 * 1) Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]

DEVICE=eth0

BOOTPROTO=none

HWADDR=00:0c:29:80:20:02

ONBOOT=yes

TYPE=Ethernet

NETMASK=255.255.255.0

IPADDR=192.168.0.22

GATEWAY=192.168.0.1

b)Temporary

NOTE-: How Configuring Ip address temporarily. We can configure IP address temporally using ifconfig command like this.

[root@initsablovl3c ~]# ifconfig eth0 192.168.0.22 netmask 255.255.255.0 default 192.168.0.1

[root@initsablovl3c ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:0C:29:80:20:02

inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0

inet6 addr: fe80::20c:29ff:fe80:2002/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:11050 errors:0 dropped:0 overruns:0 frame:0

TX packets:1932 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:1215470 (1.1 MiB) TX bytes:430188 (420.1 KiB)

Interrupt:5 Base address:0x2024

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:3019 errors:0 dropped:0 overruns:0 frame:0

TX packets:3019 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:4808419 (4.5 MiB) TX bytes:4808419 (4.5 MiB)

3) Virtual interface and virtual IP configuration

a)Permanent

b)Temporary

a)Permanent

Permentnt in the sence a configuration file in the place.

NOTE-: Virtual interfaces are which communicates through the real interfaces but it can be configured for different network also

Eg: if eth0 is real interface then eth0:0, eth0:1 etc.. can be virtual interfaces.

Will go to the Directory where we can find the network configuration files and Scripps.

Very important thing we need to understand is ifcfg-eth0 is for representing interface eth0 like that we need a configuration file for eth0:0 also.

--&gt;

Let’s see how we can create the same.Please see the out put given below. It the content of ifcfg-eth0 and please see the colored part of the file. “DEVICE=eth0”. What we need to do is just copy the file and change the DEVICE name and changes the other details like IP,NETMASK,etc and then restart network service.

[root@initsablovl3c ~]# cd /etc/sysconfig/network-scripts/

[root@initsablovl3c network-scripts]# cat ifcfg-eth0


 * 1) Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]

DEVICE=eth0

BOOTPROTO=none

HWADDR=00:0c:29:80:20:02

ONBOOT=yes

TYPE=Ethernet

NETMASK=255.255.255.0

IPADDR=192.169.0.1

GATEWAY=192.168.0.1

NOTE-: Edit the file with for new Device name and details. Pleases find the new file after edited. I am going to edit the colored fields only. Then I am going to restart the network service.

[root@initsablovl3c network-scripts]# cp ifcfg-eth0 ifcfg-eth0:0

NOTE-: Generate new file copying ifcfg-eth0.

[root@initsablovl3c network-scripts]# cat ifcfg-eth0:0


 * 1) Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]

DEVICE=eth0:0

BOOTPROTO=none

HWADDR=00:0c:29:80:20:02

ONBOOT=yes

TYPE=Ethernet

NETMASK=255.255.255.0

IPADDR=192.169.0.2

GATEWAY=192.168.0.1

NOTE-: Restart the network service.

[root@initsablovl3c network-scripts]# /etc/init.d/network restart

NOTE-: Now your machine got Two interfaces eth0 and eth0:0 in which eth0:0 is a virtual interface and it is permanent.

b)Temporary

Virtual interface can be configured temporally by using “ifconfig” command.

[root@initsablovl3c network-scripts]# ifconfig eth0:3 192.168.0.10 netmask 255.255.255.0

--&gt;

NOTE:- But careful rebooting will not be survived by this settings so be careful.

4)Dynamic configuration

We can do this by simply give a command called dhclient or dhclient –r .Becare ful when we doing the same in a server with out console access boz we will never know which IP will be talen by the host if there is no ddns setup.

Please find one sample output.

[root@initsablovl3c network-scripts]# dhclient

Internet Systems Consortium DHCP Client V3.0.5-RedHat

Copyright 2004-2006 Internet Systems Consortium.

All rights reserved.

For info, please visit http://www.isc.org/sw/dhcp/

Listening on LPF/eth0/00:0c:29:80:20:02

Sending on LPF/eth0/00:0c:29:80:20:02

Sending on Socket/fallback

DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7

DHCPOFFER from 10.30.108.1

DHCPREQUEST on eth0 to 255.255.255.255 port 67

DHCPACK from 10.30.108.1

bound to 10.30.109.126 -- renewal in 67651 seconds.

5)Bonding

Taking Oracle RAC nodes bonding for Example.

Here we are using two different types for bonding mod0 and mod1.

mode=0(balance-rr)

Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance. mode=1(active-backup)

Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

Step 1: mii-tool can be used to look up active network interfaces

[root@hprac2 ~]# mii-tool

eth0: no link

eth1: no link

eth2: negotiated 100baseTx-FD, link ok

eth3: no autonegotiation, 100baseTx-HD, link ok

eth4: negotiated 100baseTx-FD, link ok

eth5: negotiated 100baseTx-FD, link ok

Step 2: Enable the bonding modules in /etc/rc.sysinit


 * 1) bonding modules

modprobe -o bond0 bonding miimon=100 mode=0

modprobe -o bond1 bonding miimon=100 mode=1

Step 3: For the public bond (bond0) edit the device configuration file for eth3 and eth5

Step 4: Edit /etc/sysconfig/network-scripts/ifcfg-eth3

DEVICE=eth3

USERCTL=no

ONBOOT=yes

MASTER=bond0

SLAVE=yes

BOOTPROTO=none

Step 5: Edit /etc/sysconfig/network-scripts/ifcfg-eth5

DEVICE=eth5

USERCTL=no

ONBOOT=yes

MASTER=bond0

SLAVE=yes

BOOTPROTO=none

Step 6: For the private bond (bond1) edit the device configuration file for eth2 and eth4

Step 7: Edit /etc/sysconfig/network-scripts/ifcfg-eth2

DEVICE=eth2

USERCTL=no

ONBOOT=yes

MASTER=bond1

SLAVE=yes

BOOTPROTO=none

Step 8: Edit /etc/sysconfig/network-scripts/ifcfg-eth4

DEVICE=eth4

USERCTL=no

ONBOOT=yes

MASTER=bond1

SLAVE=yes

BOOTPROTO=none

Step 9: Now create the bond0 and bond1 files


 * 1) /etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0

IPADDR= 168.141.201.137

NETWORK= 168.141.201.0

NETMASK=255.255.0.0

USERCTL=no

BOOTPROTO=none

ONBOOT=yes

GATEWAY= 168.141.201.1


 * 1) /etc/sysconfig/network-scripts/ifcfg-bond1

DEVICE=bond1

IPADDR=192.168.1.137

NETWORK=192.168.0.0

NETMASK=255.255.255.0

USERCTL=no

BOOTPROTO=none

ONBOOT=yes

Step 10: Restart the network using the service command

Step 11: The bonds can be verified in the /proc/net/bonding/bond? Files

[root@hprac2 ~]# cat /proc/net/bonding/bond0

Ethernet Channel Bonding Driver: v2.6.3-rh (June 8, 2005)

Bonding Mode: load balancing (round-robin)

MII Status: up

MII Polling Interval (ms): 100

Up Delay (ms): 0

Down Delay (ms): 0

Slave Interface: eth3

MII Status: up

Link Failure Count: 0

Permanent HW addr: 00:1a:4b:07:27:b7

Slave Interface: eth5

MII Status: up

Link Failure Count: 0

Permanent HW addr: 00:1a:4b:06:bc:49

[root@hprac2 ~]# cat /proc/net/bonding/bond1

Ethernet Channel Bonding Driver: v2.6.3-rh (June 8, 2005)

Bonding Mode: fault-tolerance (active-backup)

Primary Slave: None

Currently Active Slave: eth2

MII Status: up

MII Polling Interval (ms): 100

Up Delay (ms): 0

Down Delay (ms): 0

Slave Interface: eth2

MII Status: up

Link Failure Count: 0

Permanent HW addr: 00:1a:4b:07:27:b6

Slave Interface: eth4

MII Status: up

Link Failure Count: 0

Permanent HW addr: 00:1a:4b:06:bc:48

Note: For the private adapter team bond1 only active-backup (mode 1) configuration is supported. Useful Links:

1) Bonding Ethernet Parameters: http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1-modulesethernet.

html

2) Linux Ethernet Bonding Driver HOWTO: http://www.cyberciti.biz/howto/question/static/linux-ethernet-bonding-driverhowto.

php