Re: [CentOS] partitioning order and IO performance
Ross Walker wrote: > Also, for random IO the opposite is true, the rotational latency is > significantly smaller on the inner tracks than the outer tracks, so > random OPs perform better there. > um, most all hard disks are CAV, so the rotational latency measured in milliseconds is constant throughout the disk. usually 50% of a turn is the assumed mean rotational latency ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] partitioning order and IO performance
On Dec 22, 2009, at 6:13 PM, Robert Nichols wrote: > Carlos Santana wrote: >> Hi, >> >> Does mount point specification while partitioning (order in which I >> specify /, /boot, swap etc..) affect performance? I am not sure about >> the syntax, but I guess one can also specify address/block range >> while >> partitioning. Does it affect IO performance? Probably a stupid >> question, but just curious.. Any insights? > > Not a stupid question at all. For ordinary disk drives the answer is > yes, absolutely. The outer tracks of a disk are physically longer, > and any but the most ancient of disk drives will pack more sectors > into those tracks. Since the disk rotates at a constant RPM, more > sectors per second pass under the head on the outer tracks. The > ratio of data rates for the outermost vs. innermost tracks is > typically 2:1 or a bit higher. Add to this the need for more and > longer seeks for filesystems on the inner tracks (again, less data > on each physical track), and the performance degrades even more. > > On most disks cylinder numbering starts at the outer tracks, but I > have heard of disks that number their cylinders in the opposite > direction -- never actually seen one, though. Also, for random IO the opposite is true, the rotational latency is significantly smaller on the inner tracks than the outer tracks, so random OPs perform better there. Though having different workloads on opposite sides of the disk is counter productive, but say you had one large volume for random IO workloads and another large volume for sequential workloads, you could allocate the beginning chunk to your most performance oriented servers on the sequential volume and the end chunk to your most performance oriented servers on the random volume. -Ross ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] iptables -m connlimit
Hi, to the use of connlimit, I have found http://lists.centos.org/pipermail/centos/2008-June/059656.html Is there something new with centos 5.3 or 5.4? Helmut ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
We had a similar problem copying files between servers on two of our campuses via SCP. After a while the connection just stalled out and hung. The problem turned out to be SCP and SFTP interacting a bug in the SACK (Selective Acknowledgment) algorithm used in Linux. We turned it off on the two endpoints using the following addition to /etc/sysctl.conf: # Turn off SACK net.ipv4.tcp_sack = 0 and execute "sysctl -p" to apply it. You can also use "sysctl -w net.ipv4.tcp_sack=0" to turn it off temporarily. Our file transfers worked just fine after the change. I realize there are differences our situation and yours and this might not work in your case. Given the length of this thread, though, it might be worth a try! -- Jay Leafey - Memphis, TN jay.lea...@mindless.com smime.p7s Description: S/MIME Cryptographic Signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] partitioning order and IO performance
Carlos Santana wrote: > Hi, > > Does mount point specification while partitioning (order in which I > specify /, /boot, swap etc..) affect performance? I am not sure about > the syntax, but I guess one can also specify address/block range while > partitioning. Does it affect IO performance? Probably a stupid > question, but just curious.. Any insights? Not a stupid question at all. For ordinary disk drives the answer is yes, absolutely. The outer tracks of a disk are physically longer, and any but the most ancient of disk drives will pack more sectors into those tracks. Since the disk rotates at a constant RPM, more sectors per second pass under the head on the outer tracks. The ratio of data rates for the outermost vs. innermost tracks is typically 2:1 or a bit higher. Add to this the need for more and longer seeks for filesystems on the inner tracks (again, less data on each physical track), and the performance degrades even more. On most disks cylinder numbering starts at the outer tracks, but I have heard of disks that number their cylinders in the opposite direction -- never actually seen one, though. -- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] partitioning order and IO performance
Hi, Does mount point specification while partitioning (order in which I specify /, /boot, swap etc..) affect performance? I am not sure about the syntax, but I guess one can also specify address/block range while partitioning. Does it affect IO performance? Probably a stupid question, but just curious.. Any insights? Thanks, CS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SOLVED - Re: Frustrations with MySQL loss, tcpdump, netstat, etc
Hi Guys, OK, I figured out the problem, It would seem that Comcast spelling my DNS entry wrong would do it! I have done this a zillion times, I was totally stumped as to what I would be missing this time. Thanks everyone for their help. -Jason - Original Message - From: "Kai Schaetzl" To: centos@centos.org Sent: Tuesday, December 22, 2009 9:31:19 AM Subject: Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc MySQL is *not* listening on TCP 3306 since *long* unless you tell it to in the my.cf. It uses a local Unix socket by default. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NMS Opinions
Brendan Minish wrote: > On Tue, 2009-12-22 at 02:36 +, Joseph L. Casale wrote: > > Take a look at zenoss too, I am in the process of deploying it as a > replacement for a rather elderly and under-resourced Nagios server > Liking it a lot so far > http://www.zenoss.com/ > there's good help on IRC too > freenode #zenoss > > regards > Brendan > I don't know now but i couldn't define relations manually about 2 years ago. It was a major PITA as if a router fails, you don't want to get 500 alarms for all the devices behind it. It was supposed to auto discover and do relationship by itself but wasn't able to do it properly with our network: Many VLANs and router / firewall using trunking, etc. Guy Boisvert, ing. IngTegration inc. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables ... *BSD pf ... pfSense
On 12/22/2009 07:22 PM, Götz Reinicke - IT Koordinator wrote: > Hi, > > I followed the "Optimizing CentOS for gigabit firewall" posting and as > some posters wrote pf is soo sooo sso mutch faster, I was thinking > to give it a try. But I'm not familier to BSD so I was looking for some > tools and found "pfsense" > > http://www.pfsense.org/ > > "pfSense is a free, open source customized distribution of FreeBSD > tailored for use as a firewall and router" > > Has any of the firewall guys on the list ever tested this distri? > > What do you think? pf is not a native FreeBSD thingie... you won't get the latest features, tweaks, and optimizations there. Timo > Right now we run a iptables Shorewall system and had no problems so far, > but having a "managed" firewall distri which rocks whould be an alternative. > > Cheers, > > Götz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables ... *BSD pf ... pfSense
- "Götz Reinicke - IT Koordinator" wrote: > Hi, > > I followed the "Optimizing CentOS for gigabit firewall" posting and as > > some posters wrote pf is soo sooo sso mutch faster, I was thinking > > to give it a try. But I'm not familier to BSD so I was looking for > some > tools and found "pfsense" > > http://www.pfsense.org/ > > "pfSense is a free, open source customized distribution of FreeBSD > tailored for use as a firewall and router" > > Has any of the firewall guys on the list ever tested this distri? > > What do you think? > > Right now we run a iptables Shorewall system and had no problems so > far, > but having a "managed" firewall distri which rocks whould be an > alternative. > pfSense is fantastic, amazing, etc. You get the rock solid foundation of FreeBSD along with pf and a nice GUI around it. Features, package addons, performance, and of course price are all very nice. Plus, their support is top notch, both community and paid versions. I doubt you'll find a better open source firewall distro anywhere. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] About liveCd installation...
Hi List; I didn't found the installation from Centos5.4 LiveCD. Does not have any installation script inside this distribution? or How can I start to install LiveCd to HDD? Thanks a lot... Sincerely, Tolun ARDAHANLI Computer Engineer web: www.ardahanli.net E-mail: to...@ardahanli.net Icq:326600 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] IPTABLES --hitcount maximum value
In-Reply-To: <4b30f618.6060...@kinzesberg.de> On: Tue, 22 Dec 2009 17:38:48 +0100, "Dirk H. Schulz" wrote: > That is a new "phenomenon" I also ran into. You now have to > adjust memory values. > > I have added to my /etc/modprobe.conf > "options ipt_recent ipt_pkt_list_tot=75" > Now I can use hitcount values of 50 (did not test if the above > is sufficient for higher values). I found this on the net so I deduce that you would be safe up to a hitcount value of 75. > [PATCH] netfilter: ipt_recent: sanity check hit count > From: Daniel Hokka Zakrisson > Date: Sat Mar 15 2008 - 10:11:05 EST > > If a rule using ipt_recent is created with a hit count greater > than ip_pkt_list_tot, the rule will never match as it cannot > keep track of enough timestamps. This patch makes ipt_recent > refuse to create such rules. > > With ip_pkt_list_tot's default value of 20, . . . Thanks for the lead. Regards, -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] iptables ... *BSD pf ... pfSense
Hi, I followed the "Optimizing CentOS for gigabit firewall" posting and as some posters wrote pf is soo sooo sso mutch faster, I was thinking to give it a try. But I'm not familier to BSD so I was looking for some tools and found "pfsense" http://www.pfsense.org/ "pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router" Has any of the firewall guys on the list ever tested this distri? What do you think? Right now we run a iptables Shorewall system and had no problems so far, but having a "managed" firewall distri which rocks whould be an alternative. Cheers, Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium Geschäftsführer: Prof. Thomas Schadt ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NMS Opinions
Brendan Minish wrote: > On Tue, 2009-12-22 at 02:36 +, Joseph L. Casale wrote: > >> Any opinions appreciated! >> jlc > > Take a look at zenoss too, I am in the process of deploying it as a > replacement for a rather elderly and under-resourced Nagios server > Liking it a lot so far > http://www.zenoss.com/ > there's good help on IRC too > freenode #zenoss > Does zenoss give you a reasonable way to export data to other tools for reporting or longer term trend analysis? Cacti has a way to get the individual data samples via http. Opennms has a way to get min/max/average over a specified time range. Neither is exactly what I'm looking for, but better than nothing. An example of what I'd like to do is to find the peak total bandwidth used (at the same time) across a group of interfaces, and be able to do reports of that grouping over long time spans where individual interfaces in the group will change. Or the same for other metrics like CPU use. So far I haven't found any tools that deal with fail-over and load-balance groupings in a reasonable way. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
MySQL is *not* listening on TCP 3306 since *long* unless you tell it to in the my.cf. It uses a local Unix socket by default. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NMS Opinions
On Tue, 2009-12-22 at 02:36 +, Joseph L. Casale wrote: > Any opinions appreciated! > jlc Take a look at zenoss too, I am in the process of deploying it as a replacement for a rather elderly and under-resourced Nagios server Liking it a lot so far http://www.zenoss.com/ there's good help on IRC too freenode #zenoss regards Brendan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
ML wrote: > Rick, > >> have you tried to telnet to port 3306 of the machine where the mysql >> server is located, from your home machine? if so, what do you get? >> If you're successful you'll get a connect bit that includes a string >> that will show your mysql server version number. if you don't have >> mysql access you'll likely see a mysqld reject of some nature. if >> there's a network issue you'll just get a hang or you could get an >> unreachable error. > > Yup, it works: > > $ telnet 173.13.167.209 3306 > Trying 173.13.167.209... > Connected to mail.mailnewsrss.com. > Escape character is '^]'. > > 4 > 5.0.77aWqQ!OMq,slG]|xft5L[fConnection closed by foreign host. Does the source address that the server sees (check with netstat or tcpdump) match what you've permitted in mysql? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
ML wrote: > Hi Les, > >>> MySQL is running, my Wordpress stuff is working, but I cannot connect to >>> the server from my house. This server is in my house, however, but on a >>> public IP, behind a firewall, etc. >>> >>> I checked my hardware firewall (a dedicated UnTangle system) and that is >>> successfully allowing the passage. I know this because the firewall shows: >>> >>> 2009-12-22 6:29:41 am passed :35606 :3306 >>> >> [...] > >>> What am I doing wrong? What can I check for? I am stumped! >> Where does the client connection originate? Is it behind the same >> firewall but on a NATed address? Or is NAT involved in some other way >> that might keep you from seeing the source you expect in your tcpdump? > > OK, I have a comcast modem as pass through. > > I have a firewall and behind it is the mysql server (public IP) > > I have an Apple Time Capsule that is NOT behind the firewall, but does have a > public IP on the same network as the firewall and MySQL Server. The Time > Capsule nats and give clients behind it a private IP. I still don't understand the exact relationship - or which address you are expecting in the tcpdump. From this description I'd guess you would see the time capsule's public IP as the source for your connections. Is that what you were expecting, but not seeing, in your tcpdump? Are there other connections to mysql through this interface or can you just look for anything on port 3306? And is the firewall running as an unnumbered bridge? I'd make sure packets are going back and forth before looking further. Also, comcast modems can overlay a private range on the same subnet as the assigned public set. It would be possible for your time capsule to use a dhcp-assigned private address on it's public facing side which would be NATted by the comcast modem. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
Rick, > have you tried to telnet to port 3306 of the machine where the mysql > server is located, from your home machine? if so, what do you get? > If you're successful you'll get a connect bit that includes a string > that will show your mysql server version number. if you don't have > mysql access you'll likely see a mysqld reject of some nature. if > there's a network issue you'll just get a hang or you could get an > unreachable error. Yup, it works: $ telnet 173.13.167.209 3306 Trying 173.13.167.209... Connected to mail.mailnewsrss.com. Escape character is '^]'. 4 5.0.77aWqQ!OMq,slG]|xft5L[fConnection closed by foreign host. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPTABLES --hitcount maximum value
Hi, James B. Byrne schrieb: > Is the maximum permitted value for --hitcount documented anywhere? > I reliably get a iptables-restore error when I specify a hitcount > value greater than 20 That is a new "phenomenon" I also ran into. You now have to adjust memory values. I have added to my /etc/modprobe.conf "options ipt_recent ipt_pkt_list_tot=75" Now I can use hitcount values of 50 (did not test if the above is sufficient for higher values). Dirk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
>> I checked the firewall (system-config-securitylevel-tui) on the server and >> that has 3306:tcp allowed. Sure: > netstat -tlnw [r...@indie ~]# netstat -tnlw Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp0 0 173.13.167.209:389 0.0.0.0:* LISTEN tcp0 0 127.0.0.1:10663 0.0.0.0:* LISTEN tcp0 0 127.0.0.1:10024 0.0.0.0:* LISTEN tcp0 0 127.0.0.1:10025 0.0.0.0:* LISTEN tcp0 0 127.0.0.1:7306 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:33060.0.0.0:* LISTEN tcp0 0 0.0.0.0:587 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:33100.0.0.0:* LISTEN tcp0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp0 0 173.13.167.209:80 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:465 0.0.0.0:* LISTEN tcp0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:25 0.0.0.0:* LISTEN tcp0 0 0.0.0.0:921 0.0.0.0:* LISTEN tcp0 0 :::7072 :::* LISTEN tcp0 0 ::: :::* LISTEN tcp0 0 :::993 :::* LISTEN tcp0 0 :::995 :::* LISTEN tcp0 0 :::7780 :::* LISTEN tcp0 0 :::5222 :::* LISTEN tcp0 0 :::5223 :::* LISTEN tcp0 0 :::7335 :::* LISTEN tcp0 0 :::110 :::* LISTEN tcp0 0 :::143 :::* LISTEN tcp0 0 :::8080 :::* LISTEN tcp0 0 :::7025 :::* LISTEN tcp0 0 :::5269 :::* LISTEN tcp0 0 :::2966 :::* LISTEN tcp0 0 :::443 :::* LISTEN tcp0 0 :::10015:::* LISTEN tcp0 0 :::7071 :::* LISTEN [r...@indie ~]# > > itpables -L [r...@indie ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhereicmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhereudp dpt:ipp ACCEPT tcp -- anywhere anywheretcp dpt:ipp ACCEPT all -- anywhere anywherestate RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:mysql ACCEPT udp -- anywhere anywherestate NEW udp dpt:ntp ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:idp-infotrieve ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:webcache ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:7071 ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:pop3 ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:imap ACCEPT tcp -- anywhere anywherestate NEW tcp dpt:imaps ACCEPT tcp -- anywhere anywhere
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
Hi Les, >> MySQL is running, my Wordpress stuff is working, but I cannot connect to the >> server from my house. This server is in my house, however, but on a public >> IP, behind a firewall, etc. >> >> I checked my hardware firewall (a dedicated UnTangle system) and that is >> successfully allowing the passage. I know this because the firewall shows: >> >> 2009-12-22 6:29:41 am passed :35606 :3306 >> > [...] >> What am I doing wrong? What can I check for? I am stumped! > > Where does the client connection originate? Is it behind the same > firewall but on a NATed address? Or is NAT involved in some other way > that might keep you from seeing the source you expect in your tcpdump? OK, I have a comcast modem as pass through. I have a firewall and behind it is the mysql server (public IP) I have an Apple Time Capsule that is NOT behind the firewall, but does have a public IP on the same network as the firewall and MySQL Server. The Time Capsule nats and give clients behind it a private IP. -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] IPTABLES --hitcount maximum value
Is the maximum permitted value for --hitcount documented anywhere? I reliably get a iptables-restore error when I specify a hitcount value greater than 20 but I cannot find any mention of there being a maximum value. -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
ML wrote: > > MySQL 5.0.77 on CentOS 5.4 > > MySQL is running, my Wordpress stuff is working, but I cannot connect to the > server from my house. This server is in my house, however, but on a public > IP, behind a firewall, etc. > > I checked my hardware firewall (a dedicated UnTangle system) and that is > successfully allowing the passage. I know this because the firewall shows: > > 2009-12-22 6:29:41 am passed :35606 :3306 > [...] > > So, on my server I run tcpdump host and I dont think I see anything > where 3306 is coming through. > > if I run a test MySQL connection from the MySQL Workbench and they run > netstat on my server > and I dont see a entry where 3306 is used in what netstat is dumping. > > What am I doing wrong? What can I check for? I am stumped! Where does the client connection originate? Is it behind the same firewall but on a NATed address? Or is NAT involved in some other way that might keep you from seeing the source you expect in your tcpdump? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
On Tue, Dec 22, 2009 at 9:34 AM, ML wrote: [snip] > > I checked my hardware firewall (a dedicated UnTangle system) and that is > successfully allowing the passage. I know this because the firewall shows: > > 2009-12-22 6:29:41 am passed :35606 :3306 > > I checked the firewall (system-config-securitylevel-tui) on the server and > that has 3306:tcp allowed. Can you post the outputs of: netstat -tlnw itpables -L grep bind-address /etc/my.cnf ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
UPDATE mysql.user SET Password=PASSWORD('mypassword') WHERE User='root';
GRANT ALL ON mysql.* to 'root'@'127.0.0.1';
GRANT ALL ON mysql.* TO 'root'@'localhost';
GRANT ALL ON mysql.* TO 'root'@'my home IP';
FLUSH PRIVILEGES;
commit;
and I still cannot connect. But the database starts and this code executes
because If I go to the console and run /usr/bin/mysql -u root -p and use this
password from the update statement that password gets me in.
So, on my server I run tcpdump host and I dont think I see anything
where 3306 is coming through.
if I run a test MySQL connection from the MySQL Workbench and they run netstat
on my server
and I dont see a entry where 3306 is used in what netstat is dumping.
What am I doing wrong? What can I check for? I am stumped!
-Jason
--
Try to telnet to port 3306 and see if you get thru.
Try changing the password after you have added the users with the GRANTS. If
you have run your script more than once that has probably been done. Commit
should probably be before the flush also.
John
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
[CentOS] Frustrations with MySQL loss, tcpdump, netstat, etc
Hi All,
Hi All,
MySQL 5.0.77 on CentOS 5.4
MySQL is running, my Wordpress stuff is working, but I cannot connect to the
server from my house. This server is in my house, however, but on a public IP,
behind a firewall, etc.
I checked my hardware firewall (a dedicated UnTangle system) and that is
successfully allowing the passage. I know this because the firewall shows:
2009-12-22 6:29:41 am passed :35606 :3306
I checked the firewall (system-config-securitylevel-tui) on the server and that
has 3306:tcp allowed.
When I try to connect I get an error (4) which when I google says: "Interrupted
System call"
I have tried using the MySQL Workbench and other client software.
If I look in /var/log/mysqld.log I dont see anything but the fact the server
started.
I tried stopping mysql with /etc/init.d/mysqld stop
Then starting with mysqld_safe --init-file=/tmp/code.txt &
Where code.txt contains:
UPDATE mysql.user SET Password=PASSWORD('mypassword') WHERE User='root';
GRANT ALL ON mysql.* to 'root'@'127.0.0.1';
GRANT ALL ON mysql.* TO 'root'@'localhost';
GRANT ALL ON mysql.* TO 'root'@'my home IP';
FLUSH PRIVILEGES;
commit;
and I still cannot connect. But the database starts and this code executes
because If I go to the console and run /usr/bin/mysql -u root -p and use this
password from the update statement that password gets me in.
So, on my server I run tcpdump host and I dont think I see anything
where 3306 is coming through.
if I run a test MySQL connection from the MySQL Workbench and they run netstat
on my server
and I dont see a entry where 3306 is used in what netstat is dumping.
What am I doing wrong? What can I check for? I am stumped!
-Jason
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Rajagopal Swaminathan wrote: > > Alternatively, it there a possibility of installing some agent and > getting the MAC address of one of the server behind the router. First > a diagram > > central location (main monitoring -- Centos box0+monitoring server) > | > | > (Internet) > | > | > +--link1adsl-- Remote1 (dynamic IP) > | > | > +--link2adsl-- Remote2 (dynamic IP) > | > (and so on...) > > In each remote I have a centos box behind the router serving a bunch > of desktops. > > Is there a possibility that I can install an agent which will contact > the central montoring server? (No $$$ here please, as free as in free > beer/bread applies in addition to freedom) Why not run Openvpn on the remote and central centos boxes to create a big private network, using unique IP ranges for each remote? This can be used for other management purposes or could be firewalled to just permit snmp. For what you describe, all you need is a route to the routers, and this would give you a route to the 'inside' interface. If you want to allow it, it will also allow remote access to everything behind the router. > BTW it seems there are two type of monitoring tools: > Type-1. uses snmp only > Type-2. user agents Your router is probably only going to have snmp, and accessing it from the inside interface will work to report the interface usage of all interfaces. > Is it possible to monitor a link based on the MAC of the centos server > sitting behind? Probably not, but you can vpn-tunnel through it, and openvpn will work fine through NAT and with one end having a dynamic address. > Zabbix seems to be priced > > Honestly I am absolutely confused as to which I should choose as it > will be maintained by people who may not know what command line is > (Sorry!!) > > Apologies for too many questions. > > I think somebody mentioned NMS to be complex beasts .. I being a > vegetarian am finding it all the more daunting I'm partial to opennms - and have used it in somewhat similar circumstances (generally static IP's, but using a central monitor from the private side through tunnels). The one thing you need for this to work is unique IP addresses throughout, though. Most monitor tools will be tied to IP addressing and will be confused if each location NATs to the same range. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
> Load balancer... is that set up to maintain connections, or will it, like > IBM's > WebSeal, go to whichever server is next/least used in the middle of a > connection? It's set to use "least connection" but there is only one server behind the virtual IP at the moment. I'm reasonably sure at this point that the Netscaler is causing the problem, because file transfers inside the LAN work fine, and we see this same issue on both physical and virtual servers. I just tested with a physical box to verify, and the same thing happens, transfer speed quickly drops to zero and stalls. I've got a ticket open with Citrix to hopefully get to the bottom of this. It wouldn't be the first time we've seen the Netscaler muck up a TCP connection from a client. The last time I dealt with this it was sending unwanted FIN packets to mail servers. Fun stuff. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
> Just an idea or thought on it. You never said what the file size was or did > you? My idea is that is, there not a file size limitation on transfer to > and from the server? I thought there was? Check you vsftpd.conf out or > what ever ftp server your running for the size limitation. Maybe some help > or maybe not? The problem is with SFTP, so I'm afraid that vsftpd.conf isn't the culprit here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
Sean Carolan wrote: > At this point I don't know what else to try. I'm thinking that it's > either a problem with VMWare, or perhaps our load balancer that is > routing the packets back and forth. Hopefully one of the vendors will Load balancer... is that set up to maintain connections, or will it, like IBM's WebSeal, go to whichever server is next/least used in the middle of a connection? mark -- 'A fan must not waste a pint of beer, nor through inaction allow beer to go to waste, unless of course there is a handy Scientologist to pour it over.' - D Langford ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
Sean Carolan wrote on Tue, 22 Dec 2009 05:12:52 -0600: > Here's the short list of > what I've tried to troubleshoot this: which means it doesn't only fail for your client from outside but also for you from within your network? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] conga and "virsh nodeinfo"
Hi folks, I have run into a confusing problem. My initial problem is: Conga does not offer "Add a virtual machine service". So I googled and found a RedHat advisory on that: http://rhn.redhat.com/errata/RHBA-2009-1623.html which points updates that should fix this. I checked on my cluster, but the relevant packages are current (and even if ALL packages are current it does not work). So I tried manually what is described in the above advisory: "virsh nodeinfo --readonly" throws an error saying that "--readonly" is not implemented. That seems to be the problem. Running "virh nodeinfo" as a non-root user (like Conga does) leads to an error as described in the above advisory. Reading the man page on virsh suggests that there is a --readonly flag to URIs, not to simple virsh commands. Now I am stuck. Googleing does not lead to anything helpful. Has anyone else run into this and resolved it? Or can someone send me a valid vm ressource entry for the /etc/cluster/cluster.conf file so I can adapt that? I have not found really enlightening examples on the web, and docs on this seem quite sparse. Thanks for any hint or help. Dirk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Greetings, On Mon, Dec 21, 2009 at 8:48 PM, Gabriel Rosca wrote: > I personal use zabbix ... On all the servers ( Windows, Linux ) with dynamic > IP I use dyndns ... > I just tried to configure, make install zabbix server and agent on a centos box But I seem to miss the front end URL mentioned anywhere There are no directory entries under /var/www/html for zabbix... The index.php seems to by under frontend/ph in the unzipped directory... no go yet... any help appreciated Regards Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Sean Carolan > Sent: Tuesday, December 22, 2009 6:13 AM > To: CentOS mailing list > Subject: Re: [CentOS] SFTP - stalled - on large files > > > Tell him to switch WinSCP to SCP mode. > > > > Kai > > Tried that, it still fails the same way. Here's the short list of > what I've tried to troubleshoot this: > > Used SCP via the gui and command line > Used SFTP via the gui and command line > Ran yum update to bring all packages up to date > Tried stock CentOS sshd daemon (version 4.3), as well as sshd built > from source (version 5.3) > Adjusted MTU settings > Reinstalled virtual network card > Updated vmware tools and network card driver > Tried vmxnet as well as e1000 drivers > > At this point I don't know what else to try. I'm thinking that it's > either a problem with VMWare, or perhaps our load balancer that is > routing the packets back and forth. Hopefully one of the vendors will > be able to help solve the problem. In the meantime we are building > out a physical server to test whether vmware is the issue or not. > > If anyone else has seen this problem before or has suggestions please > post them here. Thanks. --- Just an idea or thought on it. You never said what the file size was or did you? My idea is that is, there not a file size limitation on transfer to and from the server? I thought there was? Check you vsftpd.conf out or what ever ftp server your running for the size limitation. Maybe some help or maybe not? John ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Hello, The dhcp server is not under my control, far from it is from different ISPs > Uh! Sorry, I was not thinking about it. > Also, you can use an external dyndns service like dyndns.org and ddclient to > update info. Is is possibile to run on'e own dyndns service? > Yes, I see the tool you mention, GNUDIP can do the job. The development is stopped, but if it works, you can try it! Yes, you must install GNUDIP server on your fixed public IP machine and clients on the other machines. Regards, Juan Carlos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
> Tell him to switch WinSCP to SCP mode. > > Kai Tried that, it still fails the same way. Here's the short list of what I've tried to troubleshoot this: Used SCP via the gui and command line Used SFTP via the gui and command line Ran yum update to bring all packages up to date Tried stock CentOS sshd daemon (version 4.3), as well as sshd built from source (version 5.3) Adjusted MTU settings Reinstalled virtual network card Updated vmware tools and network card driver Tried vmxnet as well as e1000 drivers At this point I don't know what else to try. I'm thinking that it's either a problem with VMWare, or perhaps our load balancer that is routing the packets back and forth. Hopefully one of the vendors will be able to help solve the problem. In the meantime we are building out a physical server to test whether vmware is the issue or not. If anyone else has seen this problem before or has suggestions please post them here. Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Greetings, > 2009/12/22 Rajagopal Swaminathan again, >> Thanks for the reply >> > > In the past I had a dyndns mounted using bind + dhcpd. You can see an > example here: > > http://www.howtoforge.com/fedora_dynamic_dns The dhcp server is not under my control, far from it is from different ISPs > Also, you can use an external dyndns service like dyndns.org and ddclient to > update info. Is is possibile to run on'e own dyndns service? BTW does GNUDIP does the same? assuming it is hosted on a public IP and all the remote location point to this IP as DNS server? Please pardon my ignorance... I know about OS, HA and the bits, but well this networking beast... I need some more handholding perhaps Thanks again for prompt reply Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
Sean Carolan wrote on Tue, 22 Dec 2009 03:08:53 -0600: > The software the client is > using is WinSCP which does have a restart feature, however it's not > working for us. Tell him to switch WinSCP to SCP mode. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Hello, 2009/12/22 Rajagopal Swaminathan > Thanks for the reply > > 2009/12/21 Juan Carlos Díaz Fernández >: > > Or maybe implementing dyndns if you can > > > > This sounds very interesting and it seems GNUDIP is one such. but it > seems too dated. > In the past I had a dyndns mounted using bind + dhcpd. You can see an example here: http://www.howtoforge.com/fedora_dynamic_dns Also, you can use an external dyndns service like dyndns.org and ddclient to update info. Regards, Juan Carlos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - stalled - on large files
> I'm not sure what would cause that, but I'd use rsync over ssh instead of sftp > anyway - and use the -P option to permit restarting. If it were up to me, we'd take that route. The software the client is using is WinSCP which does have a restart feature, however it's not working for us. I'm wondering if this is somehow caused by the vmware network driver? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Greetings, > > Perhaps ntop? > Gosh! answer for a person handling hundreds of servers and PB of data!!! I am blessed indeed. :) Yes I am right now trying to get my claws into it just few minutes back I yum-med it in to my system. saw some graphs... The key issue here is dynamic IP addresses Initial requirements are just to show whether the ADSL is up and the avereage transfer /hour /day etc. and some minor details inside. Thanks and regards Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Greetings, On Mon, Dec 21, 2009 at 8:27 PM, Jake wrote: > > I think it really depends on the type of monitoring you'd like to do and the > type of tool you're trying to use now. For example, we use Nagios to monitor > our systems. With Nagios, you could use passive checks. This is where the > programs that monitor your server run locally on the server and submit > results to the central monitoring server. The central Nagios server can > alert based on the results it receives or based on the fact that it hasn't > received results for a period of time. > -- Thanks, This is one path I intend to investigate further.. Regards Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitoring Dynamic IPs using Some network monitoring tool
Thanks for the reply 2009/12/21 Juan Carlos Díaz Fernández : > Or maybe implementing dyndns if you can > This sounds very interesting and it seems GNUDIP is one such. but it seems too dated. it is possible for me to run a dyndns service on a static IP. but can you provide a bit more of gory details about where is it available for centos, and the such. Yes I am using our friend goole while I am typing this for finding some answer Alternatively, it there a possibility of installing some agent and getting the MAC address of one of the server behind the router. First a diagram central location (main monitoring -- Centos box0+monitoring server) | | (Internet) | | +--link1adsl-- Remote1 (dynamic IP) | | +--link2adsl-- Remote2 (dynamic IP) | (and so on...) In each remote I have a centos box behind the router serving a bunch of desktops. Is there a possibility that I can install an agent which will contact the central montoring server? (No $$$ here please, as free as in free beer/bread applies in addition to freedom) BTW it seems there are two type of monitoring tools: Type-1. uses snmp only Type-2. user agents Is it possible to monitor a link based on the MAC of the centos server sitting behind? Zabbix seems to be priced Honestly I am absolutely confused as to which I should choose as it will be maintained by people who may not know what command line is (Sorry!!) Apologies for too many questions. I think somebody mentioned NMS to be complex beasts .. I being a vegetarian am finding it all the more daunting Thanks in advance Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
