Posted on

How to Install FTP Server Linux using ProFTPd

FTP Server Linux

Proftpd is one of the most popular FTP server, secure and reliable for the Linux operating system. Proftpd using a single configuration file and it is very easy to set up. The purpose of this article is to show you how easy it is to install FTP Server Linux ProFTPd server in CentOS 6 Linux.

What is FTP Server Linux?

FTP, which stands for File Transfer Protocol is a standard for exchanging program and data files across a network. The network could be the World Wide Web or simply a local area network (LAN).

Prerequisite :
How to Add the RPMforge Repository on CentOS 6/RHEL 6 Linux Server

1. Simply run this command to install FTP server linux, ProFTPd on CentOS 6 :

# yum install proftpd -y

2. How to start proftpd service :

# /etc/init.d/proftpd start

3. How to stop proftpd service :

# /etc/init.d/proftpd stop

4. How to restart proftpd service :

# /etc/init.d/proftpd restart

5. Configure proftpd start at boot :

[root@centos62 ~]# chkconfig proftpd on

If you encountered any issues while installing FTP Server Linux using proftpd, you can put a few questions in the comments below.

 

Posted on

How to Use Fail2ban to Stop/Prevent SSH Brute Force on Linux

Brute-force break-in attempts are quite frequent against the SSH server. However, there is an open source software that can help you deal with this problem automatically, namely fail2ban. Fail2ban provides a way to protect private virtual server( VPS ) from malicious behavior by intruders or hackers automatically. This program works by scanning through log files and respond to unsuccessful login attempts and repeated login attempts. Here are the steps on how to implement fail2ban and steps have been tested on CentOS 6, CentOS 7, RHEL 6 and RHEL 7.

1. Install fail2ban :

# yum install fail2ban -y

2. Make a copy of original config file :

# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

3. Update jail.local configuration file :

# vi /etc/fail2ban/jail.local

Add as below :

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           sendmail-whois[name=SSH, dest=receipient@gmail.com, sender=fail2ban@ehowstuff.com, sendername="Fail2Ban"]
logpath  = /var/log/secure
maxretry = 5

4. Configure the prefered “bantime”, “findtime” and “maxretry” before a host get banned :

# vi /etc/fail2ban/jail.local

Update to the following :

..
..
# "bantime" is the number of seconds that a host is banned.
bantime  = 7200

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime  = 600

# "maxretry" is the number of failures before a host get banned.
maxretry = 3
..
..

5. Verify sshd filter file :
You can verify the default sshd filter file.

# vi /etc/fail2ban/filter.d/sshd.conf

6. Restart fail2ban :

# service fail2ban restart

7. After a few hours of implementation, fail2ban start capturing and banned for such violence and attempts to guess the password for my VPS. Look at the log at path /var/log/secure for monitoring :

# tail -f /var/log/secure

Mar  3 13:37:59 rn sshd[30681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:38:02 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar  3 13:38:05 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar  3 13:38:07 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar  3 13:38:09 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar  3 13:38:12 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar  3 13:38:13 rn sshd[30681]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:38:48 rn sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:38:50 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:38:52 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:38:54 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:38:56 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:38:58 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:38:58 rn sshd[30702]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:39:00 rn sshd[30704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:39:02 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:39:04 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:39:07 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:39:09 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:39:11 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar  3 13:39:12 rn sshd[30704]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57  user=root
Mar  3 13:39:24 rn sshd[30708]: Invalid user admin from 115.231.218.57
Mar  3 13:39:24 rn sshd[30708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57
Mar  3 13:39:26 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar  3 13:39:27 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar  3 13:39:30 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar  3 13:39:33 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar  3 13:39:35 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar  3 13:39:35 rn sshd[30708]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57

8. Fail2ban start to ban and unban after two hours :

# tail -f /var/log/messages

Mar  3 13:38:13 rn fail2ban.actions[25912]: WARNING [ssh-iptables] Ban 115.231.218.57
Mar  3 13:38:58 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:39:12 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:39:33 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:39:43 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:39:56 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:40:20 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:40:30 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:40:41 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 13:40:51 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:30:32 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:30:46 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:31:35 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:32:34 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:32:51 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:33:02 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:33:32 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:33:43 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:33:54 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:34:06 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar  3 15:38:14 rn fail2ban.actions[25912]: WARNING [ssh-iptables] Unban 115.231.218.57

9. All the ban action followed by the email trigger as per screenshot :
fail2ban-1

fail2ban-security

10. Check the Which IP already listed in the ban list :

# iptables -L

..
..
Chain fail2ban-NoAuthFailures (1 references)
target     prot opt source               destination
REJECT     all  --  141.101.98.8         anywhere            reject-with icmp-port-unreachable
REJECT     all  --  108.162.210.231      anywhere            reject-with icmp-port-unreachable
REJECT     all  --  108.162.221.246      anywhere            reject-with icmp-port-unreachable
REJECT     all  --  108.162.238.35       anywhere            reject-with icmp-port-unreachable
RETURN     all  --  anywhere             anywhere
Posted on

How to Grant a New User to Root Privileges on CentOS 6 / CentOS 7

One recommended way to manage virtual private server (VPS) or a dedicated linux server is not using the root account as the main access for SSH login. This is because usually the hackers will try to brute force your root password and potentially get access to your server. Instead of using the default root account, you can create a new account and assign root privileges to it and issue the sudo command line to root from it. Please make sure that the normal user account given root privileges accounts work properly before you disable the default root login access. The following command has been tested works on CentOS 6, CentOS 7, RHEL 6 and RHEL 7 VPS.

1. Create new account named skytech and set the password :

[root@vps ~]# useradd skytech
[root@vps ~]# passwd skytech
Changing password for user skytech.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

2. Grant a New User to Root Privileges

[root@vps ~]# visudo

Add the following code at the bottom of the file and save the file with the command :wq :

## Allow skytech user to run any commands anywhere
skytech    ALL=(ALL)       ALL

This will grant a root privileges to the normal user skytech.

linux-banner

Posted on

How to Install Varnish 4 on CentOS 6 / CentOS 7

Varnish is an open source web accelerator typically run in front of web servers such as Apache or Nginx. It is also known as HTTP reverse proxy and designed to serve static content, such as images, stylesheets or scripts. Varnish will keep copies of pages from page revisit the same web server ( Apache or Nginx ) and re-use the cached copy for subsequent requests. This will help dynamic website such as wordpress or joomla improve in website response times and also will reduce the server load.

Varnish is also can be downloaded from EPEL (Extra Packages for Enterprise Linux) package repositories but the new major versions will not hit EPEL and it is not necessarily up to date. The following steps will describe how we can install Varnish 4 on CentOS 6 and CentOS 7.

Install Varnish 4 on CentOS 6 :

1. Prepare varnish repository :

# rpm -Uvh http://repo.varnish-cache.org/redhat/varnish-4.0/el6/noarch/varnish-release/varnish-release-4.0-4.el6.noarch.rpm

2. Prepare EPEL repository :

# rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

3. Install Varnish :

# yum install varnish -y

4. Start varnish and make varnish start at boot :

# service varnish start
# chkconfig varnish on

Install Varnish 4 on CentOS 7 :

1. Prepare EPEL repository :

# rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

Or alternatively you can install by using yum command :

# sudo yum install epel-release -y

2. Install Varnish :

# sudo yum install varnish -y

3. Start varnish and make varnish start at boot :

# sudo systemctl start varnish.service
# sudo systemctl enable varnish.service

varnish-cache

Posted on

How to Add Linux Swap Space on CentOS 6 VPS

Linux swapI have a virtual private server (VPS) and plans to run a WordPress blog in it. A limited amount of RAM and swap size will be an issue because some software applications like MySQL, Apache, NGINX, PHP, HHVM and Varnish requires more memory to operate.

From my past experience in Ubiquity Hosting and Linode, the pre-allocated swap sizes of 2GB and 1GB VPS are 1GB and 512MB only. After switched to 2GB plan for RamNode VPS, linux swap also provided in the size of 1GB.

Why we need Linux Swap Space ?

To make your server more responsive and prevent crash when it runs out of memory, giving additional linux swap space will help. Linux swap is an area on the storage or hard disk where the operating system can temporarily store data that it no longer can hold in memory. Without the Linux swap, the VPS that runs out of memory can crash or start kill some applications to free up memory. This can cause lose for unsaved data or experience downtime.

However, swapping does have drawbacks. Reading from and writing to swap is slower than using memory. But swapping should take advantages on the SSD server. In the hard disk drive, If VPS started using linux swap space, the VPS performance can slow down significantly.

As a reference for webmasters and system administrators, here are the steps on how to increase the size of the linux swap on CentOS 6 VPS. This steps may also works and tested on CentOS 7 / RHEL 7 and oracle linux 7.

1. Check and verify the allocated disk partition for swap using “fdisl -l” command :

[root@vps ~]# fdisk -l

Disk /dev/vda: 53.7 GB, 53687091200 bytes
16 heads, 63 sectors/track, 104025 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00059ca1

   Device Boot      Start         End      Blocks   Id  System
/dev/vda1   *           3        1018      512000   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/vda2            1018        3099     1048576   82  Linux swap / Solaris
Partition 2 does not end on cylinder boundary.
/dev/vda3            3099      104023    50865920   83  Linux
Partition 3 does not end on cylinder boundary.

2. From the operating system, verify the swap size from command line utility “swapon -s” and “free -m“. The current swap size is 1GB :

[root@vps ~]# swapon -s
Filename                                Type            Size    Used    Priority
/dev/vda2                               partition       1048568 0       -1

[root@vps ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          1877       1624        253          0        210        503
-/+ buffers/cache:        909        967
Swap:         1023          0       1023

3. Start Create the Swap file by determine the size of the new swap file and assign the swap file name. At a shell prompt as root, type the following dd command with count being equal to the desired block size. As an example i will add 2048MB as additional space size and assigned swap file name is /swapfile-ext.

[root@vps ~]# dd if=/dev/zero of=/swapfile-ext bs=1M count=2048
2048+0 records in
2048+0 records out
2147483648 bytes (2.1 GB) copied, 4.05978 s, 529 MB/s

4. Creating a linux swap area with mkswap command :

[root@vps ~]# mkswap /swapfile-ext
mkswap: /swapfile-ext: warning: don't erase bootbits sectors
        on whole disk. Use -f to force.
Setting up swapspace version 1, size = 2097148 KiB
no label, UUID=cc49d098-52e3-4fdf-8157-c40b23e00eef

5. Assign the correct permission to prevent swap space from world-readable :

[root@vps ~]# chmod 600 /swapfile-ext

6. Activatethe swap file immediately :

[root@vps ~]# swapon /swapfile-ext

7. Verify by viewing the output using “free -m” utility. 1GB plus 2GB equal to 3GB new swap size :

[root@vps ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          1877       1801         76          0        137        765
-/+ buffers/cache:        897        979
Swap:         3071          0       3071

Verify by viewing the output using “swapon -s” utility

[root@vps ~]# swapon -s
Filename                                Type            Size    Used    Priority
/dev/vda2                               partition       1048568 556     -1
/swapfile-ext                           file            2097144 0       -2

8. To enable it at boot time, edit /etc/fstab to include the following entry:

/swapfile-ext          swap            swap    defaults        0 0
Posted on

How to Remove/Uninstall Nginx Installed from Source on CentOS 6/RHEL 6

On this day, Nginx web server is reported to be a most popular and fastest in the internet if installed properly. But it should always be updated from time to time in order to maintain stability and high security so that is not exposed to hackers. For system administrators and web masters, it is routine to constantly update the software Nginx if the latest version is launched on their official website, nginx.org. In this tutorial , I will explain how to remove the Nginx that was installed from source on CentOS 6/RHEL 6.

1. Stop Nginx software :

[root@centos66 ~]# service nginx stop

2. Remove autostart for Nginx :

[root@centos66 ~]# chkconfig nginx off

3. Remove the Nginx sofware :

[root@centos66 ~]# rm -rf /usr/sbin/nginx
[root@centos66 ~]# rm -rf /etc/nginx
[root@centos66 ~]# rm -rf /etc/init.d/nginx
Posted on

How to Install Nginx 1.6.2 with PageSpeed on Linux CentOS 6

This article will show you the steps to install Nginx and ngx_pagespeed module on Linux CentOS 6 virtual private server (VPS). By using ngx_pagespeed, the speed of your website will be faster without installing any additional applications such as wordpress plugin and so on. This is because ngx_pagespeed have some Nginx module which rewrites your webpages to make them faster. Below steps has been tested on CentOS 6.5 and CentOS 6.6.

1. Install nginx PageSpeed dependencies :

yum install gcc-c++ pcre-devel pcre-devel zlib-devel make unzip openssl-devel

2. Download and install ngx_pagespeed and PSOL (PageSpeed Optimization Libraries) source code :

mkdir -p /etc/nginx/modules
cd /etc/nginx/modules
wget https://github.com/pagespeed/ngx_pagespeed/archive/release-1.9.32.2-beta.zip
unzip release-1.9.32.2-beta.zip
cd ngx_pagespeed-release-1.9.32.2-beta/
wget https://dl.google.com/dl/page-speed/psol/1.9.32.2.tar.gz
tar xzvf 1.9.32.2.tar.gz

3. Download NGINX :

cd /etc/nginx/
wget http://nginx.org/download/nginx-1.6.2.tar.gz
tar xzvf nginx-1.6.2.tar.gz
cd nginx-1.6.2/

4. Compile and prepare environment for NGINX with ngx_pagespeed module support :

./configure --add-module=/etc/nginx/modules/ngx_pagespeed-release-1.9.32.2-beta --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-file-aio --with-http_spdy_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-mail --with-mail_ssl_module --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

At the end of installation, you will get the following message :

  nginx path prefix: "/etc/nginx"
  nginx binary file: "/usr/sbin/nginx"
  nginx configuration prefix: "/etc/nginx"
  nginx configuration file: "/etc/nginx/nginx.conf"
  nginx pid file: "/var/run/nginx.pid"
  nginx error log file: "/var/log/nginx/error.log"
  nginx http access log file: "/var/log/nginx/access.log"
  nginx http client request body temporary files: "/var/cache/nginx/client_temp"
  nginx http proxy temporary files: "/var/cache/nginx/proxy_temp"
  nginx http fastcgi temporary files: "/var/cache/nginx/fastcgi_temp"
  nginx http uwsgi temporary files: "/var/cache/nginx/uwsgi_temp"
  nginx http scgi temporary files: "/var/cache/nginx/scgi_temp"

Note : Keep this information as you will need it if you plan to uninstall the NGINX.

Building the NGINX with ngx_pagespeed :

make

Install NGINX with ngx_pagespeed to the system :

make install

5. Create a Cache directory which will be written by Nginx.

mkdir /var/ngx_pagespeed_cache
chown nginx:nginx /var/ngx_pagespeed_cache

6. Configure NGINX (nginx.conf) and turn on pagespeed module :

..
..
pagespeed on;
pagespeed FileCachePath /var/ngx_pagespeed_cache;

# enable CoreFilters
pagespeed RewriteLevel CoreFilters;

# enable additional filter(s) selectively
pagespeed EnableFilters collapse_whitespace;
pagespeed EnableFilters lazyload_images;
pagespeed EnableFilters insert_dns_prefetch;
pagespeed EnableFilters prioritize_critical_css;
pagespeed EnableFilters collapse_whitespace;
..
..

7. Create an init script for Nginx.

vi /etc/init.d/nginx

#!/bin/sh
#
# nginx        Startup script for nginx
#
# chkconfig: - 85 15
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# description: nginx is an HTTP and reverse proxy server
#
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop nginx
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

if [ -L $0 ]; then
    initscript=`/bin/readlink -f $0`
else
    initscript=$0
fi

sysconfig=`/bin/basename $initscript`

if [ -f /etc/sysconfig/$sysconfig ]; then
    . /etc/sysconfig/$sysconfig
fi

nginx=${NGINX-/usr/sbin/nginx}
prog=`/bin/basename $nginx`
conffile=${CONFFILE-/etc/nginx/nginx.conf}
lockfile=${LOCKFILE-/var/lock/subsys/nginx}
pidfile=${PIDFILE-/var/run/nginx.pid}
SLEEPMSEC=${SLEEPMSEC-200000}
UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS-5}
RETVAL=0

start() {
    echo -n $"Starting $prog: "

    daemon --pidfile=${pidfile} ${nginx} -c ${conffile}
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && touch ${lockfile}
    return $RETVAL
}

stop() {
    echo -n $"Stopping $prog: "
    killproc -p ${pidfile} ${prog}
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}

reload() {
    echo -n $"Reloading $prog: "
    killproc -p ${pidfile} ${prog} -HUP
    RETVAL=$?
    echo
}

upgrade() {
    oldbinpidfile=${pidfile}.oldbin

    configtest -q || return
    echo -n $"Starting new master $prog: "
    killproc -p ${pidfile} ${prog} -USR2
    echo

    for i in `/usr/bin/seq $UPGRADEWAITLOOPS`; do
        /bin/usleep $SLEEPMSEC
        if [ -f ${oldbinpidfile} -a -f ${pidfile} ]; then
            echo -n $"Graceful shutdown of old $prog: "
            killproc -p ${oldbinpidfile} ${prog} -QUIT
            RETVAL=$?
            echo
            return
        fi
    done

    echo $"Upgrade failed!"
    RETVAL=1
}

configtest() {
    if [ "$#" -ne 0 ] ; then
        case "$1" in
            -q)
                FLAG=$1
                ;;
            *)
                ;;
        esac
        shift
    fi
    ${nginx} -t -c ${conffile} $FLAG
    RETVAL=$?
    return $RETVAL
}


rh_status() {
    status -p ${pidfile} ${nginx}
}

# See how we were called.
case "$1" in
    start)
        rh_status >/dev/null 2>&1 && exit 0
        start
        ;;
    stop)
        stop
        ;;
    status)
        rh_status
        RETVAL=$?
        ;;
    restart)
        configtest -q || exit $RETVAL
        stop
        start
        ;;
    upgrade)
        rh_status >/dev/null 2>&1 || exit 0
        upgrade
        ;;
    condrestart|try-restart)
        if rh_status >/dev/null 2>&1; then
            stop
            start
        fi
        ;;
    force-reload|reload)
        reload
        ;;
    configtest)
        configtest
        ;;
    *)
        echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest}"
        RETVAL=2
esac

exit $RETVAL

chmod 0755 /etc/init.d/nginx
chown root:root /etc/init.d/nginx

8. Start nginx and make it autostart at boot :

service nginx start
chkconfig nginx on

9. Check NGINX version and installed modules :

$ nginx -V
nginx version: nginx/1.6.2
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-11) (GCC)
TLS SNI support enabled
configure arguments: --add-module=/etc/nginx/modules/ngx_pagespeed-release-1.9.32.2-beta --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-file-aio --with-http_spdy_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-mail --with-mail_ssl_module --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

10. Testing the pagespeed module:

curl -I http://www.ehowstuff.local

You should see X-Page-Speed version in the headers:

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Pingback: http://www.ehowstuff.local/xmlrpc.php
Date: Thu, 01 Jan 2015 06:41:14 GMT
X-Page-Speed: 1.9.32.2-4321
Cache-Control: max-age=0, no-cache
Posted on

How to Enable EPEL and Remi Repository into CentOS 6

EPEL stand for Extra Packages for Enterprise Linux. EPEL repository is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Enterprise Linux(OEL). Remi repository is a yum repository maintained by a French dude – Remi Collet. This post describe the basic steps to prepare and install the additional CentOS packages with EPEL and Remi Repository into CentOS 6.

EPEL Repository

rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Remi Repository

rpm --import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Example :

[root@centos6 ~]# rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
[root@centos6 ~]# rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]

[root@centos6 ~]# rpm --import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
[root@centos6 ~]# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
Retrieving http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
Preparing...                ########################################### [100%]
   1:remi-release           ########################################### [100%]

Example of EPEl and Remi repo usage :

[root@centos6 ~]# yum --enablerepo=epel install httpd -y

[root@centos6 ~]# yum --enablerepo=remi install httpd -y
Posted on

How to Install and Use Traceroute in Linux RHEL 6/7, CentOS 6/7, Oracle Linux 6/7

Traceroute command is a network diagnostic tool for displaying the route packets take to network host or destination. It shows how long each hop will takes and how many hops that the packet requires to reach the specify destination. In linux, traceroute command is used while in windows and dos environment, they used tracert command. In this post i will show you how to install and how to use traceroute command to diagnose your IP network related issues. This steps has been tested on RHEL 6/7, CentOS 6/7 and Oracle Linux 6/7.

1. If your linux VPS or dedicated server does not installed with traceroute, it will return this warning :

# traceroute www.google.com
-bash: traceroute: command not found

Or you can verify the traceroute install or not by issue which command :

# which traceroute
/usr/bin/which: no traceroute in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)

2. To install traceroute, run the following command :

# yum install traceroute -y

3. Verify the command install or not :

# which traceroute
/bin/traceroute

4. How to use traceroute command :

a. Find the network path from my centos6 server to google.com :

# traceroute [options]

Example :

# traceroute www.google.com
traceroute to www.google.com (58.27.108.153), 30 hops max, 60 byte packets
 1  192.168.2.1 (192.168.2.1)  9.233 ms  9.020 ms  8.857 ms
 2  219.93.218.177 (219.93.218.177)  20.717 ms  20.529 ms  27.526 ms
 3  60.49.55.93 (60.49.55.93)  57.368 ms  57.446 ms  57.187 ms
 4  10.55.32.58 (10.55.32.58)  76.846 ms 10.55.32.56 (10.55.32.56)  66.418 ms  66.906 ms
 5  58.27.105.125 (58.27.105.125)  75.779 ms  65.556 ms  65.592 ms
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

1 is the internet gateway on the network this traceroute was done (ADSL modem local IP)
2 is the ISP the origin computer is connected to.

My PPPoE modem WAN IP details :
1

b. Find the network path from my centos6 server to google.com and do not resolve IP addresses to their domain names :

# traceroute www.google.com -n

c. Find the network path from my centos6 server to google.com and set the number of seconds to wait for response to a probe to 0.1 seconds (Default is 5.0) :

# traceroute www.google.com -w 0.1

d. Find the network path from my centos6 server to google.com and set the number of probes per each hop to 5 (Default is 3) :

# traceroute www.google.com -q 5

5. Display basic command line options help for more usage :

# traceroute --help
Usage:
  traceroute [ -46dFITnreAUV ] [ -f first_ttl ] [ -g gate,... ] [ -i device ] [ -m max_ttl ] [ -N squeries ] [ -p port ] [ -t tos ] [ -l flow_label ] [ -w waittime ] [ -q nqueries ] [ -s src_addr ] [ -z sendwait ] host [ packetlen ]
Options:
  -4                          Use IPv4
  -6                          Use IPv6
  -d  --debug                 Enable socket level debugging
  -F  --dont-fragment         Do not fragment packets
  -f first_ttl  --first=first_ttl
                              Start from the first_ttl hop (instead from 1)
  -g gate,...  --gateway=gate,...
                              Route packets through the specified gateway
                              (maximum 8 for IPv4 and 127 for IPv6)
  -I  --icmp                  Use ICMP ECHO for tracerouting
  -T  --tcp                   Use TCP SYN for tracerouting
  -i device  --interface=device
                              Specify a network interface to operate with
  -m max_ttl  --max-hops=max_ttl
                              Set the max number of hops (max TTL to be
                              reached). Default is 30
  -N squeries  --sim-queries=squeries
                              Set the number of probes to be tried
                              simultaneously (default is 16)
  -n                          Do not resolve IP addresses to their domain names
  -p port  --port=port        Set the destination port to use. It is either
                              initial udp port value for "default" method
                              (incremented by each probe, default is 33434), or
                              initial seq for "icmp" (incremented as well,
                              default from 1), or some constant destination
                              port for other methods (with default of 80 for
                              "tcp", 53 for "udp", etc.)
  -t tos  --tos=tos           Set the TOS (IPv4 type of service) or TC (IPv6
                              traffic class) value for outgoing packets
  -l flow_label  --flowlabel=flow_label
                              Use specified flow_label for IPv6 packets
  -w waittime  --wait=waittime
                              Set the number of seconds to wait for response to
                              a probe (default is 5.0). Non-integer (float
                              point) values allowed too
  -q nqueries  --queries=nqueries
                              Set the number of probes per each hop. Default is
                              3
  -r                          Bypass the normal routing and send directly to a
                              host on an attached network
  -s src_addr  --source=src_addr
                              Use source src_addr for outgoing packets
  -z sendwait  --sendwait=sendwait
                              Minimal time interval between probes (default 0).
                              If the value is more than 10, then it specifies a
                              number in milliseconds, else it is a number of
                              seconds (float point values allowed too)
  -e  --extensions            Show ICMP extensions (if present), including MPLS
  -A  --as-path-lookups       Perform AS path lookups in routing registries and
                              print results directly after the corresponding
                              addresses
  -M name  --module=name      Use specified module (either builtin or external)
                              for traceroute operations. Most methods have
                              their shortcuts (`-I' means `-M icmp' etc.)
  -O OPTS,...  --options=OPTS,...
                              Use module-specific option OPTS for the
                              traceroute module. Several OPTS allowed,
                              separated by comma. If OPTS is "help", print info
                              about available options
  --sport=num                 Use source port num for outgoing packets. Implies
                              `-N 1'
  -U  --udp                   Use UDP to particular port for tracerouting
                              (instead of increasing the port per each probe),
                              default port is 53
  -UL                         Use UDPLITE for tracerouting (default dest port
                              is 53)
  -P prot  --protocol=prot    Use raw packet of protocol prot for tracerouting
  --mtu                       Discover MTU along the path being traced. Implies
                              `-F -N 1'
  --back                      Guess the number of hops in the backward path and
                              print if it differs
  -V  --version               Print version info and exit
  --help                      Read this help and exit

Arguments:
+     host          The host to traceroute to
      packetlen     The full packet length (default is the length of an IP
                    header plus 40). Can be ignored or increased to a minimal
                    allowed value
Posted on

How to Update CentOS 6.4 System using ‘yum update’

Linux LogoThis post will show how you can update CentOS 6.4 system with ‘yum‘ command. You should update the linux to newer release or latest linux kernal because you will get security fixes, stability improvements, updated device drivers, get new kernel functions and to increased speed of the linux operating system. After get all above benefits, it’s very worthwhile to update your kernel for Linux often as soon as new update released. Now let’s take a look at the most common linux command that we can use for updating linux system. This steps has been tested on CentOS 6.4.

1 Get ‘yum-plugin-fastestmirror’ plugin installed. This plugin will looks for fast server to download packages :

[root@centos64 ~]# yum install yum-plugin-fastestmirror -y

2. Check current version and current kernel version :

[root@centos64 ~]# cat /etc/redhat-release
CentOS release 6.4 (Final)
[root@centos64 ~]# uname -a
Linux centos64.ehowstuff.local 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

3. Perform system update by ‘yum update’ command :

[root@centos64 ~]# yum update -y

Example :

[root@centos64 ~]# yum update -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.ipserverone.com
 * extras: centos.ipserverone.com
 * updates: centos.ipserverone.com
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package dbus-glib.x86_64 0:0.86-5.el6 will be updated
---> Package dbus-glib.x86_64 0:0.86-6.el6 will be an update
---> Package kernel.x86_64 0:2.6.32-358.2.1.el6 will be installed
---> Package kernel-firmware.noarch 0:2.6.32-358.el6 will be updated
---> Package kernel-firmware.noarch 0:2.6.32-358.2.1.el6 will be an update
---> Package libxml2.x86_64 0:2.7.6-8.el6_3.4 will be updated
---> Package libxml2.x86_64 0:2.7.6-12.el6_4.1 will be an update
---> Package mysql-libs.x86_64 0:5.1.66-2.el6_3 will be updated
---> Package mysql-libs.x86_64 0:5.1.67-1.el6_3 will be an update
---> Package openldap.x86_64 0:2.4.23-31.el6 will be updated
---> Package openldap.x86_64 0:2.4.23-32.el6_4 will be an update
---> Package openssl.x86_64 0:1.0.0-27.el6 will be updated
---> Package openssl.x86_64 0:1.0.0-27.el6_4.2 will be an update
---> Package selinux-policy.noarch 0:3.7.19-195.el6 will be updated
---> Package selinux-policy.noarch 0:3.7.19-195.el6_4.3 will be an update
---> Package selinux-policy-targeted.noarch 0:3.7.19-195.el6 will be updated
---> Package selinux-policy-targeted.noarch 0:3.7.19-195.el6_4.3 will be an update
---> Package tzdata.noarch 0:2012j-1.el6 will be updated
---> Package tzdata.noarch 0:2012j-2.el6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================
 Package                            Arch              Version                        Repository          Size
==============================================================================================================
Installing:
 kernel                             x86_64            2.6.32-358.2.1.el6             updates             26 M
Updating:
 dbus-glib                          x86_64            0.86-6.el6                     updates            170 k
 kernel-firmware                    noarch            2.6.32-358.2.1.el6             updates             11 M
 libxml2                            x86_64            2.7.6-12.el6_4.1               updates            799 k
 mysql-libs                         x86_64            5.1.67-1.el6_3                 updates            1.2 M
 openldap                           x86_64            2.4.23-32.el6_4                updates            265 k
 openssl                            x86_64            1.0.0-27.el6_4.2               updates            1.4 M
 selinux-policy                     noarch            3.7.19-195.el6_4.3             updates            1.8 M
 selinux-policy-targeted            noarch            3.7.19-195.el6_4.3             updates            2.8 M
 tzdata                             noarch            2012j-2.el6                    updates            453 k

Transaction Summary
==============================================================================================================
Install       1 Package(s)
Upgrade       9 Package(s)

Total download size: 46 M
Downloading Packages:
(1/10): dbus-glib-0.86-6.el6.x86_64.rpm                                                | 170 kB     00:01
(2/10): kernel-2.6.32-358.2.1.el6.x86_64.rpm                                           |  26 MB     04:11
(3/10): kernel-firmware-2.6.32-358.2.1.el6.noarch.rpm                                  |  11 MB     01:45
(4/10): libxml2-2.7.6-12.el6_4.1.x86_64.rpm                                            | 799 kB     00:06
(5/10): mysql-libs-5.1.67-1.el6_3.x86_64.rpm                                           | 1.2 MB     00:11
(6/10): openldap-2.4.23-32.el6_4.x86_64.rpm                                            | 265 kB     00:05
(7/10): openssl-1.0.0-27.el6_4.2.x86_64.rpm                                            | 1.4 MB     00:12
(8/10): selinux-policy-3.7.19-195.el6_4.3.noarch.rpm                                   | 1.8 MB     00:17
(9/10): selinux-policy-targeted-3.7.19-195.el6_4.3.noarch.rpm                          | 2.8 MB     00:27
(10/10): tzdata-2012j-2.el6.noarch.rpm                                                 | 453 kB     00:07
--------------------------------------------------------------------------------------------------------------
Total                                                                         105 kB/s |  46 MB     07:27
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Importing GPG key 0xC105B9DE:
 Userid : CentOS-6 Key (CentOS 6 Official Signing Key) 
 Package: centos-release-6-4.el6.centos.10.x86_64 (@anaconda-CentOS-201303020151.x86_64/6.4)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : openssl-1.0.0-27.el6_4.2.x86_64                                                           1/19
  Updating   : selinux-policy-3.7.19-195.el6_4.3.noarch                                                  2/19
  Updating   : kernel-firmware-2.6.32-358.2.1.el6.noarch                                                 3/19
  Installing : kernel-2.6.32-358.2.1.el6.x86_64                                                          4/19
  Updating   : selinux-policy-targeted-3.7.19-195.el6_4.3.noarch                                         5/19
  Updating   : mysql-libs-5.1.67-1.el6_3.x86_64                                                          6/19
  Updating   : openldap-2.4.23-32.el6_4.x86_64                                                           7/19
  Updating   : tzdata-2012j-2.el6.noarch                                                                 8/19
  Updating   : dbus-glib-0.86-6.el6.x86_64                                                               9/19
  Updating   : libxml2-2.7.6-12.el6_4.1.x86_64                                                          10/19
  Cleanup    : selinux-policy-targeted-3.7.19-195.el6.noarch                                            11/19
  Cleanup    : selinux-policy-3.7.19-195.el6.noarch                                                     12/19
  Cleanup    : tzdata-2012j-1.el6.noarch                                                                13/19
  Cleanup    : kernel-firmware-2.6.32-358.el6.noarch                                                    14/19
  Cleanup    : mysql-libs-5.1.66-2.el6_3.x86_64                                                         15/19
  Cleanup    : openssl-1.0.0-27.el6.x86_64                                                              16/19
  Cleanup    : openldap-2.4.23-31.el6.x86_64                                                            17/19
  Cleanup    : dbus-glib-0.86-5.el6.x86_64                                                              18/19
  Cleanup    : libxml2-2.7.6-8.el6_3.4.x86_64                                                           19/19
  Verifying  : libxml2-2.7.6-12.el6_4.1.x86_64                                                           1/19
  Verifying  : kernel-firmware-2.6.32-358.2.1.el6.noarch                                                 2/19
  Verifying  : dbus-glib-0.86-6.el6.x86_64                                                               3/19
  Verifying  : selinux-policy-3.7.19-195.el6_4.3.noarch                                                  4/19
  Verifying  : tzdata-2012j-2.el6.noarch                                                                 5/19
  Verifying  : mysql-libs-5.1.67-1.el6_3.x86_64                                                          6/19
  Verifying  : openssl-1.0.0-27.el6_4.2.x86_64                                                           7/19
  Verifying  : kernel-2.6.32-358.2.1.el6.x86_64                                                          8/19
  Verifying  : openldap-2.4.23-32.el6_4.x86_64                                                           9/19
  Verifying  : selinux-policy-targeted-3.7.19-195.el6_4.3.noarch                                        10/19
  Verifying  : tzdata-2012j-1.el6.noarch                                                                11/19
  Verifying  : kernel-firmware-2.6.32-358.el6.noarch                                                    12/19
  Verifying  : selinux-policy-3.7.19-195.el6.noarch                                                     13/19
  Verifying  : openssl-1.0.0-27.el6.x86_64                                                              14/19
  Verifying  : selinux-policy-targeted-3.7.19-195.el6.noarch                                            15/19
  Verifying  : mysql-libs-5.1.66-2.el6_3.x86_64                                                         16/19
  Verifying  : libxml2-2.7.6-8.el6_3.4.x86_64                                                           17/19
  Verifying  : openldap-2.4.23-31.el6.x86_64                                                            18/19
  Verifying  : dbus-glib-0.86-5.el6.x86_64                                                              19/19

Installed:
  kernel.x86_64 0:2.6.32-358.2.1.el6

Updated:
  dbus-glib.x86_64 0:0.86-6.el6                     kernel-firmware.noarch 0:2.6.32-358.2.1.el6
  libxml2.x86_64 0:2.7.6-12.el6_4.1                 mysql-libs.x86_64 0:5.1.67-1.el6_3
  openldap.x86_64 0:2.4.23-32.el6_4                 openssl.x86_64 0:1.0.0-27.el6_4.2
  selinux-policy.noarch 0:3.7.19-195.el6_4.3        selinux-policy-targeted.noarch 0:3.7.19-195.el6_4.3
  tzdata.noarch 0:2012j-2.el6

Complete!
Posted on

How to Add Network Adapter Without Reboot on CentOS 6/RHEL 6

This article will explain how to prepare more than one network interface on a VMware virtual machine (VM) without reboot the linux server. Normally, a network interface is sufficient to run a linux server. To ensure a balance of traffic or to enable multiple network segments in a VM, it is advisable to install more than one interface card. It was assumed that the card eth0 is configured properly and working. The process of adding a second network interface card is very easy in VMware ESXi / ESX and VMware workstation. What you need is through the vCenter or ESXi host, start the add hardware wizard and then select “Network Adapter” and let the wizard complete successfully. The following are the tested steps on CentOS 6.4 and may be applied on CentOS 6.5 and CentOS 6.6 operating system.

1. Check existing network setting.

[root@centos64 ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:F1:24:F0
          inet addr:192.168.2.62  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::20c:29ff:fef1:24f0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:735 errors:0 dropped:0 overruns:0 frame:0
          TX packets:81 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:72242 (70.5 KiB)  TX bytes:8635 (8.4 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

2. Enter network configuration folder, and look for ethx file. By default, first network interface will start with eth0. Next added network adapter will be eth1.

[root@centos64 ~]# cd /etc/sysconfig/network-scripts/
[root@centos64 network-scripts]# ls
ifcfg-eth0   ifdown-ippp  ifdown-routes  ifup-bnep  ifup-plip    ifup-sit          network-functions
ifcfg-lo     ifdown-ipv6  ifdown-sit     ifup-eth   ifup-plusb   ifup-tunnel       network-functions-ipv6
ifdown       ifdown-isdn  ifdown-tunnel  ifup-ippp  ifup-post    ifup-wireless
ifdown-bnep  ifdown-post  ifup           ifup-ipv6  ifup-ppp     init.ipv6-global
ifdown-eth   ifdown-ppp   ifup-aliases   ifup-isdn  ifup-routes  net.hotplug

3. After you add secondary network interface from VMware level, the file will automatically added the mac address in /etc/udev/rules.d/70-persistent-net.rules. Please take note on the mac address for eth1.

[root@centos64 ~]# more /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the /lib/udev/write_net_rules
# program, run by the persistent-net-generator.rules rules file.
#
# You can modify it, as long as you keep each rule on a single
# line, and change only the value of the NAME= key.

# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:f1:24:f0", ATTR{type}=="1", KERNEL=="
eth*", NAME="eth0"

# PCI device 0x8086:0x100f (e1000)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:f1:24:fa", ATTR{type}=="1", KERNEL=="
eth*", NAME="eth1"

4. Now you need to create the configuration file for your new interface. The network interface configuration files are placed in /etc/sysconfig/network-scripts/. change the mac address according based on /etc/udev/rules.d/70-persistent-net.rules.

[root@centos64 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1

Add below setting :

DEVICE=eth1
HWADDR=00:0c:29:f1:24:fa
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=192.168.2.63
NETMASK=255.255.0.0

5. Based on the type interface being added, issue an ifup command. In this case, we have added eth1.

[root@centos64 ~]# ifup eth1

6. Verify new Network interfaces :

[root@centos64 ~]# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:F1:24:F0
          inet addr:192.168.2.62  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::20c:29ff:fef1:24f0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8019 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6949 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:804606 (785.7 KiB)  TX bytes:694075 (677.8 KiB)

[root@centos64 ~]# ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 00:0C:29:F1:24:FA
          inet addr:192.168.2.63  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::20c:29ff:fef1:24fa/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:450 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:40087 (39.1 KiB)  TX bytes:1182 (1.1 KiB)
Posted on

Linode Network Upgrades and 8 Cores Xen Instances

Linode Network Upgrade

Early of March 2013, Linode has performed network upgrade that improves throughput, decrease latency and
add redundancy at their host layer. They are upgrading overall network in all six datacenters in the US, Europe, and Asia-Pacific. With zero downtime, Linode customer will get outbound network cap increased 5 times and amount of outbound transfer increased 10 times as below :

Linode 512 upgraded from 200GB to 2000GB (2TB)
Linode 1G upgraded from 400GB to 4000GB (4TB)
Linode 2G upgraded from 800GB to 8000GB (8TB)
Linode 4G upgraded from 1600GB to 16000GB (16TB)
Linode 8G upgraded from 2000GB to 20000GB (20TB)

8 Cores Xen instances

8coreIn 18th March 2013, Linode has upgrading new “NextGen’ host hardware specification, CPUs and a fleet refresh. Linode has upgrades all Linodes to 8 cores Xen instances. Customer will require to schedule a downtime for reboot and then get doubling in computing power. Customer will get faster websites, services, and processing at the same price points. Another things that Linode need to improve is the drive speed. Will they go for SSDs in the future ?