The Address Resolution Protocol (ARP) is the method for finding a host’s link layer (hardware) address when only its Internet Layer (IP) or some other Network Layer address is known. ARP is a Link Layer protocol (Layer 2) because it only operates on the local area network or point-to-point link that a host is connected to. When we migrate one IP from a machine to another one, we might have problems caused by ‘arp caching‘. Various devices will cache the arp information for a specified amount of time and even after we moved the IP this will not be seen by some devices that will still use the cached information. I am talking about directly connected switches or routers, that we might have control or maybe not. If we have control on all the external devices, normally we just connect to the router or switch and remove the arp entry, forcing the device to query again for the information. This post will try to help in the situation where we don’t have direct control on the external devices (we are collocated or use rented servers in a remote datacenter, etc.), to minimize the downtime associated with this type of IP migration.

It is quite frequent to use separate IPs for various services on the same machine, and move those IPs to another server if needed. These are sometimes called portable IPs that can be migrated to any server in a particular colo/lan. This is done normally to minimized downtime and keep maintenance of such operations minimal (and to not rely on dns changes). Still arp caching on various network devices can cause big problems. Let’s assume we moved the IP from one server to another one in the same LAN to move away some service from our main web server. Taking down the IP from the existing server and bringing it up on the new server will complete our direct work if we don’t have access on the switches/routers in front of us. Again if you have control on all devices just connect to them and delete the arp cache for this ip to allow it to be re-cached on the new machine.

Read the rest of this entry »

The Bcfg2 version available in debian etch is quite old (v0.8.6), while the one in lenny is newer v0.9.5.7, it still isn’t the latest stable version 0.9.6 that was released in November last year. Since this version fixes many bugs it is the version that is recommended to use in production at this time (unfortunately it breaks the reporting system, that will not be fixed until the release 1.0 planed for the next months). This post will show how we can rebuild a debian package for the latest stable bcfg2 release so we can easily deploy it on several machines.

Bcfg2 is a debian friendly project, meaning they provide inside the source package all what is needed to build a debian package very easy. We will use for this a debian etch system, but this should work on any debian based system. Read the rest of this entry »

Awstats will consider as a page hit any entry from the log it processes. By default some file extensions (for regular image types and css/js) are excluded from what awstats will consider as a page:
NotPageList="css js class gif jpg jpeg png bmp ico"(this is the default). All other file types will be counted as pages. Now, if we want to completely ignore some files, or even all the content of one folder from the awstats processing we can use the SkipFiles parameter. We might want to do this to ignore some frames, hidden pages, ajax calls, etc.

Read the rest of this entry »

There are various methods to run multiple instances of mysql (on different ports) on the same machine. We can either compile the mysql binary with different defaults and paths, use mysqld_multi or the MySQL Sandbox project. Still the simplest solution I’ve  used in the past for such situations is to use the same binary and use a separate configuration file (with separate port, pid, socket and data directory). This post will explain this method. Read the rest of this entry »

This is a quick post to show how you can rebuild a debian package and skip some steps, like “make test” for example in the upstream package, by passing some build options. More and more debian packages are now supporting the nodocs, nocheck/notest build options. You might want this if you are repeatedly building the package and want to skip some parts and make it faster, or maybe some step is failing while running the tests and that is something acceptable and known. In this case you can build the package as usual and export DEB_BUILD_OPTIONS=nocheck.

For example rebuilding the mysql package takes quite a long time, and to skip the package run tests we will do something like:
dpkg-source -x mysql-dfsg-5.0_5.0.67-1.dsc
cd mysql-dfsg-5.0-5.0.67/
DEB_BUILD_OPTIONS=nocheck debuild -us -uc

Note: not all packages implement this option and you might want to look in the rules file and see if this is defined or not.

This post will show how to setup an auto-reply message using vacation on a debian etch server running postfix. This should work in the same way using other email servers, but this was tested with postfix. I’ll assume that you have postfix already running properly on the server. The first step is to install the vacation package. Since vacation is available in etch we can install it just by running:
aptitude install vacation
and this will install vacation version 3.3.0 on the system

Read the rest of this entry »

Debian has a customization to udev that will keep network interface names persistent after hardware changes and reboots. Normally this is what you want and you will not care about this, but there are cases where this can be very annoying and we just have to disable it. I am speaking about situations when you will copy the files from a system and use them to recreate a new system, or when using some virtualization tools and cloning your vm; these situations will always result in network problems caused by the udev persistent rules.

Read the rest of this entry »

Sendmail will use by default a single mail queue. This is what most users will need, and if you don’t have any special requirement you will not care about this. Still for high traffic mail servers it might be useful to split the queue over several directories, as thousands of files in a single directory will become a performance penalty at some point and also processing the queue sequentially will become very slow. This post will show how we can implement multiple mail queues with modern sendmail versions.

Read the rest of this entry »

Yesterday a friend of mine (centos fan) asked me: “I can’t find the killall command on Debian. How can I install it?” This short post is the answer to this simple question, but for someone not familiar with debian/ubuntu this might be useful.

The answer is simple: install the psmisc package:
aptitude install psmisc
Besides killall this contains also the fuser and pstree commands.

PPTP is known to be less secure than other VPN software, but if you need a quick solution for a VPN server that will connect out of the box from Windows workstations PPTP is the obvious choice. This post will show how easy it is to setup a pptp vnp server on Debian Etch.

A while ago setting up a pptp server was not so simple. It involved patching the kernel and the ppp daemon. These days in Debian Etch everything comes out of the box and we just have to install the pptpd server and configure it based on our needs. First let’s install pptpd:
aptitude install pptpd
(this will install also some dependencies: bcrelay and ppp). The default pptpd configuration file is installed under /etc/pptpd.conf ; you can change any of the available options (samples are included in the configuration file as comments), but really the only thing that needs to be configured is the ip of the local server used by pptpd as the local gateway for the remote hosts and the remote users assigned ips: Read the rest of this entry »