StorageMojo » Contact & About

Storagemojo.com is a web site devoted to data-storage related topics. The topics reflect my interests: future technology, enterprise, SMB, SOHO, storage networks, SSDs, marketing strategy and technology diffusion, and a particular interest in the “long tail” of small to medium sized business.

OpenVPN GUI client and Windows Vista | Computer Tech Union

I installed the lasted stable version of the OpenVPN installer package with the GUI (openvpn2.0.9-gui-1.0.3-install.exe) on Windows Vista. During install it says the the TAP drive is not signed by Microsoft but like always you continue anyways.

I dropped in my config files including the client.ovpn file. I test the connection and it connects to the OpenVPN server but i am unable to connect to the server behind the VPN. After checking the client log files. There was an error with adding the ROUTE command. The ROUTE command adds a route to the network behind the your VPN server. Giving you access to servers and such behind the VPN (asumming your VPN server is also a Gateway/Router/Firewall). To fix this adding ROUTE issue you have to do two things: Add 2 lines to the .ovpn file and run the GUI as an administrator… Here are the steps:

1) Open your client.ovpn file and add the following two lines to the bottom of the file:
route-method exe
route-delay 2

2) Create a shortcut to your OpenVPN GUI file. Right click the shortcut and click properties.
Under the ‘Shortcut’ tab.
Click ‘advanced’.
Check the box that says ‘Run as administrator’ and
then Click ‘OK’ and ‘OK’ again.

Then make sure that the OpenVPN GUI is started from that shortcut. Either by manually clicking it or by placing in the startup folder. Now when you connect you will be able to access the servers behind your VPN. If you check the client log the ROUTE commands are now added successfully.

[OC]ModShop - Enable 4GB of memory on Vista

# Open a command prompt (Press Window key + R to open the Run dialog, and then type cmd).
# Press Ctrl + Shift + Enter to execute (this allows you to run cmd in administrative mode if you haven’t already setup up a permanent admin mode).
# Type BCDedit /set nx AlwaysOff
#

Type BCDedit /set pae ForceEnable

Redirecting network traffic to a new IP using iptables « AdminUser.wOrdpress.cOm

Redirecting network traffic to a new IP using iptables

Login to the old server as root and enter the following

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp -dport 80 -j DNAT –to-destination 1.2.3.4:80
iptables -t nat -A POSTROUTING -j MASQUERADE

Here the new ip address is 1.2.3.4. Now all the traffic to port 80 will get redirected to port 80 of 1.2.3.4.

(assuming that you do not have other iptables rules blocking access to port 80 )

If you want to redirect traffic to other ports such as for email POP, IMAP, or SSL , you can simply add in additional iptables rules.

For example to have POP3 redirection, you can add in an additional rule like this:

iptables -t nat -A PREROUTING -p tcp –dport 110 -j DNAT –to-destination 1.2.3.4:110

You may find this helpful while server migration

Date, Time, and Time Zones for Red Hat Linux

Time, Date, and Time Zones for Red Hat Linux
A Practical Guide

Van Emery - March, 2003

Introduction:

I have had nothing but trouble with Red Hat’s GUI tools for setting date, time, time zone, and ntpd configuration files. In some cases, this has been as extreme as the dateconfig tool refusing to execute, and in other cases the tool ran, but did not change the underlying configuration files. I decided to dig down into the details and find out how date, time, time zones, and ntpd work on a Linux system. Armed with this knowledge, I would be able to configure my systems properly once and for all! As it turns out, this was an informative little detour…

Environment:
Red Hat 8.0 on a Pentium III 667 MHz & a Pentium II 233 MHz
Red Hat 7.3 on a Dell Optiplex GX-1 Pentium II running Red Hat 7.3

Objectives:
1. Set my Linux systems to the desired time zone
2. Set my Linux systems to the desired time and date
3. Get the NTP server running correctly
4. Make sure the hardware clock maintains the proper time
5. Find out as much as possible about the time and date configuration commands and files

Basic Command-line Tools:

The date command can be used as follows to display the time and date:

$ date
Fri Mar 28 16:01:50 CST 2003

To see UTC/GMT, you can do this:

$ date –utc
Fri Mar 28 08:04:32 UTC 2003

The date command also can be used to set the time and date. To set the time manually, do this:

# date -s “16:15:00″
Fri Mar 28 16:15:00 CST 2003

If you also need to adjust the date, and not just the time, you can do it like this:

# date -s “16:55:30 July 7, 1986″
Mon Jul 7 16:55:30 PDT 1986

There is also another way to set the date and time, which is not very pretty:

# date 033121422003.55
Mon Mar 31 21:42:55 PST 2003

The above command does not use the -s option, and the fields are arranged like this: MMDDhhmmCCYY.ss
where MM = month, DD = day, hh = hour, mm = minute, CCYY = 4 digit year, and ss = seconds.

Please note that setting the clock with the date command must be done as root. This is a “savage” way to adjust the time. It adjusts the Linux kernel system time.

There is also a hardware clock (CMOS clock). You can look at the current hardware clock time with:

hwclock –show

I always keep my hardware clocks set to UTC/GMT. This maintains my clocks uniformly without any worries about “Daylight Savings Time”. This is important, because when you set the hardware clock from the system clock (kept by the Linux kernel), you need to know if this is the case. To set the hardware clock from the system clock, leaving the hardware clock in UTC, enter the following:

# hwclock –systohc –utc
# hwclock –show
Fri 28 Mar 2003 04:23:52 PM CST -0.864036 seconds

Another interesting item is that the Linux system clock stores time in seconds since midnight on January 1st, 1970 (UTC). This is called UNIX time. Unfortunately, because this is a 32-bit value, there is a year-2038 problem. Hopefully, everyone will have moved to 64-bit architectures by then. In order to see the UNIX time, you can use the following command:

date +%s

There are many useful formatting options for the date command. See the date manpage for details.

Of course, there is another useful tool available related to date and time: cal

$ cal -3

February 2003 March 2003 April 2003
Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa Su Mo Tu We Th Fr Sa
1 1 1 2 3 4 5
2 3 4 5 6 7 8 2 3 4 5 6 7 8 6 7 8 9 10 11 12
9 10 11 12 13 14 15 9 10 11 12 13 14 15 13 14 15 16 17 18 19
16 17 18 19 20 21 22 16 17 18 19 20 21 22 20 21 22 23 24 25 26
23 24 25 26 27 28 23 24 25 26 27 28 29 27 28 29 30
30 31

You can also specify “cal -y” for the entire year, “cal” by itself for the current month, or “cal 12 2005″ to see the calendar for December, 2005.

Time Zone Configuration:

Background - The Earth is divided into time zones that are 15 degrees of longitude each, for this corresponds to the amount of angular distance the Sun appears to travel in 1 hour. 0 degrees longitude runs through the Royal Observatory in Greenwich, England. This is the origin of Greenwich Mean Time, or GMT. For all practical purposes, GMT and UTC are the same. To complicate matters, some countries observe Daylight Savings Time (DST), while others do not. Even within some countries, some states or districts do not observe DST while the rest of the country does! DST can also begin and end on different days in different countries! What a mess…

There are several files and directories that are used for time zones, and several tools:

/etc/sysconfig/clock - this is a short text file that defines the timezone, whether or not the hardware clock is using UTC, and an ARC option that is only relevant to DEC systems.

/etc/localtime - this is a symbolic link to the appropriate time zone file in /usr/share/zoneinfo

/usr/share/zoneinfo - this directory contains the time zone files that were compiled by zic. These are binary files and cannot be viewed with a text viewer. The files contain information such as rules about DST. They allow the kernel to convert UTC UNIX time into appropriate local dates and times.

/etc/rc.d/rc.sysinit - This script runs once, at boot time. A section of this script sets the system time from the hardware clock and applies the local time zone information.

/etc/init.d/halt - This script runs during system shutdown. A section of this script synchronizes the hardware clock from the system clock.

/etc/adjtime - This file is used by the adjtimex function, which can smoothly adjust system time while the system runs. settimeofday is a related function.

redhat-config-date or dateconfig - These commands start the Red Hat date/time/time zone configuration GUI. Both commands failed to change the timezone in two different stock Red Hat 8.0 systems. They also failed to create a working ntp.conf file for the NTP server. The timezone problem went away after upgrading from the installed RPM, redhat-config-date-1.5.2-10, to a newer RPM from a Red Hat beta release, redhat-config-date-1.5.9-6.

zic - (The time zone compiler) Zic creates the time conversion information files.

zdump - This utility prints the current time and date in the specified time zone. Example:

# zdump Japan
Japan Sat Mar 29 00:47:57 2003 JST
# zdump Iceland
Iceland Fri Mar 28 15:48:02 2003 GMT

In order to manually change the timezone, you can edit the /etc/sysconfig/clock file and then make a new soft link to /etc/localtime. Here is an example of changing the timezone manually to “America/Denver”:

1. Select the appropriate time zone from the /usr/share/zoneinfo directory. Time zone names are relative to that directory. In this case, we will select “America/Denver”

2. Edit the /etc/sysconfig/clock text file so that it looks like this:

ZONE=”America/Denver”
UTC=true
ARC=false

Of course, this assumes that your hardware clock is running UTC time…

3. Delete the following file: /etc/localtime

4. Create a new soft link for /etc/localtime. Here is an example of step 3 and step 4:

# cd /etc
# ls -al localtime
lrwxrwxrwx 1 root root 39 Mar 28 07:00 localtime -> /usr/share/zoneinfo/America/Los_Angeles

# rm /e

tc/localtime

# ln -s /usr/share/zoneinfo/America/Denver /etc/localtime
# ls -al localtime
lrwxrwxrwx 1 root root 34 Mar 28 08:59 localtime -> /usr/share/zoneinfo/America/Denver

# date
Fri Mar 28 09:00:04 MST 2003

NTP Configuration and Usage:

Background - Network Time Protocol (NTP) allows computers, servers, and network devices to synchronize their internal clock systems to an external reference source. In some cases, the reference source can be an atomic clock or GPS receiver. This is useful for a number of reasons. If you would like to automatically keep the time on your Linux system synchronized to standard world times, you have two built-in tools to do this:

ntpdate and ntpd (NTP Daemon)

ntpdate:
ntpdate was written by David L. Mills at the University of Delaware. For details on Dr. Mills, enter this:

$ finger David.L.Mills@udel.edu

ntpdate allows you to view or set system time from one or more NTP servers. The first thing you need to do is find a time server you can query. Here is a list of public time servers, or you can use one of the following:

clock.redhat.com
clock2.redhat.com
ns1.tuxfamily.org
time.nist.gov

For example, if you only want to query an NTP server and make sure that you can reach it, use the following command:

# ntpdate -q clock2.redhat.com
server 66.187.224.4, stratum 1, offset -0.067532, delay 0.38452
28 Mar 18:14:20 ntpdate[10724]: adjust time server 66.187.224.4 offset -0.067532 sec

Note that some firewall systems do not allow NTP traffic. NTP uses UDP port 123. If you would like to query more than one server and set your system clock with the result, use the following:

# ntpdate clock2.redhat.com clock.redhat.com
28 Mar 18:20:59 ntpdate[10754]: adjust time server 66.187.233.4 offset -0.043222 sec

You can add the -v flag for verbose output.

This command is very similar to the rdate command. The ntpdate command can be used in startup scripts or cron jobs to automatically set the system time without running a dedicated server process. You will definitely want to try to retrieve the time from an NTP server with ntpdate before setting up your own NTP server. This will ensure that (a) you have connectivity (b) your firewall does not block NTP. Another thing to note about the ntpdate command is that it will not work in update mode if you are running a local NTP server process. It will work in query mode.

NTP Server:
The NTP server (ntpd) can be setup to run continuously. This will keep the system clock synchronized. You will also be able to server NTP clients on your LAN, if you wish. I had problems with the Red Hat configuration GUI not setting the NTP server up correctly.

The configuration file is /etc/ntp.conf, and there is also an /etc/ntp directory which contains keys and the drift file. I will show you a working configuration file, with comments:

# Prohibit general access to this service.
restrict default ignore

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1

# — CLIENT NETWORK ——-
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.

# This is my internal LAN network address
restrict 192.168.212.0 mask 255.255.255.0 notrust nomodify notrap

# — OUR TIMESERVERS —–
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.

# The statements below limit what the servers can do to your server
# I am using IP instead of DNS name because the “restrict” construct
# requires IP addresses

restrict 66.187.224.4 mask 255.255.255.255 nomodify notrap noquery
restrict 80.67.177.2 mask 255.255.255.255 nomodify notrap noquery

# The server listed below is clock2.redhat.com
server 66.187.224.4

# The server listed below is ns1.tuxfamily.org
server 80.67.177.2

# — NTP MULTICASTCLIENT —
#multicastclient # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# I don’t want to use multicast for my NTP server

# — GENERAL CONFIGURATION —
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
# If you un-comment the two statements below, you could run an NTP server
# off of your local (and inaccurate) system clock.
#restrict 127.127.1.0
#server 127.127.1.0
fudge 127.127.1.0 stratum 10

#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()’ing
# it to the file.
#
driftfile /etc/ntp/drift
broadcastdelay 0.008

#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff
# directory and figure out what this number should be on your machine.
#
# I am not using any authentication for this simple setup.
authenticate no

#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
# systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
keys /etc/ntp/keys

After you install this new version of the config file, you can start the service with /etc/init.d/ntpd start

To monitor the service, you can run the following command: ntpdc -p or ntpdc -p -n
If you are really impatient, you can use this command to watch the system until it synchronizes: watch nptdc -p -n
The ntpdc command can be run interactively as well. There are a number of informative ntpdc commands, such as iostats, sysstats, and peers.

When enough time has gone by, one of the servers will have an * placed in front of it to tell you that your system is synchronized to it. The lower the stratum number, the more accurate the server.

If you want to have the NTP server start up automatically, you can use the checkconfig command as follows:

# chkconfig –level 345 ntpd on
# chkconfig –level 0126 ntpd off
# chkconfig –list | grep ntpd
ntpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off

To see that your NTP server is listening on UDP port 123, use the following command: netstat -tuna

Please note that the NTP server makes NTP queries from a UDP source port of 123. Some firewalls will not allow this, even if ntpd

ate worked (ntpdate uses a source port > 1023.)

You can also use the ntpq utility, and the ntptrace utility for additional diagnostic support. For complete documentation on setting up and using NTP servers, see www.ntp.org.

Conclusion:
Changing the date, time, and time zone on a Red Hat Linux system can be done easily once all of the files and commands are identified. NTP clock synchronization is also fairly straightforward. Hopefully, future time and date configuration tools will work well enough that the average user/administrator does not have to resort to manual work-arounds.

Back…

DNS Lookup Utility

NSLookup Gateway

DNS for Rocket Scientists - Contents

This Open Source Guide is about DNS and (mostly) BIND 9.x on Linux (Fedora Core), BSD’s (FreeBSD, OpenBSD and NetBSD) and Windows (Win 2K, XP, Server 2003). It is meant for newbies, Rocket Scientist wannabees and anyone in between.

This Guide was born out of our first attempts a number of years ago at trying to install a much needed DNS service on an early Redhat Linux system. We completed the DNS ‘rite of passage’ and found it a pretty unedifying and pointless experience.

Geographically Redundant DNS Services

OCZ Technology | Products | Flash Media | OCZ Core Series V2 SATA II 2.5″ SSD

Featuring new architecture, the Core Series SSD V2 will be available in up to a massive 250GB capacity and delivers enhanced speeds of up to 170 MB/s read and 98 MB/s write speeds with an improved seek time of less than 0.2-0.3ms, making the Core V2 significantly faster when it comes to both Read/Write and seek-time performance. The addition of a mini-USB port also makes it possible for customers in the field to update the Core V2’s firmware should new versions become available, to further enhance compatibility or performance with future platforms.

The OCZ Core Series V2 delivers additional performance and reliability of the latest SSDs at a 50% less price per gigabyte than other high speed offerings currently on the market. The Core Series is ideal for an energy-efficient mobile or a RAID configured desktop to provide blazing speeds and advanced access and seek times. Because SSD drives feature no moving parts, the Core Series V2 will keep your laptop or desktop environment cool and quiet and provide a durable alternative and superior shock resistance. With even greater capacities up to 250GB, Core Series V2 now offers sufficient storage for large media files.

Designed for ultimate reliability, Core V2 SSDs have an excellent 1.5 million hour mean time before failure (MTBF) ensuring peace of mind over the long term. All Core Series SSD drives come backed a two year warranty and OCZ’s legendary service and support.

Java Graph Visualization and Layout

JGraph is a member of the fastest growing breed of software products: professional open source software. JGraph is able to combine the best of each open source software and traditional software development to form a uniquely powerful offering.

* JGraph: The free Swing-style component with source code, 140k in size, feature-rich, fully documented and commercially supported.
* JGraph Layout Pro: Powerful and fast graph layouts provide automatic positioning functionality to improve user’s visual experience.
* JGraphpad Pro: Complete rich-client platform for rapid application development. For graph applications where time-to-market is critical.