Today we are going to setup network Quality of Service (QoS) for Voice over IP (VoIP) traffic generated by Polycom and Cisco IP phones. Our goal here is to tag the VoIP packets so that they are placed in a priority outgoing queue so that if the available bandwith is saturated, then the VoIP packets will be the last ones to be dropped by the switch. VoIP is a delay-sensitive application while bulk data transfers are not. When a switch port gets more data that it can handle, the switch will start dropping packets. If a VoIP packet is dropped, people having a conversation will hear a glitch. We don't want that and this is why we must treat the VoIP packets differently than other data packets.
Ideas and solutions on IT architecture, UNIX, Linux, Oracle, Telecommunication, storage and virtualization in order to help other systems administrators and DBAs.
Friday, September 28, 2012
Thursday, September 27, 2012
IOS Upgrade on Cisco WS-C4507R Chassis with Dual Supervisor V Engines
Today we will upgrade the IOS version on both WS-X4516 supervisor engines V in a WS-C4507R chassis. This blog post assumes that your 4507R chassis's supervisor engine already has network support for you to SSH into it.
First, go to the Cisco support site and download the latest IOS version (you need a Cisco support contract to have access to new IOS images). Place this image on your TFTP server. In this example, the TFTP server is a CentOS Linux machine called alice.company.com.
First, go to the Cisco support site and download the latest IOS version (you need a Cisco support contract to have access to new IOS images). Place this image on your TFTP server. In this example, the TFTP server is a CentOS Linux machine called alice.company.com.
Labels:
cisco
Wednesday, August 22, 2012
Oracle Database 11.2.0.3 Install and Setup on RedHat Linux 6 x86_64
In this post we will install a new server with the latest Oracle Database 11gR2 software (as of this writing, it is version 11.2.0.3). In this example, the new machine is called opus.company.com and the new database instance is called meta.
Tuesday, August 21, 2012
Howto Recover Lost Cisco Enable Password
In this blog post, we will recover from a lost Cisco switch enable password.
Thursday, August 16, 2012
How to remove an FC LUN from a running RedHat 6 server.
This quick howto document shows how to remove a fibre channel LUN under multipathd(8) control from a running RedHat Enterprise Linux 6 machine. Be careful when performing online storage modifications. Make sure you have a valid backup. And of course I can't be held resonsible for any problems if you follow these steps ;)
Thursday, June 28, 2012
PC-BSD / FreeBSD Kerberos GNOME Graphical Login
A quick post just to show how to configure a PC-BSD or a FreeBSD workstation to run kinit(1) right when you login. In this example, the desktop machine is running PC-BSD 9.0 with the GNOME desktop.
Tuesday, June 12, 2012
Secure Backup & Recovery with rsnapshot, rssh and OpenSSH
Overview
Wee all need to backup our machines. But we also need to keep the data private and the backup procedure secured. In UNIX and Linux machines, we need to run the backup operation as root in order to read everything on the machines. But allowing remote connections as the root user is not exactly a good idea. So how to we proceed? We use rsnapshot(1) and rssh(1) together with OpenSSH to secure the whole process. Here's how to do it on CentOS 6.
In case you're running a heterogeneous network, please note that I've successfully configured this process on FreeBSD, PC-BSD, RedHat, Ubuntu, AIX and Solaris servers.
In this example, our backup server is called backup.company.com and is running CentOS 6 while the clients are :
Friday, June 8, 2012
HOWTO : OpenLDAP 2.4 Replication on CentOS 6.2
We continue our OpenLDAP 2.4 on CentOS 6.2 with a description on how to setup between two OpenLDAP 2.4 servers. This happens to be the final bullet point in our list of goals :
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.Use OpenLDAP as sudo's configuration repository.Use OpenLDAP as automount map repository for autofs.Use OpenLDAP as NFS netgroup repository again for autofs.Use OpenLDAP as the Kerberos principal repository.Setup OpenLDAP backup and recovery.- Setup OpenLDAP replication.
- provider : alice.company.com (a.k.a. master server)
- consumer : bob.company.com (a.k.a. replica server)
Labels:
consumer,
ldap,
linux,
provider,
replication
Thursday, May 31, 2012
CentOS Serial Console Server with Digi AccelePort Xem Module
In order to effectively manage UNIX, Linux and Cisco machines from a remote location, one needs to redirect the console to the serial port and hook this to a serial console server. It is also good on a security stand point because all the messages sent to the console are logged on the console server, thus serving in forensic investigations. Ideally, to have even the BIOS at the serial ports, you need to run Oracle/Sun Microsystems or IBM pServers machines. Most newer x86 servers can redirect their BIOS to the serial port. Do it, it's great! With the console server, you have access to everything the server has to offer from the comfort of your office.
Tuesday, May 15, 2012
HOWTO : OpenLDAP 2.4 Backup & Recovery on CentOS 6.2
This blog post will explain how to backup and restore our OpenLDAP 2.4 server. This is goal number nine.
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.Use OpenLDAP as sudo's configuration repository.Use OpenLDAP as automount map repository for autofs.Use OpenLDAP as NFS netgroup repository again for autofs.Use OpenLDAP as the Kerberos principal repository.- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
HOWTO : Kerberos KDC with OpenLDAP 2.4 Back-End and SASL GSSAPI Authentication on CentOS 6.2
We continue our OpenLDAP 2.4 series with goal number 8. Recall that our goals are :
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.Use OpenLDAP as sudo's configuration repository.Use OpenLDAP as automount map repository for autofs.Use OpenLDAP as NFS netgroup repository again for autofs.- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
Thursday, May 10, 2012
HOWTO : OpenLDAP NFS NetGroup Repository for AutoFS
We continue our OpenLDAP 2.4 series with goal number 7. Recall that our goals are :
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.Use OpenLDAP as sudo's configuration repository.Use OpenLDAP as automount map repository for autofs.- Use OpenLDAP as NFS netgroup repository again for autofs.
- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
Wednesday, May 9, 2012
HOWTO : OpenLDAP 2.4 NFSv4 Automount Map Repository on CentOS 6.2
We continue our OpenLDAP 2.4 series with goal number 6.
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.Use OpenLDAP as sudo's configuration repository.- Use OpenLDAP as automount map repository for autofs.
- Use OpenLDAP as NFS netgroup repository again for autofs.
- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
HOWTO : OpenLDAP 2.4 sudo Repository on CentOS 6.2
Today we continue with our OpenLDAP series of blog posts. Recall that our goals were :
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).Manage users and groups in OpenLDAP.Configure pam_ldap to authenticate users via OpenLDAP.- Use OpenLDAP as sudo's configuration repository.
- Use OpenLDAP as automount map repository for autofs.
- Use OpenLDAP as NFS netgroup repository again for autofs.
- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
Monday, May 7, 2012
HOWTO : OpenLDAP 2.4 Users & Groups Management and PAM Authentication on CentOS 6.2
Today we will create and manage users and groups in our OpenLDAP 2.4 daemon running on a CentOS 6.2 machine. Recall our goals :
Install OpenLDAP 2.4.Configure Transport Layer Security (TLS).- Manage users and groups in OpenLDAP.
- Configure pam_ldap to authenticate users via OpenLDAP.
- Use OpenLDAP as sudo's configuration repository.
- Use OpenLDAP as automount map repository for autofs.
- Use OpenLDAP as NFS netgroup repository again for autofs.
- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
HOWTO : CentOS 6.2 OpenLDAP 2.4 Setup
This blog post will show how to install and configure OpenLDAP 2.4 on CentOS 6.2.
Goals
- Install OpenLDAP 2.4.
- Configure Transport Layer Security (TLS).
- Manage users and groups in OpenLDAP.
- Configure pam_ldap to authenticate users via OpenLDAP.
- Use OpenLDAP as sudo's configuration repository.
- Use OpenLDAP as automount map repository for autofs.
- Use OpenLDAP as NFS netgroup repository again for autofs.
- Use OpenLDAP as the Kerberos principal repository.
- Setup OpenLDAP backup and recovery.
- Setup OpenLDAP replication.
Sunday, March 11, 2012
Why vi(1) uses the hjkl keys as arrow keys?
Here's an interesting blog post by Peteris Krumins which explains why the vi(1) text editor inventor, Bill Joy, chose to use the HJKL keys as arrow keys in his software. And thus why we still use them today.
David
David
Labels:
unix
Sunday, February 12, 2012
OT : very nice earth images from the international space station
Off Topic!
This Flikr stream is from an Italian astronaut which photographed our planet from the international space station (ISS). Enjoy magisstra's photostream !
David
This Flikr stream is from an Italian astronaut which photographed our planet from the international space station (ISS). Enjoy magisstra's photostream !
David
Visio Stencils Collection
Many of us rely on Microsoft© Visio in our daily work as systems administrators and architects. To create elaborate and good looking Visio documents, one relies on Visio Stencils. Finding the right stencil can be problematic. This is the reason of this blog post : to help others find good stencils. Here's my list of favorite websites which offer Visio stencils for free...
- Solutions to Technology : one of the most complete set of stencils I've ever found.
- Cisco Visio Stencils : Cisco© stencils directly from the manufacturer.
- SonicWall Visio Stencils : if you happen to work with SonicWall products, that's what you need.
- Jean Dion Visio Stencils : a good place for Sun Microsystems stencils.
David
Subscribe to:
Posts (Atom)