DHCP server with DDNS

authoritative;
include “/etc/bind/rndc.key”;
server-identifier chunli.shocknetwork.com.;
ddns-domainname “shocknetwork.com.”;
ddns-rev-domainname “in-addr.arpa.”;
ddns-update-style interim;
ddns-updates on;
ignore client-updates;
zone shocknetwork.com. {
primary 127.0.0.1;
key rndc-key;
}
default-lease-time 21600; # 6 hours
max-lease-time 43200; # 12 hours
option domain-name “shocknetwork.com”;
option domain-name-servers chunli.shocknetwork.com, resolver1.opendns.com;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.100 192.168.0.200;
option domain-name-servers chunli.shocknetwork.com, resolver1.opendns.com;
option domain-name “shocknetwork.com”;
option routers 192.168.0.1;
option broadcast-address 192.168.0.3;
default-lease-time 600;
max-lease-time 7200;
zone 0.168.192.in-addr.arpa. {
primary 192.168.0.3;
key rndc-key;
}
zone localdomain. {
primary 192.168.0.3;
key rndc-key;
}
}
/etc/named.conf –> I’m using Ubuntu 6, so it’s actually /etc/bind/named.conf and named.options, etc, but for the sake of simplicity, I’ll put them all together.
options {
directory “/var/cache/bind”;
auth-nxdomain no; # conform to RFC1035
};
zone “.” {
type hint;
file “/etc/bind/db.root”;
};
zone “localhost” {
type master;
file “/etc/bind/db.local”;
};
zone “127.in-addr.arpa” {
type master;
file “/etc/bind/db.127”;
};
zone “0.in-addr.arpa” {
type master;
file “/etc/bind/db.0”;
};
zone “255.in-addr.arpa” {
type master;
file “/etc/bind/db.255”;
};
controls {
inet 127.0.0.1 allow {localhost; } keys { “rndc-key”; };
};
// Add local zone definitions here.
zone “shocknetwork.com” {
type master;
file “/etc/bind/shocknetwork.com.zone”;
allow-update { key “rndc-key”; };
notify yes;
};
zone “0.168.192.in-addr.arpa” {
type master;
file “/etc/bind/0.168.192.in-addr.arpa.zone”;
allow-update { key “rndc-key”; };
notify yes;
};
include “/etc/bind/rndc.key”; Some troubleshooting tips: 1) turn on logging for DNS:
logging {
category “default” { “debug”; };
file “/tmp/nameddbg” versions 2 size 50m;
print-time yes;
print-category yes;
}; That’s about it – it should give you all you need.]]>

Microsoft a "Thought Leader" in virtualization?

http://arstechnica.com/news.ars/post/20 … ifted.html The quote”

Quote:
Anytime I write about Microsoft and virtualization, someone e-mails me to remind me that Apple doesn’t allow the virtualization of its client OS, which would seem to make Microsoft a “thought leader” according to some of you. Others wonder if/when Cupertino would ever allow it.
What kind of bullshit is that!? The only time Microshaft ever got into Virtualization was when they bought the technology from Connectix back in the days! VMware was in the business way before that! Here’s the whole whole bullshit article:
Microsoft relents: Vista consumer virtualization ban lifted
By Ken Fisher | Published: January 21, 2008 – 01:39PM CT It only took them a year longer than it should have, but Microsoft has finally relented and approved the use of Windows Vista Basic and Premium Edition in virtualized environments, for both “consumers” and business users. Among other things, the change means that Mac and Linux users can now run Windows Vista in a VM without having to pay for the more expensive Business or Ultimate editions. This is a boon to anyone who needs virtualized environments for testing and development. Related StoriesMicrosoft ditches about-face on virtualization restrictions at 11th hour
Virtual Iron goes 4.0
Viridian beta and Virtual Server 2005 R2 SP1 will miss target dates
Microsoft’s anti-virtualization stance: forget DRM, think Apple
“For consumers, Windows Vista Home Basic and Windows Vista Home Premium are now licensed for use in a virtual machine environment,” the company said in a statement. An updated end-user license agreement will be posted later at this location. The move isn’t a total surprise, even if it is months late. The company came very close to repealing its ban last summer, only to inexplicably pull the plug at the last minute. On the record, Microsoft said that the ban stemmed from their view that virtualization “is not yet mature enough from a security perspective for broad consumer adoption.” To be frank, we never bought this excuse, because you could get the “maturity” needed to virtualize Vista for the $60+ premium that Business costs over and against Home Premium. That debate is history now. The announcement kicks off Microsoft’s Virtualization Deployment Summit, which begins in earnest tomorrow. The company is also expected to tout several other developments for business virtualization over the two-day summit, including the acquisition of Calista Technologies and an expanded partnership with Citrix. Microsoft is beating the virtualization drum hard, gearing up for what will likely be a protracted war with the perceived industry leader, VMWare. Microsoft’s message is going to be ease-of-use and cost. Bob Muglia, senior vice president of the Server and Tools Business at Microsoft, said in a statement that Microsoft estimates that “less than 5 percent of companies are utilizing virtualization technology because it is simply too cost-prohibitive and complex.” Microsoft argues that it has the most “economical” approach to virtualization from desktop to datacenter, and lowering the cost barrier on the client certainly helps. Still, while great news for users who want to virtualize Vista legally, and on the cheap, it’s still an open question when businesses will begin migrating to Vista in force, and if any of that migration will feature significant virtualization on the client end. Cupertino, please start your copiers, please?!
Anytime I write about Microsoft and virtualization, someone e-mails me to remind me that Apple doesn’t allow the virtualization of its client OS, which would seem to make Microsoft a “thought leader” according to some of you. Others wonder if/when Cupertino would ever allow it. It’s true that Apple doesn’t allow client virtualization, and I think I speak for just about everyone when I say that no one believes it’s likely to happen soon. Apple doesn’t even allow its customers the legal right to run its client OS on non-Apple computers, so virtualization is out of the question. Apple, unlike Microsoft, is in the PC-selling business, and unlike Microsoft, Apple uses a set of technological access controls to prevent its OS from running on unauthorized hardware. Why? Apple doesn’t want you, me, and every other reader of this site to do what they know we’d do: run out and build our own “Macs.” If you want OS X, Apple wants you to buy a Mac, period. With the company’s notorious focus on control and design, we don’t see this changing any time soon.]]>

Linux P2V

Here’s a cool link on doing Linux P2Vs.
Taken from: http://conshell.net/wiki/index.php/Linux_P2V

Introduction
P2V Linux migrations are a combination of science, art and luck.

P2V stands for Physical to Virtual. In other words, it is the process or procedure of moving a running system (operating system and everything installed) from a physical machine to a virtual machine.

This page describes some of the usual steps necessary to convert a Linux system into a virtual machine running under VMware ESX Server. The same steps should mostly apply to VMware Server, Workstation or even QEMU.

The focus of this P2V explanation is on Red Hat and CentOS guests as they are not only supported, but benefit from kudzu and rescue disk capability built-in. Other distributions can of course be converted but the exact steps will vary.

So, let’s get started.

What to use (or not)
The following software products claim to do P2V, but in fact do not support Linux, so don’t bother.

Virtual Server Migration Toolkit
EZP2V
These products do support Linux in some way…

VMware Converter
VMware converter will work, however any options such as resizing the disks and post migration configuration are greyed-out. This is due to the fact that it just does a raw block-by-block copy of the source disk. It is most useful if your target for migration is ESX 3.x

–update – VMware Converter 4 will do a live P2V for Linux.

Platespin PowerConvert?
PowerConvert works (somewhat) with Linux but it does not support LVM and in my experience is an unreliable product with lackluster support.

liveview looks promising, however it only runs on Windows (due to dependency on VMDK disk mounter) and works with vmware-server, not ESX server. It has “limited” Linux support.
These products or methods offer full support for Linux…

UltimateP2V appears to be worthy of consideration.
Good ol’ dd + netcat, followed by rescue disk of some kind (to fix the modules and make a new initrd).
Preparation
You will want to have the necessary tools in place as well as some calculations. Consider the follow aspects of your system.

How much physical RAM? Is it over or under-utilized?
How much Swap space and where?
Disk type – IDE or SATA and the disk device will be /dev/hda, SCSI will be /dev/sda. You may also have multiple disks (hdb, sdb, etc).
Disk size – use a command such as sudo sfdisk -s. Blocks are in 1KB units, do the math to figure out the equivalents in MB by dividing by 1024 and in GB by dividing by 1024 again.
Example:
jetson:~> sudo sfdisk -s
/dev/hda: 39070080
total: 39070080 blocks
(39070080/1024) = 38154.375 MB
(38154.375/1024) = 37.260 GB
Partition layout -know exactly the partitions, sizes and FS types. This can be gleaned from the df output and the content of /etc/fstab.
Rescue disk – this may be necessary for the recovery of the system once the disk data has been converted over. Conversion puts the system into a “new” environment of emulated devices, and some cases kudzu will not quite get you there or won’t even be available (kudzu is a Red Hat software, not normally found on other Linux distributions).
Knowledge of destination environment. For instance, see http://www.vmware.com/pdf/GuestOS_guide.pdf for vi3.
ISOs – you will want to have the following ISOs for easy access and to map to the CDROM device in the guest.
Install disc #1 for the Red Hat or CentOS version of the source system
Knoppix (recommended) or System Rescue CD
Preparing the source system
Take the time to consider and perform the following tasks while the source system is still running in its native state.

Disable any services you don’t think will be necessary after the conversion, such as system-management agents (think Dell OMSA or IBM Director) and ntpd.
Purge out old logfiles, scratch files in /tmp and unnecessary software.
Cleanup old/extraneous kernels. You will likely want to end up with just 2 kernels, the latest Non-SMP kernel and a previous one.
Building a new initrd with the mptscsih (RHEL4/CentOS4) or BusLogic (RHEL3/CentOS3, RHEL2/CentOS2) SCSI driver loaded, this may save you from having to boot into linux rescue mode after the conversion.
For RHEL4/CentOS4, add –with=mptscsih For RHEL3/CentOS3 and earlier, use –with=BusLogic

mkinitrd -v -f –with=BusLogic /boot/initrd-`uname -r`.img `uname -r`
Zero-out each of the disk partitions… this can speed up the data transfer later on. e.g.
dd if=/dev/zero of=/usr/bigfile; rm -f /usr/bigfile
Boot your system with Knoppix or System Rescue CD. The state we want is an at-rest hard drive(s) and network connectivity. NOTHING should be running/writing to the hard drive(s).

Optional step: run md5sum /dev/sda and record the resulting hash. Usually the last 6 characters will suffice. This can take awhile but gives you a fingerprint of the hard drive data that you can use later to verify the integrity of the data after transferring to the target system. ‘

Preparing the target system (VM)
Using the MUI or vmware-server-console, create a VM with the following parameters:

Operating System: Linux. You can be more specific on vmware-server or ESX, such as Red Hat Enterprise Linux 4.
Disk: slightly larger than source-system (see below). Create same number of disks as exist on the source system.
Network (NIC): Use vlance if given the choice, can be upgrade to vmxnet later when vmware-tools is installed.
CDROM: assign to either Knoppix ISO or System Rescue CD ISO
Boot the target system (I enter knoppix 2 at the boot prompt) and verify the disk(s) are recognized using sfdisk -s. Also verify the network is up using ifconfig eth0. You should have an IP address assigned to eth0 via DHCP or static. Now try pinging the source system e.g. ping 10.4.1.2

Network Acquisition (Disk Cloning)
This is where we transfer the bits from drive A on the source to drive B on the target. The process is functionally very similar to a network acquisition often used in the field of computer forensics.

For our part, a simple example will show how to clone the bits from a single drive: /dev/sda

You’ll need to know the IP address of your target-system, which can be learned from ifconfig eth0.

These commands can be used to clone the blocks to the target-system disk. I assume you have netcat (nc) installed on the source system.

First, run this on the target system

nc -l -p 9001 | dd of=/dev/sda
Then run this on the source system

dd if=/dev/sda | nc 9001
In the real-world, repeat the above process as necessary for the remaining disks.

This is the slowest part of the process. Unfortunately, dd does not show a progress meter. I have seen a 36GB drive take 40 minutes to transfer over on a gigabit network, where the actual throughput was ~14.3MB/s. Another P2V took just over an hour for the same size drive, albeit on a different gigabit network.

The network transfer speed is an important consideration when planning your scheduled outage. You may want to run some tests before your P2V, with a smaller set of data (1GB?) to get an estimate of your throughput, then run the numbers to figure out how long it will take to do the entire drive(s). This can be done while the system is still online. Also, consider the tip above about zero-filling your disk partitions beforehand.

Once your drive(s) have been bit-copied over the network to the target, shutdown your target system and remove the virtual CDROM or ISO mapping.

Optional step: run md5sum /dev/sda and verify the result matches what you saw earlier.

Extras
This is a perfect time to make some adjustments if you want to be clever about your disk & paritition sizes, the following may come in handy. Verify the partitions

fdisk -l /dev/sda
Check a filesystem.

e2fsck -f /dev/sda1
Align ext[23]–>

resize2fs -p /dev/sda1

First-boot
Assuming you got this far, the next step is to immediately shutdown the system again. You’ll want to re-assign the NIC to vmxnet and assign the vmware-tools ISO to the CDROM (path: /usr/lib/vmware/isoimages/linux.iso). Boot up into single-user mode (at grub prompt hit e, select kernel line, e, append “single” to the line, then hit b). Install the vmware-tools (detailed elsewhere) which should get you the vmxnet driver module. Adjust network settings now! Cleanup and reboot. You should be 98% there. Congratulations!

NOTE: I had to rename /etc/rc3.d/S19vmware-tools to /etc/rc3.d/S09vmware-tools to “fix” my network bootup sequence.

On the second reboot, the kudzu command will run and (may well) deal with the remaining hardware changes.

When kudzu runs, it recognizes that certain devices (Broadcom NICs) are no longer there while others (LSI Logic card, pcnet32 NIC) had been added. Usually it is easiest to just accept what kudzu tells us & fine tune later.

See When things go wrong below if you don’t get back to a login: prompt.

When things go wrong
If kudzu does not get you back to a login: prompt, the next step is to boot with the rescue disk. This entails mapping the install cd#1 ISO file to your CDROM device using the MUI or vmware-server-console. Make sure the VM BIOS is also set to use your CDROM in the boot order before the hard drive(s).

Once booted, type linux rescue at the boot prompt and shortly thereafter you will be able to type chroot /mnt/sysimage to get at your disk partitions, which should automatically be mounted there.

The first thing to look at is /etc/modules.conf (RHEL3/CentOS3) or /etc/modprobe.conf (RHEL4/CentOS4). Make sure the appropriate SCSI driver is listed, either BusLogic or mptscsih (based on what you configured this VM to use and the recommendations above).

alias scsi_hostadapter mptscsih
#or
alias scsi_hostadapter BusLogic
Also, take note of the eth0 setting, which should be either pcnet32 for the vlance device, or vmxnet for the vmxnet device. After you install the vmware-tools with the vmxnet device assigned it should be configured automatically.

alias eth0 pcnet32
#or
alias eth0 vmxnet
If you went the route of cloning individual partitions instead of the entire disk(s), it may be necessary to clone the MBR. This will be evident if you try to boot from the drive and get the message “No operating system found”. The process is described here.

Tying up loose ends
Consider the new state of the system, do you really need to run NTP anymore? (Hint: read VMware’s timekeeping whitepaper, set tools.timeSync=”TRUE” in the .vmx file and add clock=pit to the grub kernel line).

See Also
ESX Server 3 Systems Compatibility Guide (PDF)
ESX Server 2.x Systems Compatibility Guide (PDF)
Hard Disk Cloning
Wonders of ‘dd’ and ‘netcat’: Cloning OS harddrives
The Sleuth Kit Informer
dd_rescue – looks like a GREAT alternative to dd for P2Ving systems with failing hard drives. Available in the CentOS
dcfldd – another dd alternative that can update the user of its progress in terms of the amount of data transferred and how much longer operation will take.

Re: Gaim in Vista doesn’t show my Chinese/Japanese anymore – solution

Another thing that needs to be set is under “Regional and Language Options” in the Control Panel, in the Languages tab, the “Install files for East Asian languages” must be checked as well. A reboot will need to take place after the files are installed.

Right click and "send to" Notepad or Wordpad …

http://www.petri.co.il/send_to_notepad_shortcut.htm How can I quickly send files to Notepad for quick editing? This is one of my favorite tweaks, and it will amaze you how you lived all these years without knowing it (or did you? you wouldn’t be here if you did…) The easiest way of all is to do the following: 1. Go to %SystemDrive%\documents and settings\%username%\sendto (or \Windows\SendTo in Win9X).
2. Right-click in the right hand panel and select New > Shortcut
3. Create a new shortcut to Notepad.exe in the sendto folder. Now if you right-click any REG, TXT, VBS, CMD, DAT, NFO etc. file, you can choose the Send To menu and send the file to Notepad which will immediately open it for editing.]]>

FlickrDown is kix azz!

I was tired of downloading pictures one at a time from someone’s flickr page and so I searched the web for a good program to do it. It will download the highest resolution pictures from someone’s photo sets. It works with a proxy server too! Sitesnagger or wget would download way too much stuff! This application is awesome!

Here’s where you can get it:
http://greggman.com/pages/flickrdown.htm

iSCSI naming

Both targets and initiators require names for the purpose of
identification, so that iSCSI storage resources can be managed
regardless of location (address). Note that this means iSCSI names
are independent of location.

Furthermore, iSCSI names are associated with iSCSI nodes instead of
with network adapter cards to ensure the free movement of network
HBAs between hosts without loss of SCSI state information
(reservations, mode page settings etc) and authorization
configuration. An iSCSI node also has one or more addresses.
An iSCSI address specifies a single path to an iSCSI node and consists
of the iSCSI name, plus a transport (TCP) address which uses the following format: [: ] If the is not specified, the
default port 3260, assigned by IANA, will be assumed. For iSCSI
initiators, the is omitted.

The concepts of names and addresses have been carefully separated in
iSCSI:

– An iSCSI Name is a location-independent, permanent identifier for
an iSCSI node. An iSCSI node has one iSCSI name, which stays
constant for the life of the node.

– An iSCSI Address specifies not only the iSCSI name of an iSCSI
node, but also a location of that node. The address consists of a
host name or IP address, a TCP port number (for the target), and
the iSCSI Name of the node. An iSCSI node can have any number of
addresses, which can change at any time.

To assist in providing a more human-readable user interface for
devices that contain iSCSI targets and initiators, a target or
initiator may also provide an alias. The alias strings are communicated
between the initiator and target at login, and can be displayed by a user interface on either end, helping the user tell at a glance whether the
initiators and/or targets at the other end appear to be correct.
The alias is a variable length string, between 0 and 255 characters.

Constructing iSCSI names using the iqn. format.

– The string “iqn.”

– A date code specifying the year and month in which the
organization registered the domain or sub-domain name used as the
naming authority string.

– The organizational naming authority string, which consists of a
valid, reversed domain or subdomain name.

– Optionally, a ‘:’, followed by a string of the assigning
organization’s choosing, which must make each assigned iSCSI name
unique.

The following is an example of an iSCSI qualified name from an
equipment vendor:

Organizational Subgroup Naming Authority
Naming and/or string Defined by
Type Date Auth Org. or Local Naming Authority
+–++—–+ +———+ +——————————–+
| || | | | | |

iqn.2001-04.com.example:diskarrays-sn-a8675309

The following is an example of an iSCSI name string from a storage
service provider:

Organization String
Naming Defined by Org.
Type Date Authority Naming Authority
+-+ +—–+ +————-+ +———————-+
| | | | | | | |
iqn.1995-11.com.example.ssp:customers.4567.disks.107

Note that when reversing these domain names, the first component
(after the “iqn.”) will always be a top-level domain name, which
includes “com”, “edu”, “gov”, “org”, “net”, “mil”, or one of the
two-letter country codes. The use of anything else as the first
component of these names is not allowed.

Constructing iSCSI names using the eui. format

The iSCSI eui. naming format allows a naming authority to use IEEE
EUI-64 identifiers in constructing iSCSI names. The details of
constructing EUI-64 identifiers are specified by the IEEE
Registration Authority (see [EUI64]).

Example iSCSI name:

Type EUI-64 identifier (ASCII-encoded hexadecimal)
+–++————–+
| || |
eui.02004567A425678D

iSCSI Discovery

The goal of iSCSI discovery is to allow an initiator to find the
targets to which it has access, and at least one address at which
each target may be accessed. This should generally be done using as
little configuration as possible. The iSCSI discovery mechanisms
listed here only deal with target discovery and one still needs
to use the SCSI protocol for LUN discovery. In order for an iSCSI
initiator to establish an iSCSI session with an iSCSI target, the
initiator needs the IP address, TCP port number and iSCSI target name information.

iSCSI supports the following discovery mechanisms:

a. Static Configuration: This mechanism assumes that the IP address,
TCP port and the iSCSI target name information are already
available to the initiator. The initiators need to perform no
discovery in this approach. The initiator uses the IP address and
the TCP port information to establish a TCP connection, and it
uses the iSCSI target name information to establish an iSCSI
session. This discovery option is convenient for small iSCSI
setups.

b. SendTargets: This mechanism assumes that the target’s IP address
and TCP port information are already available to the initiator.
The initiator then uses this information to establish a discovery
session to the Network Entity (IP address). The initiator then subsequently issues the SendTargets text command to query
information about the iSCSI targets available at the particular
Network Entity (IP address).

c. Zero-Configuration: This mechanism assumes that the initiator does
not have any information about the target. In this option, the
initiator can either multicast discovery messages directly to the
targets or it can send discovery messages to storage name servers.
Currently, the main discovery frameworks available are
SLP and iSNS. (Not supported in the first release of ESX 3.)]]>