Linux

linux operating system notes

Published: Saturday, 30 August 2008
linux

Networking with a Virtual IP

Add extra IPs to your network card using ifconfig.

e.g. I have an existing IP 10.0.0.20

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:18:F3:5F:7A:AC
          inet addr:10.0.0.20  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2548750 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2458043 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1568857563 (1496.1 Mb)  TX bytes:951347326 (907.2 Mb)
          Interrupt:220

To add a new IP

# ifconfig eth0:0 10.0.0.21 netmask 255.255.255.0 up

Now there is another interface:

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:18:F3:5F:7A:AC
          inet addr:10.0.0.20  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2548810 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2458070 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1568863792 (1496.1 Mb)  TX bytes:951350040 (907.2 Mb)
          Interrupt:220

eth0:0    Link encap:Ethernet  HWaddr 00:18:F3:5F:7A:AC
          inet addr:10.0.0.21  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:220

This has been used in a MySQL setup, where there is 1 master and multiple slaves. The server that the current master is running on owns the Virtual IP (VIP).

If the master fails, then the VIP should be removed from the master server, then added to an alternative slave server instead. To remove the VIP from an interface run:

# ifconfig eth0:0 down

Clients should be configured to point to the VIP instead of directly to a server.

iptables

Redirecting ports

In this example we have tomcat running port on port 8080 and 8443, and would like it to also appear on port 80 and 443.

iptables -t nat -A OUTPUT -d localhost -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A OUTPUT -d 10.0.0.20 -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A PREROUTING -d 10.0.0.20 -p tcp --dport 80 -j REDIRECT --to-ports 8080

iptables -t nat -A OUTPUT -d localhost -p tcp --dport 443 -j REDIRECT --to-ports 8443
iptables -t nat -A OUTPUT -d 10.0.0.20 -p tcp --dport 443 -j REDIRECT --to-ports 8443
iptables -t nat -A PREROUTING -d 10.0.0.20 -p tcp --dport 443 -j REDIRECT --to-ports 8443

user management

Adding a new unix user account

To add a new user, use the useradd command. Run useradd --help for help. This needs to be run as root.

For example, to add the user backup, run the following:

# useradd -d /home/backup -m backup

The user cannot login without a password, so you can run passwd backup to allow the user backup to login.

You can also change the default shell using the chsh command.

# chsh --shell /bin/bash backup

or specify the shell when adding the user.

# useradd -d /home/backup -m backup -s /bin/bash

script

The script command can be used to log stdin/stdout to disk. By default, it creates a file called typescript, where both stdin and stdout will be logged. I’ve found this useful when installing or configuring programs which need a review or to keep a history of the settings chosen. I also keep a backup of this log in case there were any missed warnings or errors.


More Articles

Courier IMAP Setup
ubuntu Linux distribution notes
Linux