Linux HOWTO Collection Redhat driver disk HOWTO
Linux NFS mounts should use the following options:
exec,dev,nosuid,rw,bg,tcp,hard,intr,vers=3
With Network Appliance Filer mounts (with buggy Linux kernel):
exec,dev,nosuid,rw,bg,tcp,hard,intr,vers=3,rsize=2048,wsize=2048
We had some reliablity issues with NFS just falling over on Linux boxes with vers=3 enabled but not tcp. Adding the tcp option improved reliablity. The main problem is Linux NFS and processes getting stuck a in a D state (disklocked), waiting for I/O. This is _definitely_ a bug in the Linux kernel, fixed in later 2.4 kernels (I’ve used custom compiled 2.4.26 extensively with no NFS problems), but present in RedHat AS3.0 kernels. As we’re choosing to fully support RedHat AS, we have to use the RedHat stock kernels, hence we have to wait for RedHat to fix the bug, or supply a simple workaround for our customers.
A tech from Redhat advises me that using “soft” is safe if you’re using “tcp” in your options as it guarantees data safety. While this makes me a little uneasy, and the man page (albeit the man page is 11 years out of date and claims TCP isn’t even supported yet) says not to use “safe”, it does actually seem to stop processes getting stuck in a D state over NFS. Which is what soft does, as it allows processes to end I/O gracefully when the server stops responding. Now, we know our server never stops responding, it’s a fully reliable Netapp Filer and no other OS ever has this problem. I _suspect_ it’s a bug in Linux that means high concurrent NFS I/O causes it to think the NFS file server isn’t responding and so gets stuck in a D state. There might be an option to tune the “amount” of NFS I/O that would alleviate the problem also...
The belief that soft mounts fixed the problem was incorrect. It may lessen the noticed symptoms, but it’s no fix. BUT THERE IS A FIX! RedHat have made 2.4.21-27 the official up2date kernel for AS 3.0 Update 3, and this fixes the problem! I beta tested the kernel the week before it became official and it looked like it stops D state processes appearing on NFS mounts in our setup, but after proper testing, it doesn’t.
It seems setting the rsize=2048,wsize=2048 stops the processes getting stuck in D state. Not great for performance, but at least the machines are usable. According to a Netapp bug report, this is a known problem with older AS 3.0 kernels, but it’s supposed to be fixed in the latest ones. They supply a workaround (setting rsize to 2048) which works fine. Despite trying the latest RedHat AS3.0 Update 3 kernels on multiple machines, it makes no difference.
After extensive testing, rsize=2048,wsize=2048 seems to be the workaround when using RedHat AS3.0 Update 3 with a Network Appliance filer. I’m using these NFS mount options on 6 Intel x86, 2 Intel Itanium and 2 PowerPC AS 3.0 Update 3 machines and the latest (2.4.21-27.0.2) RedHat update kernel, and D state processes have basically been eliminated.
I’ve received emails from other people experiencing similar problems and have reached the same conclusion. RedHat closed the bug saying “We’re glad you found a fix!”. I wouldn’t call a workaround a fix, but there you go. Awaiting AS 3.0 Update 4 / AS 4.0 for testing.
On some RedHat AS 3.0 installations, laus/audit.d logs 20M a day and never logrotates. You can just do the following:
/etc/init.d/audit stop rm -f /dev/audit rpm --erase laus /etc/init.d/crond restart /etc/init.d/atd restart rm -rf /var/log/audit.d
mii-tool for older distributions/cards.
ethtool.
We have our normal network on 172.18.x.x . We have a machine with an IP of 172.16.5.7 and it’s not possible (due to license and configuration options) to change the IP from 172.16.5.7. A linux box with 2 NICs is configured thus,
eth0: 172.18.6.27 eth1: 172.16.5.1
Running the following commands on the Linux box allows machines on the 172.18.x.x network to connect to 172.18.6.27 on port 80, which is forwarded on to the 172.16.5.7 machine, and so the 172.16.5.7 machine appears to all intents and purposes to be 172.18.6.27.
iptables -A FORWARD -i eth0 -d 172.18.6.27 -p tcp --dport 80 -m state --state NEW -j ACCEPT iptables -t nat -A PREROUTING -i eth0 -p tcp -d 172.18.6.27 --dport 80 -j DNAT --to-destination 172.16.5.7 iptables -t nat -A POSTROUTING -o eth0 -s 172.18.5.1 -j SNAT --to-source 172.18.6.27 echo 1 > /proc/sys/net/ipv4/ip_forward
You can switch between ext2 and 3 just by changing the fs type in the fstab. Always handy when a redhat upgrade goes wrong and leaves your box unbootable: boot into single user mode and change everything back to ext2.
/etc/sysconfig/clock /etc/localtime/etc/localtime should be a symlink to /usr/share/zoneinfo/GB.
/etc/sysconfig/clock should contain
ZONE="Europe/London" UTC=true ARC=false
To stop X trying to start on the console, comment out the following line from /etc/X11/gdm/gdm.conf.
0=Standard
and to allow XDMCP to work, change:
[xdmcp] #Enable=false Enable=true
then init 3; init 5 will sort out X.
Modify /etc/security/limits.conf to contain:
* soft nofile 4096 * hard nofile 4096
I use Belkin’s 54g desktop PCI cards and they work with ndiswrapper under FreeBSD and Linux. Ndiswrapper is pretty straightforward. Linux’s wiconfig is odd and doesn’t seem to support WPA and the man page is wrong.
The command to disable or enable the firewall is “system-config-securitylevel” or “system-config-securityleveltui”