Random Thoughts by Paul

From time to time I find myself needing to treat one class of devices differently than another class of devices as dhcp clients. This becomes very common when dealing with sip phones, different phones need different/conflicting configuration parameters. The typical way to deal with this is to have an entry per device to specify how it will behave. That behavior doesn't scale very well unless you have an automated system to modify the dhcpd configuration on the fly. It turns out that dhcpd has quite a few advanced features that few people ever stumble upon.

This is a pretty quick post but I wanted to throw it out here as it might help somebody. When you start getting into several tables and a large rule base it can get to be a bit difficult to figure out what rule blocked a packet that shouldn't have gotten through.

Instead of:
IN=eth1 OUT=tun0 SRC=10.2.1.2 DST=10.3.1.6 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=16679 PROTO=ICMP TYPE=0 CODE=0 ID=29120 SEQ=4

Everyone always has a hard time figuring out what to buy for me and I don't make it very easy. I don't want for much and my typical answer when asked what I want is "I don't need anything." Sorry about that, to make up for my difficulty I've spent some time and put together a couple of wish lists of things I would love to have. I realize some items on the list are pretty expensive I promise I haven't lost my mind! It's a wish list and I wish I had those things, I am very aware that no-one would ever buy them for me.

Geeky stuff:
http://www.thinkgeek.com/brain/gimme.cgi?wid=81cdc8087

This is probably going to be my shortest technical post ever, Solaris definitely gets management of one thing right, multipathing. It does almost all the work for you, run stmsboot -e answer a couple of questions and it will reboot the system, it will come up, discover all paths and update your vfstab with the multipath version then reboot again, done.

Sorry about the site outage, had a hard drive crash take the box into read-only mode for a few hours today till I could get my hosting provider to actually do something about the support ticket. Oh well, everything is back, happy day!

The M-series boxes from Sun are a joint venture with Fujitsu and bring some nice features to the middle tier server platform for Sun. For those who haven't worked with big boxes like these before it can be a little intimidating to get them setup and running. Here is a quick guide to get the service processor setup so that you can get things going.

You will need to connect to the service processors serial port at 9600,8,N,1,None (serial settings)

Sun Volume Manager, or SVM for short, allows you to do software raid in instances where you don't have hardware capable of doing the job. You will find that the more expensive the Sun hardware gets, the less chance it will have any kind of hardware raid. So this will become a critical tool on your most critical servers. This is a quick example of how to setup mirroring of the root disk while the system is online, although it will require a reboot to finish the process.

Solaris 10 does a pretty good job of handling multipath functionality with very little help from the systems administrator. Having Solaris use multipathing is as simple as running the stmsboot -e command. This will ask you a few questions about which controllers to enable it on if you are sure and if you want to go ahead and reboot to make the changes take effect. This will reboot the box, detect all multipathing settings, set them, and reboot once again in a new glorious multipath enabled world.

Configuring NTP on Solaris is pretty trivial, first create the ntp.conf file in /etc/inet/ntp.conf it should look like the following with your information instead:
#ntp.conf
server ntp1.yourdomain.com
server ntp2.yourdomain.com

driftfile /etc/ntp.drift

Then you need to enable the service:
svcadm enable ntp


Sometimes either out of necessity or preference you may find yourself trying to patch a Solaris box without using x windows. Here is a quick guide to get you through:

First you have to register the system with Sun by providing your sun login credentials to get access to patches that can be done with the following
cp /usr/lib/breg/data/RegistrationProfile.properties /tmp/


Fill in your account information in the properties file (replace the caps with your data):
perl -pi -e 's/^userName=/userName=YOURNAME/' /tmp/RegistrationProfile.properties