Rackspace servers: Enabling a swap file

Rackspace no longer offers swap partitions.  Their reasoning is pretty flimsy since you can still create a swap file on your machine and swapon that mofo.  Here are two articles from rackspace.com.

Rackspace’s reasoning:  http://www.rackspace.com/knowledge_center/article/swap-space-on-cloud-servers

How to create and turn on swap space using a swap file instead of a swap partition…

To add 1GB of swap to your server, for example, follow these steps:

  1. Create the file to be used for swap.
    fallocate -l 1G /mnt/1GB.swap

    If fallocate fails or is not installed, run the following command.

    sudo dd if=/dev/zero of=/mnt/1GB.swap bs=1024 count=1048576
  2. Format the file for swap.
    mkswap /mnt/1GB.swap
  3. Add the file to the system as a swap file.
    swapon /mnt/1GB.swap
  4. Add this line to the end of /etc/fstab to make the change permanent.
    /mnt/1GB.swap  none  swap  sw 0  0
  5. To change the swappiness value edit /etc/sysctl.conf and add the following line.
    vm.swappiness=10

    Start with a value of 10 and increase if needed. A typical default value for swappiness is 60. The higher the number (up to 100), the more often swap is utilized.

    How much swappiness affects performance depends on how your memory is being used, so experiment to find an optimal value. At 0 the swap file will only be used when the system runs completely out of memory. Higher values let the system swap idle processes out to allow the system to free memory for disk caching, potentially improving overall system performance.

  6. Check that the swap file was created.
    swapon -s
  7. Reboot the server to ensure that the changes go into effect.

Acer Aspire One Reset

For posterity, with the goal of making Windows-related headaches less painful:
Because Windows 8 is a bitch, and the Acer Aspire One (specifically the V5-171 series) makes it ridiculously difficult to access BIOS/boot options…
If you’re in the unfortunate position of having lost your Windows login password (or, as in this case, have a client who cannot remember their password) and are without a Windows8 boot disk, or password recovery options, you’ll need to reset the machine back to it’s factory settings. This RESETS THE MACHINE BACK TO FACTORY SETTINGS, meaning all files, settings, information you’ve put onto the computer are gone. Fo-eva.
On the AAO V5-171, I found a lot of things that said to restart the machine and press f2, or alt+f8, or alt+f10, blablabla during POST to access the BIOS. As it turns out, F2 does give you the “BIOS,” kind of. It was only after I pulled the battery, then powered on, and hit f2 (one quick press) during POST, but before the ACER logo appears, that I was able to access the BIOS. Remember back in the olden days, when you were able to complete a factory reset from the BIOS? On Windows8, unless you wish to complete a full reload of your OS (I did not, nor did I have a boot disk with which to do so), the BIOS is useless.
So, on this machine, in Windows8, what can be done to access the “Advanced Startup Options” menu?
It’s simple, but a sadly under-published bit of information:
On the Windows log in screen, under the password field, click the Power icon to bring up the submenu, which includes both “Shut Down” and “Restart.” Press (and hold) the Shift key, while clicking “Restart” from that menu. Wait a second, because, at first, the machine doesn’t appear to be doing anything. After a few seconds, though, you’ll be taken to a very pretty looking Advanced Startup Options screen, where you can click on Troubleshoot, then choose to Reset the PC. Again, RESETS THE MACHINE BACK TO FACTORY SETTINGS, but when you don’t know the password to get past the initial log in screen, it’s the route you need to take.
Once the machine has reset itself, about an hour later, you’ll have a fresh box to work (battle? swear at? hate with the fiery passion of a thousand suns?) with.

Dummy Cert Expired

The Problem:
Got this warning from certwatch:


 ################# SSL Certificate Warning ################
Certificate for hostname 'goatshark.goatshark.com', in file (or by nickname):
 /etc/pki/tls/certs/localhost.crt
The certificate needs to be renewed; this can be done
 using the 'genkey' program.
Browsers will not be able to correctly connect to this
 web site using SSL until the certificate is renewed.
##########################################################
 Generated by certwatch(1)

 

The fix (at least for the next year) Continue reading

Q-in-Q Ethernet frame size

Just a few notes from a conversation about ethernet frame size while using Q-in-Q (double tagging, vlan tunneling). Maximum frame size for a tagged frame is 1522 bytes. That breaks down like so:

  • 6 byte DA (Destination Address)
  • 6 byte SA (Source Address)
  • 4 byte VLAN tag
  • 2 byte Etype
  • 46-1500 byte DATA (payload)
  • 4 byte FCS

So adding a secondary VLAN tag would increase this maximum frame size to 1526, like so:

  • 6 byte DA (Destination Address)
  • 6 byte SA (Source Address)
  • 4 byte VLAN tag
  • 4 byte VLAN tag
  • 2 byte Etype
  • 46-1500 byte DATA (payload)
  • 4 byte FCS
q-in-q-frame

Frame structure of tagged and double-tagged ethernet frames

Young Writers Studio

Congratulations, Gabran!  Gabe was accepted into the Young Writers Studio at the University of Iowa.

Dropping Gabran off in Iowa City for the Young Writers Studio

Dropping Gabran off in Iowa City for the Young Writers Studio

Gabran signing in at the Young Writers Studio in Iowa City

Gabran signing in at the Young Writers Studio in Iowa City

ManGabe

Here’s a picture from January 15, 2013.  Gabran got his license on that fateful Tuesday.  This was taken right before his first solo drive.

Right before Gabran's first solo drive.

Right before Gabran’s first solo drive.

ISC DHCP and Option 82 coming from non-access gear

DHCP option 82 sub-option 1 information coming from access gear (Occam, Calix, etc.) is sent in ascii format.  That same information sent by switching/routing gear (Brocade, Cisco, etc.) is sent base10 encoded.  Changes have to be made to the dhcpd.conf file to deal with this, no only for the purposes of logging, but also for any match statements for statically assigning IP addresses based on switch/card/port (option 82) information.  Here is a working dhcpd.conf file that solves the issue.

option comment code 200 = string;

################# Logging Script for Calea#############
if exists agent.circuit-id
{
if exists dhcp-client-identifier
{
log ( info, concat( “IP Address: “, binary-to-ascii ( 10, 8, “.”, leased-address ), ” Option-82: “, binary-to-ascii(10, 8, “.”, option agent.circuit-id) ));
}
else
{
log ( info, concat( “IP Address: “, binary-to-ascii ( 10, 8, “.”, leased-address
),
” Option-82: “, binary-to-ascii(10, 8, “.”, option agent.circuit-id ) ));
}
}
#######################Logging Script for Calea End###################
# 259200 seconds = 72 hours
default-lease-time 259200;
max-lease-time 259200;

# These are Google’s public dns resolvers
#option domain-name-servers 8.8.8.8, 8.8.4.4;

# Some random config lines to sidestep clients sending
# dynamic dns updates to us to fill up the logs
ddns-update-style none;
ignore client-updates;
authoritative;

#start of shared-network localnet
shared-network LOCAL-NET {
subnet 192.168.0.0 netmask 255.255.255.0 {
option comment “LOCAL_NET”;
}
}

#############################################################################

#start of shared-network ADMIN_NETWORK
shared-network ADMIN_NETWORK {
subnet 10.50.50.0 netmask 255.255.255.0 {
option comment “Admin_Network”;
option routers 10.50.50.254;
option broadcast-address 10.50.50.255;
# range 10.50.50.200 10.50.50.249;
default-lease-time 259200;
max-lease-time 259200;
filename “testbootfile.xml”;

class “GOAT_TEST_Port_10″ {
match if binary-to-ascii(10, 8, “.”, option agent.circuit-id) = “0.4.0.50.1.10”;
}
pool {
allow members of “GOAT_TEST_Port_10″;
range 10.50.50.2;
deny dynamic bootp clients;
}

class “GOAT_TEST_Port_12″ {
match if binary-to-ascii(10, 8, “.”, option agent.circuit-id) = “0.4.0.50.1.12”;
}
pool {
allow members of “GOAT_TEST_Port_12″;
range 10.50.50.12;
deny dynamic bootp clients;
}

}
} #end of shared-network ADMIN_NETWORK