UUCP map entry
Once upon a time, email for systems not continually connected to the Internet was transferred via a system called UUCP (Unix-to-Unix Copy). I was reminiscing about this the other day, when WilW was talking about Akira and mentioned old BBS systems like GEnie and Compuserve.
UUCP worked sortof like Internet routing does now, by using a map to find the shortest path between two systems. Text map entries were published for each system, usually in Usenet groups (I found my old one in can.uucp.maps on Google Groups), indicating what other systems they connected to. Your UUCP program would build a map, then choose the shortest path and send mail to the appropriate upstream system. If you just had one upstream connection you wouldn't need to build the map, just send all outgoing mail to your upstream, but you still needed to publish a map entry for your system so people could send email and other files to you.
Periodically, usually every couple of hours but could be once a day or even less, your computer would automatically dial your modem to connect to your upstream connection, and any pending files would be sent/received. This could include email messages, Usenet group updates, or just files you wanted to send to another system.
It was fun to explore wacky things like FTP-by-email (send an email to an automated service email address and it would process FTP commands, including sending you back files split across multiple messages), and having a Usenet feed delivered to my own computer was so cool.
Below is the first entry I had in the international UUCP maps, and coincidentally the first Internet-compatible email address I had that ran on my own equipment - using this I could get email sent to bryanf@cspace.uucp, or the address below. And yes, I called my organization Cyberspace -- hey, I was 19.
#N cspace
#S Intel 486DX; SCO Unix 3.2v4
#O Cyberspace
#C Bryan Fullerton
#E cspace.comspec.com!bryanf
#T [snip old phone number]
#P [snip exact address], Toronto, Ontario, Canada, M4G 2J8
#L 43 40 N / 79 30 W city
#R Home system only - mail/usenet/C programming
#U comspec.com
#W bryanf@cspace.comspec.com (Bryan Fullerton);Thu Dec 24 19:15:00 EDT 1992
#
#
#
# RATE TIMES NEWS
cspace comspec.com
cspace = cspace.comspec.com
cspace comspec.com(DIRECT) #V32 24h Partial
My connection was obviously still heavily tied to my employer at the time, as they were my only upstream connection. In 1992/1993 I paid for a UUCP feed, first from UUNorth and then UUNet Canada, before finally getting on the real Internet with a dialup and then ISDN connection to Interlog in 1994.
Long after I registered and had working my SMTP email domain in 1995 I was still able to get email sent to cspace.uucp thanks to Bruce at GTS, until sometime around 2000/2001. I wonder if anyone still has active UUCP feeds, could be fun to set one up again.
IIS7 URL Rewrite module – things to know
Things not immediately obvious that you should know about the IIS7 URL Rewrite module, based on our experience at $work and the results of the support call we put in to Microsoft.
- There have been different packages of version 1.1 of the module over time, all with the same name. The only way to know which one you have is to check the DLL version. The most current DLL version in the URL Rewrite 1.1 package is 7.1.490.43. It is unclear at this point if Microsoft will do the same with v2.0 of the module, as it is still a Release Candidate. We have asked if they can properly identify the packages so we'll know when one contains a new DLL.
- URL Rewrite has a memory leak, which appears to be something related to caching URLs. The leak is very bad in v1.1 of the module, and significantly improved but seems still present in v2.0 of the module. If you use URL Rewrite with many rules on a high traffic site you will see memory usage on IIS worker processes (w3wp.exe) grow. If you are using 32-bit worker processes performance will start to degrade after passing about 3Gb in size. Until we could find a solution to the memory leak, we worked around it by forcing a recycle of the application at 2Gb allocated.
- Microsoft recommends that a work-around for the memory leak in version 1.1 of the module is to use version 2.0 of the module. Although version 2.0 is not yet released (still Release Candidate), they indicate it is supported as production code (ie, you can open support tickets about it). We have found version 2.0 does seem to still have a slower leak, but our worker processes now recycle based on our normal time windows instead of allocated memory size. We are still testing v2.0, so have not yet revisited the memory leak issue with Microsoft.
- URL Rewrite rules set at the server-level (ie, top level, not in an individual site) are copied to every worker process. This means any requests for a given site must go through all server-level and then all site-level rules you have defined, even if they don't match any server-level rules. Keep this in mind when defining server-level rules, especially on a server handling multiple high-traffic sites.
That's enough for now, maybe more later.
Ubuntu – rssh – sftp only, with chroot
Here's how to setup rssh on Ubuntu, to allow sftp only with a chroot directory. Note that these instructions are for Ubuntu Server 9.04 x64, other versions may require changes.
First, add the rssh package.
sudo apt-get install rssh
Second, edit /etc/rssh.conf. Uncomment the #allowsftp line and one of the #chrootpath lines, and set the chrootpath to wherever you want your top-level chroot directory.
Third, modify or add whichever users you want to access using sftp and set their shell to /usr/bin/rssh.
Fourth, setup the chroot environment, which includes copying the following from the main system into your chroot directory:
./etc/ld.so.cache
./etc/resolv.conf
./etc/ld.so.conf.d/x86_64-linux-gnu.conf
./etc/ld.so.conf.d/libc.conf
./etc/ld.so.conf
./etc/passwd
./etc/group
./etc/nsswitch.conf
./etc/rssh.conf
./usr/bin/rssh
./usr/lib/libgssapi_krb5.so.2.2
./usr/lib/rssh/rssh_chroot_helper
./usr/lib/openssh/sftp-server
./usr/lib/libk5crypto.so.3.1
./usr/lib/libkrb5support.so.0.1
./usr/lib/libkrb5.so.3.3
./lib/libutil-2.9.so
./lib/libz.so.1.2.3.3
./lib/libpthread-2.9.so
./lib/libdl-2.9.so
./lib/libnsl-2.9.so
./lib/libcrypt-2.9.so
./lib/ld-2.9.so
./lib/libresolv-2.9.so
./lib/libnss_files-2.9.so
./lib/libc-2.9.so
./lib/libkeyutils-1.2.so
./lib/libcom_err.so.2.1
./lib/libnss_compat-2.9.so
./lib/libcrypto.so.0.9.8
Additionally, setup these links, again copying what's setup in the main system.
./usr/lib/libkrb5support.so.0
./usr/lib/libgssapi_krb5.so.2
./usr/lib/libk5crypto.so.3
./usr/lib/libkrb5.so.3
./lib/ld-linux-x86-64.so.2
./lib/libutil.so.1
./lib/libkeyutils.so.1
./lib/libnss_files.so.2
./lib/libnsl.so.1
./lib/libcom_err.so.2
./lib/libdl.so.2
./lib/libc.so.6
./lib/libz.so.1
./lib/libresolv.so.2
./lib/libpthread.so.0
./lib/libnss_compat.so.2
./lib/libcrypt.so.1
./lib64
You may want to strip out users/groups you don't want visible from the etc/passwd and etc/group files.
Fifth, create a dev directory in your chroot directory, then create a /dev/null in it as follows.
mknod -m 666 dev/null c 1 3
Sixth, edit /etc/default/syslogd and update the SYSLOGD="" line as follows.
SYSLOGD="-a /[chroot dir]/dev/log"
Then restart syslogd.
sudo /etc/init.d/sysklogd restart
Finally, test.
Note that if you add users/groups to the system /etc/passwd and /etc/group files they will need to be copied again (possibly just the new lines) into the appropriate files in the chroot directory's etc.
References:
Linux Configure rssh Chroot Jail To Lock Users To Their Home Directories Only
OpenNMS and WMI – Part 2, adding more monitors
In the last post about OpenNMS and WMI I covered how to get the WMI monitors included with OpenNMS up and running. Now I'll cover adding new monitors.
I'll provide an example that I setup to pull HTTP request data from the W3SVC counters and graph it. Step by step, here we go.
First step is to figure out which WMI objects you want to monitor. I'm mostly interested in performance counters, because that's my primary need for WMI, but you could also just monitor the value of any WMI object. As I posted recently, Powershell can be a great tool for digging into WMI and finding the class names and available values.
Second, if whatever monitor you're collecting has multiple entries per server, you'll need to setup a resourceType entry in datacollection-config.xml. This basically creates a hierarchy for the data you're collecting that can be retreived when graphing, I'll discuss more about this below. Here's my example config chunk. Note that the resourceLabel is populated from the data you collect.
Work laptop rebuild, again
I posted in June about reinstalling my work laptop using Ubuntu 9.04 as the base OS and running Windows 7 pre-release in a VM, and then later about the problems I was having with external monitors in Ubuntu. Those monitor issues were never entirely resolved to my satisfaction, though the workarounds made it tolerable.
A couple of weeks ago I bit the bullet and reinstalled the machine using 64-bit Windows 7 final from TechNet. I'm considering this an approved trial install from Microsoft's perspective, since I'm one of the more technologically informed people at my workplace on the infrastructure side, and I will be asked for input on upgrading the developers and other techies in our department to Windows 7. So it's reasonable that I should be evaluating it and finding any problems with our normal tools.
Result so far: I have been entirely happy so far with Windows 7 as the base OS. It's quick, it works the way I expect, and almost every application is compatible -- VMware VSphere 4 client is the only app I've found so far that doesn't work, and I expect that's VMware's problem not Microsoft's.
So... there you go, an update.
OpenNMS and WMI – Part 1, getting started
I've setup and used OpenNMS at my last job and my current job, and it works very nicely. One thing I haven't done until last week, though, is get WMI monitoring/graphing working properly. WMI is the Windows Management Instrumentation API, and it gives you access to all sorts of internals on a Windows box. In my case, I want to access performance counters, particularly for IIS and ASP.NET.
Support for WMI is added in OpenNMS 1.7, which is still technically the unstable version -- but it should be released as 1.8 any day now. I'd put it as late beta quality at worst, and if you've found this post via Google the final 1.8 version has probably already been released.
However, as 1.7 is still unstable, the documentation for all the new features, like WMI, is a bit sketchy. The OpenNMS wiki page is here, and it'll get you about 80% through turning on WMI, but doesn't really tell you what to do from there to actually start collecting data and setting up your own checks. Admittedly a lot of the OpenNMS documentation is like that, you have to rely a lot more on the examples and mailing list discussion than the formal documentation.
Powershell and WMI
I've been working a fair bit with WMI on Windows servers, in particular pulling out performance counters (will shortly be putting up another post about OpenNMS and WMI), and have found that Powershell is, once again, extremely useful.
Microsoft's base WMI documentation online isn't bad, but it's a bit dated, and after days of searching I have still not found any documentation of ASP.NET WMI performance counters via Google.
Here are some useful commands in Powershell if you want to look at WMI, both to explore the WMI structure and to pull specific bits of data. Note that gwmi is an alias to the full Get-WmiObject command.
Find a WMI class using part of the name, in this case ASPNET.
gwmi -list | where {$_.name -match "ASPNET"}
Dump the contents of an entire WMI class, in this case Win32_PerfFormattedData_ASPNET_ASPNETApplications (you may also want to pipe to more).
gwmi Win32_PerfFormattedData_ASPNET_ASPNETApplications
Using WQL, which is just like SQL but for WMI, select specific records from a WMI class - in this case, select the EventsRaised counter from ASP.NET performance data for app pool with ID 1.
gwmi -query "select EventsRaised from Win32_PerfFormattedData_ASPNET_ASPNETApplications where name = '_LM_W3SVC_1_ROOT'"
That's a good starting point, have fun!
OpenNMS / Ubuntu / network thresholds notifying incorrectly
I've been setting up OpenNMS at work, and ran across a problem suitably annoying and obscure that the solution should be recorded for posterity.
The issue was with network interface thresholds, specifically the ones that measure percentage of the total bandwidth used on a monitored network interface. The threshold definition is like this:
ifInOctets * 8 / 100000 / ifHighSpeed * 100
ifInOctets is the measured amount of traffic on the interface, and ifHighSpeed is the speed of the interface. This threshold was firing all the time, and for no particularly good reason that I could see.
After a lot of digging and pondering, especially since I'm using the unstable OpenNMS 1.7.x branch which is not well documented yet, I started investigating what those two variables in the threshold were set to. ifInOctets was fine, but many Google searches turned up that on Ubuntu (and possibly other Linux variants) the Net-SNMP daemon is frequently unable to properly determine the speed of network interfaces, so it defaults ifHighSpeed to 10Mbps. This is not good when you have a 1000Mbps interface and regularly push 50-100Mbps - the calculation will report 500-1000% of a 10Mbps interface in use, which obviously exceeds thresholds of 90%.
The solution is to force Net-SNMP's interface settings in /etc/snmp/snmpd.conf using something similar to the following line.
interface eth0 6 1000
This tells snmpd that eth0 is an Ethernet interface (6), and that it's speed is 1000Mbps, overriding the incorrect default.
Cacti – Graph 16 CPUs for one Windows machine
We have some nice new machines at work, Dell R610 boxes with dual quad-core CPUs. These CPUs also have hyperthreading, so the OS sees 16 cores. We're running Windows Server 2008 on them.
Cacti's normal Windows graphing doesn't include an "all CPU usage" graph, just per-CPU graphs. This is fine for a couple of CPUs, or even four CPUs, but when you get up into 16 it's just annoying. Nobody wants 16 graphs to get an overview of CPU usage.
I did some Google searches and found some useful bits towards the bottom of this howto about Cacti on Ubuntu. Unfortunately adding more CPUs to their existing 8 CPU template didn't work well, so I just used created my own with theirs as a guideline. In the spirit of open source, I'm making the graph template available here. Let me know if it's useful.
Ubuntu jaunty – external monitor annoyance
Just to give equal opportunity to issues I have with Ubuntu, here's one that bit me today.
I like to use a dual monitor configuration with my laptops, because I tend to have a lot of windows open when I work (terminals, browsers, remote desktops, email, various documents, etc). With Windows this is fairly straight forward, just suspend the laptop, connect the monitor, and bring the laptop back up. Go into your display properties and setup as desired. Most modern video drivers/chipsets will work fine, or at least get the basics right.
Historically with the olde X Window system just setting up one monitor was tricky enough, and two monitors was quite a challenge. Swapping monitors around on the fly was unheard of. Luckily, we've moved past those days, mostly. You can do the same thing with Ubuntu 9.04 (maybe 8.10) as with Windows - suspend the laptop, attach the monitor, bring the laptop back up, and go to the display properties -- the external monitor just works.
Except...