RSS
 

Net App Cheats.. Shit-tons….

09 Nov
Startup and Shutdown
Boot Menu 1) Normal Boot.2) Boot without /etc/rc.

3) Change password.

4) Clean configuration and initialize all disks.

5) Maintenance mode boot.

6) Update flash from backup config.

7) Install new software first.

8) Reboot node.

Selection (1-8)?

  • Normal Boot – continue with the normal boot operation
  • Boot without /etc/rc – boot with only default options and disable some services
  • Change Password – change the storage systems password
  • Clean configuration and initialize all disks – cleans all disks and reset the filer to factory default settings
  • Maintenance mode boot – file system operations are disabled, limited set of commands
  • Update flash from backup config – restore the configuration information if corrupted on the boot device
  • Install new software first – use this if the filer does not include support for the storage array
  • Reboot node – restart the filer
startup modes
  • boot_ontap – boots the current Data ONTAP software release stored on the boot device
  • boot primary – boots the Data ONTAP release stored on the boot device as the primary kernel
  • boot_backup – boots the backup Data ONTAP release from the boot device
  • boot_diags – boots a Data ONTAP diagnostic kernel

Note: there are other options but NetApp will provide these as when necessary
shutdown

halt [-t <mins>] [-f]

-t = shutdown after minutes specified

-f = used with HA clustering, means that the partner filer does not take over
restart reboot [-t <mins>] [-s] [-r] [-f]-t = reboot in specified minutes

-s = clean reboot but also power cycle the filer (like pushing the off button)

-r = bypasses the shutdown (not clean) and power cycles the filer

-f = used with HA clustering, means that the partner filer does not take over
System Privilege and System shell
Privilege priv set [-q] [admin | advanced]Note: by default you are in administrative mode

-q = quiet suppresses warning messages
Access the systemshell ## First obtain the advanced privilegespriv set advanced

## Then unlock and reset the diag users password

useradmin diaguser unlock

useradmin diaguser password

## Now you should be able to access the systemshell and use all the standard Unix

## commands

systemshell

login: diag

password: ********
Licensing and Version
licenses (commandline) ## display licenseslicense

## Adding a license

license add <code1> <code2>

## Disabling a license

license delete <service>
Data ONTAP version version [-b]-b = include name and version information for the primary, secondary and diagnostic kernels and the firmware
Useful Commands
read the messages file rdfile /etc/messages
write to a file wrfile -a <file> <text># Examples

wrfile -a /etc/test1 This is line 6 # comment here

wrfile -a /etc/test1 “This is line \”15\”.”
System Configuration
General information sysconfigsysconfig -v

sysconfig -a (detailed)
Configuration errors sysconfig -c
Display disk devices sysconfig -dsysconfig -A
Display Raid group information sysconfig -V
Display arregates and plexes sysconfig -r
Display tape devices sysconfig -t
Display tape libraries sysconfig -m
Environment Information
General information environment status
Disk enclosures (shelves) environment shelf [adapter]environment shelf_power_status
Chassis environment chassis allenvironment chassis list-sensors

environment chassis Fans

environment chassis CPU_Fans

environment chassis Power

environment chassis Temperature

environment chassis [PS1|PS2]
Fibre Channel Information
Fibre Channel stats fcstat link_statusfcstat fcal_stat

fcstat device_map
SAS Adapter and Expander Information
Shelf information sasstat shelfsasstat shelf_short
Expander information sasstat expandersasstat expander_map

sasstat expander_phy_state
Disk information sasstat dev_stats
Adapter information sasstat adapter_state
Statistical Information
System stats show system
Processor stats show processor
Disk stats show disk
Volume stats show volume
LUN stats show lun
Aggregate stats show aggregate
FC stats show fcp
iSCSI stats show iscsi
CIFS stats show cifs
Network stats show ifnet

Storage

Storage Commands
Display storage show adapterstorage show disk [-a|-x|-p|-T]

storage show expander

storage show fabric

storage show fault

storage show hub

storage show initiators

storage show mc

storage show port

storage show shelf

storage show switch

storage show tape [supported]

storage show acp

storage array show

storage array show-ports

storage array show-luns

storage array show-config
Enable storage enable adapter
Disable storage disable adapter
Rename switch storage rename <oldname> <newname>
Remove port storage array remove-port <array_name> -p <WWPN>
Load Balance storage load balance
Power Cycle storage power_cycle shelf -hstorage power_cycle shelf start -c <channel name>

storage power_cycle shelf completed

Disks

Disk Information
Disk name This is the physical disk itself, normally the disk will reside in a disk enclosure, the disk will have a pathname like 2a.17 depending on the type of disk enclosure

  • 2a = SCSI adapter
  • 17 = disk SCSI ID

Any disks that are classed as spare will be used in any group to replace failed disks. They can also be assigned to any aggregate. Disks are assigned to a specific pool.
Disk Types
Data holds data stored within the RAID group
Spare Does not hold usable data but is available to be added to a RAID group in an aggregate, also known as a hot spare
Parity Store data reconstruction information within the RAID group
dParity Stores double-parity information within the RAID group, if RAID-DP is enabled
Disk Commands
Display disk showdisk show <disk_name>

disk_list

sysconfig -r

sysconfig -d

## list all unnassigned/assigned disks

disk show -n

disk show -a
Adding (assigning) ## Add a specific disk to pool1 the mirror pooldisk assign <disk_name> -p 1

## Assign all disk to pool 0, by default they are assigned to pool 0 if the “-p”

## option is not specififed

disk assign all -p 0
Remove (spin down disk) disk remove <disk_name>
Reassign disk reassign -d <new_sysid>
Replace disk replace start <disk_name> <spare_disk_name>disk replace stop <disk_name>

Note: uses Rapid RAID Recovery to copy data from the specified file system to the specified spare disk, you can stop this process using the stop command
Zero spare disks disk zero spares
fail a disk disk fail <disk_name>
Scrub a disk disk scrub startdisk scrub stop
Sanitize disk sanitize start <disk list>disk sanitize abort <disk_list>

disk sanitize status

disk sanitize release <disk_list>

Note: the release modifies the state of the disk from sanitize to spare. Sanitize requires a license.
Maintanence disk maint start -d <disk_list>disk maint abort <disk_list>

disk maint list

disk maint status

Note: you can test the disk using maintain mode
swap a disk disk swapdisk unswap

Note: it stalls all SCSI I/O until you physically replace or add a disk, can used on SCSI disk only.
Statisics disk_stat <disk_name>
Simulate a pulled disk disk simpull <disk_name>
Simulate a pushed disk disk simpush -ldisk simpush <complete path of disk obtained from above command>

## Example

ontap1> disk simpush -l

The following pulled disks are available for pushing:

v0.16:NETAPP__:VD-1000MB-FZ-520:14161400:2104448

ontap1> disk simpush v0.16:NETAPP__:VD-1000MB-FZ-520:14161400:2104448

Aggregates

Aggregate States
Online Read and write access to volumes is allowed
Restricted Some operations, such as parity reconstruction are allowed, but data access is not allowed
Offline No access to the aggregate is allowed
Aggregate Status Values
32-bit This aggregate is a 32-bit aggregate
64-bit This aggregate is a 64-bit aggregate
aggr This aggregate is capable of contain FlexVol volumes
copying This aggregate is currently the target aggregate of an active copy operation
degraded This aggregate is contains at least one RAID group with single disk failure that is not being reconstructed
double degraded This aggregate is contains at least one RAID group with double disk failure that is not being reconstructed (RAID-DP aggregate only)
foreign Disks that the aggregate contains were moved to the current storage system from another storage system
growing Disks are in the process of being added to the aggregate
initializing The aggregate is in the process of being initialized
invalid The aggregate contains no volumes and none can be added. Typically this happend only after an aborted “aggr copy” operation
ironing A WAFL consistency check is being performewd on the aggregate
mirror degraded The aggregate is mirrored and one of its plexes is offline or resynchronizing
mirrored The aggregate is mirrored
needs check WAFL consistency check needs to be performed on the aggregate
normal The aggregate is unmirrored and all of its RAID groups are functional
out-of-date The aggregate is mirrored and needs to be resynchronized
partial At least one disk was found for the aggregate, but two or more disks are missing
raid0 The aggrgate consists of RAID 0 (no parity) RAID groups
raid4 The agrregate consists of RAID 4 RAID groups
raid_dp The agrregate consists of RAID-DP RAID groups
reconstruct At least one RAID group in the aggregate is being reconstructed
redirect Aggregate reallocation or file reallocation with the “-p” option has been started on the aggregate, read performance will be degraded
resyncing One of the mirror aggregates plexes is being resynchronized
snapmirror The aggregate is a SnapMirror replica of another aggregate (traditional volumes only)
trad The aggregate is a traditional volume and cannot contain FlexVol volumes.
verifying A mirror operation is currently running on the aggregate
wafl inconsistent The aggregate has been marked corrupted; contact techincal support
Aggregate Commands
Displaying aggr statusaggr status -r

aggr status <aggregate> [-v]
Check you have spare disks aggr status -s
Adding (creating) ## Syntax – if no option is specified then the defult is usedaggr create <aggr_name> [-f] [-m] [-n] [-t {raid0 |raid4 |raid_dp}] [-r raid_size] [-T disk_type] [-R rpm>] [-L] [-B {32|64}] <disk_list>

## create aggregate called newaggr that can have a maximum of 8 RAID groups

aggr create newaggr -r 8 -d 8a.16 8a.17 8a.18 8a.19

## create aggregated called newfastaggr using 20 x 15000rpm disks

aggr create newfastaggr -R 15000 20

## create aggrgate called newFCALaggr (note SAS and FC disks may bge used)

aggr create newFCALaggr -T FCAL 15

Note:

-f = overrides the default behavior that does not permit disks in a plex to belong to different disk pools

-m = specifies the optional creation of a SyncMirror

-n = displays the results of the command but does not execute it

-r = maximum size (number of disks) of the RAID groups for this aggregate

-T = disk type ATA, SATA, SAS, BSAS, FCAL or LUN

-R = rpm which include 5400, 7200, 10000 and 15000
Remove(destroying) aggr offline <aggregate>aggr destroy <aggregate>
Unremoving(undestroying) aggr undestroy <aggregate>
Rename aggr rename <old name> <new name>
Increase size ## Syntaxaggr add <aggr_name> [-f] [-n] [-g {raid_group_name | new |all}] <disk_list>

## add an additonal disk to aggregate pfvAggr, use “aggr status” to get group name

aggr status pfvAggr -r

aggr add pfvAggr -g rg0 -d v5.25

## Add 4 300GB disk to aggregate aggr1

aggr add aggr1 4@300
offline aggr offline <aggregate>
online aggr online <aggregate>
restricted state aggr restrict <aggregate>
Change an aggregate options ## to display the aggregates optionsaggr options <aggregate>

## change a aggregates raid group

aggr options <aggregate> raidtype raid_dp

## change a aggregates raid size

aggr options <aggregate> raidsize 4
show space usage aggr show_space <aggregate>
Mirror aggr mirror <aggregate>
Split mirror aggr split <aggregate/plex> <new_aggregate>
Copy from one agrregate to another ## Obtain the statusaggr copy status

## Start a copy

aggr copy start <aggregate source> <aggregate destination>

## Abort a copy – obtain the operation number by using “aggr copy status”

aggr copy abort <operation number>

## Throttle the copy 10=full speed, 1=one-tenth full speed

aggr copy throttle <operation number> <throttle speed>
Scrubbing (parity) ## Media scrub statusaggr media_scrub status

aggr scrub status

## start a scrub operation

aggr scrub start [ aggrname | plexname | groupname ]

## stop a scrub operation

aggr scrub stop [ aggrname | plexname | groupname ]

## suspend a scrub operation

aggr scrub suspend [ aggrname | plexname | groupname ]

## resume a scrub operation

aggr scrub resume [ aggrname | plexname | groupname ]

Note: Starts parity scrubbing on the named online aggregate. Parity scrubbing compares the data disks to the

parity disk(s) in their RAID group, correcting the parity disk’s contents as necessary. If no name is

given, parity scrubbing is started on all online aggregates. If an aggregate name is given, scrubbing is

started on all RAID groups contained in the aggregate. If a plex name is given, scrubbing is started on

all RAID groups contained in the plex.

Look at the following system options:

raid.scrub.duration 360

raid.scrub.enable on

raid.scrub.perf_impact low

raid.scrub.schedule
Verify (mirroring) ## verify statusaggr verify status

## start a verify operation

aggr verify start [ aggrname ]

## stop a verify operation

aggr verify stop [ aggrname ]

## suspend a verify operation

aggr verify suspend [ aggrname ]

## resume a verify operation

aggr verify resume [ aggrname ]

Note: Starts RAID mirror verification on the named online mirrored aggregate. If no name is given, then

RAID mirror verification is started on all online mirrored aggregates. Verification compares the data in

both plexes of a mirrored aggregate. In the default case, all blocks that differ are logged, but no changes

are made.
Media Scrub aggr media_scrub statusNote: Prints the media scrubbing status of the named aggregate, plex, or group. If no name is given, then

status is printed for all RAID groups currently running a media scrub. The status includes a

percent-complete and whether it is suspended.

Look at the following system options:

raid.media_scrub.enable on

raid.media_scrub.rate 600

raid.media_scrub.spares.enable on

Volumes

Volume States
Online Read and write access to this volume is allowed.
Restricted Some operations, such as parity reconstruction, are allowed, but data access is not allowed.
Offline No access to the volume is allowed.
Volume Status Values
access denied The origin system is not allowing access. (FlexCache volumesonly.)
active redirect The volume’s containing aggregate is undergoing reallocation (with the -p option specified). Read performance may be reduced while the volume is in this state.
connecting The caching system is trying to connect to the origin system. (FlexCache volumes only.)
copying The volume is currently the target of an active vol copy or snapmirror operation.
degraded The volume’s containing aggregate contains at least one degraded RAID group that is not being reconstructed after single disk failure.
double degraded The volume’s containing aggregate contains at least one degraded RAID-DP group that is not being reconstructed after double disk failure.
flex The volume is a FlexVol volume.
flexcache The volume is a FlexCache volume.
foreign Disks used by the volume’s containing aggregate were moved to the current storage system from another storage system.
growing Disks are being added to the volume’s containing aggregate.
initializing The volume’s containing aggregate is being initialized.
invalid The volume does not contain a valid file system.
ironing A WAFL consistency check is being performed on the volume’s containing aggregate.
lang mismatch The language setting of the origin volume was changed since the caching volume was created. (FlexCache volumes only.)
mirror degraded The volume’s containing aggregate is mirrored and one of its plexes is offline or resynchronizing.
mirrored The volume’s containing aggregate is mirrored.
needs check A WAFL consistency check needs to be performed on the volume’s containing aggregate.
out-of-date The volume’s containing aggregate is mirrored and needs to be resynchronized.
partial At least one disk was found for the volume’s containing aggregate, but two or more disks are missing.
raid0 The volume’s containing aggregate consists of RAID0 (no parity) groups (array LUNs only).
raid4 The volume’s containing aggregate consists of RAID4 groups.
raid_dp The volume’s containing aggregate consists of RAID-DP groups.
reconstruct At least one RAID group in the volume’s containing aggregate is being reconstructed.
redirect The volume’s containing aggregate is undergoing aggregate reallocation or file reallocation with the -p option. Read performance to volumes in the aggregate might be degraded.
rem vol changed The origin volume was deleted and re-created with the same name. Re-create the FlexCache volume to reenable the FlexCache relationship. (FlexCache volumes only.)
rem vol unavail The origin volume is offline or has been deleted. (FlexCache volumes only.)
remote nvram err The origin system is experiencing problems with its NVRAM. (FlexCache volumes only.)
resyncing One of the plexes of the volume’s containing mirrored aggregate is being resynchronized.
snapmirrored The volume is in a SnapMirror relationship with another volume.
trad The volume is a traditional volume.
unrecoverable The volume is a FlexVol volume that has been marked unrecoverable; contact technical support.
unsup remote vol The origin system is running a version of Data ONTAP the does not support FlexCache volumes or is not compatible with the version running on the caching system. (FlexCache volumes only.)
verifying RAID mirror verification is running on the volume’s containing aggregate.
wafl inconsistent The volume or its containing aggregate has been marked corrupted; contact technical support .
General Volume Operations (Traditional and FlexVol)
Displaying vol statusvol status -v (verbose)

vol status -l (display language)
Remove (destroying) vol offline <vol_name>vol destroy <vol_name>
Rename vol rename <old_name> <new_name>
online vol online <vol_name>
offline vol offline <vol_name>
restrict vol restrict <vol_name>
decompress vol decompress statusvol decompress start <vol_name>

vol decompress stop <vol_name>
Mirroring vol mirror volname [-n][-v victim_volname][-f][-d <disk_list>]Note:

Mirrors the currently-unmirrored traditional volume volname, either with the specified set of disks or with the contents of another unmirrored traditional volume victim_volname, which will be destroyed in the process.

The vol mirror command fails if either the chosen volname or victim_volname are flexible volumes. Flexible volumes require that any operations having directly to do with their containing aggregates be handled via the new aggr command suite.
Change language vol lang <vol_name> <language>
Change maximum number of files ## Display maximum number of filesmaxfiles <vol_name>

## Change maximum number of files

maxfiles <vol_name> <max_num_files>
Change root volume vol options <vol_name> root
Media Scrub vol media_scrub status [volname|plexname|groupname -s disk-name][-v]Note: Prints the media scrubbing status of the named aggregate, volume, plex, or group. If no name is given, then

status is printed for all RAID groups currently running a media scrub. The status includes a

percent-complete and whether it is suspended.

Look at the following system options:

raid.media_scrub.enable on

raid.media_scrub.rate 600

raid.media_scrub.spares.enable on
FlexVol Volume Operations (only)
Adding (creating) ## Syntaxvol create vol_name [-l language_code] [-s {volume|file|none}] <aggr_name> size{k|m|g|t}

## Create a 200MB volume using the english character set

vol create newvol -l en aggr1 200M

## Create 50GB flexvol volume

vol create vol1 aggr0 50g
additional disks ## add an additional disk to aggregate flexvol1, use “aggr status” to get group nameaggr status flexvol1 -r

aggr add flexvol1 -g rg0 -d v5.25
Resizing vol size <vol_name> [+|-] n{k|m|g|t}## Increase flexvol1 volume by 100MB

vol size flexvol1 + 100m
Automatically resizing vol autosize vol_name [-m size {k|m|g|t}] [-I size {k|m|g|t}] on## automatically grow by 10MB increaments to max of 500MB

vol autosize flexvol1 -m 500m -I 10m on
Determine free space and Inodes df -Ahdf -I
Determine size vol size <vol_name>
automatic free space preservation vol options <vol_name> try_first [volume_grow|snap_delete]Note:

If you specify volume_grow, Data ONTAP attempts to increase the volume’s size before deleting any Snapshot copies. Data ONTAP increases the volume size based on specifications you provided using the vol autosize command.

If you specify snap_delete, Data ONTAP attempts to create more free space by deleting Snapshot copies, before increasing the size of the volume. Data ONTAP deletes Snapshot copies based on the specifications you provided using the snap autodelete command.
display a FlexVol volume’s containing aggregate vol container <vol_name>
Cloning vol clone create clone_vol [-s none|file|volume] -b parent_vol [parent_snap]vol clone split start

vol clone split stop

vol clone split estimate

vol clone split status

Note: The vol clone create command creates a flexible volume named clone_vol on the local filer that is a clone of a “backing” flexible volume named par_ent_vol. A clone is a volume that is a writable snapshot of another volume. Initially, the clone and its parent share the same storage; more storage space is consumed only as one volume or the other changes.
Copying vol copy start [-S|-s snapshot] <vol_source> <vol_destination>vol copy status

vol copy abort <operation number>

vol copy throttle <operation_number> <throttle value 10-1>

## Example – Copies the nightly snapshot named nightly.1 on volume vol0 on the local filer to the volume vol0 on remote ## filer named toaster1.

vol copy start -s nightly.1 vol0 toaster1:vol0

Note: Copies all data, including snapshots, from one volume to another. If the -S flag is used, the command copies all snapshots in the source volume to the destination volume. To specify a particular snapshot to copy, use the -s flag followed by the name of the snapshot. If neither the -S nor -s flag is used in the command, the filer automatically creates a distinctively-named snapshot at the time the vol copy start command is executed and copies only that snapshot to the destination volume.

The source and destination volumes must either both be traditional volumes or both be flexible volumes. The vol copy command will abort if an attempt is made to copy between different volume types.

The source and destination volumes can be on the same filer or on different filers. If the source or destination volume is on a filer other than the one on which the vol copy start command was entered, specify the volume name in the filer_name:volume_name format.
Traditional Volume Operations (only)
adding (creating) vol|aggr create vol_name -v [-l language_code] [-f] [-m] [-n] [-v] [-t {raid4|raid_dp}] [-r raidsize] [-T disk-type] -R rpm] [-L] disk-list## create traditional volume using aggr command

aggr create tradvol1 -l en -t raid4 -d v5.26 v5.27

## create traditional volume using vol command

vol create tradvol1 -l en -t raid4 -d v5.26 v5.27

## Create traditional volume using 20 disks, each RAID group can have 10 disks

vol create vol1 -r 10 20
additional disks vol add volname[-f][-n][-g <raidgroup>]{ ndisks[@size]|-d <disk_list> }## add another disk to the already existing traditional volume

vol add tradvol1 -d v5.28
splitting aggr split <volname/plexname> <new_volname>
Scrubing (parity) ## The more new “aggr scrub ” command is preferredvol scrub status [volname|plexname|groupname][-v]

vol scrub start [volname|plexname|groupname][-v]

vol scrub stop [volname|plexname|groupname][-v]

vol scrub suspend [volname|plexname|groupname][-v]

vol scrub resume [volname|plexname|groupname][-v]

Note: Print the status of parity scrubbing on the named traditional volume, plex or RAID group. If no name is provided, the status is given on all RAID groups currently undergoing parity scrubbing. The status includes a percent-complete as well as the scrub’s suspended status (if any).
Verify (mirroring) ## The more new “aggr verify” command is preferred## verify status

vol verify status

## start a verify operation

vol verify start [ aggrname ]

## stop a verify operation

vol verify stop [ aggrname ]

## suspend a verify operation

vol verify suspend [ aggrname ]

## resume a verify operation

vol verify resume [ aggrname ]

Note: Starts RAID mirror verification on the named online mirrored aggregate. If no name is given, then

RAID mirror verification is started on all online mirrored aggregates. Verification compares the data in

both plexes of a mirrored aggregate. In the default case, all blocks that differ are logged, but no changes

are made.

FlexCache Volumes

FlexCache Consistency
Delegations You can think of a delegation as a contract between the origin system and the caching volume; as long as the caching volume has the delegation, the file has not changed. Delegations are used only in certain situations.When data from a file is retrieved from the origin volume, the origin system can give a delegation for that file to the caching volume. Before that file is modified on the origin volume, whether due to a request from another caching volume or due to direct client access, the origin system revokes the delegation for that file from all caching volumes that have that delegation.
Attribute cache timeouts When data is retrieved from the origin volume, the file that contains that data is considered valid in the FlexCache volume as long as a delegation exists for that file. If no delegation exists, the file is considered valid for a certain length of time, specified by the attribute cache timeout.If a client requests data from a file for which there are no delegations, and the attribute cache timeout has been exceeded, the FlexCache volume compares the file attributes of the cached file with the attributes of the file on the origin system.
write operation proxy If a client modifies a file that is cached, that operation is passed back, or proxied through, to the origin system, and the file is ejected from the cache.When the write is proxied, the attributes of the file on the origin volume are changed. This means that when another client requests data from that file, any other FlexCache volume that has that data cached will re-request the data after the attribute cache timeout is reached.
FlexCache Status Values
access denied The origin system is not allowing FlexCache access. Check the setting of the flexcache.access option on the origin system.
connecting The caching system is trying to connect to the origin system.
lang mismatch The language setting of the origin volume was changed since the FlexCache volume was created.
rem vol changed The origin volume was deleted and re-created with the same name. Re-create the FlexCache volume to reenable the FlexCache relationship.
rem vol unavail The origin volume is offline or has been deleted.
remote nvram err The origin system is experiencing problems with its NVRAM.
unsup remote vol The origin system is running a version of Data ONTAP that either does not support FlexCache volumes or is not compatible with the version running on the caching system.
FlexCache Commands
Display vol statusvol status -v <flexcache_name>

## How to display the options available and what they are set to

vol help options

vol options <flexcache_name>
Display free space df -L
Adding (Create) ## Syntaxvol create <flexcache_name> <aggr> [size{k|m|g|t}] -S origin:source_vol

## Create a FlexCache volume called flexcache1 with autogrow in aggr1 aggregate with the source volume vol1

## on storage netapp1 server

vol create flexcache1 aggr1 -S netapp1:vol1
Removing (destroy) vol offline < flexcache_name>vol destroy <flexcache_name>
Automatically resizing vol options <flexcache_name> flexcache_autogrow [on|off]
Eject file from cache flexcache eject <path> [-f]
Statistics ## Client statsflexcache stats -C <flexcache_name>

## Server stats

flexcache stats -S <volume_name> -c <client>

## File stats

flexcache fstat <path>

FlexClone Volumes

FlexClone Commands
Display vol statusvol status <flexclone_name> -v

df -Lh
adding (create) ## Syntaxvol clone create clone_name [-s {volume|file|none}] -b parent_name [parent_snap]

## create a flexclone called flexclone1 from the parent flexvol1

vol clone create flexclone1 -b flexvol1
Removing (destroy) vol offline <flexclone_name>vol destroy <flexclone_name>
splitting ## Determine the free space required to perform the splitvol clone split estimate <flexclone_name>

## Double check you have the space

df -Ah

## Perform the split

vol clone split start <flexclone_name>

## Check up on its status

vol colne split status <flexclone_name>

## Stop the split

vol clone split stop <flexclone_name>
log file /etc/log/cloneThe clone log file records the following information:

• Cloning operation ID

• The name of the volume in which the cloning operation was performed

• Start time of the cloning operation

• End time of the cloning operation

• Parent file/LUN and clone file/LUN names

• Parent file/LUN ID

• Status of the clone operation: successful, unsuccessful, or stopped and some other details

Deduplication

Deduplication Commands
start/restart deduplication operation sis start -s <path>sis start -s /vol/flexvol1

## Use previous checkpoint

sis start -sp <path>
stop deduplication operation sis stop <path>
schedule deduplication sis config -s <schedule> <path>sis config -s mon-fri@23 /vol/flexvol1

Note: schedule lists the days and hours of the day when deduplication runs. The schedule can be of the following forms:

  • day_list[@hour_list]If hour_list is not specified, deduplication runs at midnight on each scheduled day.
  • hour_list[@day_list]If day_list is not specified, deduplication runs every day at the specified hours.
  • • -A hyphen (-) disables deduplication operations for the specified FlexVol volume.
enabling sis on <path>
disabling sis off <path>
status sis status -l <path>
Display saved space df -s <path>

QTrees

QTree Commands
Display qtree status [-i] [-v]Note:

The -i option includes the qtree ID number in the display.

The -v option includes the owning vFiler unit, if the MultiStore license is enabled.
adding (create) ## Syntax – by default wafl.default_qtree_mode option is usedqtree create path [-m mode]

## create a news qtree in the /vol/users volume using 770 as permissions

qtree create /vol/users/news -m 770
Remove rm -Rf <directory>
Rename mv <old_name> <new_name>
convert a directory into a qtree directory ## Move the directory to a different directorymv /n/joel/vol1/dir1 /n/joel/vol1/olddir

## Create the qtree

qtree create /n/joel/vol1/dir1

## Move the contents of the old directory back into the new QTree

mv /n/joel/vol1/olddir/* /n/joel/vol1/dir1

## Remove the old directory name

rmdir /n/joel/vol1/olddir
stats qtree stats [-z] [vol_name]Note:

-z = zero stats
Change the security style ## Syntaxqtree security path {unix | ntfs | mixed}

## Change the security style of /vol/users/docs to mixed

qtree security /vol/users/docs mixed

Quotas

Quota Commands
Quotas configuration file /mroot/etc/quotas
Example quota file 
##                                          	hard limit | thres |soft limit
##Quota Target      	type                   	disk  files| hold  |disk  file
##-------------     	-----                  	----  -----  ----- ----- ----
*                    tree@/vol/vol0           -     -      -     -     -     # monitor usage on all qtrees in vol0
/vol/vol2/qtree      tree                    1024K  75k    -     -     -     # enforce qtree quota using kb
tinh                 user@/vol/vol2/qtree1   100M   -      -     -     -     # enforce users quota in specified qtree
dba                  group@/vol/ora/qtree1   100M   -      -     -     -     # enforce group quota in specified qtree

# * = default user/group/qtree
# – = placeholder, no limit enforced, just enable stats collection

Note: you have lots of permutations, so checkout the documentation
Displaying quota report [<path>]
Activating quota on [-w] <vol_name>Note:

-w = return only after the entire quotas file has been scanned
Deactivitating quota off [-w] <vol_name>
Reinitializing quota off [-w] <vol_name>quota on [-w] <vol_name>
Resizing quota resize <vol_name>Note: this commands rereads the quota file
Deleting edit the quota filequota resize <vol_name>
log messaging quota logmsg

LUNs, igroups and LUN mapping

LUN configuration
Display lun showlun show -m

lun show -v
Initialize/Configure LUNs, mapping lun setupNote: follow the prompts to create and configure LUN’s
Create lun create -s 100m -t windows /vol/tradvol1/lun1
Destroy lun destroy [-f] /vol/tradvol1/lun1Note: the “-f” will force the destroy
Resize lun resize <lun path> <size>lun resize /vol/tradvol1/lun1 75m
Restart block protocol access lun online /vol/tradvol1/lun1
Stop block protocol access lun offline /vol/tradvol1/lun1
Map a LUN to an initiator group lun map /vol/tradvol1/lun1 win_hosts_group1 0lun map -f /vol/tradvol1/lun2 linux_host_group1 1

lun show -m

Note: use “-f” to force the mapping
Remove LUN mapping lun show -mlun offline /vol/tradvol1

lun unmap /vol/tradvol1/lun1 win_hosts_group1 0
Displays or zeros read/write statistics for LUN lun stats /vol/tradvol1/lun1
Comments lun comment /vol/tradvol1/lun1 “10GB for payroll records”
Check all lun/igroup/fcp settings for correctness lun config_check -v
Manage LUN cloning # Create a Snapshot copy of the volume containing the LUN to be cloned by entering the following commandsnap create tradvol1 tradvol1_snapshot_08122010

# Create the LUN clone by entering the following command

lun clone create /vol/tradvol1/clone_lun1 -b /vol/tradvol1/tradvol1_snapshot_08122010 lun1
Show the maximum possible size of a LUN on a given volume or qtree lun maxsize /vol/tradvol1
Move (rename) LUN lun move /vol/tradvol1/lun1 /vol/tradvol1/windows_lun1
Display/change LUN serial number lun serial -x /vol/tradvol1/lun1
Manage LUN properties lun set reservation /vol/tradvol1/hpux/lun0
Configure NAS file-sharing properties lun share <lun_path> { none | read | write | all }
Manage LUN and snapshot interactions lun snap usage -s <volume> <snapshot>
igroup configuration
display igroup showigroup show -v

igroup show iqn.1991-05.com.microsoft:xblade
create (iSCSI) igroup create -i -t windows win_hosts_group1 iqn.1991-05.com.microsoft:xblade
create (FC) igroup create -i -f windows win_hosts_group1 iqn.1991-05.com.microsoft:xblade
destroy igroup destroy win_hosts_group1
add initiators to an igroup igroup add win_hosts_group1 iqn.1991-05.com.microsoft:laptop
remove initiators to an igroup igroup remove win_hosts_group1 iqn.1991-05.com.microsoft:laptop
rename igroup rename win_hosts_group1 win_hosts_group2
set O/S type igroup set win_hosts_group1 ostype windows
Enabling ALUA igroup set win_hosts_group1 alua yesNote: ALUA defines a standard set of SCSI commands for discovering and managing multiple paths to LUNs on Fibre Channel and iSCSI SANs. ALUA enables the initiator to query the target about path attributes, such as primary path and secondary path. It also enables the target to communicate events back to the initiator. As long as the host supports the ALUA standard, multipathing software can be developed to support any array. Proprietary SCSI commands are no longer required.
iSCSI commands
display iscsi initiator showiscsi session show [-t]

iscsi connection show -v

iscsi security show
status iscsi status
start iscsi start
stop iscsi stop
stats iscsi stats
nodename iscsi nodename# to change the name

iscsi nodename <new name>
interfaces iscsi interface showiscsi interface enable e0b

iscsi interface disable e0b
portals iscsi portal showNote: Use the iscsi portal show command to display the target IP addresses of the storage system. The storage system’s target IP addresses are the addresses of the interfaces used for the iSCSI protocol
accesslists iscsi interface accesslist showNote: you can add or remove interfaces from the list
Port Sets
display portset showportset show portset1

igroup show linux-igroup1
create portset create -f portset1 SystemA:4b
destroy igroup unbind linux-igroup1 portset1portset destroy portset1
add portset add portset1 SystemB:4b
remove portset remove portset1 SystemB:4b
binding igroup bind linux-igroup1 portset1igroup unbind linux-igroup1 portset1
FCP service
display fcp show adapter -v
daemon status fcp status
start fcp start
stop fcp stop
stats fcp stats -i interval [-c count] [-a | adapter]fcp stats -i 1
target expansion adapters fcp config <adapter> [down|up]fcp config 4a down
target adapter speed fcp config <adapter> speed [auto|1|2|4|8]fcp config 4a speed 8
set WWPN # fcp portname set [-f] adapter wwpnfcp portname set -f 1b 50:0a:09:85:87:09:68:ad
swap WWPN # fcp portname swap [-f] adapter1 adapter2fcp portname swap -f 1a 1b
change WWNN # display nodenamefcp nodename

fcp nodename [-f]nodename

fcp nodename 50:0a:09:80:82:02:8d:ff

Note: The WWNN of a storage system is generated by a serial number in its NVRAM, but it is stored ondisk. If you ever replace a storage system chassis and reuse it in the same Fibre Channel SAN, it is possible, although extremely rare, that the WWNN of the replaced storage system is duplicated. In this unlikely event, you can change the WWNN of the storage system.
WWPN Aliases – display fcp wwpn-alias showfcp wwpn-alias show -a my_alias_1

fcp wwpn-alias show -w 10:00:00:00:c9:30:80:2
WWPN Aliases – create fcp wwpn-alias set [-f] alias wwpnfcp wwpn-alias set my_alias_1 10:00:00:00:c9:30:80:2f
WWPN Aliases – remove fcp wwpn-alias remove [-a alias ... | -w wwpn]fcp wwpn-alias remove -a my_alias_1

fcp wwpn-alias remove -w 10:00:00:00:c9:30:80:2

Snapshotting and Cloning

Snapshot and Cloning commands

Display clones snap list
create clone # Create a LUN by entering the following commandlun create -s 10g -t solaris /vol/tradvol1/lun1

# Create a Snapshot copy of the volume containing the LUN to be cloned by entering the following command

snap create tradvol1 tradvol1_snapshot_08122010

# Create the LUN clone by entering the following command

lun clone create /vol/tradvol1/clone_lun1 -b /vol/tradvol1/lun1 tradvol1_snapshot_08122010
destroy clone # display the snapshot copieslun snap usage tradvol1 tradvol1_snapshot_08122010

# Delete all the LUNs in the active file system that are displayed by the lun snap usage command by entering the following command

lun destroy /vol/tradvol1/clone_lun1

# Delete all the Snapshot copies that are displayed by the lun snap usage command in the order they appear

snap delete tradvol1 tradvol1_snapshot_08122010
clone dependency vol options <vol_name> <snapshot_clone_dependency> onvol options <vol_name> <snapshot_clone_dependency> off

Note: Prior to Data ONTAP 7.3, the system automatically locked all backing Snapshot copies when Snapshot copies of LUN clones were taken. Starting with Data ONTAP 7.3, you can enable the system to only lock backing Snapshot copies for the active LUN clone. If you do this, when you delete the active LUN clone, you can delete the base Snapshot copy without having to first delete all of the more recent backing Snapshot copies.

This behavior in not enabled by default; use the snapshot_clone_dependency volume option to enable it. If this option is set to off, you will still be required to delete all subsequent Snapshot copies before deleting the base Snapshot copy. If you enable this option, you are not required to rediscover the LUNs. If you perform a subsequent volume snap restore operation, the system restores whichever value was present at the time the Snapshot copy was taken.
Restoring snapshot snap restore -s payroll_lun_backup.2 -t vol /vol/payroll_lun
splitting the clone lun clone split start lun_pathlun clone split status lun_path
stop clone splitting lun clone split stop lun_path
delete snapshot copy snap delete vol-name snapshot-namesnap delete -a -f <vol-name>
disk space usage lun snap usage tradvol1 mysnap
Use Volume copy to copy LUN’s vol copy start -S source:source_volume dest:dest_volumevol copy start -S /vol/vol0 filerB:/vol/vol1
The estimated rate of change of data between Snapshot copies in avolume snap delta /vol/tradvol1 tradvol1_snapshot_08122010
The estimated amount of space freed if you delete the specifiedSnapshot copies snap reclaimable /vol/tradvol1 tradvol1_snapshot_08122010

File Access using NFS

Export Options
actual=<path> Specifies the actual file system path corresponding to the exported file system path.
anon=<uid>|<name> Specifies the effective user ID (or name) of all anonymous or root NFS client users that access the file system path.
nosuid Disables setuid and setgid executables and mknod commands on the file system path.
ro | ro=clientid Specifies which NFS clients have read-only access to the file system path.
rw | rw=clientid Specifies which NFS clients have read-write access to the file system path.
root=clientid Specifies which NFS clients have root access to the file system path. If you specify the root= option, you must specify at least one NFS client identifier. To exclude NFS clients from the list, prepend the NFS client identifiers with a minus sign (-).
sec=sectype Specifies the security types that an NFS client must support to access the file system path. To apply the security types to all types of access, specify the sec= option once. To apply the security types to specific types of access (anonymous, non-super user, read-only, read-write, or root), specify the sec= option at least twice, once before each access type to which it applies (anon, nosuid, ro, rw, or root, respectively).security types could be one of the following:

none No security. Data ONTAP treats all of the NFS client’s users as anonymous users.
sys Standard UNIX (AUTH_SYS) authentication. Data ONTAP checks the NFS credentials of all of theNFS client’s users, applying the file access permissions specified for those users in the NFS server’s /etc/passwd file. This is the default security type.
krb5 Kerberos(tm) Version 5 authentication. Data ONTAP uses data encryption standard (DES) keyencryption to authenticate the NFS client’s users.
krb5i Kerberos(tm) Version 5 integrity. In addition to authenticating the NFS client’s users, DataONTAP uses message authentication codes (MACs) to verify the integrity of the NFS client’s remote procedure requests and responses, thus preventing “man-in-the-middle” tampering.
krb5p Kerberos(tm) Version 5 privacy. In addition to authenticating the NFS client’s users and verifying data integrity, Data ONTAP encrypts NFS arguments and results to provide privacy.

 
Examples rw=10.45.67.0/24ro,root=@trusted,rw=@friendly

rw,root=192.168.0.80,nosuid
Export Commands
Displaying exportfsexportfs -q <path>
create # create export in memory and write to /etc/exports (use default options)exportfs -p /vol/nfs1

# create export in memory and write to /etc/exports (use specific options)

exportsfs -io sec=none,rw,root=192.168.0.80,nosuid /vol/nfs1

# create export in memory only using own specific options

exportsfs -io sec=none,rw,root=192.168.0.80,nosuid /vol/nfs1
remove # Memory onlyexportfs -u <path>

# Memory and /etc/exportfs

exportfs -z <path>
export all exportfs -a
check access exportfs -c 192.168.0.80 /vol/nfs1
flush exportfs -fexportfs -f <path>
reload exportfs -r
storage path exportfs -s <path>
Write export to a file exportfs -w <path/export_file>
fencing # Suppose /vol/vol0 is exported with the following export options:-rw=pig:horse:cat:dog,ro=duck,anon=0

# The following command enables fencing of cat from /vol/vol0

exportfs -b enable save cat /vol/vol0

# cat moves to the front of the ro= list for /vol/vol0:

-rw=pig:horse:dog,ro=cat:duck,anon=0
stats nfsstat

File Access using CIFS

Useful CIFS options
change the security style options wafl.default_security_style {ntfs | unix | mixed}
timeout options cifs.idle_timeout time
Performance options cifs.oplocks.enable onNote: Under some circumstances, if a process has an exclusive oplock on a file and a second process attempts to open the file, the first process must invalidate cached data and flush writes and locks. The client must then relinquish the oplock and access to the file. If there is a network failure during this flush, cached write data might be lost.
CIFS Commands
useful files
/etc/cifsconfig_setup.cfg
/etc/usermap.cfs
/etc/passwd
/etc/cifsconfig_share.cfg

Note: use “rdfile” to read the file
CIFS setup cifs setupNote: you will be prompted to answer a number of questions based on what requirements you need.
start cifs restart
stop cifs terminate# terminate a specific client

cifs terminate <client_name>|<IP Address>
sessions cifs sessionscifs sessions <user>

cifs sessions <IP Address>

# Authentication

cifs sessions -t

# Changes

cifs sessions -c

# Security Info

cifs session -s
Broadcast message cifs broadcast * “message”cifs broadcast <client_name> “message”
permissions cifs access <share> <user|group> <permission># Examples

cifs access sysadmins -g wheel Full Control

cifs access -delete releases ENGINEERING\mary

Note: rights can be Unix-style combinations of r w x – or NT-style “No Access”, “Read”, “Change”, and “Full Control”
stats cifs stat <interval>cifs stat <user>

cifs stat <IP Address>
create a share # create a volume in the normal way# then using qtrees set the style of the volume {ntfs | unix | mixed}

# Now you can create your share

cifs shares -add TEST /vol/flexvol1/TEST -comment “Test Share ” -forcegroup workgroup -maxusers 100
change share characteristics cifs shares -change sharename {-browse | -nobrowse} {-comment desc | – nocomment} {-maxusers userlimit | -nomaxusers} {-forcegroup groupname | -noforcegroup} {-widelink | -nowidelink} {-symlink_strict_security | – nosymlink_strict_security} {-vscan | -novscan} {-vscanread | – novscanread} {-umask mask | -noumask {-no_caching | -manual_caching | – auto_document_caching | -auto_program_caching}# example

cifs shares -change <sharename> -novscan
home directories # Display home directoriescifs homedir

# Add a home directory

wrfile -a /etc/cifs_homedir.cfg /vol/TEST

# check it

rdfile /etc/cifs_homedir.cfg

# Display for a Windows Server

net view \\<Filer IP Address>

# Connect

net use * \\192.168.0.75\TEST

Note: make sure the directory exists
domain controller # add a domain controllercifs prefdc add lab 10.10.10.10 10.10.10.11

# delete a domain controller

cifs prefdc delete lab

# List domain information

cifs domaininfo

# List the preferred controllers

cifs prefdc print

# Restablishing

cifs resetdc
change filers domain password cifs changefilerpwd
Tracing permission problems sectrace add [-ip ip_address] [-ntuser nt_username] [-unixuser unix_username] [-path path_prefix] [-a]#Examples

sectrace add -ip 192.168.10.23

sectrace add -unixuser foo -path /vol/vol0/home4 -a

# To remove

sectrace delete all

sectrace delete <index>

# Display tracing

sectrace show

# Display error code status

sectrace print-status <status_code>

sectrace print-status 1:51544850432:32:78

File Access using FTP

Useful Options
Enable options ftpd.enable on
Disable options ftpd.enable off
File Locking options ftpd.locking deleteoptions ftpd.locking none

Note: To prevent users from modifying files while the FTP server is transferring them, you can enable FTP file locking. Otherwise, you can disable FTP file locking. By default, FTP file locking is disabled.
Authenication Style options ftpd.auth_style {unix | ntlm | mixed}
bypassing of FTP traverse checking options ftpd.bypass_traverse_checking onoptions ftpd.bypass_traverse_checking off

Note: If the ftpd.bypass_traverse_checking option is set to off, when a user attempts to access a file using FTP, Data ONTAP checks the traverse (execute) permission for all directories in the path to the file. If any of the intermediate directories does not have the “X” (traverse permission), Data ONTAP denies access to the file. If the ftpd.bypass_traverse_checking option is set to on, when a user attempts to access a file, Data ONTAP does not check the traverse permission for the intermediate directories when determining whether to grant or deny access to the file.
Restricting FTP users to a specific directory options ftpd.dir.restriction onoptions ftpd.dir.restriction off
Restricting FTP users to their home directories or a default directory options ftpd.dir.override “”
Maximum number of connections options ftpd.max_connections noptions ftpd.max_connections_threshold n
idle timeout value options ftpd.idle_timeout n s | m | h
anonymous logins options ftpd.anonymous.enable onoptions ftpd.anonymous.enable off

# specify the name for the anonymous login

options ftpd.anonymous.name username

# create the directory for the anonymous login

options ftpd.anonymous.home_dir homedir
FTP Commands
Log files /etc/log/ftp.cmd/etc/log/ftp.xfer

# specify the max number of logfiles (default is 6) and size

options ftpd.log.nfiles 10

options ftpd.log.filesize 1G

Note: use rdfile to view
Restricting access /etc/ftpusersNote: using rdfile and wrfile to access /etc/ftpusers
stats ftp stat# to reset

ftp stat -z

File Access using HTTP

HTTP Options
enable options httpd.enable on
disable options httpd.enable off
Enabling or disabling the bypassing of HTTP traverse checking options httpd.bypass_traverse_checking onoptions httpd.bypass_traverse_checking off

Note: this is similar to the FTP version
root directory options httpd.rootdir /vol0/home/users/pages
Host access options httpd.access host=Host1 AND if=e3options httpd.admin.access host!=Host1
HTTP Commands
Log files /etc/log/httpd.log# use the below to change the logfile format

options httpd.log.format alt1

Note: use rdfile to view
redirects redirect /cgi-bin/* http://cgi-host/*
pass rule pass /image-bin/*
fail rule fail /usr/forbidden/*
mime types /etc/httpd.mimetypesNote: use rdfile and wrfile to edit
interface firewall ifconfig f0 untrusted
stats httpstat [-dersta]# reset the stats

httpstat -z[derta]

Network Interfaces

Display ifconfig -aifconfig <interface>
IP address ifconfig e0 <IP Address>ifconfig e0a <IP Address>

# Remove a IP Address

ifconfig e3 0
subnet mask ifconfig e0a netmask <subnet mask address>
broadcast ifconfig e0a broadcast <broadcast address>
media type ifconfig e0a mediatype 100tx-fd
maximum transmission unit (MTU) ifconfig e8 mtusize 9000
Flow control ifconfig <interface_name> <flowcontrol> <value># example

ifconfig e8 flowcontrol none

Note: value is the flow control type. You can specify the following values for the flowcontrol option:

none    - No flow control

receive – Able to receive flow control frames

send    - Able to send flow control frames

full    - Able to send and receive flow control frames

The default flowcontrol type is full.
trusted ifconfig e8 untrustedNote: You can specify whether a network interface is trustworthy or untrustworthy. When you specify an interface as untrusted (untrustworthy), any packets received on the interface are likely to be dropped.
HA Pair ifconfig e8 partner <IP Address>## You must enable takeover on interface failures by entering the following commands:

options cf.takeover.on_network_interface_failure enable

ifconfig interface_name {nfo|-nfo}

nfo   — Enables negotiated failover

-nfo  — Disables negotiated failover

Note: In an HA pair, you can assign a partner IP address to a network interface. The network interface takes over this IP address when a failover occurs
Alias # Create aliasifconfig e0 alias 192.0.2.30

# Remove alias

ifconfig e0 -alias 192.0.2.30
Block/Unblock protocols # Blockoptions interface.blocked.cifs e9

options interface.blocked.cifs e0a,e0b

# Unblock

options interface.blocked.cifs “”
Stats ifstatnetstat

Note: there are many options to both these commands so I will leave to the man pages
bring up/down an interface ifconfig <interface> upifconfig <interface> down

Routing

default route # using wrfile and rdfile edit the /etc/rc file with the belowroute add default 192.168.0.254 1

# the full /etc/rc file will look like something below

hostname netapp1

ifconfig e0 192.168.0.10 netmask 255.255.255.0 mediatype 100tx-fd

route add default 192.168.0.254 1

routed on
enable/disable fast path options ip.fastpath.enable {on|off}Note:

on   — Enables fast path

off  — Disables fast path
enable/disable routing daemon routed {on|off}Note:

on   — Turns on the routed daemon

off  — Turns off the routed daemon
Display routing table netstat -rnroute -s

routed status
Add to routing table route add 192.168.0.15 gateway.com 1

Hosts and DNS

Hosts # use wrfile and rdfile to read and edit /etc/hosts file , it basically use the sdame rules as a Unix# hosts file
nsswitch file # use wrfile and rdfile to read and edit /etc/nsswitch.conf file , it basically uses the same rules as a# Unix nsswitch.conf file
DNS # use wrfile and rdfile to read and edit /etc/resolv.conf file , it basically uses the same rules as a# Unix resolv.conf file

options dns.enable {on|off}

Note:

on   — Enables DNS

off  — Disables DNS
Domain Name options dns.domainname <domain>
DNS cache options dns.cache.enableoptions dns.cache.disable

# To flush the DNS cache

dns flush

# To see dns cache information

dns info
DNS updates options dns.update.enable {on|off|secure}Note:

on     — Enables dynamic DNS updates

off    — Disables dynamic DNS updates

secure — Enables secure dynamic DNS updates
time-to-live (TTL) options dns.update.ttl <time># Example

options dns.update.ttl 2h

Note: time can be set in seconds (s), minutes (m), or hours (h), with a minimum value of 600 seconds

and a maximum value of 24 hour

VLAN

Create vlan create [-g {on|off}] ifname vlanid# Create VLANs with identifiers 10, 20, and 30 on the interface e4 of a storage system by using the following command:

vlan create e4 10 20 30

# Configure the VLAN interface e4-10 by using the following command

ifconfig e4-10 192.168.0.11 netmask 255.255.255.0
Add vlan add e4 40 50
Delete # Delete specific VLANvlan delete e4 30

# Delete All VLANs on a interface

vlan delete e4
Enable/Disable GRVP on VLAN vlan modify -g {on|off} ifname
Stat vlan stat <interface_name> <vlan_id># Examples

vlan stat e4

vlan stat e4 10

Interface Groups

Create (single-mode) # To create a single-mode interface group, enter the following command:ifgrp create single SingleTrunk1 e0 e1 e2 e3

# To configure an IP address of 192.168.0.10 and a netmask of 255.255.255.0 on the singlemode interface group SingleTrunk1

ifconfig SingleTrunk1 192.168.0.10 netmask 255.255.255.0

# To specify the interface e1 as preferred

ifgrp favor e1
Create ( multi-mode) # To create a static multimode interface group, comprising interfaces e0, e1, e2, and e3 and using MAC# address load balancing

ifgrp create multi MultiTrunk1 -b mac e0 e1 e2 e3

# To create a dynamic multimode interface group, comprising interfaces e0, e1, e2, and e3 and using IP

# address based load balancing

ifgrp create lacp MultiTrunk1 -b ip e0 e1 e2 e3
Create second level intreface group # To create two interface groups and a second-level interface group. In this example, IP address load# balancing is used for the multimode interface groups.

ifgrp create multi Firstlev1 e0 e1

ifgrp create multi Firstlev2 e2 e3

ifgrp create single Secondlev Firstlev1 Firstlev2

# To enable failover to a multimode interface group with higher aggregate bandwidth when one or more of

# the links in the active multimode interface group fail

options ifgrp.failover.link_degraded on

Note: You can create a second-level interface group by using two multimode interface groups. Secondlevel interface groups enable you to provide a standby multimode interface group in case the primary multimode interface group fails.
Create second level intreface group in a HA pair # Use the following commands to create a second-level interface group in an HA pair. In this example,# IP-based load balancing is used for the multimode interface groups.

# On StorageSystem1:

ifgrp create multi Firstlev1 e1 e2

ifgrp create multi Firstlev2 e3 e4

ifgrp create single Secondlev1 Firstlev1 Firstlev2

# On StorageSystem2 :

ifgrp create multi Firstlev3 e5 e6

ifgrp create multi Firstlev4 e7 e8

ifgrp create single Secondlev2 Firstlev3 Firstlev4

# On StorageSystem1:

ifconfig Secondlev1 partner Secondlev2

# On StorageSystem2 :

ifconfig Secondlev2 partner Secondlev1
Favoured/non-favoured interface # select favoured interfaceifgrp nofavor e3

# select a non-favoured interface

ifgrp nofavor e3
Add ifgrp add MultiTrunk1 e4
Delete ifconfig MultiTrunk1 downifgrp delete MultiTrunk1 e4

Note: You must configure the interface group to the down state before you can delete a network interface

from the interface group
Destroy ifconfig ifgrp_name downifgrp destroy ifgrp_name

Note: You must configure the interface group to the down state before you can delete a network interface

from the interface group
Enable/disable a interface group ifconfig ifgrp_name upifconfig ifgrp_name down
Status ifgrp status [ifgrp_name]
Stat ifgrp stat [ifgrp_name] [interval]

Diagnostic Tools

Useful options
Ping thottling # Throttle pingoptions ip.ping_throttle.drop_level <packets_per_second>

# Disable ping throttling

options ip.ping_throttle.drop_level 0
Forged IMCP attacks options ip.icmp_ignore_redirect.enable onNote: You can disable ICMP redirect messages to protect your storage system against forged ICMP redirect attacks.
Useful Commands
netdiag The netdiag command continuously gathers and analyzes statistics, and performs diagnostic tests. These diagnostic tests identify and report problems with your physical network or transport layers and suggest remedial action.
ping You can use the ping command to test whether your storage system can reach other hosts on your network.
pktt You can use the pktt command to trace the packets sent and received in the storage system’s network.
 
No Comments

Posted in Cheat Sheet

 

Custombuild: icu compile errors – Fix…

15 Oct

Had problems with custombuild compiling icu in combination of httpd 2.2.15 + PHP 5.3.2

Following fixed the problem:

rm -f /usr/local/directadmin/custombuild/icu4c-4_6_1-src.tgz
rm -rf /usr/local/directadmin/custombuild/icu

./build update
# Download needed file

./build icu
# Compile

# Continue to build all programs with default answers

./build clean
./build all d

 

 
No Comments

Posted in DirectAdmin

 

Cheat Sheet: Decimal – Hexadecimal – Binary

19 Sep

Conversion Table

Decimal – Hexadecimal – Binary

Dec Hex Bin Dec Hex Bin Dec Hex Bin Dec Hex Bin
0 0 00000000 64 40 01000000 128 80 10000000 192 c0 11000000
1 1 00000001 65 41 01000001 129 81 10000001 193 c1 11000001
2 2 00000010 66 42 01000010 130 82 10000010 194 c2 11000010
3 3 00000011 67 43 01000011 131 83 10000011 195 c3 11000011
4 4 00000100 68 44 01000100 132 84 10000100 196 c4 11000100
5 5 00000101 69 45 01000101 133 85 10000101 197 c5 11000101
6 6 00000110 70 46 01000110 134 86 10000110 198 c6 11000110
7 7 00000111 71 47 01000111 135 87 10000111 199 c7 11000111
8 8 00001000 72 48 01001000 136 88 10001000 200 c8 11001000
9 9 00001001 73 49 01001001 137 89 10001001 201 c9 11001001
10 a 00001010 74 4a 01001010 138 8a 10001010 202 ca 11001010
11 b 00001011 75 4b 01001011 139 8b 10001011 203 cb 11001011
12 c 00001100 76 4c 01001100 140 8c 10001100 204 cc 11001100
13 d 00001101 77 4d 01001101 141 8d 10001101 205 cd 11001101
14 e 00001110 78 4e 01001110 142 8e 10001110 206 ce 11001110
15 f 00001111 79 4f 01001111 143 8f 10001111 207 cf 11001111
16 10 00010000 80 50 01010000 144 90 10010000 208 d0 11010000
17 11 00010001 81 51 01010001 145 91 10010001 209 d1 11010001
18 12 00010010 82 52 01010010 146 92 10010010 210 d2 11010010
19 13 00010011 83 53 01010011 147 93 10010011 211 d3 11010011
20 14 00010100 84 54 01010100 148 94 10010100 212 d4 11010100
21 15 00010101 85 55 01010101 149 95 10010101 213 d5 11010101
22 16 00010110 86 56 01010110 150 96 10010110 214 d6 11010110
23 17 00010111 87 57 01010111 151 97 10010111 215 d7 11010111
24 18 00011000 88 58 01011000 152 98 10011000 216 d8 11011000
25 19 00011001 89 59 01011001 153 99 10011001 217 d9 11011001
26 1a 00011010 90 5a 01011010 154 9a 10011010 218 da 11011010
27 1b 00011011 91 5b 01011011 155 9b 10011011 219 db 11011011
28 1c 00011100 92 5c 01011100 156 9c 10011100 220 dc 11011100
29 1d 00011101 93 5d 01011101 157 9d 10011101 221 dd 11011101
30 1e 00011110 94 5e 01011110 158 9e 10011110 222 de 11011110
31 1f 00011111 95 5f 01011111 159 9f 10011111 223 df 11011111
32 20 00100000 96 60 01100000 160 a0 10100000 224 e0 11100000
33 21 00100001 97 61 01100001 161 a1 10100001 225 e1 11100001
34 22 00100010 98 62 01100010 162 a2 10100010 226 e2 11100010
35 23 00100011 99 63 01100011 163 a3 10100011 227 e3 11100011
36 24 00100100 100 64 01100100 164 a4 10100100 228 e4 11100100
37 25 00100101 101 65 01100101 165 a5 10100101 229 e5 11100101
38 26 00100110 102 66 01100110 166 a6 10100110 230 e6 11100110
39 27 00100111 103 67 01100111 167 a7 10100111 231 e7 11100111
40 28 00101000 104 68 01101000 168 a8 10101000 232 e8 11101000
41 29 00101001 105 69 01101001 169 a9 10101001 233 e9 11101001
42 2a 00101010 106 6a 01101010 170 aa 10101010 234 ea 11101010
43 2b 00101011 107 6b 01101011 171 ab 10101011 235 eb 11101011
44 2c 00101100 108 6c 01101100 172 ac 10101100 236 ec 11101100
45 2d 00101101 109 6d 01101101 173 ad 10101101 237 ed 11101101
46 2e 00101110 110 6e 01101110 174 ae 10101110 238 ee 11101110
47 2f 00101111 111 6f 01101111 175 af 10101111 239 ef 11101111
48 30 00110000 112 70 01110000 176 b0 10110000 240 f0 11110000
49 31 00110001 113 71 01110001 177 b1 10110001 241 f1 11110001
50 32 00110010 114 72 01110010 178 b2 10110010 242 f2 11110010
51 33 00110011 115 73 01110011 179 b3 10110011 243 f3 11110011
52 34 00110100 116 74 01110100 180 b4 10110100 244 f4 11110100
53 35 00110101 117 75 01110101 181 b5 10110101 245 f5 11110101
54 36 00110110 118 76 01110110 182 b6 10110110 246 f6 11110110
55 37 00110111 119 77 01110111 183 b7 10110111 247 f7 11110111
56 38 00111000 120 78 01111000 184 b8 10111000 248 f8 11111000
57 39 00111001 121 79 01111001 185 b9 10111001 249 f9 11111001
58 3a 00111010 122 7a 01111010 186 ba 10111010 250 fa 11111010
59 3b 00111011 123 7b 01111011 187 bb 10111011 251 fb 11111011
60 3c 00111100 124 7c 01111100 188 bc 10111100 252 fc 11111100
61 3d 00111101 125 7d 01111101 189 bd 10111101 253 fd 11111101
62 3e 00111110 126 7e 01111110 190 be 10111110 254 fe 11111110
63 3f 00111111 127 7f 01111111 191 bf 10111111 255 ff 11111111

 
No Comments

Posted in Cheat Sheet

 

VMware Commandline

12 Aug

1.  Get a list of all VMs on the Hypervisor:

# vim-cmd vmsvc/getallvms
Vmid     Name                      File                          Guest OS          Version   Annotation
16     Vcenter1   [Storage1-ESX01] Vcenter1/Vcenter1.vmx   windows7Server64Guest   vmx-07              
32     Vcenter    [Storage1-ESX01] Vcenter/Vcenter.vmx     winLonghorn64Guest      vmx-07

Notice the vmid.  That vmid is used in many commands that follow when you want to perform actions on individual VMs.

2.  Check which Physical NICS are up

There are a few commands in the esxcfg-* family that are used to configure the hypervisor network.  For example, if you want to see which NICs have network connections, you can use:

~ # esxcfg-nics -l
Name    PCI           Driver      Link Speed     Duplex MAC Address       MTU    Description                   
vmnic0  0000:02:00.00 bnx2x       Up   1000Mbps  Full   d8:d3:85:da:f8:30 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic1  0000:02:00.01 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:34 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic2  0000:02:00.02 bnx2x       Up   9000Mbps  Full   d8:d3:85:da:f8:31 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic3  0000:02:00.03 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:35 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic4  0000:02:00.04 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:32 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic5  0000:02:00.05 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:36 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic6  0000:02:00.06 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:33 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet
vmnic7  0000:02:00.07 bnx2x       Down 0Mbps     Half   d8:d3:85:da:f8:37 1500   Broadcom Corporation NetXtreme II 57711E/NC532i 10Gigabit Ethernet

Notice that only vmnic0 and vmnic2 are up.  This mostly has to do with the way I configured my blades with the Flex-10 Virtual connect.  (A feature of HP Blades).  If I am now to configure the network, its best that I do only vmnic0 and vmnic2 since they’re the only ones that have a link.  For you Linux masters out there, there’s no ‘service network status’ nor restart that you can do.  It just always seems to be on.

3.  Creating a quick network connection
Since we know vmnic2 is up, let’s make a connection to it so that we can SSH into it, or at least ping out of it:

# add vSwitch1
esxcfg-vswitch-a vSwitch1
# link vSwitch1 to vmnic2 as an uplink
esxcfg-vswitch -L vmnic2 vSwitch1
# add the DATA portgroup to this switch
esxcfg-vswitch -A DATA vSwtich1
# uplink DATA to vmnic2
esxcfg-vswitch -M vmnic2 -p DATA vSwitch1
# put DATA on VLAN70
esxcfg-vswitch -v 70 -p DATA vSwitch1

4.  Create a new vmdk and add to existing VM
Here we have a VM (vmid 32 ) that we want to add a 60GB vmdk to.  We run:

# create the 60GB hard drive in foo's directory
vmkfstools -c 60G /vmfs/volumes/datastore1/foo/newfoo.vmdk
# add the disk to foo's inventory. (The 0 and 1 is the scsi ID numbers
vim-cmd vmsvc/device.diskaddexisting 32 /vmfs/volumes/datastore1/foo/newfoo.vmdk 0 1

5.  Check/Toggle VM power stat
You can turn nodes off and on and check power status.  You need to know the vmid as shown in #1 above:

# get power stat
vim-cmd vmsvc/power.getstat 16
# turn off
vim-cmd vmsvc/power.off 16
# turn on
vim-cmd vmsvc/power.of 16

6.  Add the Physical USB Device to a VM
If you want to add the USB device that’s plugged into the physical machine to the virtual machine with vmid 16 you can do this:

#make sure usbarbitrator is started
/etc/init.d/usbarbitrator start
# add to vmid 16
vim-cmd vmsvc/device.connusbdev 16 "path:1/0/0 autoclean:1"

Note that the VM should be powered off when you do this for best results.

7.  Register a VM to the Hypervisor
If you copied all the vmx and vmdk files to an ESXi 4.1 hypervisor you can simply register them with that hypervisor and turn them on:

vim-cmd solo/registervm /vmfs/volumes/datastore1/foo/foo.vmx
# then turn it on using the stuff in tip 5!

8.  Enable SSH from the command line
This is an easy one:

/etc/init.d/TSM-SSH start

9.  Add the license to the ESXi 4.1 hypervisor
This came  up in a few places and I already documented it in this blog, but figured I’d do it again.  If you have a license and you want to add it to your hypervisor because its about to expire in 1 day you can log in and just run:

vim-cmd vimsvc/license --set XXXXX-XXXXX-XXXXX-XXXXX-XXX11

10.  Writing output to main console
In your kickstart files, you may want to redirect output to the main console that people watch as an installation takes place.  This is /dev/tty2.  Therefore, if in your kickstart file you are cloning a vmdk using vmdkfstools, you can let people see how the progress is going by just piping it out.  Here’s an example:

vmkfstools -i $DATASTOREREMOTE/stage/stage.vmdk -d zeroedthick $DATASTOREOTHER/new/new.vmdk | tee -a /dev/tty2

This is cool in that you’ll see the percentage points pop up as you go along.  The thing to remember is that you’ll have to send some carriage return escape sequences a la echo -e “\r\n” to line things up better.

 
No Comments

Posted in VMware

 

NetInstall CentOS 6

26 Jul

32 bit: http://mirror.centos.org/centos/6/os/i386/
64 bit: http://mirror.centos.org/centos/6/os/x86_64/

 
No Comments

Posted in Linux

 

configure a Windows Server 2003 server as a relay server or smart host

07 Jul

Verify that SMTP is installed on the Microsoft Windows Server 2003 server.

To verify that SMTP is installed:
Control Panel >> double-click Add/Remove Programs >> click Add/Remove Windows Components.
Under Components >> select Internet Information Services (IIS), >> click Details.
Subcomponents >> Internet Information Services (IIS) >> Verify that the SMTP Service check box is selected.
If the check box is not selected, select it, click OK, and then complete the installation instructions.

In Internet Services Manager, add the SMTP mail domain for which you want the Windows server to relay.

To add the SMTP domain:
Click Start >> point to Programs >> point to Administrative Tools >> click Internet Services Manager.
Expand the server that you want >> expand the default SMTP virtual server.
By default, the default SMTP virtual server has a local domain with the fully qualified domain name (FQDN) for the server.

To create the inbound SMTP mail domain, right-click Domains, point to New, and then click Domain.
In New SMTP Domain Wizard, click Remote as the domain type, and then click Next.
In Name, type the domain name of your SMTP mail domain for your Exchange organization.
Click Finish.

Configure the SMTP mail domain that you just created for relay:
In Internet Services Manager, right-click the SMTP mail domain, and then click Properties.
Click Allow the Incoming mail to be Relayed to this Domain.
Click Forward all e-mail to smart host, and then type the IP address in square brackets ([ ]) or the FQDN of the Exchange server that is responsible for receiving e-mail for the domain. For example, to enter an IP address, type [123.123.123.123].
Click OK.

Specify the hosts that you want to openly relay to all domains:
In Internet Services Manager, right-click Default Virtual Server and click Properties.
On the Access tab, click Relay.
Click Only the list below, click Add, and then add the hosts that you want to use the SMTP server to send mail.
Under Single computer, specify the IP address of the Exchange bridgehead server that you want to relay using this SMTP server.
Click DNS Lookup to find the IP address of the specific server.

 
No Comments

Posted in Windows

 

Remove hidden “phantom adapter” in Windows

27 Jun

Removing NIC without removing driver first creates a “phantom adapter”

Remove “phantom adapter”
Make sure Windows Device Manager is CLOSED.
Start -> Run -> Type: cmd.exe -> ENTER

At command prompt type:
set devmgr_show_nonpresent_devices=1 -> ENTER
start devmgmt.msc -> ENTER (Device Manager will open.)
Device Manager -> View -> Show hidden devices.
Expand Network Adapter tree

Delete the adapters that are no longer needed.
Right click grey network adapters and select Uninstall
Close Device Manager
Reboot system.

 
No Comments

Posted in Windows

 

Command Line

26 May
Command Description
apropos whatis Show commands pertinent to string. See also threadsafe
man -t ascii | ps2pdf – > ascii.pdf make a pdf of a manual page
which command Show full path name of command
time command See how long a command takes
time cat Start stopwatch. Ctrl-d to stop. See also sw
dir navigation
cd - Go to previous directory
cd Go to $HOME directory
(cd dir && command) Go to dir, execute command and return to current dir
pushd . Put current dir on stack so you can popd back to it
alias l=’ls -l –color=auto’ quick dir listing
ls -lrt List files by date. See also newest and find_mm_yyyy
ls /usr/bin | pr -T9 -W$COLUMNS Print in 9 columns to width of terminal
find -name ‘*.[ch]‘ | xargs grep -E ‘expr’ Search ‘expr’ in this dir and below. See also findrepo
find -type f -print0 | xargs -r0 grep -F ‘example’ Search all regular files for ‘example’ in this dir and below
find -maxdepth 1 -type f | xargs grep -F ‘example’ Search all regular files for ‘example’ in this dir
find -maxdepth 1 -type d | while read dir; do echo $dir; echo cmd2; done Process each item with multiple commands (in while loop)
find -type f ! -perm -444 Find files not readable by all (useful for web site)
find -type d ! -perm -111 Find dirs not accessible by all (useful for web site)
locate -r ‘file[^/]*\.txt’ Search cached index for names. This re is like glob *file*.txt
look reference Quickly search (sorted) dictionary for prefix
grep –color reference /usr/share/dict/words Highlight occurances of regular expression in dictionary
archives and compression
gpg -c file Encrypt file
gpg file.gpg Decrypt file
tar -c dir/ | bzip2 > dir.tar.bz2 Make compressed archive of dir/
bzip2 -dc dir.tar.bz2 | tar -x Extract archive (use gzip instead of bzip2 for tar.gz files)
tar -c dir/ | gzip | gpg -c | ssh user@remote ‘dd of=dir.tar.gz.gpg’ Make encrypted archive of dir/ on remote machine
find dir/ -name ‘*.txt’ | tar -c –files-from=- | bzip2 > dir_txt.tar.bz2 Make archive of subset of dir/ and below
find dir/ -name ‘*.txt’ | xargs cp -a –target-directory=dir_txt/ –parents Make copy of subset of dir/ and below
( tar -c /dir/to/copy ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) copy/ dir to /where/to/ dir
( cd /dir/to/copy && tar -c . ) | ( cd /where/to/ && tar -x -p ) Copy (with permissions) contents of copy/ dir to /where/to/
( tar -c /dir/to/copy ) | ssh -C user@remote ‘cd /where/to/ && tar -x -p’ Copy (with permissions) copy/ dir to remote:/where/to/ dir
dd bs=1M if=/dev/sda | gzip | ssh user@remote ‘dd of=sda.gz’ Backup harddisk to remote machine
rsync (Network efficient file copier: Use the –dry-run option for testing)
rsync -P rsync://rsync.server.com/path/to/file file Only get diffs. Do multiple times for troublesome downloads
rsync –bwlimit=1000 fromfile tofile Locally copy with rate limit. It’s like nice for I/O
rsync -az -e ssh –delete ~/public_html/ remote.com:’~/public_html’ Mirror web site (using compression and encryption)
rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ Synchronize current directory with remote one
ssh (Secure SHell)
ssh $USER@$HOST command Run command on $HOST as $USER (default command=shell)
ssh -f -Y $USER@$HOSTNAME xeyes Run GUI command on $HOSTNAME as $USER
scp -p -r $USER@$HOST: file dir/ Copy with permissions to $USER’s home directory on $HOST
scp -c arcfour $USER@$LANHOST: bigfile Use faster crypto for local LAN. This might saturate GigE
ssh -g -L 8080:localhost:80 root@$HOST Forward connections to $HOSTNAME:8080 out to $HOST:80
ssh -R 1434:imap:143 root@$HOST Forward connections from $HOST:1434 in to imap:143
ssh-copy-id $USER@$HOST Install public key for $USER@$HOST for password-less log in
wget (multi purpose download tool)
(cd dir/ && wget -nd -pHEKk http://www) Store local browsable version of a page to the current dir
wget -c http://www.example.com/large.file Continue downloading a partially downloaded file
wget -r -nd -np -l1 -A ‘*.jpg’ http://www.example.com/dir/ Download a set of files to the current directory
wget ftp://remote/file[1-9].iso/ FTP supports globbing directly
wget -q -O- http://www.productsthatwork.com/ | grep ‘a href’ | head Process output directly
echo ‘wget url’ | at 01:00 Download url at 1AM to current dir
wget –limit-rate=20k url Do a low priority download (limit to 20KB/s in this case)
wget -nv –spider –force-html -i bookmarks.html Check links in a file
wget –mirror http://www.example.com/ Efficiently update a local copy of a site (handy from cron)
networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete)
ethtool eth0 Show status of ethernet interface eth0
ethtool –change eth0 autoneg off speed 100 duplex full Manually set ethernet interface speed
iwconfig eth1 Show status of wireless interface eth1
iwconfig eth1 rate 1Mb/s fixed Manually set wireless interface speed
iwlist scan List wireless networks in range
ip link show List network interfaces
ip link set dev eth0 name wan Rename interface eth0 to wan
ip link set dev eth0 up Bring interface eth0 up (or down)
ip addr show List addresses for interfaces
ip addr add 1.2.3.4/24 brd + dev eth0 Add (or del) ip and mask (255.255.255.0)
ip route show List routing table
ip route add default via 1.2.3.254 Set default gateway to 1.2.3.254
host productsthatwork.com Lookup DNS ip address for name or vice versa
hostname -i Lookup local ip address (equivalent to host `hostname`)
whois productsthatwork.com Lookup whois info for hostname or ip address
netstat -tupl List internet services on a system
netstat -tup List active connections to/from system
windows networking (Note samba is the package that provides all this windows specific networking support)
smbtree Find windows machines. See also findsmb
nmblookup -A 1.2.3.4 Find the windows (netbios) name associated with ip address
smbclient -L windows_box List shares on windows machine or samba server
mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share Mount a windows share
echo ‘message’ | smbclient -M windows_box Send popup to windows machine (off by default in XP sp2)
text manipulation (Note sed uses stdin and stdout. Newer versions support inplace editing with the -i option)
sed ‘s/string1/string2/g’ Replace string1 with string2
sed ‘s/\(.*\)1/\12/g’ Modify anystring1 to anystring2
sed ‘/ *#/d; /^ *$/d’ Remove comments and blank lines
sed ‘:a; /\\$/N; s/\\\n//; ta’ Concatenate lines with trailing \
sed ‘s/[ \t]*$//’ Remove trailing spaces from lines
sed ‘s/\([`"$\]\)/\\\1/g’ Escape shell metacharacters active within double quotes
seq 10 | sed “s/^/      /; s/ *\(.\{7,\}\)/\1/” Right align numbers
sed -n ’1000{p;q}’ Print 1000th line
sed -n ’10,20p;20q Print lines 10 to 20
sed -n ‘s/.*<title>\(.*\)<\/title>.*/\1/ip;T;q Extract title from HTML web page
sed -i 42d ~/.ssh/known_hosts Delete a particular line
sort -t. -k1,1n -k2,2n -k3,3n -k4,4n Sort IPV4 ip addresses
echo ‘Test’ | tr ‘[:lower:]‘ ‘[:upper:]‘ Case conversion
tr -dc ‘[:print:]‘ < /dev/urandom Filter non printable characters
tr -s ‘[:blank:]‘ ‘\t’ </proc/diskstats | cut -f4 cut fields separated by blanks
history | wc -l Count lines
set operations (Note you can export LANG=C for speed. Also these assume no duplicate lines within a file)
sort file1 file2 | uniq Union of unsorted files
sort file1 file2 | uniq -d Intersection of unsorted files
sort file1 file1 file2 | uniq -u Difference of unsorted files
sort file1 file2 | uniq -u Symmetric Difference of unsorted files
join -t’\0′ -a1 -a2 file1 file2 Union of sorted files
join -t’\0′ file1 file2 Intersection of sorted files
join -t’\0′ -v2 file1 file2 Difference of sorted files
join -t’\0′ -v1 -v2 file1 file2 Symmetric Difference of sorted files
math
echo ‘(1 + sqrt(5))/2′ | bc -l Quick math (Calculate φ). See also bc
seq -f ’4/%g’ 1 2 99999 | paste -sd-+ | bc -l Calculate π the unix way
echo ‘pad=20; min=64; (100*10^6)/((pad+min)*8)’ | bc More complex (int) e.g. This shows max FastE packet rate
echo ‘pad=20; min=64; print (100E6)/((pad+min)*8)’ | python Python handles scientific notation
echo ‘pad=20; plot [64:1518] (100*10**6)/((pad+x)*8)’ | gnuplot -persist Plot FastE packet rate vs packet size
echo ‘obase=16; ibase=10; 64206′ | bc Base conversion (decimal to hexadecimal)
echo $((0x2dec)) Base conversion (hex to dec) ((shell arithmetic expansion))
units -t ’100m/9.58s‘ ‘miles/hour’ Unit conversion (metric to imperial)
units -t ’500GB’ ‘GiB’ Unit conversion (SI to IEC prefixes)
units -t ’1 googol’ Definition lookup
seq 100 | (tr ‘\n’ +; echo 0) | bc Add a column of numbers. See also add and funcpy
calendar
cal -3 Display a calendar
cal 9 1752 Display a calendar for a particular month year
date -d fri What date is it this friday. See also day
[ $(date -d "tomorrow" +%d) = "01" ] || exit exit a script unless it’s the last day of the month
date –date=’25 Dec’ +%A What day does xmas fall on, this year
date –date=’@2147483647′ Convert seconds since the epoch (1970-01-01 UTC) to date
TZ=’America/Los_Angeles’ date What time is it on west coast of US (use tzselect to find TZ)
date –date=’TZ=”America/Los_Angeles” 09:00 next Fri’ What’s the local time for 9AM next Friday on west coast US
locales
printf “%’d\n” 1234 Print number with thousands grouping appropriate to locale
BLOCK_SIZE=\’1 ls -l Use locale thousands grouping in ls. See also l
echo “I live in `locale territory`” Extract info from locale database
LANG=en_IE.utf8 locale int_prefix Lookup locale info for specific country. See also ccodes
locale -kc $(locale | sed -n ‘s/\(LC_.\{4,\}\)=.*/\1/p’) | less List fields available in locale database
recode (Obsoletes iconv, dos2unix, unix2dos)
recode -l | less Show available conversions (aliases on each line)
recode windows-1252.. file_to_change.txt Windows “ansi” to local charset (auto does CRLF conversion)
recode utf-8/CRLF.. file_to_change.txt Windows utf8 to local charset
recode iso-8859-15..utf8 file_to_change.txt Latin9 (western europe) to utf8
recode ../b64 < file.txt > file.b64 Base64 encode
recode /qp.. < file.qp > file.txt Quoted printable decode
recode ..HTML < file.txt > file.html Text to HTML
recode -lf windows-1252 | grep euro Lookup table of characters
echo -n 0×80 | recode latin-9/x1..dump Show what a code represents in latin-9 charmap
echo -n 0x20AC | recode ucs-2/x2..latin-9/x Show latin-9 encoding
echo -n 0x20AC | recode ucs-2/x2..utf-8/x Show utf-8 encoding
CDs
gzip < /dev/cdrom > cdrom.iso.gz Save copy of data cdrom
mkisofs -V LABEL -r dir | gzip > cdrom.iso.gz Create cdrom image from contents of dir
mount -o loop cdrom.iso /mnt/dir Mount the cdrom image at /mnt/dir (read only)
cdrecord -v dev=/dev/cdrom blank=fast Clear a CDRW
gzip -dc cdrom.iso.gz | cdrecord -v dev=/dev/cdrom - Burn cdrom image (use dev=ATAPI -scanbus to confirm dev)
cdparanoia -B Rip audio tracks from CD to wav files in current dir
cdrecord -v dev=/dev/cdrom -audio -pad *.wav Make audio CD from all wavs in current dir (see also cdrdao)
oggenc –tracknum=’track’ track.cdda.wav -o ‘track.ogg’ Make ogg file from wav file
disk space (See also FSlint)
ls -lSr Show files by size, biggest last
du -s * | sort -k1,1rn | head Show top disk users in current dir. See also dutop
du -hs /home/* | sort -k1,1h Sort paths by easy to interpret disk usage
df -h Show free space on mounted filesystems
df -i Show free inodes on mounted filesystems
fdisk -l Show disks partitions sizes and types (run as root)
rpm -q -a –qf ‘%10{SIZE}\t%{NAME}\n’ | sort -k1,1n List all packages by installed size (Bytes) on rpm distros
dpkg-query -W -f=’${Installed-Size;10}\t${Package}\n’ | sort -k1,1n List all packages by installed size (KBytes) on deb distros
dd bs=1 seek=2TB if=/dev/null of=ext3.test Create a large test file (taking no space). See also truncate
> file truncate data of file or create an empty file
monitoring/debugging
tail -f /var/log/messages Monitor messages in a log file
strace -c ls >/dev/null Summarise/profile system calls made by command
strace -f -e open ls >/dev/null List system calls made by command
strace -f -e trace=write -e write=1,2 ls >/dev/null Monitor what’s written to stdout and stderr
ltrace -f -e getenv ls >/dev/null List library calls made by command
lsof -p $$ List paths that process id has open
lsof ~ List processes that have specified path open
tcpdump not port 22 Show network traffic except ssh. See also tcpdump_not_me
ps -e -o pid,args –forest List processes in a hierarchy
ps -e -o pcpu,cpu,nice,state,cputime,args –sort pcpu | sed ‘/^ 0.0 /d’ List processes by % cpu usage
ps -e -orss=,args= | sort -b -k1,1n | pr -TW$COLUMNS List processes by mem (KB) usage. See also ps_mem.py
ps -C firefox-bin -L -o pid,tid,pcpu,state List all threads for a particular process
ps -p 1,$$ -o etime= List elapsed wall time for particular process IDs
last reboot Show system reboot history
free -m Show amount of (remaining) RAM (-m displays in MB)
watch -n.1 ‘cat /proc/interrupts’ Watch changeable data continuously
udevadm monitor Monitor udev events to help configure rules
system information (see also sysinfo) (‘#’ means root access is required)
uname -a Show kernel version and system architecture
head -n1 /etc/issue Show name and version of distribution
cat /proc/partitions Show all partitions registered on the system
grep MemTotal /proc/meminfo Show RAM total seen by the system
grep “model name” /proc/cpuinfo Show CPU(s) info
lspci -tv Show PCI info
lsusb -tv Show USB info
mount | column -t List mounted filesystems on the system (and align output)
grep -F capacity: /proc/acpi/battery/BAT0/info Show state of cells in laptop battery
# dmidecode -q | less Display SMBIOS/DMI information
# smartctl -A /dev/sda | grep Power_On_Hours How long has this disk (system) been powered on in total
# hdparm -i /dev/sda Show info about disk sda
# hdparm -tT /dev/sda Do a read speed test on disk sda
# badblocks -s /dev/sda Test for unreadable blocks on disk sda
interactive (see also linux keyboard shortcuts)
readline Line editor used by bash, python, bc, gnuplot, …
screen Virtual terminals with detach capability, …
mc Powerful file manager that can browse rpm, tar, ftp, ssh, …
gnuplot Interactive/scriptable graphing
links Web browser
xdg-open . open a file or url with the registered desktop application
Command Description
grep . /proc/sys/net/ipv4/* List the contents of flag files
set | grep $USER Search current environment
tr ‘\0′ ‘\n’ < /proc/$$/environ Display the startup environment for any process
echo $PATH | tr : ‘\n’ Display the $PATH one per line
kill -0 $$ && echo process exists and can accept signals Check for the existence of a process (pid)
find /etc -readable | xargs less -K -p’*ntp‘ -j $((${LINES:-25}/2)) Search paths and data with full context. Use n to iterate
Low impact admin
# apt-get install “package” -o Acquire::http::Dl-Limit=42 \
-o Acquire::Queue-mode=access		 Rate limit apt-get to 42KB/s
echo ‘wget url’ | at 01:00 Download url at 1AM to current dir
# apache2ctl configtest && apache2ctl graceful Restart apache if config is OK
nice openssl speed sha1 Run a low priority command (openssl benchmark)
renice 19 -p $$; ionice -c3 -p $$ Make shell (script) low priority. Use for non interactive tasks
Interactive monitoring
watch -t -n1 uptime Clock with system load
htop -d 5 Better top (scrollable, tree view, lsof/strace integration, …)
iotop What’s doing I/O
# watch -d -n30 “nice ps_mem.py | tail -n $((${LINES:-12}-2))” What’s using RAM
# iftop What’s using the network. See also iptraf
# mtr www.productsthatwork.com ping and traceroute combined
Useful utilities
pv < /dev/zero > /dev/null Progress Viewer for data copying from files and pipes
wkhtml2pdf http://www.productsthatwork.com/blog/ Make a pdf of a web page
timeout 1 sleep 3 run a command with bounded time. See also timeout
Networking
python -m SimpleHTTPServer Serve current directory tree at http://$HOSTNAME:8000/
openssl s_client -connect www.google.com:443 </dev/null 2>&0 |
openssl x509 -dates -noout		 Display the date range for a site’s certs
curl -I www.productsthatwork.com Display the server headers for a web site
# lsof -i tcp:80 What’s using port 80
# httpd -S Display a list of apache virtual hosts
vim scp://user@remote//path/to/file Edit remote file using local vim. Good for high latency links
curl -s http://www.productsthatwork.com | gpg –import Import a gpg key from the web
tc qdisc add dev lo root handle 1:0 netem delay 20msec Add 20ms latency to loopback device (for testing)
tc qdisc del dev lo root Remove latency added above
Notification
echo “DISPLAY=$DISPLAY xmessage cooker” | at “NOW +30min” Popup reminder
notify-send “subject” “message” Display a gnome popup notification
echo “mail -s ‘go home’ user@domainname.com < /dev/null” | at 17:30 Email reminder
uuencode file name | mail -s subject user@domainname.com Send a file via email
ansi2html.sh | mail -a “Content-Type: text/html” user@domainname.com Send/Generate HTML email
Better default settings (useful in your .bashrc)
# tail -s.1 -f /var/log/messages Display file additions more responsively
seq 100 | tail -n $((${LINES:-12}-2)) Display as many lines as possible without scrolling
# tcpdump -s0 Capture full network packets
Useful functions/aliases (useful in your .bashrc)
md () { mkdir -p “$1″ && cd “$1″; } Change to a new directory
strerror() { python -c “import os; print os.strerror($1)”; } Display the meaning of an errno
plot() { { echo ‘plot “-”‘ “$@”; cat; } | gnuplot -persist; } Plot stdin. (e.g: • seq 1000 | sed ‘s/.*/s(&)/’ | bc -l | plot)
hili() { e=”$1″; shift; grep –col=always -Eih “$e|$” “$@”; } highlight occurences of expr. (e.g: • env | hili $USER)
alias hd=’od -Ax -tx1z -v’ Hexdump. (usage e.g.: • hd /proc/self/cmdline | less)
alias realpath=’readlink -f’ Canonicalize path. (usage e.g.: • realpath ~/../$USER)
ord() { printf “0x%x\n” “‘$1″; } shell versions of the ord() function
chr() { printf $(printf ‘\\%03o\\n’ “$1″); } shell version of the chr() function
Multimedia
DISPLAY=:0.0 import -window root orig.png Take a (remote) screenshot
convert -filter catrom -resize ’600x>’ orig.png 600px_wide.png Shrink to width, computer gen images or screenshots
mplayer -ao pcm -vo null -vc dummy /tmp/Flash* Extract audio from flash video to audiodump.wav
ffmpeg -i filename.avi Display info about multimedia file
ffmpeg -f x11grab -s xga -r 25 -i :0 -sameq demo.mpg Capture video of an X display
DVD
for i in $(seq 9); do ffmpeg -i $i.avi -target pal-dvd $i.mpg; done Convert video to the correct encoding and aspect for DVD
dvdauthor -odvd -t -v “pal,4:3,720xfull” *.mpg;dvdauthor -odvd -T Build DVD file system. Use 16:9 for widescreen input
growisofs -dvd-compat -Z /dev/dvd -dvd-video dvd Burn DVD file system to disc
Unicode
python -c “import unicodedata as u; print u.name(unichr(0×2028))” Lookup a unicode character
uconv -f utf8 -t utf8 -x nfc Normalize combining characters
printf ‘\300\200′ | iconv -futf8 -tutf8 >/dev/null Validate UTF-8
printf ‘ŨTF8\n’ | LANG=C grep –color=always ‘[^ -~]\+’ Highlight non printable ASCII chars in UTF-8
fc-match -s “sans:lang=zh” List font match order for language and style
Development
gcc -march=native -E -v -</dev/null 2>&1|sed -n ‘s/.*-mar/-mar/p’ Show autodetected gcc tuning params. See also gcccpuopt
for i in $(seq 4); do { [ $i = 1 ] && wget http://url.ie/6lko -qO-||
./a.out; } | tee /dev/tty | gcc -xc – 2>/dev/null; done		 Compile and execute C code from stdin
cpp -dM /dev/null Show all predefined macros
echo “#include <features.h>” | cpp -dN | grep “#define __USE_” Show all glibc feature macros
gdb -tui Debug showing source code context in separate windows
Extended Attributes (Note you may need to (re)mount with “acl” or “user_xattr” options)
getfacl . Show ACLs for file
setfacl -m u:nobody:r . Allow a specific user to read file
setfacl -x u:nobody . Delete a specific user’s rights to file
setfacl –default -m group:users:rw- dir/ Set umask for a for a specific dir
getcap file Show capabilities for a program
setcap cap_net_raw+ep your_gtk_prog Allow gtk program raw access to network
stat -c%C . Show SELinux context for file
chcon … file Set SELinux context for file (see also restorecon)
getfattr -m- -d . Show all extended attributes (includes selinux,acls,…)
setfattr -n “user.foo” -v “bar” . Set arbitrary user attributes
BASH specific
echo 123 | tee >(tr 1 a) | tr 1 b Split data to 2 commands (using process substitution)
meld local_file <(ssh host cat remote_file) Compare a local and remote file (using process substitution)
Multicore
taskset -c 0 nproc Restrict a command to certain processors
find -type f -print0 | xargs -r0 -P$(nproc) -n10 md5sum Process files in parallel over available processors
sort -m <(sort data1) <(sort data2) >data.sorted Sort separate data files over 2 processors
 
No Comments

Posted in Cheat Sheet, Linux

 

Cheat Sheet: IPv4

17 May
/0 4,294,967,296 0.0.0.0
/1 2,147,483,648 128.0.0.0
/2 1,073,741,824 192.0.0.0
/3 536,870,912 224.0.0.0
/4 268,435,456 240.0.0.0
/5 134,217,728 248.0.0.0
/6 67,108,864 252.0.0.0
/7 33,554,432 254.0.0.0
/8 16,777,214 255.0.0.0
—————————————————————————————————————————-
/9 8,388,608 255.128.0.0
/10 4,194,304 255.192.0.0
/11 2,097,152 255.224.0.0
/12 1,048,576 255.240.0.0
/13 524,288 255.248.0.0
/14 262,144 255.252.0.0
/15 131.072 255.254.0.0
/16 65,536 255.255.0.0
—————————————————————————————————————————-
/17 32,768 255.255.128.0
/18 16,384 255.255.192.0
/19 8,192 255.255.224.0
/20 4,096 255.255.240.0
/21 2,048 255.255.248.0
/22 1,024 255.255.252.0
/23 512 255.255.254.0
/24 256 255.255.255.0
—————————————————————————————————————————-
/25 128 255.255.255.128
/26 64 255.255.255.192
/27 32 255.255.255.224
/28 16 255.255.255.240
/29 8 255.255.255.248
/30 4 255.255.255.252
/31 2 255.255.255.254
/32 1 255.255.255.255
—————————————————————————————————————————-
 
No Comments

Posted in Cheat Sheet

 

Cisco Switch Password Recovery

15 May

2900,2950,3500,3550

1. Unplug the power cable

2. Hold down the mode button – plug in power cable

3. Type flash_init

4. Type load_helper

5. Type dir flash :
// include the semi-colons

6. Type rename flash:config.txt flash:config.old

7. Type boot

8. Type n to skip – setup configuration

9. Type enable

10. Type rename flash:config.old flash:config.txt

11. Save config.txt to system
copy flash:config.txt system:running-config

12. Enter config mode and change the password
config t
no enable secret

13. Finally, write the changes to memory
write memory

 
No Comments

Posted in Cisco

 
« Older Entries