Category Archives: Networking

OpenVPN Server On CentOS 5.2

So your users need access to Exchange and data from outside your organisation. Sure you can set up RPC over HTTPS and various other tools to access the data. I just find OpenVPN very good, convenient and reliable.

And after battling to find a good simple HOWTO, I put this together. It’s a quick and nasty but it works!:)

Firstly, ensure you are root, and just in case the OpenVPN is not in the base repository, add the rpmforge repo (these steps you can find elsewhere).



Installing PowerDNS (With MySQL Backend) And Poweradmin On CentOS 5.2

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 01/15/2009

This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a CentOS 5.2 system. PowerDNS is a high-performance, authoritative-only nameserver – in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS.

I do not issue any guarantee that this will work for you!


Setting Up A High-Availability Load Balancer With HAProxy/Wackamole/Spread On Debian Etch

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 12/22/2008

This article explains how to set up a two-node load balancer in an active/passive configuration with HAProxy, Wackamole, and Spread on Debian Etch. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content. Not only does the load balancer distribute the requests to the two backend Apache servers, it also checks the health of the backend servers. If one of them is down, all requests will automatically be redirected to the remaining backend server. In addition to that, the two load balancer nodes monitor each other using Wackamole and Spread, and if the master fails, the slave becomes the master, which means the users will not notice any disruption of the service. HAProxy is session-aware, which means you can use it with any web application that makes use of sessions (such as forums, shopping carts, etc.).

From the HAProxy web site: “HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware. Its mode of operation makes its integration into existing architectures very easy and riskless, while still offering the possibility not to expose fragile web servers to the Net.”

Routing for multiple uplinks/providers

A common configuration is the following, in which there are two providers that connect a local network (or even a single machine) to the big Internet.

There are usually two questions given this setup.


All About Windows 2000 DNS, Sites, and Replication

DNS is the core name resolution system for Windows 2000, which is a refreshing change from the WINS days of yore. However, this means that DNS must be setup and working properly for your Windows 2000 Pro clients to login, replication to occur, and the sites to work properly (that is, each client logs into a DC in its site. This depends on sites being correctly specified and setup in AD and DNS.) First I’ll describe how to setup a basic DNS system, then deal with some specific issues.


How to monitor remote Windows machine using Nagios on Linux

In the previous articles we discussed about Nagios 3.0 Jumpstart guide and How to monitor remote Linux host using Nagios 3.0. In this article, l’ll explain how to monitor remote windows machine and the various service running on the windows server using nagios monitoring server. Following three sections are covered in this article.

I. Overview
II. 4 steps to install nagios on remote windows host

  1. Install NSClient++ on the remote windows server
  2. Modify the NSClient++ Service
  3. Modify the NSC.ini
  4. Start the NSClient++ Service

III. 6 configuration steps on nagios monitoring server

  1. Verify check_nt command and windows-server template
  2. Uncomment windows.cfg in /usr/local/nagios/etc/nagios.cfg
  3. Modify /usr/local/nagios/etc/objects/windows.cfg
  4. Define windows services that should be monitored.
  5. Enable Password Protection
  6. Verify Configuration and Restart Nagios.


Installing and Configuring Openfiler with DRBD and Heartbeat


Openfiler is a high performance operating system tailored for use as a SAN/NAS appliance. This configuration will enable two Openfiler appliances to work in an Active/Passive high availability scenario.



  • 2 x boxes that meet the minimum spec of Openfiler’s hardware specifications.
  • 2 x ethernet interfaces in each box
  • Openfiler 2.3 installation media.
  • Both boxes should have the same size drives in each to avoid any replication inconsistencies.


Install Openfiler 2.3 on both boxes utilizing a disk setup such as the following:

  • 3 GB root (“/”) partition
  • 2 GB “swap” partition
  • 512 MB “/meta” partition (used for DRBD0)
  • Data partition configured as an unmounted LVM (used for DRBD1)



Each Openfiler appliance will have two NICs: one for communicating with the LAN, the other for communicating with the
other SAN (via direct cable). The first will be used for administration, to communicate directly with each node.

A third “virtual” interface is used by the heartbeat service and is what will be used by computers on the LAN.


Installing ISP-fw (Firewall) On Linux

ISP-fW is a firewall script that provides port forwarding, packet filtering, stateful packet inspection, port redirection, masquerading, SNAT/ DNAT, TOS, and never the last it generates htb rules for bandwidth management. With ISP-fw, you can turn a PC into a gateway with shaping capabilities.

Let’s begin:

I will assume that you have installed Linux on your box. I use a Debian machine so this tutorial will be for Debian Linux but should not differ much from the rest of the distros.


Linux Networking

This tutorial covers TCP/IP networking and system configuration basics. Linux can support multiple network devices. The device names are numbered and begin at zero and count upwards. For example, a computer running two ethernet cards will have two devices labeled /dev/eth0 and /dev/eth1. Linux network configuration, management, monitoring and system tools are covered in this tutorial.


Linux-AD Integration, Version 4

by slowe

This procedure allows Linux-based systems to authenticate against Active Directory.  We use Kerberos for authentication, LDAP for account information, and Samba to help automate the process along the way.  When this process is complete, AD users can be enabled for use on Linux systems on the network and login to those Linux systems using the same username and password as throughout the rest of Active Directory.

These instructions are designed for use with Windows Server 2003 R2.  If you are looking for information on using Linux with a previous version of Windows, please refer back to this article.  The only significant changes in the process involve the mapping of the LDAP attributes; otherwise, the procedure is very similar between the two versions of Windows.