Archive for the 'Computers & Tech.' Category


Networking instability with IPv6, Ubuntu and VMware 0

Posted September 2, 2008

Apparently other people have experienced similar issues with the network locking up on some virtual machines after a period of time. I find the issue sometimes occurs when we kick off backups on soundwave and the network is placed under significant load.

Disabilng IPv6 is meant to solve the problem in some cases and I have high expectations that it'll help in our situation.

To disable IPv6 on Ubuntu 8.04.01 you need to add an entry to /etc/modprobe.d/blacklist containing the following:

# blacklist IPv6
blacklist ipv6

You'll then need to reboot the machine, and confirm that the module has not been loaded.

mlambie@soundwave:~$ sudo lsmod | grep ipv6
mlambie@soundwave:~$ sudo ip a | grep inet6

Both tests should return nothing, confirming that the module is not active.

Firewalls and VMware ESXi 0

Posted September 1, 2008

All the documentation I could find online indicated that the only port that needed to be opened in the firewall to allow the VMware Infrastructure Client to connect to an ESXi server was 902/TCP. My investigations found that port 443 was also necessary. I suspect that authentication is does over HTTPS now.

From our firewall the following ports are open. Note that we've enabled the SSH server which is non-standard on ESXi:

mlambie@grimlock:~$ nmap devastator
 
Starting Nmap 4.53 ( http://insecure.org ) at 2008-08-25 07:10 WST
Interesting ports on 231.69-dslgw.amnet.net.au (203.153.231.69):
Not shown: 1709 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
427/tcp open  svrloc
443/tcp open  https
902/tcp open  iss-realsecure-sensor
 
Nmap done: 1 IP address (1 host up) scanned in 0.120 seconds

From outside our DMZ the ESXi servers have two ports open, and the VI client refuses to authenticate if either are closed:

mlambie@stormshadow:~$ nmap devastator -P0

Starting Nmap 4.60 ( http://nmap.org ) at 2008-08-25 07:13 WST
Interesting ports on devastator.thefrontiergroup.net.au (203.153.231.69):
Not shown: 1712 filtered ports
PORT    STATE SERVICE
443/tcp open  https
902/tcp open  iss-realsecure-sensor

Nmap done: 1 IP address (1 host up) scanned in 9.117 seconds

So if you're stuck with a non-responsive ESXi, try opening HTTPS on the firewall and that might help.

Click, pow! 2

Posted August 30, 2008

These new servers are very fast. Applications that usually take their time to respond on hotrod or wheeljack are instantaneously served now. Cacti, which generates a large range of images on the fly, and lambie.org, which makes use of a remote database - both are are blindingly fast.

Click, pow! Click, pow!

First site to use the new servers 0

Posted August 28, 2008

I've moved lambie.org over to prime and prowl, our new Apache and MySQL servers. It all appears to be working properly.

Let me know if anything is broken or missing and I'll sort it out.

You know it’s been a busy few weeks… 4

Posted August 24, 2008

... when you load up Digg and have to trawl back more than 100 pages to see all the news you've missed.

« Previous PageNext Page »