Re: [CentOS] Replacing Multiple Servers with One
On Wed, Mar 6, 2013 at 4:40 PM, Tim Evans wrote: > We are replacing four servers, running mail, web, ftp, and dns, > respectively, with a single server to run all four services. > > The new server will have a new IP address. > > It seems fairly straightforward to redirect mail, web, and ftp services > to the new server via DNS CNAMES, but I'm not quite sure about how to do > the change for the DNS service itself. > > Is there a need to maintain the old DNS server's IP address during a > transition, or longer? Via a virtual IP with the old DNS server's IP > address on the new machine, perhaps? Or a second NIC with the old > address? Or just have the router redirect incoming DNS requests? > > Thanks. > -- > Tim Evans | 5 Chestnut Court > Linux/UNIX Consulting | Owings Mills, MD 21117 > http://www.tkevans.com/ | 443-394-3864 > tkev...@tkevans.com > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Hi Tim, To migrate the DNS server, ideally the steps as follows, - Provision the new server and setup as the secondary DNS server - Sync the zones - Reduce the TTL of the nameservers - Change the new server to primary - Change the glue DNS records (from domain registrar panel - if applicable) - Let the old server running for few days and monitor for any traffic Regards, Vipul ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ECC memory errors
On Mon, Apr 29, 2013 at 1:41 PM, Peter Peltonen wrote: > Hi, > > On Mon, Apr 29, 2013 at 2:59 PM, mark wrote: > > > > > DIMM went bad. No big thing. Your only problem may be to identify which > > one, he says, about to go into work to do just that. > > > > Thanks for your response and suggestions. > > About identifying the faulty DIMM: Is the memtest provided on the CentOS5 > installation disk best tool for this purpose? And do I need to switch ECC > off from BIOS while I test the memories? > > The EDAC error msg reports problems with bank0. Can I trust this? I tried > installing edac-utils to get more information, but after installation it > only generates segmentation fault: > > # edac-util --report=simple > Segmentation fault > > # edac-util -s > Segmentation fault > > # rpm -qv edac-utils > edac-utils-0.9-6.el5 > > Regards, > Peter > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Hi Peter One of my old HP DL585 had a similar issue but it turned out that the DIMM slots were at fault. The server chassis had few led blinking red for those DIMM slots and indicating that they are faulty. I removed the memory from those slot and re-inserted them to the spare DIMM slots and everything is working fine since then. Regards, Vipul ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forward http traffic
On Tue, Jan 7, 2014 at 12:28 PM, Nikolaos Milas wrote: > Hello, > > On CentOS 6.5 x86_64 I have (/etc/sysconfig/iptables): > > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :RH-Firewall-1-INPUT - [0:0] > -A INPUT -j RH-Firewall-1-INPUT > -A FORWARD -j RH-Firewall-1-INPUT > -A RH-Firewall-1-INPUT -i lo -j ACCEPT > -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -s 10.10.10.0/24 -m tcp -p > tcp --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.10.10.0/24 -m state --state NEW -m tcp -p > tcp --dport 80 -j ACCEPT > -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited > COMMIT > > Now, I want to forward all http traffic coming in from 10.250.250.0/24, > at local port 8080, to 2 particular IP Addresses (port 80). Is it enough > to prepend (to the above) the following: > > *nat > :PREROUTING ACCEPT [0:0] > :POSTROUTING ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > -A PREROUTING -s 10.250.250.0/24 -p tcp --dport 8080 -j DNAT > --to-destination xxx.xxx.xxx.xxx:80 > -A PREROUTING -s 10.250.250.0/24 -p tcp --dport 8080 -j DNAT > --to-destination yyy.yyy.yyy.yyy:80 > COMMIT > > ...? > > Please advise! > > Thanks in advance, > Nick > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Hi NIck, you need to MASQUERADE the packets in the POSTROUTING chain. Something like the following $ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I'm just not sure about if forwarding the packets to two separate hosts will work. I haven't tried that myself. It'll be good to know if this works for you. Many thanks -Vipul ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Moving sshd listen port
On 09/07/14 15:35, Mike McCarthy, W1NR wrote: > sshd.service: main process exited, code=exited, status=255/n/a Hi Mike Can you run sshd manually in debugging mode and paste the output please: $ /usr/sbin/sshd -d It's worth looking at the output of strace that may help here: $ strace /usr/sbin/sshd -V signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Patch Management Server in CentOS 5
Hi Kaushal, You may use a Spacewalk server to manage packages for multiple centos servers. It works pretty well for centos 5. http://wiki.centos.org/HowTos/PackageManagement/Spacewalk Regards, Vipul On Oct 30, 2012 11:01 PM, "Kaushal Shriyan" wrote: > Hi, > > Is there a patch management server option in CentOS Linux version 5 and > documentation or manuals to set it up? > > Regards > > Kaushal > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
