So, here’s a short checklist of what to do right after I install FreeNAS 8.3 (not necessarily in order). configure link aggregation (LACP seems to work with 2 switches, failover or other algorithms don’t) change admin and root password enable ssh with root password when LAN is secure configure SMART tests (monthly long test) configure general settings (timezone, syslog, email server) create zpools with lzjb compress, atime off and no deduplication create zfs datasets and volumes and inherit options active directory synchronization iSCSI targets and stuff SMART checks enable SNMP

I’ve just got my hands on a new server to store backups and archived files before being sent offsite, and it wouldn’t boot off my USB key. Even after many dd, dd with skip and FreeNAS installations, I was getting a “GPT table corrupt” message. Finally, the fix was easy enough: boot FreeNAS installation CD and choose Shell instead of Install type gpart show , it listed my device and that GPT table was corrupt type gpart destroy -F return to the menu choose Install when it’s finished, go back to the shell type gpart show again to check that it’s not corrupt anymore reboot enjoy your FreeNAS That’s it....

Last week, I saw an huge “spam” outbreak on my MX servers. Instead of ~200k rejected SMTP connections, I had ~3M connections and it was rising. This caused some minor issues with the frequent log parsing as the log file quickly grew. To reduce the log file size and also the DNS requests number, I decided to use fail2ban to drop the connections before they got to Exim. This is rather easy, just create/append /etc/fail2ban/jail....

If you use Varnish with an Apache server and analyze Apache log files (with AWstats or something else), you probably saw all requests were coming from 127.0.0.1 (or the IP address Varnish is on). You’ve probably forgotten to change the LogFormat you use. Fortunately, Varnish adds an header on its request to Apache with the remote IP address in it. Just replace “%h” with “%{X-Forwarded-For}i” in the LogFormat and reload your server....

I needed to install some incoming mail servers (MX servers) to filter emails before delivering them to customers servers. So the need is to accept mails for a fixed list of domains, check for viruses and spams, then route them to customers servers for delivery. The distribution is Debian 6, the mailserver is Exim. The antivirus check is done by ClamAV and the antispam with Spamassassin + Pyzor + Razor + DCC + DNSBL....

Just some thoughts and things I’ve done. The hardware is the following: the Microserver itself, 2x 4GB DDR3, one 16GB USB flash drive, some 2TB SATA hard drives, Logitech S-150 USB speakers, and a GT520 HDMI+DVI graphic card. Installation on USB flash drive. There’s an USB port on the motherboard, so I plugged a 16GB USB flash drive and installed Ubuntu to it. The filesystem is ext4 because I trust it a lot more than btrfs and because it seems it’s quite good on a flash drive (source , it’s old, I know)....

2012-08-13 Update: simple monitoring with Cacti. The goal I want to have a clean Wowza setup for a live streaming platform. The access to the streaming server will be open but every other service (management interface, ssh, web server, etc) will be firewalled. There will be usage reporting through awstats, monitoring through SNMP (performance) and Nagios NRPE (availability). Ubuntu Ubuntu installation I’ve done a standard installation, nothing fancy. Partitionning is done like this:...

So, like me, you want to have redundancy for your virtual machine network. For my lab setup, I use a refurbished Cisco router 3825 with two gigabit interfaces, two Procurve 2810-24G and a small server with 4 gigabit interfaces for the ESXi. You just have to: team the NICs on the ESXi (use src-mac + beacon probing), use port-channel on the Cisco router and src-mac too, configure the switches exactly the same way as if there wasn’t any redundancy, add a link between the two switches and configure it to transmit the VLANs you need, don’t forget to add STP on the switches and put a high priority (low number) on the link between the switches....

Vos machines virtuelles sont lentes, vous pensez que le CPU n’est pas en cause parce que vous avez une utilisation faible des pCPU ? Regardez-y à deux fois, il se pourrait que vos VM attendent du pCPU disponible! Pour vérifier que vos VM n’attendent pas pour avoir du CPU, allez dans l’onglet performance, advanced, CPU. Dans chart options, choisissez “Ready (ms)”. C’est bien joli, mais ça ne vous dit pas encore grand chose....

Si vous voulez retrouver à quel User est lié une adresse email dans Exchange, suivez les points suivants: Ouvrez Active Directory Users and Computers, Clic droit sur le domaine ciblé, cliquez Find, Dans le champ Find, choisissez Custom Search, Choisissez l’onglet Advanced, Entrez comme LDAP query: proxyAddresses=smtp:myemail@mydomain.example Vous devriez avoir un résultat qui est l’user associé à la boite mail ou à l’alias.