Change redo logs from filesystem to RAW

There is one thing I particularly like, but it is possible that we find people who say that if the database performance is greatly improved with raw redo in front of a filesystem (ext4 for example).

To find out for sure we can work with RAW mode redologs very easily. Let’s take an example made in Red Hat 4, with a test BDD with 3 redologs of 51 MB each:

Source   
[oracle@clu01 DBU]$ ls -l
total 1502076
-rw-r-----  1 oracle oinstall   9748480 Jun 25 20:38 control01.ctl
-rw-r-----  1 oracle oinstall   9748480 Jun 25 20:38 control02.ctl
-rw-r-----  1 oracle oinstall   7061504 Jun 12 11:36 control03.ctl
-rw-r-----  1 oracle oinstall  52429312 Jun 25 11:06 redo01.log
-rw-r-----  1 oracle oinstall  52429312 Jun 25 10:39 redo02.log
-rw-r-----  1 oracle oinstall  52429312 Jun 25 10:39 redo03.log
-rw-r-----  1 oracle oinstall 545267712 Jun 25 20:38 sysaux01.dbf
-rw-r-----  1 oracle oinstall 744497152 Jun 25 20:38 system01.dbf
-rw-r-----  1 oracle oinstall  20979712 Jun 23 21:22 temp01.dbf
-rw-r-----  1 oracle oinstall  36708352 Jun 25 20:38 undotbs01.dbf
-rw-r-----  1 oracle oinstall   5251072 Jun 25 20:38 users01.dbf

Continue reading

rescan scsi linux

If we add disks in hot (from any system virtualization) it is possible that the OS does not know until we do a rescan of the SCSI bus, this can be done with the tool:

Source   
rescan-scsi-bus.sh -a

To install RedHat/Centos:

Source   
yum install sg3_utils

Continue reading

LVM external drive, HDD data access with LVM partition (eg a USB HD)

The LVM volumes have many advantages but when you connect a hard drive (with LVM) to an operating system (for example via USB) and want to access the data, we see that is not automatic.

To access the data directly we can mount the volume because the device simply does not exist, this can be easily solved. The sequence of actions is:

1- Connect the HD (logically)
2- Perform vgscan
3- Perform lvscan
4- Enable LVM volume desired
5- Mount the device and access the data

To extract HDD must:

Continue reading

md raid replace drive, software mdRAID

On this occasion we will see how to regenerate a software RAID in Linux.

Detected by SMART error type:

Smarctl diagnosis:

Source   
[root@simba ~]# smartctl -H /dev/sda
smartctl 5.42 2011-10-20 r3458 [x86_64-linux-2.6.32-279.el6.x86_64] (local build)
Copyright (C) 2002-11 by Bruce Allen, http://smartmontools.sourceforge.net
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
Failed Attributes:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate     0x002f   001   001   051    Pre-fail  Always   FAILING_NOW 330223

Continue reading

smartctl disk health check in Linux

Let’s see how to obtain the status of a HDD using SMART technology (monitoring and analyzing HD http://es.wikipedia.org/wiki/S.M.A.R.T.).

First we need to install is the smartmontools package (in Red Hat or CentOS so, in other distributions command different):

Source   
yum install smartmontools

We can get information from a disk:

Continue reading

iptables ddos configuring recent, prevent denial of service attacks (DOS Denial Of Service) Linux (Match recent extension)

Recently has contacted me a companion called Miguel Angel (greetings) to see if he could help out with attacks that are suffering. Obviously I will not use your data for anything in this entry.

In this post we will make a more accurate filtering of incoming communications, to prevent DOS attacks.

In the previous post “iptables ddos limit configuration, prevent denial of service attacks on Linux (Match extension limit)” is shown as filter limiting the number of hits. The great improvement in recent vs limit extension is that recent maintains a list of source IPs communication and limits are set by source IP. The limits imposed limit extension regardless of origin, is an overall limit.

 

Continue reading

Linux mount disk UUID and /etc/fstab

Almost everyone knows how to add an automatic mounting /etc/fstab, perhaps not used as it should the mounting is using UUIDs.

The UUID (Universally Unique Identifier) is a unique identifier for each file system. It is very interesting because it allows use as a reference for installation, ie instead of using /dev/sdb1 (physical connection reference) may use UUID and thus could change the connections of the discs without the mount points they saw affected.

The tool to know the UUID of the discs is:

Source   
[root@test ~]# blkid
/dev/sdb1: UUID="a210f4aa-0333-4827-b4f0-4a987c3364cf" TYPE="ext4"
/dev/sdb2: UUID="2133ef48-5eb9-4413-8b42-2f5f023a765b" TYPE="ext4"
/dev/sda1: UUID="0cdd3b92-349c-407f-87d2-63242782b531" TYPE="ext4"
/dev/sda2: UUID="rNf0sI-d44o-5c3f-VJMJ-zdhk-eT4q-Lc8xXT" TYPE="LVM2_member"
/dev/mapper/vg_test-lv_root: UUID="6c9fa623-8bc4-4143-b8a5-f7d0966980c9" TYPE="ext4"
/dev/mapper/vg_test-lv_swap: UUID="b382f6a5-0a63-4ab8-aaf4-8b8c1c0b969d" TYPE="swap"

Continue reading

Linux volume encryption (LUKS, Linux Unified Key Setup) in RedHat/CentOS 6

In this post we will create an encrypted volume, which is useful if you work with a laptop and want to ensure your data against theft.

You can do interesting things, as we ask the key to start or hold the key for example in a USB. It seems to me very good choice of a USB device with the key to start.

Let the matter, the steps are:

1- make sure we have the kernel module loaded with dm_crypt :

Source   
[root@test ~]# lsmod | grep dm_crypt
dm_crypt 10848 2
dm_mod 63859 11 dm_crypt

Continue reading

Configuring iptables firewall RedHat/CentOS 6 from command line

IPTABLES is the firewall kernel-level included in Linux distributions, it’s very powerful (once understood its operation), very useful and flexible. This post has been made on a CentOS 6 (clone of RedHat), almost all should be able to apply to any distribution.

The basic operation of iptables is the following:

  1. Exist chains of rules. Basically 3: INPUT, OUTPUT and FORWARD.
  2. The rules within a chain are evaluated in order. This is where there is a multitude of filtering options.
  3. When a rule is evaluated positively, it is directed at a TARGET. It can be accepted, rejected, deleted, written in a log or other much more (see man TARGET EXTENSIONS iptables).

We can list the current rules:

Continue reading

Linux file attributes and directories

In linux you can assign attributes to files, this allows to increase the security level. It is possible for example, to protect a file so that can not be removed.

To view the attributes of a file:

Source   
[root@tester1 prueba]# lsattr
-------------e- ./fich.txt
-------------e- ./fich2.txt

Continue reading