Microsoft Link
http://msdn.microsoft.com/en-us/library/aa366778(VS.85).aspx
20091112
20091029
storage disks, io, performance, throughput - SATA,SAS,iSCSI,FC
Disk drives
SATA
http://www.sata-io.org/technology/why_sata.asp
Data transfer rate - Direct SATA - Internally connected
I 1.5 gigabits per second (150 MB/s)
II 3.0 gigabits per second (300 MB/s)
III 6.0 gigabits per second (600 MB/s)
eSATA - External SATA
http://www.sata-io.org/technology/esata.asp
http://www.sata-io.org/images/eSATA-logo-1.5Gbs_Color.gif
Comparison of Interface speeds and data transfer rates for external disk drive interfaces
USB2 1394 Serial
Raw Interface Speed 480Mbps 400Mbps 1500Mbps
Benchmark Comparison 64K read 31.6 MB/sec 34.8MB/sec 42.4MB/sec
Benchmark comparison 64K write 26.5 MB/sec 26.7MB/sec 56.2MB/sec
Burst Transfer Rate 33.5MB/sec 36.2MB/sec 111.3MB/sec
Superior Link Utilization: Today, an average hard drive operating off its rotating media
(not its cache) might sustain 80 MB/s, a figure much lower than the theoretical maximum
throughput of ~600 MB/s offered by SATA 6Gb/s. With support for up to 15
drives, SATA’s unique port multiplier capabilities enable users to aggregate multiple
drives behind a single SATA port in order to fully utilize host link capacity. In this way,
data across several drives appears as a single logical bank of data. Port multipliers help
to relieve storage bottlenecks, especially in applications such as entry-level servers and
high-bandwidth applications like video post-production.
SAS
http://www.scsita.org/aboutscsi/sas/SAS_roadmap.html
Ultra 320 SCSI
SAS I 3 Gbps
SAS II 6 Gbps ( back ward compatible) - at present
SAS III 12Gbps
1. What is the definition of Serial Attached SCSI?
Serial Attached SCSI (SAS) is the logical evolution of SCSI that satisfies the enterprise data center requirement for scalability, performance, reliability and manageability, while leveraging a common electrical and physical interface with Serial ATA (SATA). This compatibility provides users with unprecedented choices for server and storage subsystem deployment.
2. Why was Serial Attached SCSI developed?
was developed to address I/O and direct attach storage requirements that traditional parallel SCSI cannot meet. It provides universal interconnect with SATA, while offering logical SCSI compatibility along with SCSI reliability, performance and manageability.
http://www.scsita.org/aboutscsi/sas/STA_6G_SAS.pdf
Some of the benchmark results are here
Access Time: 7.6 ms
Max Read: 141.6 MB/s Min Read: 54.5 MB/s Average Read: 119.6 MB/s
SAS System:
Access Time: 5.8 ms
Max Read: 196.0 MB/s Min Read: 117.9 MB/s Average Read: 172.1 MB
SATA WD Caviar Black 1TB Drive:
Access Time: 12.5 ms
Max Read: 108.6 MB/s Min Read: 52.9 MB/s Average Read: 85.1 MB/s
Disk enclosures/Storage
iSCSI
http://tools.ietf.org/html/rfc3720
still to come.... wait for this.
SATA
http://www.sata-io.org/technology/why_sata.asp
Data transfer rate - Direct SATA - Internally connected
I 1.5 gigabits per second (150 MB/s)
II 3.0 gigabits per second (300 MB/s)
III 6.0 gigabits per second (600 MB/s)
eSATA - External SATA
http://www.sata-io.org/technology/esata.asp
http://www.sata-io.org/images/eSATA-logo-1.5Gbs_Color.gif
Comparison of Interface speeds and data transfer rates for external disk drive interfaces
USB2 1394 Serial
Raw Interface Speed 480Mbps 400Mbps 1500Mbps
Benchmark Comparison 64K read 31.6 MB/sec 34.8MB/sec 42.4MB/sec
Benchmark comparison 64K write 26.5 MB/sec 26.7MB/sec 56.2MB/sec
Burst Transfer Rate 33.5MB/sec 36.2MB/sec 111.3MB/sec
Superior Link Utilization: Today, an average hard drive operating off its rotating media
(not its cache) might sustain 80 MB/s, a figure much lower than the theoretical maximum
throughput of ~600 MB/s offered by SATA 6Gb/s. With support for up to 15
drives, SATA’s unique port multiplier capabilities enable users to aggregate multiple
drives behind a single SATA port in order to fully utilize host link capacity. In this way,
data across several drives appears as a single logical bank of data. Port multipliers help
to relieve storage bottlenecks, especially in applications such as entry-level servers and
high-bandwidth applications like video post-production.
SAS
http://www.scsita.org/aboutscsi/sas/SAS_roadmap.html
Ultra 320 SCSI
SAS I 3 Gbps
SAS II 6 Gbps ( back ward compatible) - at present
SAS III 12Gbps
1. What is the definition of Serial Attached SCSI?
Serial Attached SCSI (SAS) is the logical evolution of SCSI that satisfies the enterprise data center requirement for scalability, performance, reliability and manageability, while leveraging a common electrical and physical interface with Serial ATA (SATA). This compatibility provides users with unprecedented choices for server and storage subsystem deployment.
2. Why was Serial Attached SCSI developed?
was developed to address I/O and direct attach storage requirements that traditional parallel SCSI cannot meet. It provides universal interconnect with SATA, while offering logical SCSI compatibility along with SCSI reliability, performance and manageability.
http://www.scsita.org/aboutscsi/sas/STA_6G_SAS.pdf
Results
SCSI System:Access Time: 7.6 ms
Max Read: 141.6 MB/s Min Read: 54.5 MB/s Average Read: 119.6 MB/s
SAS System:
Access Time: 5.8 ms
Max Read: 196.0 MB/s Min Read: 117.9 MB/s Average Read: 172.1 MB
SATA WD Caviar Black 1TB Drive:
Access Time: 12.5 ms
Max Read: 108.6 MB/s Min Read: 52.9 MB/s Average Read: 85.1 MB/s
Disk enclosures/Storage
MD3000/MD3000i - DELL
MD3000i 48MB/s - throughput
http://tools.ietf.org/html/rfc3720
still to come.... wait for this.
20090818
Windows File Extension details
http://filext.com/alphalist.php
Do honor the copy rights of the owner. Do not copy/paste from the above link.
Do honor the copy rights of the owner. Do not copy/paste from the above link.
Cisco - Router Time based QOS with ACL
!--------------------------------------------------------------------
! Time based QOS with acl on Cisco Routers
!
! Comments : rajshekar.j@gmail.com
! The following examples allows you to create QOS on both interface
! of gateway router. With this QOS you will be able to dedicated minimum
! amount of bandwidth to end users and allow them to peak if free bandwidth
! is available also include a time range during which you can increase their
! bandwidth to a greater extent. We have defined two range time range - time_high
! and time_low. During Time range time_high, end users will be given higher
! bandwidth and during time range time_low, end user will be having a very
! lower bandwidth
! We have tested this on Cisco Router with two ethernet interfaces.
!-------------------------------------------------------------------------
!
! time ranges are defined here.
time-range time_high
periodic weekdays 08:00 to 20:00
time-range time_low
periodic weekdays 20:01 to 07:59
!
!Access control lists for both inbound traffic and outbound are defined here
!Fastethernet 0/0 - External facing interface
ip access-list extended acl_inbound_high
permit ip any host time-range time_high
!
ip access-list extended acl_inbound_low
permit ip any host time-range time_low
!
! Fastthernet 0/1 - Internal facing interface
ip access-list extended acl_outbound_high
permit ip host any time-range time_high
!
ip access-list extended acl_outbound_low
permit ip host any time-range time_low
!
!
!class map for inbound traffic are defined here.
class-map match-all class_high-in
match access-group name acl_inbound_high
class-map match-all class_low-in
match access-group name acl_inbound_low
!
!
!Policy map - QOS for inbound traffic
policy map QOS-in
class class_high-in
bandwidth 1024
shape average 1024000
class class_low-in
bandwidth 64
shape average 64000
!
! class map for outbound traffic are defined here.
!
class-map match-all class_high-out
match access-group name acl_outbound_high
class-map match-all class_low-out
match access-group name acl_outbound_low
!
!
!Policy map - QOS for outbound traffic
policy map QOS-out
class class_high-out
bandwidth 1024
shape average 1024000
class class_low-out
bandwidth 64
shape average 64000
!
! Do not forget to apply this QOS policies on outbound traffic of both interfaces of router.
! Time based QOS with acl on Cisco Routers
!
! Comments : rajshekar.j@gmail.com
! The following examples allows you to create QOS on both interface
! of gateway router. With this QOS you will be able to dedicated minimum
! amount of bandwidth to end users and allow them to peak if free bandwidth
! is available also include a time range during which you can increase their
! bandwidth to a greater extent. We have defined two range time range - time_high
! and time_low. During Time range time_high, end users will be given higher
! bandwidth and during time range time_low, end user will be having a very
! lower bandwidth
! We have tested this on Cisco Router with two ethernet interfaces.
!-------------------------------------------------------------------------
!
! time ranges are defined here.
time-range time_high
periodic weekdays 08:00 to 20:00
time-range time_low
periodic weekdays 20:01 to 07:59
!
!Access control lists for both inbound traffic and outbound are defined here
!Fastethernet 0/0 - External facing interface
ip access-list extended acl_inbound_high
permit ip any host
!
ip access-list extended acl_inbound_low
permit ip any host
!
! Fastthernet 0/1 - Internal facing interface
ip access-list extended acl_outbound_high
permit ip host
!
ip access-list extended acl_outbound_low
permit ip host
!
!
!class map for inbound traffic are defined here.
class-map match-all class_high-in
match access-group name acl_inbound_high
class-map match-all class_low-in
match access-group name acl_inbound_low
!
!
!Policy map - QOS for inbound traffic
policy map QOS-in
class class_high-in
bandwidth 1024
shape average 1024000
class class_low-in
bandwidth 64
shape average 64000
!
! class map for outbound traffic are defined here.
!
class-map match-all class_high-out
match access-group name acl_outbound_high
class-map match-all class_low-out
match access-group name acl_outbound_low
!
!
!Policy map - QOS for outbound traffic
policy map QOS-out
class class_high-out
bandwidth 1024
shape average 1024000
class class_low-out
bandwidth 64
shape average 64000
!
! Do not forget to apply this QOS policies on outbound traffic of both interfaces of router.
20090731
I might as well be hanged/hung for a sheep as a lamb
!, I might as well be hanged/hung for a sheep as a lamb.
something that you say when you are going to be punished for something so you decide to do something worse because your punishment will not be any more severe
Usage notes: In the past, people who stole lambs were killed, so it was worth stealing something more because there was no worse punishment.
YOU MIGHT AS WELL BE HUNG FOR A SHEEP AS A LAMB’
something that you say when you are going to be punished for something so you decide to do something worse because your punishment will not be any more severe
Usage notes: In the past, people who stole lambs were killed, so it was worth stealing something more because there was no worse punishment.
YOU MIGHT AS WELL BE HUNG FOR A SHEEP AS A LAMB’
20090728
Linux tips - Part 1
# Mounting ISO files on Linux
mkdir /mnt/mountpoint
mount -o loop -t iso9660 filename.iso /mnt/mountpoint
cd /mnt/mountpoing
#
# Certificate generation on linux box
openssl genrsa -des3 -out nameofkey.key 1024
openssl req -new -key nameofkey.key -out nameofkey.csr
openssl req -new -key nameofkey.key -x509 -out nameofkey.crt
## Mounting windows network share on linux system
smb mountsmbmount \\\\hostname.network.com \\username /localmountpoint -o username="username" ,password="password"
## Setting up hostname for http/apache webserver error
echo HOST.DOMAIN.com > /etc/hostname
/bin/hostname -F /etc/hostname
edit /etc/hosts
10.x.y.z \t host.domain.com \t host
restart apache after making changes in /etc/hosts file.
mkdir /mnt/mountpoint
mount -o loop -t iso9660 filename.iso /mnt/mountpoint
cd /mnt/mountpoing
#
# Certificate generation on linux box
openssl genrsa -des3 -out nameofkey.key 1024
openssl req -new -key nameofkey.key -out nameofkey.csr
openssl req -new -key nameofkey.key -x509 -out nameofkey.crt
## Mounting windows network share on linux system
smb mountsmbmount \\\\hostname.network.com \\username /localmountpoint -o username="username" ,password="password"
## Setting up hostname for http/apache webserver error
echo HOST.DOMAIN.com > /etc/hostname
/bin/hostname -F /etc/hostname
edit /etc/hosts
10.x.y.z \t host.domain.com \t host
restart apache after making changes in /etc/hosts file.
GRE tunnel between two linux boxes
host1 - 10.x.y.h1
ip tunnel add interfacegre3 mode gre remote 10.x.y.h2 local 10.x.y.h1
ip addr add 10.0.30.1 dev interfacegre3
ip link set interfacegre3 up
ip route add 10.0.40.0/24 dev interfacegre3
ifconfig interfacegre up
host2 - 10.x.y.h2
ip tunnel add interfacegre4 mode gre remote 10.x.y.h1 local 10.x.y.h2
ip addr add 10.0.40.1 dev interfacegre4
ip link set interfacegre4 up
ip route add 10.0.30.0/24 dev interfacegre4
ifconfig interfacegre up
# use this only to remove the greinterface
ifconfig interfacegre down
ip link set interfacegre down
ip tunnel del interfacegre
ip tunnel add interfacegre3 mode gre remote 10.x.y.h2 local 10.x.y.h1
ip addr add 10.0.30.1 dev interfacegre3
ip link set interfacegre3 up
ip route add 10.0.40.0/24 dev interfacegre3
ifconfig interfacegre up
host2 - 10.x.y.h2
ip tunnel add interfacegre4 mode gre remote 10.x.y.h1 local 10.x.y.h2
ip addr add 10.0.40.1 dev interfacegre4
ip link set interfacegre4 up
ip route add 10.0.30.0/24 dev interfacegre4
ifconfig interfacegre up
# use this only to remove the greinterface
ifconfig interfacegre down
ip link set interfacegre down
ip tunnel del interfacegre
Syslog-ng - mailing options
source s_local { unix_stream("dev/log"); internal(); };
filter f_denials { match("[Dd]enied[Ff]ail"); };
destination d_mailtoraj { program("/usr/local/sbin/mailtoraj.sh"); };
log { source(s_local);
filter(f_denials);
destination(d_mailtoraj); };
#!/bin/bash# mailtoraj.sh#
while read line;
do
echo $line mail -s "Something weirdness on that Linux box" rajs@nowhere.com
done
filter f_denials { match("[Dd]enied[Ff]ail"); };
destination d_mailtoraj { program("/usr/local/sbin/mailtoraj.sh"); };
log { source(s_local);
filter(f_denials);
destination(d_mailtoraj); };
#!/bin/bash# mailtoraj.sh#
while read line;
do
echo $line mail -s "Something weirdness on that Linux box" rajs@nowhere.com
done
Cisco PIX - client access vpn configuration 6.x
vpn name - "nameofvpn"
access-list nonatacl permit ip 192.168.100.0 255.255.255.0 192.168.200.0 255.255.255.0
ip local pool "nameofvpnpool" 192.168.200.1-192.168.200.30
nat (inside) 0 access-list nonatacl
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto dynamic-map dynmap 20 set transform-set myset
crypto map mymap 20 ipsec-isakmp dynamic dynmap
crypto map mymap client authentication LOCAL
crypto map mymap interface outside
isakmp enable outside
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup "nameofvpn" address-pool "nameofvpnpool "
vpngroup "nameofvpn" dns-server 192.16b.100.x - ip address of internal/external dns server
vpngroup "nameofvpn" default-domain test1.test.com
vpngroup "nameofvpn" split-tunnel nonatacl
vpngroup "nameofvpn" idle-time 1800
vpngroup "nameofvpn" password "vpngrouppassword"
Those terms within " " - change it according to your requirement along with ipaddress ranges
access-list nonatacl permit ip 192.168.100.0 255.255.255.0 192.168.200.0 255.255.255.0
ip local pool "nameofvpnpool" 192.168.200.1-192.168.200.30
nat (inside) 0 access-list nonatacl
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto dynamic-map dynmap 20 set transform-set myset
crypto map mymap 20 ipsec-isakmp dynamic dynmap
crypto map mymap client authentication LOCAL
crypto map mymap interface outside
isakmp enable outside
isakmp identity address
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup "nameofvpn" address-pool "nameofvpnpool "
vpngroup "nameofvpn" dns-server 192.16b.100.x - ip address of internal/external dns server
vpngroup "nameofvpn" default-domain test1.test.com
vpngroup "nameofvpn" split-tunnel nonatacl
vpngroup "nameofvpn" idle-time 1800
vpngroup "nameofvpn" password "vpngrouppassword"
Those terms within " " - change it according to your requirement along with ipaddress ranges
Cisco PIX - Client access VPN configuration for 7.x
--------------------------------------------------------------------------
global (outside) 1 interface
access-list splittunnelacl standard permit 192.168.160.0 255.255.255.0
access-list nonat-vpnacl extended permit ip 192.168.160.0 255.255.255.0 192.168.165.0 255.255.255.0
ip local pool vpnpool 192.168.165.10-192.168.165.200 mask 255.255.255.0
nat (inside) 0 access-list nonat-vpnacl
nat (inside) 1 0.0.0.0 0.0.0.0
group-policy "vpn-group-policy" internal
group-policy "vpn-group-policy" attributes
dns-server value 192.168.160.x - specify the dns server ipaddress
default-domain value "somenetwork.somewhere.com"
split-tunnel-policy tunnelspecified
split-tunnel-network-list value splittunnelacl
crypto ipsec transform-set my-set esp-3des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set my-set
crypto dynamic-map dynmap 10 set reverse-route
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
isakmp enable outside
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 1000
tunnel-group "vpn-tunnel-group" type ipsec-ra
tunnel-group "vpn-tunnel-group" general-attributes
address-pool vpnpool
default-group-policy "vpn-group-policy"
tunnel-group "vpn-tunnel-group" ipsec-attributes
pre-shared-key "yourtunnelgrouppassword-enterhere"
Those terms within " " - change it according to your requirement along with ipaddress ranges.
global (outside) 1 interface
access-list splittunnelacl standard permit 192.168.160.0 255.255.255.0
access-list nonat-vpnacl extended permit ip 192.168.160.0 255.255.255.0 192.168.165.0 255.255.255.0
ip local pool vpnpool 192.168.165.10-192.168.165.200 mask 255.255.255.0
nat (inside) 0 access-list nonat-vpnacl
nat (inside) 1 0.0.0.0 0.0.0.0
group-policy "vpn-group-policy" internal
group-policy "vpn-group-policy" attributes
dns-server value 192.168.160.x - specify the dns server ipaddress
default-domain value "somenetwork.somewhere.com"
split-tunnel-policy tunnelspecified
split-tunnel-network-list value splittunnelacl
crypto ipsec transform-set my-set esp-3des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set my-set
crypto dynamic-map dynmap 10 set reverse-route
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
isakmp enable outside
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 1000
tunnel-group "vpn-tunnel-group" type ipsec-ra
tunnel-group "vpn-tunnel-group" general-attributes
address-pool vpnpool
default-group-policy "vpn-group-policy"
tunnel-group "vpn-tunnel-group" ipsec-attributes
pre-shared-key "yourtunnelgrouppassword-enterhere"
Those terms within " " - change it according to your requirement along with ipaddress ranges.
Subscribe to:
Posts (Atom)