Skip to content

All posts by Mike Smith - 9. page

Simple Method to Benchmark Disk Read & Write Speeds From the Linux Command Line

Recently, I’ve been exploring high availability iSCSI targets and using them as virtual machine storage. I have always been a bit weary of iSCSI performance over gigabit networks due to some not-so-great experiences many years ago. iSCSI technology has progressed quite a bit since then. FreeNAS has an excellent implementation of iSCSI, as well as Nexenta. I wanted to get a good grasp on how well everything was performing, so I decided to run some basic benchmarks.

The virtual machine I’m working with has Ubuntu 15.04 installed, but these commands will work on just about any linux distribution in existence. The hyperviser is running VMware ESXi 6, with this particular virtual machine stored on an iSCSI target served from a FreeNAS virtual machine running on another VMware ESXi hyperviser. The FreeNAS virtual machine has been given PCI Passthrough to a 3ware 9650SE-16ML, connected to 4x1TB Hitachi SATA Hard Drives exported as JBOD (individual drives, no RAID). FreeNAS configured a RAID10 with the four drives, which is where the iSCSI target resides. The network is gigabit, with an Adtran NetVanta 1524ST switch. I have not enabled Jumbo Frames. The theoretical maximum transfer speed on a gigabit network is about 125MB/s. Of course, with the overhead associated with TCP/IP and iSCSI encapsulation, a single link should be a little less. Lets get started.

To test WRITE speed of hard disk using the DD command:

#  sync; dd if=/dev/zero of=tempfile bs=1M count=1024; sync
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 10.8496 s, 99.0 MB/s

So, this command writes a bunch of zeros to a file called tempfile, with a size of 1024MB. If you want to use a larger test file, you can change “1024” to a higher number. For instance, changing 1024 to 10000 would write a 10GB temp file. This command only tests the write speed. As you can see, the reported write speed was 99MB/s, not too shabby.

Click here to view the entire tutorial

IP Address, CIDR Notation, ICMP, and Prefix Cheat Sheet

I’ve used this as a reference many times over the years. Keep this page bookmarked for reference.

Netmask              Netmask (binary)                 CIDR     Notes    
_____________________________________________________________________________
255.255.255.255  11111111.11111111.11111111.11111111  /32  Host (single addr)
255.255.255.254  11111111.11111111.11111111.11111110  /31  Unuseable
255.255.255.252  11111111.11111111.11111111.11111100  /30    2  useable
255.255.255.248  11111111.11111111.11111111.11111000  /29    6  useable
255.255.255.240  11111111.11111111.11111111.11110000  /28   14  useable
255.255.255.224  11111111.11111111.11111111.11100000  /27   30  useable
255.255.255.192  11111111.11111111.11111111.11000000  /26   62  useable
255.255.255.128  11111111.11111111.11111111.10000000  /25  126  useable
255.255.255.0    11111111.11111111.11111111.00000000  /24 "Class C" 254 useable

255.255.254.0    11111111.11111111.11111110.00000000  /23    2  Class C's
255.255.252.0    11111111.11111111.11111100.00000000  /22    4  Class C's
255.255.248.0    11111111.11111111.11111000.00000000  /21    8  Class C's
255.255.240.0    11111111.11111111.11110000.00000000  /20   16  Class C's
255.255.224.0    11111111.11111111.11100000.00000000  /19   32  Class C's
255.255.192.0    11111111.11111111.11000000.00000000  /18   64  Class C's
255.255.128.0    11111111.11111111.10000000.00000000  /17  128  Class C's
255.255.0.0      11111111.11111111.00000000.00000000  /16  "Class B"

255.254.0.0      11111111.11111110.00000000.00000000  /15    2  Class B's
255.252.0.0      11111111.11111100.00000000.00000000  /14    4  Class B's
255.248.0.0      11111111.11111000.00000000.00000000  /13    8  Class B's
255.240.0.0      11111111.11110000.00000000.00000000  /12   16  Class B's
255.224.0.0      11111111.11100000.00000000.00000000  /11   32  Class B's
255.192.0.0      11111111.11000000.00000000.00000000  /10   64  Class B's
255.128.0.0      11111111.10000000.00000000.00000000  /9   128  Class B's
255.0.0.0        11111111.00000000.00000000.00000000  /8   "Class A"

254.0.0.0        11111110.00000000.00000000.00000000  /7
252.0.0.0        11111100.00000000.00000000.00000000  /6
248.0.0.0        11111000.00000000.00000000.00000000  /5
240.0.0.0        11110000.00000000.00000000.00000000  /4
224.0.0.0        11100000.00000000.00000000.00000000  /3
192.0.0.0        11000000.00000000.00000000.00000000  /2
128.0.0.0        10000000.00000000.00000000.00000000  /1
0.0.0.0          00000000.00000000.00000000.00000000  /0   IP space

Click here to see the rest!

How to setup IP Passthrough / Bridge Mode on Motorola NVG510 AT&T UVerse DSL Modem

Recently, my parents upgraded from AT&T’s old ADSL, to the new “UVerse” ADSL2+. With it came a new Motorola NVG510 UVerse all-in-one router / wireless access point / ADSL2+ modem combo. In my opinion, it’s routing and wireless abilities are total crap. Long ago I installed a Linksys WRT54G router that has been flashed with DD-WRT. This allows bandwidth monitoring, proper port forwarding, and also gives me the ability to connect via VPN remotely to help them out with problems on rare occasion. After their new Motorola UVerse modem was installed, my first order of business was to strip it of all routing and wireless functions, and make it just a router. On the old Novatel modems, this was called IP Passthrough, and pretty easy to set up. Now it’s changed and can take a little finesse to set up.

How to enable IP Passthrough on the Motorola NVG510 UVerse Gateway

I assume you already have a router to connect you NVG510 to. Go ahead and connect the routers WAN port to one of the LAN ports on the UVerse modem. You will need the MAC address of the WAN port on your router. You can usually find this on a sticker on the bottom of the unit. I’m going to pretend mine is AB:CD:EF:GH:IJ:KM for the scope of this article.

The router you are adding needs to have a LAN address that is not on the 192.168.1.x subnet. If you absolutely must have your router on that subnet, you can change the IP/subnet of the NVG510. If you need help with that, post in the comments and I would be glad to lend a hand.

With you computer connect to one of the LAN ports on the NVG510, navigate to the configuration page. By default it is http://192.168.1.254. You will see this page:

Screen-Shot-2015-05-02-at-6.37.19-PM

Click here to read the entire tutorial!

How to open up all ports on VMware ESXi 5, 5.1 & 5.5 to specific IP addresses or subnet

It a lab environment, and very limited production scenarios, it’s often very useful to open all ports, TCP and UDP, but only to certain IP addresses, subnets, or IP address ranges. I have found very little info on this specifically, so I thought I would whip up this guide so you know an easy way to open up all ports for specific addresses. This will work on VMware ESXi 5, 5.1 and 5.5 for sure, but it will most likely work for most versions of ESXi, although I have not tested it. Please let me know if the comments if you have luck on non 5.x versions, specifically 4.x and 6.x.

Basically, we are going to create 4 firewall rules, each does the following:

  • Open all UDP ports inbound (ports 1-60,000).
  • Open all UDP ports outbound (ports 1-60,000).
  • Open all TCP ports inbound (ports 1-60,000).
  • Open all TCP ports outbound (ports 1-60,000).

Once that’s done we’ll lock access down to a specific address(s) via the vSphere Client. First, go ahead and SSH into your ESXi host. Once you are at a command prompt you will need to edit /etc/vmware/firewall/service.xml. I prefer nano, but that’s not available on ESXi, so we have to use VI. First, lets make a backup of the file and change permissions so we can edit the file.

# cp /etc/vmware/firewall/service.xml /etc/vmware/firewall/service.xml.bak
# chmod 644 /etc/vmware/firewall/service.xml
# chmod +t /etc/vmware/firewall/service.xml

Now we have a backup of the service.xml file, called service.xml.bak. We have also allowed writes to service.xml and toggled the sticky bit. Lets go ahead and open service.xml with vi.

# vi /etc/vmware/firewall/service.xml

The service.xml file is the main template for firewall rules, specifically pertaining to ports. It is what populates all of the available information on the Security Profile > Firewall tab in the vSphere Client. It is here we are going to add our four rules. If you are unfamiliar with vi, it can be a big confusing. Here are some pointers for you:

  • When you first enter vi, you cannot manipulate any text. to do so, hit the “i” key. This puts you in “insert” mode.
  • Once selecting “i” you can move about freely and add/edit at will.
  • After making all needed changes, press the “ESC” key, the “:” – This puts you in vi command mode.
  • At the “:” prompt, enter “w” (for write) and q (for quit) and then press enter. So it should look like this :wq
  • You have just saved and exited. That’s it. So, lets continue.

Click here to continue reading this tutorial

How to install LSI MegaRAID Storage Manager (MSM) on VMware ESXi 5.5

This morning I got an email from the datacenter that informed me of a loud alarm coming from one of my servers. I knew right away it was the LSI card sounding off due to a hard drive failure. Since I almost always use RAID 10 in critical arrays, I was more annoyed than concerned. So, off to the datacenter I went, new drive in hand. While diagnosing the issues, I realized there is no out-of-the-box way to be notified of a drive failure within ESXi. As far as I could tell, everything was fine, except for an audible alarm I would have never heard.

The RAID card in this particular server is an LSI 9260-8i, however this guide is the same for all of the 92xx series cards, like the 9265-8i, or 9265-16i. VMware includes drivers for these cards, starting in ESXi 5.1 if I remember correctly. However, there is no health data for drives and no management interface for arrays. After a couple google searches, I quickly found that there is a lot of conflicting information and tons of problems that go along with installing the LSI MegaRAID Manager, MSM, on ESXi. I also ran into some problems. So, I thought I would put together a quick, easy, clear guide to save others the hassle of going through what I went through. So, here we go.

 

How to install MSM on ESXi 5.5

To complete this process, you will have to put your ESXi host into maintenance mode, and you will have to reboot. So make sure your VMs are all shut down before proceeding.

You will need to have the following items:

 

The process is pretty straight forward. In a nutshell, here are the steps we will take:

  1. Enable SSH on ESXi Host.
  2. Copy LSI SMIS Provider to ESXi Host via WinSCP.
  3. Configure Host and Install SMIS Provider.
  4. Install MegaRAID Storage Manager on VM

 

Log into your host using the vSphere client, or the web interface, then go to the configuration tab and select Security Profile.

 

Click here to read the entire tutorial

How to change the MTU in Windows Server 2008 & 2012

When I finally got a Windows Server 2012 image built and deployed on OpenStack, I started having some seriously squirrely problems with networking. I was able to ping and resolve DNS. I was even able to browse network shares on other servers that were well up the chain outside of the virtual environment, but I was unable to actually browse the internet from the Windows Server 2012 instance on OpenStack. I was having no issues with Linux based images.

I immediately suspected MTU as the culprit. I double check my neutron-dnsmasq.conf file to make sure the MTU was set at 1454, via DHCP configuration. It was. So, I checked the MTU settings on the Windows image and it was in fact 1500. For some reason the DHCP option was not having any effect on the Windows image. This is supposed to be addressed by the CloudBase VirtIO driver, allowing the MTU to be set via DHCP in OpenStack environments, but it obviously wasn’t working. You can check your MTU by doing the following:

 

Open an Administrator command prompt.

netsh interface ipv4 show interfaces

 

Screen Shot 2015-04-27 at 7.29.38 PM

 

This will show you your current MTU settings. Pay close attention to the Idx # of the ethernet interface. You will need this information to change the MTU. To change the MTU to 1454 use this command. (you will need to replace the “10” with the Idx for your ethernet interface)

Click here to read the entire tutorial!

How to install a nested hypervisor on an ESXi virtual machine without a vSphere server

If you read my blog, you’ve probably noticed I’ve been doing a lot of stuff with hypervisors lately, more specifically setting up OpenStack. I’ve always been a VMware guy. I like the simplicity of ESXi and the intuitiveness of of the interface. Since OpenStack really works best with at least 3 servers, 2 of which don’t do much of anything, I decided to use an ESXi server to install the openstack infrastructure. The controller node and network node do not provide any type of virtualization capabilities, but the compute node(s) do.

ESXi, at least since version 5.1, has supported running 64-bit hypervisor guests, or “nested” hypervisors on any Intel i3 or newer CPU. Specfically, your CPU needs to be one of the following:

  • Intel VT-x or AMD-V for 32-bit nested virtualization
  • Intel EPT or AMD RVI for 64-bit nested virtualizaiton

In my case, my Xeon W5580 has VT-x and EPT support, so I can run 64-bit nested virtual machines.

This will allow you to run any nested hypervisor within an ESXi 5.1 or newer host. I’ve ran Xen, KVM, OpenStack, Proxmox, and ESXi; they all worked great.

How To Enable

The feature, or setting, of the virtual machine that allows the VT-x functionality to be passed through to the guest virtual machine is called HV (as in hypervisor). The problem is you have to be running the new vSphere Web Client to get at the nice little check box to turn this on. The vSphere Desktop Client does not have this functionality and unless you have a license for vSphere server, there is no way to enable HV on a virtual machine using the GUI. However, there is a VERY easy work around for this. You simply add a single line to the .vmx file for the virtual machine you need HV enabled on.

To do this, fire up the vSphere Client, and make sure the host is selected in the left pane. Also, verify the VM is powered OFF.

Screen Shot 2015-04-27 at 5.55.35 PM

Click here to read the entire tutorial!