Tuesday, September 28, 2010
Thursday, September 9, 2010
Sys Admin L1, L2, and L3 ?
What is the definition of L1, L2 and L3 UNIX / Linux / IT support?
Generally L1, L2, and L3 support apply to any form of technical support such as mobile phones, electronics devices, computers, servers, and networking devices. All levels have different meanings and differ slightly from company to company and IT support groups. Basically, each person working at each level must have more experience and education in the field of support than its previous level.
L1 is nothing but Level 1 support which is provided by a call center support person or engineer. L1 tech usually follows certain steps to solve the problem. In other words L1 will ask you various questions and some sort of software will be used to map your answers to further questions. L1 support takes your requests using the telephone, email or chat sessions. This kind of support engineers are are trained on the product with limited experience. They should able to resolve 50%-60% of all problems. For example, restart failed httpd service can be handled by L1.
If L1 support failed to solve your problem than it is escalated to L2 (Level 2) support engineer. L2 support will try to find out exact causes of the problems. Almost all L2 engineers are a subject matter expert with 3-5 years rocks solid experience. For example, if httpd can not be started after server reboot than L2 tech who is httpd and UNIX subject matter expert can try to resolve the problem using various debugging methods.
If L2 support failed to resolve your problem than it is escalated to L3 (Level 3) support professional. Usually, L3 support works closely with product engineering team or with source code itself with various debugging tools. L3 support only handles very difficult support cases.
Please note that some companies offer certain levels of support such as L3 only on a fee basis.
Generally L1, L2, and L3 support apply to any form of technical support such as mobile phones, electronics devices, computers, servers, and networking devices. All levels have different meanings and differ slightly from company to company and IT support groups. Basically, each person working at each level must have more experience and education in the field of support than its previous level.
L1 is nothing but Level 1 support which is provided by a call center support person or engineer. L1 tech usually follows certain steps to solve the problem. In other words L1 will ask you various questions and some sort of software will be used to map your answers to further questions. L1 support takes your requests using the telephone, email or chat sessions. This kind of support engineers are are trained on the product with limited experience. They should able to resolve 50%-60% of all problems. For example, restart failed httpd service can be handled by L1.
If L1 support failed to solve your problem than it is escalated to L2 (Level 2) support engineer. L2 support will try to find out exact causes of the problems. Almost all L2 engineers are a subject matter expert with 3-5 years rocks solid experience. For example, if httpd can not be started after server reboot than L2 tech who is httpd and UNIX subject matter expert can try to resolve the problem using various debugging methods.
If L2 support failed to resolve your problem than it is escalated to L3 (Level 3) support professional. Usually, L3 support works closely with product engineering team or with source code itself with various debugging tools. L3 support only handles very difficult support cases.
Please note that some companies offer certain levels of support such as L3 only on a fee basis.
Wednesday, September 1, 2010
How to monitor server load on GNU/Linux
How to monitor server load on GNU/Linux
========================================
Gkrellm
==========
Gkrellm is the choice of the “g33k” types. It’s a graphical program that monitors all
sorts of statistics and displays them as numbers and charts. You can see examples of it
in use on nearly every GNU/Linux screenshot website. It is very flexible and capable,
and can monitor useful as well as ridiculous things via plugins. It can monitor the
status of a remote system, since it’s a client/server system.
“Task Manager” clones
=====================
gnome-system-monitor is a graphical program installed as part of the base Gnome system.
It is somewhat similar to the Task Manager in Microsoft Windows. It isn’t very
full-featured, with only three tabs (Processes, Resources, Devices). The Devices tab
just shows devices, Resources shows the history of CPU, memory, swap and network usage,
and the Processes tab shows the processes. The Processes tab is the only one that really
lets the user “do” anything, such as killing or re-nicing processes, or showing their
memory maps.
Of course, this tool is only available on systems with Gnome installed, and requires an
X server to be running. This makes it impractical for use on a server.
vmstat and related tools
=========================
vmstat is part of the base installation on most GNU/Linux systems. By default, it
displays information about virtual memory, CPU usage, I/O, processes, and swap, and can
print information about disks and more. It runs in a console. I find the command vmstat
-n 5 very helpful for printing a running status display in a tabular format.
It’s great for figuring out how heavily loaded a system truly is, and what the problem
(if any) is. For example, when I see a high number in the rightmost column (percent of
CPU time spent waiting for I/O) on a database server, I know the system is I/O-bound.
iostat
======
iostat is part of the sysstat package on Gentoo, as are mpstat and sar. iostat prints
similar statistics as vmstat, but gives more detail on specific devices and is geared
toward understanding I/O usage in more detail than vmstat is. mpstat is a similar tool
that prints processor statistics, and is multi-processor aware. sar collects, reports,
and saves system activity information (for example, for later analysis).
sysreport : A detail info about your system hw setup etc.. (Take a min to completed)
will create a bzip2 compressed file with all curretn deatil about ypur system
=========
All of these tools are very flexible and customizable. The user can choose what
information to see and what format to see it in. These tools are not usually installed
by default, except for vmstat.
top
======
top is the classic tool for monitoring any UNIX-like system. It runs in a terminal and
refreshes at intervals, displaying a list of processes in a tabular format. Each column
is something like virtual memory size, processor usage, and so forth. It is highly
customizable and has some interactive features, such as re-nicing or killing processes.
Since it’s the most widely known of the tools in this article, I won’t go into much
detail, other than to say there’s a lot to know about it — read the man page.
top is one of the programs in the procps package, along with:
ps, vmstat, w, kill, free, slabtop, and skill.
All these tools are in a default installation on most distributions.
htop
=====
is similar to top, except it is mouse-aware, has a color display, and displays little
charts to help see statistics at a glance. It also has some features top doesn’t have.
mytop :is a handy monitor for MySQL servers
======
tload
=========
tload runs in a terminal and displays a text-only “graph” of current system load
averages, garnered from /proc/loadavg. It is part of the base installation on most
GNU/Linux systems. I find it extremely useful for watching a system’s performance over
SSH, often within a GNU Screen session.
My favorite technique is to start a terminal, connect over SSH, resize the terminal to
150×80 or so, then start tload and shrink the window by CTRL-right-clicking and
selecting “Unreadable” as the font size. The result looks like the following:
watch
=========
watch isn’t really a load-monitoring tool, but it’s beastly handy because it takes any
command as input and monitors the result of running that command. For example, if I
wanted to monitor when the “foozle” program is executing, I could run
watch --interval=5 "ps aux | grep foozle | grep -v xaprb"
=========
running tload over SSH to monitor systems, and use vmstat, iostat and friends to
troubleshoot specific problems
========
lsof
=====
which lists open files. Don’t be fooled by how simple that sounds! It’s tremendously
powerful.
uptime
=======
System load averages is the average number of processes that are either in a runnable or
uninterruptable state. A process in a runnable state
is either using the CPU or waiting to use the CPU
========================================
Gkrellm
==========
Gkrellm is the choice of the “g33k” types. It’s a graphical program that monitors all
sorts of statistics and displays them as numbers and charts. You can see examples of it
in use on nearly every GNU/Linux screenshot website. It is very flexible and capable,
and can monitor useful as well as ridiculous things via plugins. It can monitor the
status of a remote system, since it’s a client/server system.
“Task Manager” clones
=====================
gnome-system-monitor is a graphical program installed as part of the base Gnome system.
It is somewhat similar to the Task Manager in Microsoft Windows. It isn’t very
full-featured, with only three tabs (Processes, Resources, Devices). The Devices tab
just shows devices, Resources shows the history of CPU, memory, swap and network usage,
and the Processes tab shows the processes. The Processes tab is the only one that really
lets the user “do” anything, such as killing or re-nicing processes, or showing their
memory maps.
Of course, this tool is only available on systems with Gnome installed, and requires an
X server to be running. This makes it impractical for use on a server.
vmstat and related tools
=========================
vmstat is part of the base installation on most GNU/Linux systems. By default, it
displays information about virtual memory, CPU usage, I/O, processes, and swap, and can
print information about disks and more. It runs in a console. I find the command vmstat
-n 5 very helpful for printing a running status display in a tabular format.
It’s great for figuring out how heavily loaded a system truly is, and what the problem
(if any) is. For example, when I see a high number in the rightmost column (percent of
CPU time spent waiting for I/O) on a database server, I know the system is I/O-bound.
iostat
======
iostat is part of the sysstat package on Gentoo, as are mpstat and sar. iostat prints
similar statistics as vmstat, but gives more detail on specific devices and is geared
toward understanding I/O usage in more detail than vmstat is. mpstat is a similar tool
that prints processor statistics, and is multi-processor aware. sar collects, reports,
and saves system activity information (for example, for later analysis).
sysreport : A detail info about your system hw setup etc.. (Take a min to completed)
will create a bzip2 compressed file with all curretn deatil about ypur system
=========
All of these tools are very flexible and customizable. The user can choose what
information to see and what format to see it in. These tools are not usually installed
by default, except for vmstat.
top
======
top is the classic tool for monitoring any UNIX-like system. It runs in a terminal and
refreshes at intervals, displaying a list of processes in a tabular format. Each column
is something like virtual memory size, processor usage, and so forth. It is highly
customizable and has some interactive features, such as re-nicing or killing processes.
Since it’s the most widely known of the tools in this article, I won’t go into much
detail, other than to say there’s a lot to know about it — read the man page.
top is one of the programs in the procps package, along with:
ps, vmstat, w, kill, free, slabtop, and skill.
All these tools are in a default installation on most distributions.
htop
=====
is similar to top, except it is mouse-aware, has a color display, and displays little
charts to help see statistics at a glance. It also has some features top doesn’t have.
mytop :is a handy monitor for MySQL servers
======
tload
=========
tload runs in a terminal and displays a text-only “graph” of current system load
averages, garnered from /proc/loadavg. It is part of the base installation on most
GNU/Linux systems. I find it extremely useful for watching a system’s performance over
SSH, often within a GNU Screen session.
My favorite technique is to start a terminal, connect over SSH, resize the terminal to
150×80 or so, then start tload and shrink the window by CTRL-right-clicking and
selecting “Unreadable” as the font size. The result looks like the following:
watch
=========
watch isn’t really a load-monitoring tool, but it’s beastly handy because it takes any
command as input and monitors the result of running that command. For example, if I
wanted to monitor when the “foozle” program is executing, I could run
watch --interval=5 "ps aux | grep foozle | grep -v xaprb"
=========
running tload over SSH to monitor systems, and use vmstat, iostat and friends to
troubleshoot specific problems
========
lsof
=====
which lists open files. Don’t be fooled by how simple that sounds! It’s tremendously
powerful.
uptime
=======
System load averages is the average number of processes that are either in a runnable or
uninterruptable state. A process in a runnable state
is either using the CPU or waiting to use the CPU
How to create system report:
======================
# sysreport
<-- press Enter
Please enter your first initial and last name [server]: shirish
please neter case number that you are generating this report for: 1
<-- press Enter
now wait for few minutes it will create a biz2 compressed file in /tmp/sysreport-shirish.1-3-----.bz2
copy it and sent where yor require this file conatin all your sytem info capturede from /proc kernel...
---> Bow on some version it has been replace by command # sosreport but working is alomost same
# sosreport
==========
Display Memory status:
# free <--memory status on system
# free -t <--Total amt of memory available in system
# free -m <-- Display Memory used and free memory in MB
Disply information:
# dmidecode --type bios <--retrive bios info
# dmidecode --type system <--system hw info
# dmidecode --type processor <-- sys processor info
# dmidecode --type memory <--sys memory info
# dmidecode --type cache <--sys cahce info
# dmidecode -- connector <-- sys connector info
# dmidecode --type slot <--sys slots info
Imp Port NumberS
Question: What Is a Port Number?
Answer: In computer networking, a port number is part of the addressing information used to identify the senders and receivers of messages. Port numbers are most commonly used with TCP/IP connections. Home network routers and computer software work with ports and sometimes allow you to configure port number settings. These port numbers allow different applications on the same computer to share network resources simultaneously.
Answer: In computer networking, a port number is part of the addressing information used to identify the senders and receivers of messages. Port numbers are most commonly used with TCP/IP connections. Home network routers and computer software work with ports and sometimes allow you to configure port number settings. These port numbers allow different applications on the same computer to share network resources simultaneously.
How Port Numbers Work:
Port numbers are associated with network addresses. For example, in TCP/IP networking, both TCP and UDP utilize their own set of ports that work together with IP addresses.
Port numbers work like telephone extensions. Just as a business telephone switchboard can use a main phone number and assign each employee an extension number (like x100, x101, etc.), so a computer has a main address and a set of port numbers to handle incoming and outgoing connections.
In both TCP and UDP, port numbers start at 0 and go up to 65535. Numbers in the lower ranges are dedicated to common Internet protocols (like 21 for FTP, 80 for HTTP, etc.).
Port numbers are associated with network addresses. For example, in TCP/IP networking, both TCP and UDP utilize their own set of ports that work together with IP addresses.
Port numbers work like telephone extensions. Just as a business telephone switchboard can use a main phone number and assign each employee an extension number (like x100, x101, etc.), so a computer has a main address and a set of port numbers to handle incoming and outgoing connections.
In both TCP and UDP, port numbers start at 0 and go up to 65535. Numbers in the lower ranges are dedicated to common Internet protocols (like 21 for FTP, 80 for HTTP, etc.).
?: why we r useing port numbers pls reply me
A: Ports are used to identify the type of service out of junk traffic
A: Ports are used to identify the type of service out of junk traffic
==================================
Some important port numbers
There are huge number of ports which are reserved. But the ports mentioned below are more important.
IMPORTANT PORTS:
=============================
Important Linux Port Numbers
15 – Netstat
20 --FTP Data
21 => FTP
22 => SSH
23 => Telnet
25 => SMTP Mail Transfer
37 – Time
42 – WINS
43 => WHOIS service
53 => name server (DNS)
67 – DHCP SERVER
68 – DHCP CLIENT
69 --TFTP
80 => HTTP (Web server)
443 -- HTTPS(SSL (https) (http protocol over TLS/SSL)
88 – Kerberos
101 – HOSTNAME
109 -- POP2
110 => POP protocol (for email)
123 – NTP (Network time protocol)
137-NetBIOS
161 – SNMP
143 -- IMAP
220 – IMAP3
995 => POP over SSL/TLS
9999 => Urchin
111 => rpcbind
953 => rndc
143 => IMAP Protocol (for email)
993 => IMAP Secure
443 => HTTP Secure (SSL for https:// )
500 – Internet Key Exchange, IKE (IPSec) (UDP 500
546-DHCPv6 client
547-DHCPv6 serveR
3306 = > MysQL Server
4643 => Virtuosso Power Panel
2082 => CPANEL
2083 => CPANEL - Secure/SSL
2086 => CPANEL WHM
2087 => CPANEL WHM - Secure/SSL
2095 => cpanel webmail
2096 => cpanel webmail - secure/SSL
3306 => SQL
Plesk Control Panel => 8443
DirectAdmin Control Panel => 2222
Webmin Control Panel => 10000
FAQs
1. How to find which ports are open?
You can find the ports in your linux server with the nmap command
netstat -nap --tcp
2. How to investigate a port and kill suspicious process?
A good tutorial is here
3. Where do i find a complete list of linux ports for reference?
You can find the ports list: here
4. Which firewall is best for linux servers?
I would recommend to install APF firewall. You can find a good tutorial here: http://www.mysql-apache-php.com/apf-firewall.htm
Warning: Make sure that you dont block the important ports with the firewall.
A port is a communication point where one or more computers in a network communicate with each other through a program or software
Difference TCP vs UDP Protocol
TCP/IP Protocol:
It is a connection oriented protocol
It has flow control and error correction
It is not fast and primarily used for data transmission like (http,ssh,smtp,ftp, mail etc.)
Most common services requiring confirmation of delivery like http,ssh,smtp,ftp, mail etc. use TCP ports
Asked for authentication like user name and password
UDP Protocol:
It is connectionless protocol which means it can send packets without establishing connection with the receiver at first.
It is error prone during transmission.
It is error prone during transmission.
It is fast and used mostly for audio and video streaming.
UDP ports are commonly used by services or programs that dont require the confirmation of delivery of packets. Most commonly used is DNS queries using UDP port 53.
no
Subscribe to:
Posts (Atom)