Routing for multiple uplinks
The goal of this article is to show an easy way allowing to use two uplinks on a Linux gateway.
As requirement, you need the package "iproute" installed.
The first step is to create the "iproute" tables relative to the two uplinks mentionned above, via "/etc/iproute2/rt_tables":
200 uplink_isp1
201 uplink_isp2
The second one is to perform the network settings. Here is a sample "/etc/network/interfaces" file (Debian) for two ISP:
# ISP1
auto eth0
iface eth0 inet static
address 10.10.1.253
netmask 255.255.255.0post-up ip route add 10.10.1.254/32 dev eth0 src 10.10.1.253 table uplink_isp1
post-up ip route add default via 10.10.1.254 table uplink_isp1
post-up ip rule add from 10.10.1.253 table uplink_isp1post-up ip route del 10.10.1.254/32 dev eth0 src 10.10.1.253 table uplink_isp1
post-up ip route del default via 10.10.1.254 table uplink_isp1
post-down ip rule del from 10.10.1.253 table uplink_isp1# ISP2
auto eth1
iface eth1 inet static
address 10.10.2.253
netmask 255.255.255.0post-up ip route add 10.10.2.254/32 dev eth0 src 10.10.2.253 table uplink_isp2
post-up ip route add default via 10.10.2.254 table uplink_isp2
post-up ip rule add from 10.10.2.253 table uplink_isp2post-up ip route del 10.10.2.254/32 dev eth0 src 10.10.2.253 table uplink_isp2
post-up ip route del default via 10.10.2.254 table uplink_isp2
post-down ip rule del from 10.10.2.253 table uplink_isp2
You can also setup additionnal per-link routes in a such setup.
Debian Squeeze is out
Debian Squeeze (release 6.0) has been announced on february 2011 the 6th.
In order to upgrade from Lenny to Squeeze, you should start with ch-upgrading.en.html. If you use Shorewall, and as mentionned on this document, you should also take a look at LennyToSqueeze.html.
Here is a non exhaustive listing of the steps to achieve:
- Removal of all APT pinings ;
- sources.list update (beware, debian-volatile doesn't exist anymore) ;
- Then :
sudo aptitude update
sudo aptitude install apt apt-get aptitude dpkg
sudo aptitude clean
sudo aptitude safe-upgrade - Analysis and merge of the changes on the config files ;
- Be careful with the PHP upgrade to 5.3 ; moreover, Postgrey will be now listing on 10023/tcp ;
- Eventually :
sudo aptitude full-upgrade - Cleaning of packages in '''rc''' state.
Debian 6.0 coming soon
Debian 6.0, which has the codename "Squeeze" has entered its latest development cycle, and the Debian project is asking to its users to intensify the installs and deployments in order to speed up the bug reporting and reduce the number of errata entries ; see Debian.org .
We have to recall that the "Wide Testing" steps are mandatory and very important for the Open Source OSes targetting servers, as end-users are giving priority to stable releases. This problem was widely discussed for OpenBSD at the end of 2007.
KVM Virtualization
VMware and Xen are two widely used virtualization system. For me, here is the main drawbacks:
- VMware is commercial ;
- Xen 's future is uncertain as it has been bought by Citrix ; moreover, it has some contraints (xenified kernels, etc.)
A lot of other systems exist (Hyper-V, OpenVZ, etc.) and they are working at different levels (virtualization, para-virtualization, isolated environments, etc.) ; KVM has a lot of success nowadays, mainly in the Linux world, and it's fully integrated in recent OS. By the way, Redhat Deltacloud relies on it.
KVM (for "Kernel Based Virtual Machine") started from Qemu (a well known emulation system) ; the Open Source encounter splits / forks but also merges in, and its features have been merged in Qemu sources, so it will be probably easier for it to exist.
VMware and Xen users have to know that KVM is not an hypervisor, but it's a group of tools allowing to create and manage independant virtual machines. For an "hypervisor-like" behaviour, you can use such tools as the libvirt API.
Here is some basic informations.
KVM has a bunch of embedded network services in user mode (like a DHCP server):
- the default network is 10.0.2.0/8 ;
- the gateway is 10.0.2.2 ;
- the nameserver is 10.0.2.3 ;
- the SMB server is 10.0.2.4 ;
- virtual machines addresses start from 10.0.2.15.
Additionnaly, we can mention that:
- Several administration tools exist (here is the whole list) ;
- You can also use the virtual switch vde as its features are fully supported ;
- LVM can be a good addition.
Eventually, the version included in Debian Lenny as known problems (for example, a vm installation can crash while running grub-install) and it's better to use Squeeze packages (the "qemu-kvm" package is replacing "kvm").
It's now time to start an installation on a Dedibox server:
- SSH connection to the server (X forwarding, compression, and the user has to have appropriated privileges in sudo):
$ ssh -XC USER@VOTRE_SERVEUR
- Add to /etc/apt/sources.list:
# squeeze
deb http://ftp.fr.debian.org/debian/ squeeze main contrib non-free
deb-src http://ftp.fr.debian.org/debian/ squeeze main contrib non-free# squeeze security
deb http://security.debian.org/ squeeze/updates main contrib non-free
deb-src http://security.debian.org/ squeeze/updates main contrib non-free
- In /etc/apt/preferences :
Package: qemu-kvm
Pin: release a=testing
Pin-Priority: 999Package: *
Pin: release a=stable
Pin-Priority: 500Package: *
Pin: release a=lenny-backports
Pin-Priority: 400Package: *
Pin: release a=testing
Pin-Priority: 200
- Then :
$ sudo aptitude install bridge-utils qemu-kvm
- Check that the modules are loaded:
$ lsmod|grep kvm
kvm_intel 37600 0
kvm 213196 1 kvm_intel
- Download of a Debian Lenny 64 media installation:
$ mkdir installs && cd installs
$ wget http://cdimage.debian.org/debian-cd/5.0.5/amd64/iso-cd/debian-505-amd64-netinst.iso
- Creation of a 30Go virtual disk, using the qcow2 format :
$ sudo kvm-img create -f qcow2 /home/vms/srv01-vm01.qcow 30G
- The qcow2 format is needed in order to perform snapshots. If you don't use qcow2, the raw format will be used by default. To convert a such disk or a qcow disk to the qcow2 format, you can use the following command (15 minutes are needed for a 30 Go virtual disk) :
$ qemu-img info /home/vms/srv01-vm01.qcow
image: /home/vms/srv01-vm01.qcow
file format: qcow
virtual size: 30G (32212254720 bytes)
disk size: 2.0G
cluster_size: 4096
$ kvm-img convert -O qcow2 /home/vms/srv01-vm01.qcow /home/vms/srv01-vm01.qcow2
- Start installation : :
$ sudo kvm -no-kvm -k fr -hda /home/vms/srv01-vm01.qcow2 -cdrom ~/installs/debian-504-amd64-netinst.iso -boot d
- Start of the vm (with 1 vcpu, 128 Mo of RAM, a VNC service enabled, and the SSH service binded on 23/tcp through the server's IP adresss) :
$ sudo kvm -no-kvm -k fr -hda /home/vms/srv01-vm01.qcow2 -redir tcp:23::22 -daemonize -vnc localhost:0
- Start of the vm (with 2 vcpus and 256Mo of RAM) :
$ sudo kvm -no-kvm -k fr -hda /home/vms/srv01-vm01.qcow2 -redir tcp:23::22 -daemonize -vnc localhost:0 -smp 2 -m 256
- You can then connect yourself to the vm :
$ vncviewer -via VOTRE_SERVEUR localhost:0
- You can then switch with control+alt+1/2/3 between vm's console, the Qemu monitor, and the serial port of the vm.
- Startup line to add in /etc/rc.local :
/usr/bin/kvm -no-kvm -k fr -hda /home/vms/srv01-vm01.qcow2 -redir tcp:23::22 -daemonize -vnc localhost:0
- To create a snapshot in Qemu monitor, you can run:
(qemu) savevm snap1
- To read the list of snapshots:
(qemu) info snapshots
- To restore it, from the Qemu monitor:
(qemu) loadvm snap1
- If your vm doesn't boot anymore, you can restore it from the command line:
$ sudo kvm -no-kvm -k fr -hda /home/vms/srv01-vm01.qcow2 -redir tcp:23::22 -daemonize -vnc localhost:0 -loadvm snap1