灌溉梦想,记录脚步

在CentOS 5上架设PPTP Server

用Poptop建立基于Linux的PPTP Server,可以让漫游用户从Internet上的任何地方安全地连接到公司内部网络。支持Windows 95/98/Me/NT/2000/XP和Linux上的PPTP客户端。要求:CentOS 5
kernel-2.6.18-8.el5
ppp-2.4.4-1.el5

Kernel version 2.6.15及以上版本内核内置了MPPE的支持,CentOS 5的kernel是2.6.18,所以不需要再安装MPPE模块。

CentOS 5自带的ppp-2.4.4-1.el5也支持MPPE。

1.运行下面的命令测试内核是否支持MPPE如果支持会返回“ok”:modprobe ppp-compress-18 && echo ok

2. 从下面的网址下载RPM文件pptpd-1.3.4-1.rhel5.1.i386.rpm : -http://poptop.sourceforge.net/yum/stable/packages/

3. 安装RPM文件: -rpm -ivh pptpd-1.3.4-1.rhel5.1.i386.rpm4. 修改文件/etc/ppp/options.pptpd如下: -name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

5. 修改文件/etc/pptpd.conf如下: -option /etc/ppp/options.pptpd
logwtmp
localip 192.168.2.1
remoteip 192.168.2.11-156.

在/etc/ppp/chap-secrets 里添加下面的帐号(johndie)和密码(passwrd) :

# Secrets for authentication using CHAP
# client server secret IP addresses

"user" pptpd "passwd" "ip"(*表示可以多人连接)

在Linux操作系统下配置多线路ADSL的方法

此文档可以说明双ADSL及多ADSL增加线路的配置过程。

Linux配置多线路ADSL的方法

powered by KindGeorge http://kindgeorge.at.3322.org\经过一段时间的观察,证明运行良好,现把设置过程及方法总结一下,欢迎指正.

此文档可以说明双adsl及多adsl增加线路的配置过程.

实验环境:

操作系统: RedHat7.3

两条adsl,长期观察线路稳定,动态ip,带宽2M,

三块网卡: eth0 tulip,接内网

eth1 3c59x,接第一条adsl

eth2 8139too,接第二条adsl

ethn xxxx,(如果还有的话….)

目的:用两条adsl共同上网,分担负载,实现一般的简单负载平衡,带动内网上网.

1.添加网卡

插入网卡,启动机器,如果需要双线路上网,就要三块网卡了,配置网卡也可以参考其他资料.

配置为找到相应的型号模块,例如:eth2是8139的网卡

[root@kindgeorge root]# vi /etc/modules.conf
alias parport_lowlevel parport_pc
alias eth0 tulip
alias eth1 3c59x
alias eth2 8139too

把新的线路插在eth2上

2.配置adsl

方法一:

(1)运行adsl-setup程序,会一步一步的提示你完成配置过程.

创建ppp0和ppp1的拨号配置文件,并保存配置,一般保存在/etc/sysconfig/network-scripts/ifcfg-ppp1

(2)确定/etc/sysconfig/network-scripts/ifcfg-ppp0文件,其中的PIDFILE参数设为:

PIDFILE=/var/run/ppp-adsl.pid

修改/etc/sysconfig/network-scripts/ifcfg-ppp1文件,将其中的PIDFILE参数设为:

PIDFILE=/var/run/ppp-adsl1.pid

如果你有更多的线路,可以继续增加0,1,2,3….等

这是为了使不同的拨好用不同的pid,如果不修改此参数将无法启动第二条线路接口。

(3)配置文件一般是:

USERCTL=no
BOOTPROTO=dialup
NAME=DSLppp1
DEVICE=ppp1
TYPE=xDSL
ONBOOT=yes
PIDFILE=/var/run/pppoe-adsl1.pid
FIREWALL=NONE
PING=.
PPPOE_TIMEOUT=20
LCP_FAILURE=3
LCP_INTERVAL=20
CLAMPMSS=1412
CONNECT_POLL=6
CONNECT_TIMEOUT=60
DEFROUTE=yes
SYNCHRONOUS=no
ETH=eth2 (对应新线路的网卡)
PROVIDER=DSLppp1
USER=isp提供的新用户名字2
PEERDNS=no

方法二:

(1)直接拷贝

cp /etc/sysconfig/network-scripts/ifcfg-ppp0 /etc/sysconfig/network-scripts/ifcfg-ppp1

(2)修改其中的ppp0为ppp1,

修改PIDFILE=/var/run/pppoe-adsl.pid 为PIDFILE=/var/run/pppoe-adsl1.pid

修改采用的新接线路的网卡,例如:改ETH=eth1 为ETH=eth2

(3)增加新线路的帐号和密码. 帐号密码一般是保存在/etc/ppp/chap-secrets 和pap-secrets

我们只需要在最后增加新的用户名2和密码2即可.

/etc/ppp/chap-secrets文件一般是这样的:

# Secrets for authentication using CHAP

# client server secret IP addresses

"用户名1" * "密码1"

"用户名2" * "密码2"

"用户名n" * "密码n"

3.启动ppp接口

因为adsl-start 命令缺省只能启动第一的ppp接口。所以要启动两个接口,必须指定配置文件。

可以用:方法一:

ifup ppp0

ifup ppp1

(ifup pppn…)

或方法二:

adsl-start /etc/sysconfig/network-scripts/ifcfg-ppp0

adsl-start /etc/sysconfig/network-scripts/ifcfg-ppp1

(adsl-start /etc/sysconfig/network-scripts/ifcfg-pppn)

4.查看新设置是否启动:

方法一:执行: ifconfig

出现ppp0 和ppp1 ,并且均得到ip了.说明成功了,结果象这样:

ppp0 Link encap:Point-to-Point Protocol
inet addr:218.114.37.137 P-t-P:61.142.110.30 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:165721 errors:0 dropped:0 overruns:0 frame:0
TX packets:123673 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:157324193 (150.0 Mb) TX bytes:14068892 (13.4 Mb)

ppp1 Link encap:Point-to-Point Protocol
inet addr:218.114.35.62 P-t-P:61.142.110.30 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:560055 errors:0 dropped:0 overruns:0 frame:0
TX packets:439711 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:530025378 (505.4 Mb) TX bytes:80895162 (77.1 Mb)

方法二: 执行ip高级命令: ip link ls

也可以检验ppp0和ppp1,结果象这样:

1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:50:bf:07:4e:32 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:01:02:9a:31:b9 brd ff:ff:ff:ff:ff:ff
4: eth2: mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:e0:4c:79:44:71 brd ff:ff:ff:ff:ff:ff
268: ppp1: mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
273: ppp0: mtu 1492 qdisc cbq qlen 3
link/ppp

方法三: 用命令测试反应

ping -I ppp0 202.96.134.133 (测试ppp0的线路状况)

ping -I ppp1 202.96.134.133 (测试ppp1的线路状况)

ping -I ppp2 ……n (如果还有多条的话)

5.如果单单是要实现链路负载平衡,让ppp0和ppp1分担负载,那么我们象以下设置一下配置:

(1)启动路由,允许转发echo 1 > /proc/sys/net/ipv4/ip_forward

(2)进行伪装:

iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o ppp0 -j MASQUERADE

iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o ppp1 -j MASQUERADE

iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o pppn -j MASQUERADE (如果还有多条的话)

(3)修改网关

ip route replace default scope global nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1

说明: 用replace的原因是当原来没有网关时会增加这个网关,当已经存在网关时,会修改原来的网关.

用add 也可以,但是当已经存在默认网关时就要先delete再add.

两个weight 1的意思是这两条链路的权值是相等的,两条链路承担的网络流量是相等的。

有一点是需要说明的,因为路由表是基于缓存的,所以在实际中两条链路并不能100%的平分流量

nexthop NEXTHOP 设置多路径路由的下一跳地址。NEXTHOP比较复杂,它的语法和以下高层参数类似:

via ADDRESS–表示下一跳路由器;

dev NAME–表示输出设备;

weight NUMBER–在多路由路径中,这个元素的权重。表示相对带宽或者服务质量。

如果你有多条线路,那么继续在其中增加 nexthop dev ppp2(ppp3……)即可

(4) 刷新路由

ip route flush cache

6.即时检查数据的方向

用tcpdump 分别监察两条线路,用下面命令:

tcpdump -i ppp0
tcpdump -i ppp1
tcpdump -i ppp2……n (有多条的话)

7.为了每次启动时自动启动,把命令写在启动脚本里面,在 /etc/rc.local 后面增加:

ifup ppp0
ifup ppp1
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o ppp0 -j MASQUERADE
iptables -A POSTROUTING -t nat -s 192.168.1.0/24 -o ppp1 -j MASQUERADE
ip route replace default scope global nexthop dev ppp0 weight 1 nexthop dev ppp1 weight 1
ip route flush cache

结果:运行数月,效果稳定良好。

上网会明显加快,为何呢,因为两条线路分摊了负载.例如,内网80人同时上网, 如果网络是一条2M的adsl,那么整条线路都拥挤,挤得死死的,每人分得的带宽可能只有30k.大家都会明显感觉上网很慢。

如果增加多一条线路,那么两条2M共同分摊拥挤程度,这样,可能每人分得的带宽就会变成60K,是原来的加倍,以这种形式来加快上网速度,增加了并发连接的个数。

华为AR28系列路由器telnet配置

sysname Quidway
#
radius scheme system
#
domain system
#
local-user huawei /创建本地帐号“huawei”/
password simple huawei /设置密码为“huawei”SIMPLE为明文密码/
service-type telnet /设置服务类型为telnet/
level 3 /设置用户优先级为3,也可以设置2和1,数字小权限也就小/
#
#
interface NULL0
#
user-interface con 0
user-interface vty 0 4
authentication-mode scheme /设置scheme认证/

语言栏去掉CH问题

右键语言栏点击设置,先添加一个EN的键盘,比如英语(美国)键盘-美式键盘,然后确定之后再次修改输入法,删除这个英语的!那么就再也不会出现CH和EN的列表了!就是单单的输入法列!

Creating A Local Yum Repository (CentOS)

Author & Content of this howto, Tim Haselaars (http://www.trinix.be)

Sometimes it can be handy to set up your own repository to prevent from downloading the remote repository over and over again. This tutorial shows how to create a CentOS mirror for your local network. If you have to install multiple systems in your local network then all needed packages can be downloaded over the fast LAN connection, thus saving your internet bandwidth.

Create the Directories:

mkdir -pv /var/www/html/centos/{base,updates}

The Base Repository

Copy the RPMs from the CDs/DVD to /var/www/html/centos/base.

Create the base repository headers:

createrepo /var/www/html/centos/base

The Updates Repository

Select an rsync mirror for updates: check out this list of aviable mirrors: Centos OS Mirror list and these are identified with rsync.

For example: rsync://ftp.belnet.be/packages/centos/

The mirrors share a common structure for updates. Simply append /updates//.

Rsync to create the updates-released repository:

rsync -avrt rsync://ftp.belnet.be/packages/centos/5.0/updates/i386 \ –exclude=debug/ /var/www/html/centos/updates

This will create a complete update repository at /var/www/html/centos/updates/i386. The repodata directory will be created with all of the headers.

Next I would advise to setup a cron job to run the rsync (above). In this manner your repository is kept updated and only new updates and headers will be downloaded to your repository.

Yum Configuration

Edit yum.conf:

vi /etc/yum.repos.d/CentOS-Base.repo

[base]
name=CentOS-$releasever – Base
baseurl=http://192.168.*.*/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

#released updates
[update]
name=CentOS-$releasever – Updates
baseurl=http://192.168.*.*/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

That's it.

Weblogic下载地址

windows版:
http://download2.bea.com/pub/releases/810/server811_win32.exe 253MB
http://download2.bea.com/pub/platform/81/platform812_zh_CN_win32.exe 485MB
http://download2.bea.com/pub/platform/81/platform812_win32.exe 478MB
http://download2.bea.com/pub/platform/81/platform814_zh_CN_win32.exe 480MB
http://download2.bea.com/pub/platform/81/platform814_win32.exe 450MB
http://download2.bea.com/pub/platform/81/platform815_zh_CN_win32.exe 557MB
http://download2.bea.com/pub/platform/81/platform815_win32.exe 512MB
http://download2.bea.com/pub/platform/81/platform816_zh_CN_win32.exe 531MB
http://download2.bea.com/pub/platform/81/platform816_win32.exe 506MB
http://download2.bea.com/pub/platform/92/platform920_win32.exe 857MB
http://download2.bea.com/pub/platform/92/platform921_win32.exe 916MB
http://download2.bea.com/pub/platform/92/platform922_win32.exe 916MB

http://download2.bea.com/pub/platform/81/server812_win32.exe 288MB
http://download2.bea.com/pub/platform/81/server813_win32.exe 312MB
http://download2.bea.com/pub/platform/81/server814_win32.exe 291MB
http://download2.bea.com/pub/platform/81/server815_win32.exe 294MB
http://download2.bea.com/pub/platform/81/server816_win32.exe 335MB
http://download2.bea.com/pub/platform/90/server900_zh_CN_win32.exe 331MB
http://download2.bea.com/pub/platform/90/server900_win32.exe 325MB
http://download2.bea.com/pub/platform/91/server910_zh_CN_win32.exe 362MB
http://download2.bea.com/pub/platform/91/server910_win32.exe 356MB
http://download2.bea.com/pub/platform/92/server920_zh_CN_win32.exe 669MB
http://download2.bea.com/pub/platform/92/server920_win32.exe 601MB
http://download2.bea.com/pub/platform/92/server921_win32.exe 617MB
http://download2.bea.com/pub/platform/92/server922_win32.exe 667MB
http://download2.bea.com/pub/platform/100/server100_win32.exe 667MB

linux版:
http://download2.bea.com/pub/platform/81/platform811_linux32.bin 380MB
http://download2.bea.com/pub/platform/81/platform812_linux32.bin 457MB
http://download2.bea.com/pub/platform/81/platform813_linux32.bin 422MB
http://download2.bea.com/pub/platform/81/platform814_linux32.bin 442MB
http://download2.bea.com/pub/platform/81/platform815_linux32.bin 503MB
http://download2.bea.com/pub/platform/81/platform816_linux32.bin 503MB
http://download2.bea.com/pub/platform/92/platform920_linux32.bin 862MB
http://download2.bea.com/pub/platform/92/platform921_linux32.bin 921MB
http://download2.bea.com/pub/platform/92/platform922_linux32.bin 982MB

http://download2.bea.com/pub/platform/81/platform812_linux64.bin 456MB
http://download2.bea.com/pub/platform/81/platform813_linux64.bin 429MB
http://download2.bea.com/pub/platform/81/platform815_linux64.bin 500MB
http://download2.bea.com/pub/platform/81/platform816_linux64.bin 476MB
http://download2.bea.com/pub/platform/92/platform921_generic.jar 733MB
http://download2.bea.com/pub/platform/92/platform922_generic.jar 740MB

http://download2.bea.com/pub/platform/81/server812_linux32.bin 264MB
http://download2.bea.com/pub/platform/81/server813_linux32.bin 287MB
http://download2.bea.com/pub/platform/81/server814_linux32.bin 293MB
http://download2.bea.com/pub/platform/81/server815_linux32.bin 294MB
http://download2.bea.com/pub/platform/81/server816_linux32.bin 432MB
http://download2.bea.com/pub/platform/90/server900_linux32.bin 326MB
http://download2.bea.com/pub/platform/91/server910_linux32.bin 363MB
http://download2.bea.com/pub/platform/92/server920_linux32.bin 606MB
http://download2.bea.com/pub/platform/92/server921_linux32.bin 622MB
http://download2.bea.com/pub/platform/92/server922_linux32.bin 677MB
http://download2.bea.com/pub/platform/100/server100_linux32.bin 672MB

http://download2.bea.com/pub/platform/81/server812_linux64.bin 263MB
http://download2.bea.com/pub/platform/81/server813_linux64.bin 294MB
http://download2.bea.com/pub/platform/81/server814_linux64.bin 299MB
http://download2.bea.com/pub/platform/81/server815_linux64.bin 291MB
http://download2.bea.com/pub/platform/81/server816_linux64.bin 314MB
http://download2.bea.com/pub/platform/90/server900_generic.jar 236MB
http://download2.bea.com/pub/platform/91/server910_generic.jar 246MB
http://download2.bea.com/pub/platform/92/server920_generic.jar 276MB
http://download2.bea.com/pub/platform/92/server921_generic.jar 273MB
http://download2.bea.com/pub/platform/92/server922_generic.jar 274MB
http://download2.bea.com/pub/platform/100/server100_generic.jar 356MB

hp_ux版:
http://download2.bea.com/pub/platform/81/server815_hpux32.bin 326MB
http://download2.bea.com/pub/platform/81/server816_hpux32.bin 332MB
http://download2.bea.com/pub/platform/90/server900_zh_CN_hpux32.bin 330MB
http://download2.bea.com/pub/platform/90/server900_hpux32.bin 324MB
http://download2.bea.com/pub/platform/91/server910_zh_CN_hpux32.bin 392MB
http://download2.bea.com/pub/platform/91/server910_hpux32.bin 386MB
http://download2.bea.com/pub/platform/92/server920_zh_CN_hpux32.bin 599MB
http://download2.bea.com/pub/platform/92/server920_hpux32.bin 579MB
http://download2.bea.com/pub/platform/92/server921_hpux32.bin 587MB
http://download2.bea.com/pub/platform/92/server922_hpux32.bin 617MB
http://download2.bea.com/pub/platform/100/server100_hpux32.bin 644MB

Sun Solaris(8\9\10)版:
http://download2.bea.com/pub/platform/81/server815_solaris32.bin 290MB
http://download2.bea.com/pub/platform/81/server816_solaris32.bin 297MB
http://download2.bea.com/pub/platform/90/server900_zh_CN_solaris32.bin 309MB
http://download2.bea.com/pub/platform/90/server900_solaris32.bin 303MB
http://download2.bea.com/pub/platform/91/server910_zh_CN_solaris32.bin 324MB
http://download2.bea.com/pub/platform/91/server910_solaris32.bin 318MB
http://download2.bea.com/pub/platform/92/server920_zh_CN_solaris32.bin 581MB
http://download2.bea.com/pub/platform/92/server920_solaris32.bin 560MB
http://download2.bea.com/pub/platform/92/server921_solaris32.bin 576MB
http://download2.bea.com/pub/platform/92/server922_solaris32.bin 580MB
http://download2.bea.com/pub/platform/100/server100_solaris32.bin 626MB

linux下apache+weblogic安装配置

安装系统:redhat linux as 4 2.6.9
安装apache
我安装的是apache2
上网下载,解压,编译,安装
./configure –prefix=/usr/local/apache –enable-so –with-mpm=worker
Make install
–with-mpm=worker 解释:worker是2.x 版本中全新的支持多线程和多进程相混合的MPM模型。由于使用线程来处理,所以可以处理相对海量的请求,而系统资源的开销要小于基于进程的服务器。但是, worker也使用了多进程,每个进程又生成多个线程,以获得基于进程服务器的稳定性。这种MPM的工作方式是Apache 2.x的发展趋势。
修改/usr/local/apache/conf/httpd.conf,其中的documentroot\
apache默认的用户和组是
User nobody
Group #-1
关于worker mpm部分可以参考下面的


StartServers 3
MaxClients 1984
MinSpareThreads 25
MaxSpareThreads 75
ServerLimit 80
ThreadLimit 200
ThreadsPerChild 64
MaxRequestsPerChild 0

安装cronolog
功能:记录日志功能
下载,编译,安装就不说了。
我是安装到/usr/local/cronolog目录。
修改/usr/local/apache/conf/httpd.conf,找到其中的CustomLog行,修改为下面的
CustomLog "|/usr/local/cronolog/sbin/cronolog /usr/local/apache/logs/access_log.%Y%m%d" combined
还需要修改/usr/local/apache/conf/httpd.conf,在最后面添加下面一行,这样以后其他配置文件都放到/usr/local/apache/conf.d目录下面。
Include conf.d/*.conf
做了上面的设置之后,测试一下配置文件是否有问题
/usr/local/apache/bin/apachectl –t
/usr/local/apache/bin/apachectl {start|restart|graceful|stop}
安装weblogic
由于我是在远程安装,所以用参数:-mode=console
./ server815_linux32.bin -mode=console
安装完之后,还需要新建一个域。新建域的方法是使用/usr/local/wls813/common/bin/config.sh命令
接下来还需要给安装的weblogic添加license,否则只能接收3个ip的连接。
上网找个无限制的连接文件。下载,解压后,
将weblogic_sp.jar放到/usr/local/wls813/server/lib/下面,将license.bea放到/usr/local/wls813/bea下面。
启动weblogic的命令为
/usr/local/wls/startWebLogic.sh

停止的命令为
/usr/local/wls/stopWebLogic.sh
apche和weblogic桥接:
将WL_HOME/server/lib/linux/i686目录下面的mod_wl_20.so文件拷贝到APACHE_HOME/modules/目录下
在APACHE_HOME/conf.d目录下添加weblogic.conf文件,关于weblogic的设置部分都放到这里。

LoadModule weblogic_module modules/mod_wl_20.so


WebLogicHost localhost
WebLogicPort 7001
MatchExpression *.jsp
MatchExpression *.do

修改完毕后,执行APACHE_HOME/bin/apachectl -t,测试Apache配置文件是否配置成功。
先启动weblogic,然后启动apache,查看apache的error.log看有无错误。
需要注意一点,就是对于发布的文档,apache中配置的路径要和weblogic一样