Saturday, November 26

Network Management (netstat)

netstat command (Network Statistics)
netstat displays the contents of various network-related data structures in depending on the options selected.

Syntax:
netstat < option/s >
multiple options can be given at one time.

-a  : displays the state of all sockets.
-r   : shows the system routing tables
-i   : gives statistics on a per-interface basis.
-m : displays information from the network memory buffers. On Solaris, this shows statistics for STREAMS
-p [proto] : retrieves statistics for the specified protocol
-s : shows per-protocol statistics. 
(some implementations allow -ss to remove fileds with a value of 0 (zero) from the display.)
-D : display the status of DHCP configured interfaces. 
-n : do not lookup hostnames, display only IP addresses.
-d (with -i) : displays dropped packets per interface.
-I [interface] retrieve information about only the specified interface.
-v : be verbose
interval :  number for continuous display of statictics.

$netstat -rn                       
Routing Table: IPv4                   
Destination    Gateway       Flags    Ref    Use    Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.1.0    192.168.1.11  U         1     1444    le0
224.0.0.0       192.168.1.11  U         1          0    le0
default          192.168.1.1    UG       1    68276   
127.0.0.1       127.0.0.1       UH       1    10497   lo0

This shows the output on a Solaris machine who's IP address is 192.168.1.11 with a default router at 192.168.1.1

Other important options with netstat: 
netstat -an | grep LISTEN | grep xxxx to grep for the port number
If you want to see what ports processes are listening on at a given moment and get a sorted list so you can see where there might be an available port, 

you can use the command below:
netstat -an | grep LISTEN | awk '{print substr($1,3)}' | sort –n
 
Netstat –anP tcp | grep ipaddress | wc –l  to grep the number of connections to the web server.
2 comments:

Input Output statistics ( Iostat )

Iostat command (Input Output statistics)
iostat reports terminal and disk I/O activity and CPU utilization. The first line of output is for the time period since boot & each subsequent line is for the prior interval . Kernel maintains a number of counters to keep track of the values. iostat's activity class options default to tdc (terminal, disk, and CPU). If any other option/s are specified, this default is completely overridden i.e. iostat -d will report only statistics about the disks.

syntax:
Basic synctax is iostat  < options > interval count

option - let you specify the device for which information is needed like disk , cpu or terminal. (-d , -c , -t or -tdc ) E gives error statistics and n expands disk names (-E, -n or –En). x options gives the extended statistics .
interval - is time period in seconds between two samples . 
iostat 4 will give data at each 4 seconds interval.
count - is the number of times the data is needed . 
iostat 4 5  will give data at 4 seconds interval  5 times.

Identifying the bottlenecks:
The values to look from the iostat output are:
•Reads/writes per second (r/s , w/s)
•Percentage busy (%b)
•Service time (svc_t)
If a disk shows consistently high reads/writes along with , the percentage busy (%b) of the disks is greater than 5 percent, and the average service time (svc_t) is greater than 30 milliseconds, then one of the following action needs to be taken
1.)Tune the application to use disk i/o more efficiently by modifying the disk queries and using available cache facilities of application servers .
2.) Spread the file system of the disk on to two or more disk using disk striping feature of volume manager /disksuite etc.
3.) Increase the system parameter values for inode cache , ufs_ninode , which is Number of inodes to be held in memory. Inodes are cached globally (for UFS), not on a per-file system basis.
4.) Move the file system to another faster disk /controller or replace existing disk/controller to a faster one.

The ouput The  fields  have  the  following  meanings:

disk - name of the disk
r/s  - reads per second
w/s  - writes per second
Kr/s - kilobytes read per second
Kw/s - kilobytes written per second
wait - average number of transactions waiting for service (Q length)
actv - average number of transactions actively being serviced (removed from the queue but not yet completed)
%w - percent of time there are transactions waiting for service (queue non-empty)
%b - percent of time the disk is busy (transactions in progress)

No comments:

CPU Management ( psrinfo ) & ( prstat )

psrinfo  Command
To determine the number of processors in the system and their speed use the psrinfo -v command. In Solaris 10, -vp prints additional information.

prstar command
prstat  Command  (Determining User Consumption)

The CPU column of prstat always reports the percentage of system CPU resources a process is consuming and not the percentage of CPU resources of a processor or a processor set, even if the -C option is specified on the command line. For example, if there is a two-processor set on a four-processor system and a prstat -C is executed on the processor set, since the processor set has 50% of the system's CPUs, the total percentages of the CPU column will not exceed 50%.

To disable a processor the following command can be used:

psradm –f < processor number >
example: psradm –f 1

psradm –n < processor number >
example: psradm –n

Typical headers of the prstat command.

PID USERNAME SIZE RSS STATE PRI NICE TIME CPU-PROCESS/NLWP

PID – Process Id
USERNAME – Name of the user using the processor SIZE – Process Size
RSS - Resident Set Size ( Size of the process on the memory)
STATE – State of the process / Cpu information
PRI - Priority NICE – Nice value
TIME – Amount of time the process is running on the CPU
CPU PROCESS/NLWP – Command/Number of light weight processes / Threats
NPROC – Number of processes
USERNAME – Name of the User
MEMORY – Percentage of memory consumed.



No comments:

Memory Management (Vmstat)

 
Vmstat
Vmstat reports virtual memory statistics of  process, virtual memory, disk, trap and CPU activity.

On multicpu systems, vmstat averages the number of CPUs into the output. For per-process statistics .Without options, vmstat displays a one-line summary of the virtual memory activity since the system was booted.
Syntax:                    
Basic syntax is vmstat interval count               
option - let you specify the type of information needed such as paging -p , cache    -c ,.interrupt -i etc.             
If no option is specified information about process, memory, paging, disk, interrupts & CPU is displayed.                            
Interval - is time period in seconds between two samples.

vmstat 4 will give data at each 4 seconds interval.                       
Count - is the number of times the data is needed.
vmstat 4 5 will give data at 4 seconds interval    5 times.   

Other essential options which can be used with vmstat:

vmstat  -s  gives  the  summary  of  the  statistics

vmstat  –p  gives  the  information  about  paging  activity.
           
The following command displays a summary of what the system is doing every five seconds.

Example:  vmstat  5

procs
memory

page




disk


faults
cpu

r  b  w
swap
free  re  mf
pi
po
fr
de
sr
s0  s1
s2
s3
in
sy
cs
us  sy  id
0  0  0
11456  4120  1
41
19
1
3
0
2
0
4
0
0
48  112
130
4
14  82
0  0  1
10132  4280  0
4
44
0
0
0
0
0  23
0
0  211  230
144
3
35  62
0  0  1
10132  4616  0
0
20
0
0
0
0
0  19
0
0  150  172
146
3
33  64
0  0  1
10132  5292  0
0
9
0
0
0
0
0  21
0
0  165  105
130
1
21  78




















The fields of vmstat's display are

procs
r    in run queue
b    blocked for resources I/O, paging etc.
w    swapped

memory (in Kbytes)   
swap - amount of swap  space currently available
free  - size of the free list  
page ( in units per second).   
re    page reclaims - see -S option for how this field is modified.
mf    minor faults - see -S option for how this field is modified.
pi    kilobytes paged in   
po    kilobytes paged out   
fr    kilobytes freed   
de   anticipated short-term memory shortfall (Kbytes)
sr    pages scanned by clock algorithm   

disk ( operations per second )
There are slots for up to four disks, labeled with a single letter and number.
The letter indicates the type of disk (s = SCSI, i = IPI, etc). The number is the logical unit number.

faults
in   (non clock) device interrupts
sy   system calls
cs   CPU context switches

cpu -  breakdown of percentage usage of CPU time. On multiprocessors this is an average across all processors.
us   user time
sy   system time
id   idle time

Identifying the bottlenecks:

1.) If the number of processes in run queue (procs r) are consistently greater than the number of CPUs on the system it will slow down system as there are more processes then available CPUs .

2.) If this number is more than four times the number of available CPUs in the system then system is facing shortage of cpu power and will greatly slow down the processess on the system.

3.) If the idle time (cpu id) is consistently 0 and if the system time (cpu sy) is double the user time (cpu us) system is facing shortage of CPU resources. The system time should not be more than the user time at any give instance.

4.) Memory bottlenecks are determined by the scan rate (sr) . The scan rate is the pages scanned by the clock algorithm per second. If the scan rate (sr) is continuously over 200 pages per second then there is a memory shortage. Scan rate and page out should be zero or 1.


No comments:

Saturday, October 29

Sites

No comments:

grep command to serch to word in file

grep (don't ask why it is called grep)


grep is one of many standard UNIX utilities. It searches files for specified words or patterns. First clear the screen, then type

% grep science science.txt

As you can see, grep has printed out each line containg the word science.

Or has it ????

Try typing

% grep Science science.txt

The grep command is case sensitive; it distinguishes between Science and science.

To ignore upper/lower case distinctions, use the -i option, i.e. type

% grep -i science science.txt

To search for a phrase or pattern, you must enclose it in single quotes (the apostrophe symbol). For example to search for spinning top, type

% grep -i 'spinning top' science.txt

Some of the other options of grep are:

-v display those lines that do NOT match

-n precede each matching line with the line number

-c print only the total count of matched lines

Try some of them and see the different results. Don't forget, you can use more than one option at a time. For example, the number of lines without the words science or Science is

% grep -ivc science science.txt

2 comments:

chmod command

Each file and directory is owned by a user, and each user belongs to a group. By default, users own their home directory (the current directory when the user logs in) and the contents of the home directory. Most other files and directories are owned by "root" and other special users. The user assigns a type of privilege to each file and directory owned by the user. By default, the privilege is rwxr-xr-x.


The first three characters of rwxr-xr-x indicate that the owner can read, write, and execute the file (or directory). The middle three characters indicate that all other users in the same group as the owner can read and execute the file (or directory), but cannot write onto the file (or directory), as indicated by the middle "-" character. The last three characters indicate that everyone else on the system can read and execute the file (or directory), but cannot write onto the file (or directory), as indicated by the last "-" character.

Changing file permissions and attributes

chmod 755 file Changes the permissions of file to be rwx for the owner, and rx for

the group and the world. (7 = rwx = 111 binary. 5 = r-x = 101 binary)

chgrp user file Makes file belong to the group user.

chown cliff file Makes cliff the owner of file.

chown -R cliff dir Makes cliff the owner of dir and everything in its directory tree.

You must be the owner of the file/directory or be root before you can do any of these things.

No comments:

Tuesday, August 16

SSL Configuration on WebLogic Server 9.2 on solaris


Generate private Key : (Identity Key)
keytool -genkey -keyalg RSA -alias privkey -keystore yourdomain-private.jks
Generate CSR certificate :
keytool -certreq -v -alias privkey -keystore yourdomain-private.jks
Send CSR certificate to the SSL Vendor.
The Server certificate, Root CA, Intermediate certificate and CA Chain certificate will be sent to you.
Combine three certificates into one certificate in the same order as below :
Public.cert (Server Certificate we received in the name of number.crt)
Intermediate.cert(Intermediate Certificate)
Root.cert ( Root CA Certificate)
Save these three certificates into one file yourdomain.crt
Import yourdomain.crt file into yourdomain-private.jks
keytool -import -alias privkey -file yourdomain.crt -keystore yourdomain-private.jks -trustcacerts
keytool -list -v -keystore yourdomain-private.jks (To check the certificate is imported properly or not)
Import Trust identity (Trusted Root certificate)
keytool -import -alias yourdomain -file RootCA.crt -keystore yourdomaintrust.jks -trustcacerts
keytool -list -v -keystore yourdomaintrust.jks ( To check the certificate is imported properly or not)
Login to WebLogic console
Goto Environment and select Servers - (Example Server1).
Click on KeyStores Tab.

Provide the following details under identitiy.
Keystores: Custom Identity and Custom Trust
Custom Identity Keystore : /Path/to/keystore.jks
Custom Identity Keystore : jks
Custom Identity Keystore Passphrase:
Confirm Custom Identity Keystore Passphrase:
Provide the following details under trust..
Custom Trust Keystore: /Path/to/trustkeystore.jks
Custom Trust Keystore Type: jks
Custom Trust Keystore Passphrase:
Confirm Custom Trust Keystore Passphrase:
Click on SSL tab.


Provide the Private Key Alias (the one we provided while generating private key) and passphrase.
Click on General Tab.

Check the box named: Enable SSL Listen port.
Your application is SSL ready!
Ref:
http://m-button.blogspot.com/2008/11/how-to-configure-weblogic-to-use-ssl.html
1 comment:
Subscribe to: Posts (Atom)