Linux Box Admin
 Trusted Remote Administration
logo

Tilde
What's new
Articles
Micro HowTos
About
Contact







What's new
Apache Bench
(0 votes)
Daemons
Wednesday, 07 March 2007
   
    Apache Bench    
     
       
 

Apache bench, (ab) is a benchmarking program that ships with the Apache web server. While it may not be the most sophisticated tool, it is still very useful.

Apache bench should be run from a remote client since running it on the web server will skew the results down. Ideally, it should be run from multiple remote clients at the same time from different networks to better simulate actual web traffic.

To measure HTTP GET performance, use:

ab -n 10000 -c 25 URL

The -n is the number of requests to make and -c is the number of concurrent requests to make.

To measure HTTP PUT performance (form submissions), use:

ab -n 10000 -c 25 -p postfile.txt URL

The test PUT file, postfile.txt, does not have a to be a formatted as a valid PUT request, it can be a plain text file of the length you want to test.

Here is a sample report:

This is ApacheBench, Version 1.3d <$Revision: 1.73 $> apache-1.3
Copyright (c) 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright (c) 1998-2002 The Apache Software Foundation, http://www.apache.org/

Benchmarking linuxboxadmin.com (be patient).....done
Server Software:
Server Hostname: linuxboxadmin.com
Server Port: 80

Document Path: /
Document Length: 15738 bytes

Concurrency Level: 4
Time taken for tests: 14.986 seconds
Complete requests: 100
Failed requests: 0
Broken pipe errors: 0
Total transferred: 1599796 bytes
HTML transferred: 1576465 bytes
Requests per second: 6.67 [#/sec] (mean)
Time per request: 599.44 [ms] (mean)
Time per request: 149.86 [ms] (mean, all requests)
Transfer rate: 106.75 [Kbytes/sec] received

Connnection Times (ms)
              min  mean[+/-sd] median   max
Connect:       79    93    9.7     93   122
Processing:   403   503   32.1    509   564
Waiting:      322   503   32.1    509   564
Total:        403   597   28.5    599   654
Percentage of the requests served within a certain time (ms)
50% 599
66% 605
75% 613
80% 619
90% 628
95% 638
98% 648
99% 654
100% 654 (last request)
   
       
         
 
DHCP
(2 votes)
Daemons
Wednesday, 07 March 2007
   
    DHCP    
     
       
 

DHCP clients

The dhcp client in most distributions comes from the Internet Software Consortium (ISC). The program is dhclient and uses the /etc/dhclient.conf configuration file. The DHCP client will attempt to configure all network interfaces unless specified otherwise on the command line or in the configuration file.

To obtain an IP address lease for eth0:
dhclient eth0

To release the current IP lease:
dhclient -r eth0

Current lease information is stored in:
/var/lib/dhcp/dhclient.leases.

Some distributions use dhcpcd or pump as their dhcp client.

DHCP server

The ISC DHCP server is dhcpd. It implements the DHCP and BOOTP protocols.

The configuration file is:
/etc/dhcpd.conf

The lease file is:
/var/lib/dhcp/dhcpd.leases

Sample DHCP subnet configuration:
subnet 10.1.4.0 netmask 255.255.255.0 {
   range 10.1.4.100 10.1.4..250;
   default-lease-time 86400;
   max-lease-time 86400;
   option subnet-mask 255.255.255.0;
   option broadcast-address 10.1.4.255;
   option routers 10.1.4.1;
   option domain-name-servers 10.1.5.1, 10.1.5.2;
   option domain-name "foo.com";
}

Sample fixed IP assigned by MAC address:
host tk421 {
   hardware ethernet 00:00:45:12:EE:F4;
   fixed-address 10.1.4.99;
   option subnet-mask 255.255.255.0;
   option broadcast-address 10.1.4.255;
   option routers 10.1.4.1;
   option domain-name-servers 10.1.5.1, 10.1.5.2;
   option domain-name "foo.com";
}
   
       
         
 
DNS
(0 votes)
Daemons
Wednesday, 07 March 2007
   
    DNS    
     
       
 

DNS client name resolution

When a DNS name lookup is requested, it calls the resolver library (gethostbyname() C function). Programs linked against glibc will search using the order defined on the hosts line in /etc/nsswitch.conf. Typically, the hosts line is defined as:
hosts: files dns
This tells the resolver to look in /etc/hosts first, then ask DNS. Sometimes, NIS or a central database is included on the hosts line.

The resolver uses the name servers defined in /etc/resolv.conf. Most distributions use some kind of configuration tool to manage this file, so be careful of manual modifications.

DNS client utilities

The dig program (Domain Internet Groper) sends domain name query packets to name servers and can be used to test DNS configuration.

Dig queries use this format:
dig @server domain query-type query-class
where query-type is one of all, mx, ns, soa, txt or axfr (zone transfer).

For reverse DNS lookups:
dig -x 1.2.3.4

DNS/BIND server

There are 13 root servers that are the master servers for the whole system. The latest root server file can be downloaded from FTP.RS.INTERNIC.NET.

The DNS/BIND server daemon is "named". By default, named listens on UDP port 53.

The named configuration file is:
/etc/named.conf.

Within /etc/named.conf, the location of the zone files is specified with the directory option. For example:

        options {
            directory "/var/named";
        };
And here is a typical authoritative zone definition:

        zone "foo.com" {
            type master;
            file "foo.com";
            allow-transfer { 1.2.3.4; };
            allow-query { any; };
        };

 

Here is the minimal zone file (/var/named/foo.com) defined above:

    $TTL 3600
    @       IN      SOA     ns1.foo.com. hostmaster.foo.com. (
                    2005092601      ; serial, todays date + serial #
                    3600            ; refresh, seconds
                    900             ; retry, seconds
                    1209600         ; expire, seconds
                    3600 )          ; minimum, seconds

    IN      NS      ns1.foo.com.
    IN      NS      ns2.foo.com.
    IN      MX      10 mail.foo.com.  ; Primary Mail

    localhost         A     127.0.0.1
    ns1               A     1.2.3.4
    ns2               A     1.2.3.5
    foo.com.          A     1.2.3.6
    mail              A     1.2.3.6
    www               A     1.2.3.6

 

When updating a zone file, the serial number must be incremented or named will not load the new configuration.

Here is a typical reverse lookup zone file (always in domain in-addr.arpa):

    $TTL 3600
    4.3.2.in-addr.arpa.  IN  SOA  ns1.foo.com. hostmaster.foo.com. (
                    2005092601      ; serial, todays date + serial #
                    3600            ; refresh, seconds
                    900             ; retry, seconds
                    3600            ; expire, seconds
                    3600 )          ; minimum, seconds

    ; name servers
    3.2.1.in-addr.arpa.     IN  NS    ns1.foo.com.
    3.2.1.in-addr.arpa.     IN  NS    ns2.foo.com.

    ; reverse DNS mapping
    6.3.2.1.in-addr.arpa.  IN  PTR   mail.foo.com.

 

Turning off or limiting recursion

Recursive lookups (allowed by default) can create security risks and performance issues, specifically DNS cache poisoning attacks. To turn off recursion altogether, use this option in named.conf:

        options {
            recursion no;
        };

 

To allow recursion for certain hosts, use an access control list to define the IP addresses of hosts that can use recursion. Use this to allow recursion for internal hosts while denying recursion for the public:

        acl recursionok { 192.168.1.0/24; 192.168.2.100; };
        options {
            allow-recursion { recursionok; };
        };
This would only allow hosts with source IP addresses of 192.168.1.0/24 or 192.168.2.100 to query about domains the server is not authoritative for.

 

Setting up a caching only name server

If you don't want to host your own DNS zones, but do want to centralize name lookups to reduce DNS overhead, you can set up a caching only name server. This server accepts DNS requests and forwards all requests that are not cached to another DNS server to resolve, passing the result back to the client.

To set up a caching only server, do NOT define any authoritative zones in the /etc/named.conf file, just enter valid DNS servers in the forwarders option. For example:

        options {
            forward first;
            forwarders {
                1.2.3.4; 1.2.3.5;
            };
        };

 

The "forward first" option tells the server to try the forwarders first, then do a lookup itself if the forwarders fail to resolve the name. The "forward only" option tells the server to try the forwarders, then fail if it does not get an answer.

DNS domain wildcards

To configure DNS wildcards so that any subdomain name resolves to the main site, use an "*" in the CNAME record:
www    IN A 1.2.3.4
*      IN CNAME www

The asterisk will match all subdomain names for the domain and return the IP address of www, sending the browser to the main web site. This technique is often used in marketing programs where you want everyone to arrive at the same web site, but want to track who sent them there by the HTTP REFERRER.

note: DNS is only half of setting up domain wildcards, the web server must also be set up to accept all subdomains and show the same content. See the Apache micro how-to for details.

 

Testing your DNS configuration

A good tool that runs many tests against your DNS server can be found at:
DNSreport.com

   
       
         
 
More...
<< Start < Prev 1 2 3 4 5 6 7 8 Next > End >>

Results 53 - 65 of 104
[ Back ]


Copyright © 2006,2007 Linux Box Admin.

 
My NHL fan blog