System Admin Q & A – XXII

Ques 1: – What is PXE Server in Linux?

Ans: – The Preboot Execution Environment (PXE) is a method of network booting blade and cluster systems. It is the core technology for Intel’s Wired for Management (WfM) initiative and is supported by most commercial network interfaces.
A PXE install server allows your client computers to boot and install a Linux distribution over the network, without the need of burning Linux iso images onto a CD/DVD, boot floppy images, etc.

Ques 2: – For how much time sudo command stores sudoer’s password & how can we change it ?

Ans: –
By default, sudo stores the sudoer’s password for a five minute timeout period. Any subsequent uses of the command during this period will not prompt the user for a password. This could be exploited by an attacker if the user leaves his workstation unattended and unlocked while still being logged in. This behavior can be changed by adding the following line to the /etc/sudoers file:

Defaults timestamp_timeout=
where is the desired timeout length in minutes. Setting the to 0 causes sudo to require a password every time

Ques 3: – What is sosreport & why it is required ?

Ans: – sosreport is a command in linux (RHEL / CentOS) which collects system configuration and diagnostic information of your linux box like running kernel version, loaded modules, and system and service configuration files. This command also runs external programs to collect further information, and stores this output in the resulting archive.

Sosreport is required when you have open a case with redhat for technical support. Redhat support Engineers will require sosreport of your server for troubleshooting purpose.

Ques 4: – How to check nfs server IO stats & performance in Linux ?

Using command ‘nfsiostat‘ we can list iostat of nfs mount points. Use the below command :

#  nfsiostat interval count mount_point

: specifies the amount of time in seconds between each report. The first report contains statistics for the time since each file system was mounted. Each subsequent report contains statistics collected during the interval since the previ-ous report.

: If the parameter is specified, the value of determines the number of reports generated at seconds apart. if the interval parameter is specified without the parameter, the command generates reports continuously.

: If one or more names are specified, statistics for only these mount points will be displayed. Otherwise, all NFS mount points on the client are listed.

Ques 5: – What is portmap?

Ans: – The portmapper keeps a list of what services are running on what ports. This list is used by a connecting machine to see what ports it wants to talk to access certain services.

Ques 6: – What are different versions of NFS Server ?

Ans: – Currently, there are three versions of NFS. NFS version 2 (NFSv2) is older and widely supported. NFS version 3 (NFSv3) supports safe asynchronous writes and is more robust at error handling than NFSv2; it also supports 64-bit file sizes and offsets, allowing clients to access more than 2Gb of file data.

NFS version 4 (NFSv4) works through firewalls and on the Internet, no longer requires an rpcbind service, supports ACLs, and utilizes stateful operations. Red Hat Enterprise Linux 6.X & Centos 6.X supports NFSv2, NFSv3, and NFSv4 clients. When mounting a file system via NFS, Red Hat Enterprise Linux uses NFSv4 by default, if the server supports it.

Ques 7: – What is difference between root_squash & no_root_squash ?

Ans: – root_squash: By default, any file request made by user root on the client machine is treated as if it is made by user nobody on the server.

(Exactly which UID the request is mapped to depends on the UID of user “nobody” on the server, not the client.)

no_root_squash : if this option is used , then root on the client machine will have the same level of access to the files on the system as root on the server. This can have serious security implications, although it may be necessary if you want to perform any administrative work on the client machine that involves the exported directories. You should not specify this option without a good reason.

Ques 8: – What is chroot environment in ftp server ?

Ans: – chroot environment prevents the user from leaving its home directory means jail like environment where users are limited to their home directory only. It is the addon security of ftp server.

Ques 9: – What are the defaults ports used for linux ftp server ?

Ans: – Port 20 – This is the data transfer port. All the all subsequent data transfers between the client and server are done using this port.

Port 21 – On this port control connection is established. All commands we send and the ftp server’s responses to those commands will go over the control connection, but any data sent back (such as “ls” directory lists or actual file data in either direction) will go over the data connection.

Ques 10: – What is the difference between Hard mount & Soft mount in nfs ?

Ans: – Difference between soft mount and hard mount is listed below :

Soft Mount : Consider we have mounted a NFS share using ‘soft mount’ . When a program or application requests a file from the NFS filesystem, NFS client daemons will try to retrieve the data from the NFS server. But, if it doesn’t get any response from the NFS server (due to any crash or failure of NFS server), the NFS client will report an error to the process on the client machine requesting the file access. The advantage of this mechanism is “fast responsiveness” as it doesn’t wait for the NFS server to respond. But, the main disadvantage of this method is data corruption or loss of data. So, this is not a recommended option to use.

Hard Mount : Suppose we have mounted the NFS share using hard mount, it will repeatedly retry to contact the server. Once the server is back online the program will continue to execute undisturbed from the state where it was during server crash. We can use the mount option “intr” which allows NFS requests to be interrupted if the server goes down or cannot be reached. Hence the recommended settings are hard and intr options.

Ques 11: – How to enable only limited/allowed users are able to login via ftp ?

Ans: – This can be done by editing the file ‘/etc/vsftpd/vsftpd.conf’ and add the below directives :

userlist_enable=YES
userlist_file=/etc/vsftpd.user_list
userlist_deny=NO
The file specified by userlist_file will now contain users that are able to login.

System Admin Q & A – XXI

Ques 1: – What is the difference between hard link and soft link ?

Ans: – When you delete a file it removes one link to the underlying inode. The inode is only deleted (or deletable/over-writable) when all links to the inode have been deleted.

A symbolic link is a link to another name in the file system.
Once a hard link has been made the link is to the inode. deleting renaming or moving the original file will not affect the hard link as it links to the underlying inode. Any changes to the data on the inode is reflected in all files that refer to that inode.

Note: Hard links are only valid within the same File System. Symbolic links can span file systems as they are simply the name of another file.

Ques 2: – How Set the password expiry for a user ?

Ans: – In Linux, chage command is used to configure the password expiry information for a user. The expiry information for all the accounts is stored in /etc/shadow file. The chage command can only be used on Linux system which uses /etc/shadow file to store the user password information. chage command requires root privilege except for ‘-l’ option.

Ques 3: – What is relay host in Mail Server ?

Ans: -If the machine needs to pass mail to another mail server to get out to the Internet, the hostname of the mail server should be defined as the Relay Host. If a Relay Host is defined, mail to all domains not defined as a mail route or virtual domain will be forwarded to the machine defined as Relay Host. Generally, this option is used to relay outgoing mail.

Ques 4: – What is iscsi Server in Linux ?

Ans: – ISCSI stands for Internet scsi , is a network protocol which allows SCSI-3 commands to be encapsulated in TCP streams and transmitted over IP. Generally , it is used in conjuction with Gigabit Ethernet or 10-Gigabit Ethernet technology as way to build-wide area Storage Area Network (SAN) using inexpensive hardware in place of more expensive Fibre Channel equipment.

Ques 5: – Define the working of ISCSI Server ?

Ans: – : A Remote disk server is Configured as an iSCSI target. The target will serve out one or more disks , each disk or logical unit , will have its own logical unit number(LUN). A typical target normally listens for connections on the default iSCSI port , tcp/3260 , although tcp/860 is sometimes used as an alternative in the reserved port range by some implementations. A Client that wants to access a disk runs an iSCSI initiator.

The initiator is configured to find and log in to the iSCSI target and access one or more of its LUNs.The disks accessed will then show up on the client as a normal scsi disks in the order in which they connect (/dev/sd*). The disks then can be used as if they were locally-attached disks : they can be partitioned, registered as LVM physical volumes , formatted with ext3/ext4 filesystems and so on.

Ques 6: – What is domain delegation in DNS (bind) ?

Ans: – Domain delegation means if you have a sub-domain and want to forward all dns queries another name server. In this case, let’s say geo.example.com is the sub-domain. The idea is that you want to create DNS records for the sub-domain (say geo.example.com) and manage those DNS records through a different DNS name server.

Delegating the geo.example.com subdomain to another NS – being del.example.com

geo IN NS del.example.com.

del IN A 192.168.1.20

Ques 7: – What is the use of Multicast address in RedHat cluster ?

Ans : – Red Hat Cluster nodes communicate among each other using multicast addresses.

Therefore, each network switch and associated networking equipment in a Red Hat Cluster must be configured to enable multicast addresses and support IGMP (Internet Group Management Protocol). Ensure that each network switch and associated networking equipment in a Red Hat Cluster are capable of supporting multicast addresses and IGMP; if they are, ensure that multicast addressing and IGMP are enabled. Without multicast and IGMP, not all nodes can participate in a cluster, causing the cluster to fail.

Ques 8: – What is CNAME record in DNS ?

Ans: – CNAME stands for Canonical Name. CNAME is a type of resource record in the Domain Name System (DNS) that specifies that the domain name is an alias of another, canonical domain name.

Ques 9: – What is Satellite Network Server in Linux ?

Ans: – Redhat offers Red Hat Network (RHN) is a family of systems management services operated by Red Hat that makes updates, patches, and bug fixes of packages included within Red Hat Linux and Red Hat Enterprise Linux available to subscribers. Other available features include the deployment of custom content to, and the provisioning, configuration, reporting, monitoring of client systems.

Ques 10: – What is the use of pvmove command in Linux ?

Ans: – pvmove allows us to move the allocated physical extents (PEs) on SourcePhysicalVolume to one or more other physical volumes (PVs).

You can optionally select a subset of the allocated physical extents on SourcePhysicalVolume by giving colon-separated lists and/or ranges of physical extents, or by specifying the source LogicalVolume optionally with colon-separated lists and/or ranges of logical extents.

In this case only these extents are moved to free (or specified) extents on DestinationPhysicalVolume(s). If no DestinationPhysicalVolume is specifed, the normal allocation rules for the volume group are used.

Ques 11: – What is LVM Snapshots ?

Ans: – A snapshot volume is a special type of volume that presents all the data that was in the volume at the time the snapshot was created. we can backup that volume without having to worry about data being changed while the backup is going on, and we don’t have to take the database volume offline while the backup is taking place.

System Admin Q & A – XX

Ques 1: – How to migrate LVM partition from One Server To Another Server ?

Ans: – Follow the below mentioned steps to migrate LVM partition from one server to another

Umount the LVM partition
Make the voulme Group inactive using vgchange command

# vgchange -an Voulme-Group-Name

Export the Volume Group using vgexport command

#vgexport Voulme-Group-Name

Now Assign the same storage or volume to new server and scan the physical volume using pvscan command.
Now Import the voulme Group Activate the Voulme Group

# vgimport Voulme-Group-Name

using below command

# vgchange -ay Voulme-Group-Name

Now mount the LVM partition

# mount /dev/mapper/Volume-Group-LVM-Name   /Mount-Point

Ques 2: – What are the static routes & how to add static routes in Linux ?

Ans: – Static routes are for traffic that must not, or should not, go through the default gateway. Static routes are for traffic that must not, or should not, go through the default gateway Static routes will be added usually through “route add” & “ip route” command. The drawback of ‘route’ command is that, when Linux reboots it will forget static routes. But to make it persistent across reboots, you have to add it to /etc/sysconfig/network-scripts/route-eth0

Ques 3: -What is multipathing and Why it is required ?

Ans: – Multipathing is a feature of Red Hat Linux ,it allows you to configure multiple I/O paths from your server to your storage device (SAN, etc). These are physical paths that include HBA, cables and switches. Multipathing aggregates the I/O paths, creating a new device that consists of the aggregated paths. Multipathing is required to remove the single point of failure and provide fault tolerance.

Ques 4: – How To add swap space to the Linux Servers on the Fly ?

Ans: – There are two ways to add swap space to linux server , first create a swap partition and enable swap on the partition and add the swap space using swapon command. Second method if you don’t have enough space on the drive to create partition , so in this case , just create a swap file using dd command , enable swap space on the file.

Ques 5: -How to create a initrd file in redhat linux ?

Ans: – : Initrd is the initial ram disk , it contains the temopary root file system ,w hich helps the kernel to mount real root file system , using mkinitrd command we can create initrd file.

# mkinitrd -o /boot/initrd.$(uname -r).img $(uname -r)

Ques 6: -What is load average in Linux Boxes ?

Ans: – : Load Average is defined as the number of process waiting in the run queue, plus the numbers of process currently executing over 1 ,5 & 15 minutes period of interval. Using the ‘top’ and uptime command we can find the load average of linux servers.

Ques 7: – How To enable timestamps in output of history command ?

Ans: – When we run the “history” command it only gives you command along with the line numbers. Sometimes it’s useful to have a time stamp attached to each command to build a clearer picture. To enable the timestamps in history command we have to set “HISTTIMEFORMAT “ environment variable.

# export HISTTIMEFORMAT=”%F %T

Ques 8: – How do you find how many cpu are in your system and there details?

Ans: – Method:1 By looking into file /etc/cpuinfo for example you can use below command:

# cat  /proc/cpuinfo

Method:2 We can also use the command ‘lscpu’ as shown below :

h4@prod11:~$  lscpu
Architecture:          x86_64
CPU  op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                4
On-line CPU(s)  list:   0-3
Thread(s) per  core:    2
Core(s) per  socket:    2
Socket(s):             1
NUMA node(s):          1
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 37
Stepping:              5
CPU MHz:               933.000
BogoMIPS:              4787.70
Virtualization:        VT-x
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              3072K
NUMA  node0 CPU(s):     0-3

Ques 9: – How do you know if the remote host is alive or not ?

Ans: – : We can can use the commands ‘ping & telnet’ to find whether remote host is alive or not. If you are getting the reply of ping command then it means remote host is up and running. Now if you want to know wthether a particular service is running or not then use the telnet command as shown in the above question.

Ques 10: – What is the difference between Swapping and Paging ?

Ans: – Swapping: Whole process is moved from the swap device to the main memory for execution. Process size must be less than or equal to the available main memory. It is easier to implementation and overhead to the system. Swapping systems does not handle the memory more flexibly as compared to the paging systems.

Paging: Only the required memory pages are moved to main memory from the swap device for execution. Process size does not matter. Gives the concept of the virtual memory. It provides greater flexibility in mapping the virtual address space into the physical memory of the machine. Allows more number of processes to fit in the main memory simultaneously. Allows the greater process size than the available physical memory. Demand paging systems handle the memory more flexibly.

Ques 11: – What’s the difference between local, global and universal groups in windows server?

Ans: – Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.

System Admin Q & A – XIX

Ques 1: – What is rbash & where it is used ?

Ans: – rbash is a restricted bash ,If bash is started with the name rbash, or the -r option is supplied at invocation, the shell becomes restricted. A restricted shell is used to set up an
environment more controlled than the standard shell. It behaves identically to bash with the exception that the following are disallowed or not performed:

changing directories with cd
setting or unsetting the values of SHELL, PATH, ENV, or BASH_ENV
specifying command names containing /
specifying a file name containing a / as an argument to the . builtin command
specifying a filename containing a slash as an argument to the -p option to the hash builtin command
importing function definitions from the shell environment at startup
parsing the value of SHELLOPTS from the shell environment at startup
redirecting output using the >, >|, <>, >&, &>, and >> redirection operators
using the exec builtin command to replace the shell with another command
turning off restricted mode with set +r or set +o restricted.

Ques 2: – How to recover deleted LVM partitions in Linux ?

Ans: – : Using the command “vgcfgrestore” we can recover deleted LVM partitions. Linux keeps the backup copies of lvm configuration in the /etc/lvm/archive directory

Ques 3: – What is Network bonding & why it is used ?

Ans: – Network Bonding / NIC Teaming is creation of a single bonded interface by combining 2 or more Ethernet interfaces. This helps in high availability and performance improvement.

Ques 4: – What is the chattr Command in Linux ?

Ans: – chattr is a command in the Linux operating system that allows a user to set certain attributes on a file residing on an ext2/ext3/ext4 based filesystem.

Syntax :

#chattr [operator] [switch] [file name]

Operator :
+ Add attribute.
– Remove attribute.
= Assign attributes (removing unspecified attributes)

Ques 5: – What is Grub bootloader in UNIX ?

Ans: – GRUB (GRand Unified Bootloader) is a boot loader package from the GNU Project. GRUB provides a user the choice to boot one of multiple operating systems installed on a computer or select a specific kernel configuration available on a particular operating system’s partitions.

Ques 6: – What is Tomcat?

Ans: – Tomcat is a Java Servlet container and web server from Jakartha project of Apache software foundation. A web server sends web pages as response to the requests sent by the browser client. In addition to the static web pages, dynamic web pages are also sent to the web browsers by the web server. Tomcat is sophisticated in this respect, as it provides both Servlet and JSP technologies. Tomcat provides a good choice as a web server for many web applications and also a free Servlet and JSP engine. Tomcat can be used standalone as well as behind other web servers such as Apache httpd.

Ques 7: – How do I configure Tomcat to work with IIS and NTLM?

Ans: – Follow the standard instructions for when the isapi_redirector.dll

Configure IIS to use “integrated windows security” In server.xml, make sure you disable tomcat authentication:

Ques 8: – Explain the concepts of Tomcat Servlet Container.

Ans: – Tomcat Servlet Container is a servlet container. The servlets runs in servlet container. The implementation of Java Servlet and the Java Server Pages is performed by this container. It Provides HTTP web server environment in order to run Java code and reduces garbage collection & native Windows and Unix wrappers for platform integration.

Ques 9: – What is Jasper?

Ans: – 1) Jasper is Tomcat’s JSP Engine. Tomcat 5.x uses Jasper 2, which is an implementation of the Sun Microsystems’s JavaServer Pages 2.0 specification.
2) Jasper parses JSP files to compile them into Java code as servlets (that can be handled by Catalina).
3) At runtime, Jasper is able to automatically detect JSP file changes and recompile them.

Ques 10: – Explain the concepts of Tomcat Servlet Container

Ans: – 1) A servlet container is a specialized web server that supports servlet execution.
2) It combines the basic functionality of a web server with certain Java/servlet specific optimizations and extensions (such as an integrated Java runtime environment, and the ability to automatically translate specific URLs into servlet requests).
3) Individual servlets are registered with a servlet container, providing the container with information such as the functionality, the URL used for identification.
4) The servlet container then initializes the servlet as necessary and delivers requests to the servlet as they arrive.
5) Many containers can dynamically add and remove servlets from the system, allowing new servlets to quickly be deployed or removed without affecting other servlets running from the same container.
6) Servlet containers are also referred to as web containers or web engines.

System Admin Q & A – XVIII

Ques 1: – What is xinetd & why we required xinetd services in linux ?

Ans: – xinetd, the eXtended InterNET Daemon, is an open-source daemon which runs on many Linux and Unix systems and manages Internet-based connectivity.xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for the services listed in its configuration file. When a request comes in, xinetd starts the appropriate server. Because of the way it operates, xinetd (as well as inetd) is also referred to as a super-server.

Ques 2: – What is use of initrd?

Ans: – The initial RAM disk (initrd) is an initial root file system that is mounted prior to when the real root file system is available. The initrd is bound to the kernel and loaded as part of the kernel boot procedure. The kernel then mounts this initrd as part of the two-stage boot process to load the modules to make the real file systems available and get at the real root file system. The initrd contains a minimal set of directories and executables to achieve this, such as the insmod tool to install kernel modules into the kernel.

Ques 3: – What are Physical Exents & Logical Extents in LVM ?

Ans: – Each physical volume is divided chunks of data, known as physical extents, these extents have the same size as the logical extents for the volume group. Each PV consists of a number of fixed-size physical extents (PEs); similarly, each LV consists of a number of fixed-size logical extents (LEs). (LEs and PEs are always the same size, the default in LVM 2 is 4 MB.) An LV is created by mapping logical extents to physical extents.

Ques 4: – How to find whether you are working physical or virtual linux Server ?

Ans: – Using the command dmidecode we can determine whether I am working on phyical or virtual linux server.

Sample Output :

 # dmidecode | grep -i -e "kvm" -e "vmware"
 Manufacturer: VMware, Inc. 
 Product Name: VMware Virtual Platform 
 Serial Number: VMware-56 4d d3 dd d9  43 5f e4-9d ea c0 99 d0 5e 21 c1 
 Description: VMware SVGA II

Ques 5: – How to find model & serial number of Linux Servers ?

Ans: – : With help of dmidecode command we find the model & serial number of linux Servers as shown below :

# dmidecode -t system
# dmidecode 2.9
 SMBIOS  2.6 present. 
 Handle  0x0100, DMI type 1, 27 bytes
 System  Information
 Manufacturer:  HP
 Product  Name: ProLiant DL360 G7
 Version:  Not Specified
 Serial  Number: USE000A11M
 UUID:  30000000-3000-5000-4000-300000000000
 Wake-up  Type: Power Switch
 SKU  Number: 579237-B21
 Family:  ProLiant 
 Handle  0x2000, DMI type 32, 11 bytes
 System  Boot Information
 Status:  No errors detected

Ques 6: – What is Open vSwitch?

Ans: – Open vSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized server environments. A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network. Open vSwitch supports standard management interfaces (e.g. sFlow, NetFlow, RSPAN, CLI), and is open to programmatic extension and control using OpenFlow and the OVSDB management protocol.

Open vSwitch as designed to be compatible with modern switching chipsets. This means that it can be ported to existing high-fanout switches allowing the same flexible control of the physical infrastructure as the virtual infrastructure. It also means that Open vSwitch will be able to take advantage of on-NIC switching chipsets as their functionality matures.

Ques 7: – What virtualization platforms can use Open vSwitch?

Ans: – : Open vSwitch can currently run on any Linux-based virtualization platform (kernel 2.6.18 and newer), including: KVM, VirtualBox, Xen, Xen Cloud Platform, XenServer. As of Linux 3.3 it is part of the mainline kernel. The bulk of the code is written in platform- independent C and is easily ported to other environments.

Ques 8: – Which are the important configuration files for Linux DNS server ?

Ans: – BIND uses /etc/named.conf as its main configuration file, the /etc/rndc.conf file as the configuration file for name server control utility rndc, and the /var/named/ directory for zone files and the like.

Ques 9: – What is Trunk Port ?

Ans: – A Trunk Link, or ‘Trunk‘ is a port configured to carry packets for any VLAN. These type of ports are usually found in connections between switches. These links require the ability to carry packets from all available VLANs because VLANs span over multiple switches.

Ques 10: – What is VLAN and its advantages ?

Ans: – VLAN refers to Virtual Local Area Network is a virtual LAN that extends its functionalities beyond a single LAN. Through VLAN a network is divided into different logical segments known as broadcast domains. The computers in the VLAN acts as they are connected with the same LAN segment even they are located on the different network segments. In the VLAN, computers can move from one location to another and they can still be the part of the same VLAN. VLAN offers many advantages over the traditional local area network.

The main advantages of the VLAN includes high performance, simplified network administration, security, low cost and the creation of the virtual groups to avoid the collision and data loss in the network. VLAN controls the bandwidth allocations and provides the flexibility and ease of work to the users.In the VLAN, the computers do not need to be physically located at the same place. Though it is a logical entity it is created and configured through the software.

System Admin Q & A – XVII

Ques 1: – What is paged in and paged out ?

Ans: – paged in : In a virtual memory system, memory is described as paged in if it is available in physical memory.

paged out : In a virtual memory system, memory is described as paged out if it is not available in physical memory

Ques 2: – What is SAR and location of SAR log files ?

Ans: – The sar command collect, report, or save UNIX / Linux system activity information. It will save selected counters in the operating system to the /var/log/sa/sadd file. From the collected data, you get lots of information about your server:

CPU utilization
Memory paging and its utilization
Network I/O, and transfer statistics
Process creation activity
All block devices activity

Ques 3: – What is Network Bonding?

Ans: – Bonding is a Linux kernel feature that allows to aggregate multiple like interfaces (such as eth0, eth1) into a single virtual link such as bond0. The idea is pretty simple get higher data rates and as well as link failover.

Ques 4: – What is the Role of luci and ricci in Redhat Cluster Suite ?

Ans: – luci service is the management service that presents the web based cluster interface via https at port 8084 and can be accessed in any browser at “https://”

ricci service is the underlying daemon that helps in cluster configuration sync and file copy, service start, stop etc. and uses tcp port 11111.

Ques 5: – How to Check the NFS Version in UNIX ?

Ans: – Using the nfsstat coomand we can determine the nfs server version. The nfsstat usually displays statistics kept about NFS client and server activity.

Ques 6: – What is the difference between root_squash & no_root_squash

Ans: – root_squash : map root UID/GID to anonymous UID/GID (nobody/nogroup).root_squash will squash the root permissions for the client and denies root access to access/create files on NFS server as root, you get the non-root user permission

no_root_squash : do not map root (nor any other) UID/GID to anonymous UID/GID (nobody/nogroup). no_root_squash will give you the root permission to access/ create files on a NFS Server.

Ques 7: – What is xinetd & why we required xinetd services in linux ?

Ans: – xinetd, the eXtended InterNET Daemon, is an open-source daemon which runs on many Linux and Unix systems and manages Internet-based connectivity.xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for the services listed in its configuration file. When a request comes in, xinetd starts the appropriate server. Because of the way it operates, xinetd (as well as inetd) is also referred to as a super-server.

Ques 8: – What is use of initrd?

Ans: – The initial RAM disk (initrd) is an initial root file system that is mounted prior to when the real root file system is available. The initrd is bound to the kernel and loaded as part of the kernel boot procedure. The kernel then mounts this initrd as part of the two-stage boot process to load the modules to make the real file systems available and get at the real root file system. The initrd contains a minimal set of directories and executables to achieve this, such as the insmod tool to install kernel modules into the kernel.

Ques 9: – What are Physical Exents; Logical Extents in LVM ?

Ans: – Each physical volume is divided chunks of data, known as physical extents, these extents have the same size as the logical extents for the volume group. Each PV consists of a number of fixed-size physical extents (PEs); similarly, each LV consists of a number of fixed-size logical extents (LEs). (LEs and PEs are always the same size, the default in LVM 2 is 4 MB.) An LV is created by mapping logical extents to physical extents.

Ques 10: – How to find whether you are working physical or virtual linux Server ?

Ans: – Using the command dmidecode we can determine whether I am working on phyical or virtual linux server.

# dmidecode | grep -i -e "kvm" -e "vmware"
Sample Output :

Manufacturer: VMware, Inc.
Product Name: VMware Virtual Platform
Serial Number: VMware-56 4d d3 dd d9 43 5f e4-9d ea c0 99 d0 5e 21 c1
Description: VMware SVGA II

Ques 11: – How to find model & serial number of Linux Servers ?

Ans: – : With help of dmidecode command we find the model & serial number of linux Servers as shown below :

# dmidecode -t system
# dmidecode 2.9
SMBIOS 2.6 present.
Handle 0x0100, DMI type 1, 27 bytes
System Information
Manufacturer: HP
Product Name: ProLiant DL360 G7
Version: Not Specified
Serial Number: USE000A11M
UUID: 30000000-3000-5000-4000-300000000000
Wake-up Type: Power Switch
SKU Number: 579237-B21
Family: ProLiant
Handle 0x2000, DMI type 32, 11 bytes
System Boot Information
Status: No errors detected

System Admin Q & A – XVI

Ques 1: – What is RCRON and where to use RCRON ?

Ans: – rcron is a powerful tool that helps system administrators in setting up cron jobs redundancy and failover over groups of machines. RCRON ensure that a job installed on several machines will only run on the active one at any time. High Availability using RCRON ( One Node will be stamped as Active and Second Node will be stamped as Passive ) , Same cron configuration will be on both , only difference would be active/passive state in a file.

For automatic Switching of active/passive state , we will be using KEEPALIVED Daemon , which utilizes the keepalive signal for communication between 2 nodes. After a signal is sent, if no reply is received the link is assumed to be down.

Ques 2: – What is Content Negotiation ?

Ans: – Load Balancing Clusters operate by having all workload come through one or more load balancing front-ends, which then distribute it to a collection of back end servers. If a node in a load-balancing cluster becomes inoperative, the load balancing software detects the failure and redirects requests to other cluster nodes. Red Hat Cluster Suite provides load- balancing through LVS (Linux Virtual Server).

Ques 3: – What is Puppet ?

Ans: – Puppet is a configuration Tool which is use to automate administration tasks.Puppet Agent(Client) sends request to Puppet Master (Server) and Puppet Master Push Configuration on Agent.

Ques 4: – What is Facter in Puppet ?

Ans: – Sometime you need to write manifests on conditional experession based on agent specific data which is available through Facter. Facter provides information like Kernel version,Dist release, IP Address, CPU info and etc.You can defined your facter also.

Ques 5: – What is Storage Clusters ?

Ans: -Storage clusters provide a consistent file system image across servers in a cluster, allowing the servers to simultaneously read and write to a single shared file system. With a cluster-wide file system, a storage cluster eliminates the need for redundant copies of application data and simplifies backup and disaster recovery. Red Hat Cluster Suite provides storage clustering through Red Hat GFS(Global File System).

Ques 6: – How to enable proxy settings in RSYNC and APT (ubuntu) ?

Ans: – Proxy Settings in RSYNC

# export  RSYNC_PROXY="http://:”
#  export RSYNC_PROXY="http://proxy.nextstep4it.com:8080”

Proxy settings for APT : Edit /etc/apt/apt.conf

Acquire::http::Proxy “http://:“;

Ques 7: – What is Virtual Hosting in Apache ?

Ans: – The term Virtual Hosting refers to the practice of running more than one web site (such as site1.nextstep4it.com and site2.nextstep4it.com) on a single machine. In Apache there are two types of virtual hosting.

1: IP Based Virtual Hosting

2: Name-Based Virtual Host

Ques 8: – What is Glusterfs ?

Ans: – GlusterFS is an open source network / cluster filesystem and based on a stackable user space design. It is used to achieve high availability of storage(i.e real time replication of files) across two linux machines using GlusterFS. Although glusterfs found its application in different areas like cloud computing, streaming media services, and content delivery networks.

Ques 9: – What is mutt and how to send mails using mutt from linux console ?

Ans: – Mutt is a small but powerful text-based e-mail client for Unix like operating systems. With mutt command one can send and read emails. Mutt supports both maildir & mbox mail formats. Mutt is compatible with POP & IMAP protocols.

Syntax :

# mutt -s “Subject of the Mail”  recipient-address@domain.com <  /dev/null

Ques 10: – What is Storage Clusters ?

Ans: -Storage clusters provide a consistent file system image across servers in a cluster, allowing the servers to simultaneously read and write to a single shared file system. With a cluster-wide file system, a storage cluster eliminates the need for redundant copies of application data and simplifies backup and disaster recovery. Red Hat Cluster Suite provides storage clustering through Red Hat GFS(Global File System).

System Admin Q & A – XV

Ques 1: – What is Virtualization ?

Ans: – Virtualization (or virtualisation), in computing, is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources.

Ques 2: – what are the key features of NFSv4 ?

Ans: – NFSv4 comes with several new features:

Advanced security management
Kerberos
SPKM
LIPKEY
Firewall friendly
Advanced and aggressive cache management
Non Unix compatibility (Windows)
Easy to administer (Replication, migration)
Crash recovery (Client and server sides

Ques 3: – What are the types of hardware virtualization?

Ans: – Full virtualization: Almost complete simulation of the actual hardware to allow software, which typically consists of a guest operating system, to run unmodified Partial virtualization: Some but not all of the target environment is simulated. Some guest programs, therefore, may need modifications to run in this virtual environment.

Paravirtualization: A hardware environment is not simulated; however, the guest programs are executed in their own isolated domains, as if they are running on a separate system. Guest programs need to be specifically modified to run in this environment.

Ques 4: – What are the benefits of virtualization?

Ans: – Virtualization is a creation of virtual machines and to manage them from one place. It allows the resources to be shared with large number of network resources. Virtualization is having lots of benefits and they are as follows:

It helps in saving lots of cost and allows to easily maintaining it, in less cost.
It allows multiple operating systems on one virtualization platform.
It removes the dependency of heavy hardware to run the application.
It provides consolidating servers that are used for crashing of a server purpose
It reduces the amount of space being taken by data centers and company data.

Ques 5: – What is the location of postfix mailserver Queue ?

Ans: -By default, the Postfix mail queues are located in the /var/spool/postfix directory. Each message queue is created as a separate subdirectory within this directory. Each message is stored as a separate file in the subdirectory, using a unique identifier for the filename.

Ques 5: – What is the Difference Between Qemu and KVM ?

Ans: – QEMU : Itis a generic and open source machine emulator and virtualizer. When used as a machine emulator, QEMU can run OS and programs made for one machine (e.g. an ARM board) on a different machine (e.g. your own PC). By using dynamic translation, Qemu achieves very good performance.

KVM (Kernel Virtual Machine ) : KVM is a Linux kernel module that allows a user space program to utilize the hardware virtualization features of various processors.

Ques 6: – What is Content Negotiation ?

Ans: – Content Negotiation refers to the technique Web clients and servers use to select how to present a resource , such as a document , that is available in several different formats.

Ques 7: – What does /etc/skell directory contains?

Ans: – The /etc/skel directory contains files and directories that are automatically copied over to a new user’s home directory when such user is created by the useradd or adduser command.

Ques 8: – What is the difference between /dev/dsk and /dev/rdsk in Solaris ?

Ans: – In Solaris whenever we create a new slice using format command a raw physical slice or a Raw Device will be created which is addressed as /dev/rdsk/c#d#s# where # is the number for slice.

After formatting it with newfs command the slice will be addressed as /dev/dsk/c#d#s# which can now be used for mounting.

eg.

#newfs /dev/rdsk/c0d0s4

#mkdir /oracle
#mount /dev/dsk/c0d0s4 /oracle

After mounting /dev/dsk/c#d#s# is called as Block Device

/dev actually contains logical device names which are links (Shortcuts in windows terminology) to actual physical devices in /devices directory.arate system. Guest programs need to be specifically modified to run in this environment.

Ques 9: – What is sticky bit in Solaris?

Ans: -Sticky Bit is a permission bit that protects the files with in a Directory. If the directory has sticky bit set, a file can only be deleted by the owner of the file, or root. This Prevents a user from deleting other users files from public directories . The sticky bit is displayed as the letter t in the execute field for ‘others’.

System Admin Q & A – XIV

Ques 1: – What is Puppet ?

Ans: – Puppet is a configuration Tool which is use to automate administration tasks.Puppet Agent(Client) sends request to Puppet Master (Server) and Puppet Master Push Configuration on Agent. Communtication between the master and agent is done by exchaning the certificates.

Ques 2: – What is the use of etckeeper-commit-post and etckeeper-commit-pre on Puppet Agent ?

Ans:- etckeeper-commit-post: In this configuration file you can define command and scripts which executes after pushing configuration on Agent

etckeeper-commit-pre: In this configurati-on file you can define command and scripts which executes before pushing configuration on Agent

Ques 3: – What does IntelliMirror do?

Ans: – It helps to reconcile desktop settings, applications, and stored files for users, particularly those who move between workstations or those who must periodically work offline.

Ques 4: – What’s the major difference between FAT and NTFS on a local machine?

Ans: – FAT and FAT32 provide no security over locally logged-on users. Only native NTFS provides extensive permission control on both remote and local files.

Ques 5: – What’s the difference between standalone and fault-tolerant DFS (Distributed File System) installations?

Ans:- The standalone server stores the Dfs directory tree structure or topology locally. Thus, if a shared folder is inaccessible or if the Dfs root server is down, users are left with no link to the shared resources. A fault-tolerant root node stores the Dfs topology in the Active Directory, which is replicated to other

Ques 6: – What is Server Load Balancing ?

Ans: – Server Load Balancing (SLB) provides network performance and content delivery by implementing a series of algorithms and priorities to respond to the specific requests made to the network. In simple terms, SLB distributes clients to a group of servers and ensures that clients are not sent to failed servers.

Ques 7: – What do you mean a File System?

Ans: – File System is a method to store and organize files and directories on disk. A file system can have different formats called file system types. These formats determine how the information is stored as files and directories.

Ques 8: – Which Environment is most suitable for fibre Channel SANS ?

Ans: – Typically, Fibre Channel SANs are most suitable for large data centers running business-critical data, as well as applications that require high-bandwidth performance such as medical imaging, streaming media, and large databases. Fibre Channel SAN solutions can easily scale to meet the most demanding performance and availability requirements.

Ques 9: – What is ‘inode’ ?

Ans: – All UNIX files have its description stored in a structure called ‘inode’. The inode contains info about the file-size, its location, time of last access, time of last modification, permission and so on. Directories are also represented as files and have an associated inode.

Ques 10: – What is Health Check in refer to load balancer ?

Ans: – The Health Check feature of the load balancer that allows you to set parameters to perform diagnostic observations on the performance of web servers and web server farms associated with each appliance. Health checking allows you to determine if a particular server or service is running or has failed. When a service fails health checks, the SLB(server load balancing) algorithm will stop sending clients to that server until the service passes health checks again.

Ques 11: – What is SAN?

Ans: -A storage area network (SAN) is defined as a set of interconnected devices (e.g. disks and tapes) and servers that are connected to a common communication and data transfer infrastructure such as a fibre channel. The common communication and data transfer mechanism for a given deployment is commonly known as the storage fabric. The purpose of the SAN is to allow multiple servers access to a pool of storage in which any server can potentially access any storage unit.

System Admin Q & A – XIII

Ques 1: – What Are Organizational Units in Active Directory ?

 Ans: – An organizational unit (OU) is a versatile container object used to organize objects within a domain into logical administrative groups. These logical administrative groups can include just one type of object or multiple types depending on how an administrator wants to structure it. Think of an OU like a large box that can contain many things, including other boxes (other OUs called sub-OUs), and those boxes can then contain additional boxes (additional sub-OUs) as well.

Ques 2: – What are Trees in Active Directory?

Ans: -A tree is a grouping or hierarchical arrangement of one or more Windows 2000 / 2003 domains that allows global resource sharing. A tree may consist of a single Windows 2000 domain or multiple domains in a contiguous namespace.
You can create a larger tree (contiguous namespace) by joining multiple domains in a hierarchical structure, since all domains within a single tree share a common namespace and a hierarchical naming structure. Following naming conventions, the domain name of a child domain is the name of that child domain appended with the name of the parent domain.

Ques 3: – What are the process states in Unix?

Ans: – As a process executes it changes state according to its circumstances. Unix processes have the following states

Running : The process is either running or it is ready to run .
Waiting : The process is waiting for an event or for a resource.
Stopped : The process has been stopped, usually by receiving a signal.
Zombie : The process is dead but have not been removed from the process table.

Ques 4: – What Are Forests in Active Directory ?

Ans: A forest is a grouping of one or more trees. As noted with our example of tailspintoys.com and nwtraders.com, each of those is a tree within our forest even though their naming conventions are not related.

It does not matter if each Tree is made up with a single, or multiple domains. Forests allow organizations to group together divisions that do not use the same naming scheme, and may need to operate independently, but still need to communicate with the entire organization via transitive trusts, and share the same schema and configuration container. The first domain in the forest is called the forest root domain. The name of that domain refers to the forest, such as nwtraders.msft. By default, the information in Active Directory is shared only within the forest. This way, the forest is a security boundary for the information that is contained in the instance of Active Directory.

Ques 5: – What is the difference between Active and Passive FTP ?

Ans: – Active FTP : Client says to server port 21, that it want to start a FTP session. Server confirms from port 21 and initates a connection from a new dynamic port to the client. (note: client firewalls etc don’t know which port, so it is sometimes blocked as it is considered unwanted, and unrequested)

Passive FTP : Client says to server port 21, that they want to start a FTP session. Server confirms and tells the client to connect to specified dynamic port (8674 for instance) for FTP data transfer. Client connects to server port 8674, and server replies. (note: the server reply isn’t blocked because the firewall has logged that the client has at some point communicated with server on port 8674)

Ques 6: – What is inode ?

Ans: – All UNIX files have its description stored in a structure called ‘inode’. The inode contains info about the file-size, its location, time of last access, time of last modification, permission and so on. Directories are also represented as files and have an associated inode.

Ques 7: – Explain Zombie Process ?

Ans: – Zombie is a process state when the child dies before the parent process. In this case the structural information of the process is still in the process table.

Ques 8: – What is Curl and use of Curl ?

Ans: – Curl is a command line tool to transfer data from or to a server, using one of the supported protocols. The command is designed to work without user interaction. curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, and much more.
We can use curl command to use :

  •  Troubleshoot http/ftp/cdn server problems.
  • Check or pass HTTP/HTTPS headers.
  • Upload / download files using ftp protocol or to cloud account.
  • Debug HTTP responses and find out exactly what an Apache/Nginx/Lighttpd/IIS server is sending to you without using any browser add-ons or 3rd party applications.

Ques 9: – What is netcat ?

Ans: – Netcat or nc is a simple Linux or Unix command which reads and writes data across network connections, using TCP or UDP protocol. We use this tool to open up a network pipe to test network connectivity, make backups, bind to sockets to handle incoming / outgoing requests and much more.

In this example, We tell nc to listen to a port # 4005 and execute /usr/bin/w command when client connects and send data back to the client:

#nc -l -p 4005 -e /usr/bin/w

System Admin Q & A – XII

Ques 1: – What are major and minor numbers in Linux ?

Ans: – When accessing a device file, the major number selects which device driver is being called to perform the input/output operation. This call is being done with the minor number as a parameter and it is entirely up to the driver how the minor number is being interpreted.

e.g :

 #  ls -l /dev/sda
brw-rw---- 1 root disk 8, 0 root  9 07:56 /dev/sda

Here , 8 is the device number and 0 is the minor device number.

Ques 2: – What is Nested virtualization & How to enable this in KVM ?

Ans: – Nested virtualization refers to running virtual machines (VMs) inside other VMs, usually for testing purposes.

To enable nested Virtualization , set this kernel module “kvm-intel.nested=1”

Ques 3: – What is Shorewall?

Ans:Shorewall is a opensource gateway/firewall configuration tool for Linux. Shorewall, is high-level tool for configuring Netfilter. We describe our firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables, iptables-restore, ip and tc utilities, Shorewall configures Netfilter and the Linux

Ques 4: – What is NAT ?

Ans:Network Address Translation(NAT) generally involves re-writing the source and/or destination addresses of IP packets as they pass through a firewall.There are two two types of natting.

i) DNAT
ii) SNAT

Ques 5: – What are SRV record in DNS ?

Ans: – A Service record (SRV record) is a specification of data in the Domain Name System defining the location, i.e. the hostname and port number, of servers for specified services.
An SRV record has the form:

_service._proto.name TTL class SRV priority weight port target
  • service: the symbolic name of the desired service.
  • proto: the transport protocol of the desired service; this is usually either TCP or UDP.
  • name: the domain name for which this record is valid.
  • TTL: standard DNS time to live field.
  • class: standard DNS class field (this is always IN).
  • priority: the priority of the target host, lower value means more preferred.
  • weight: A relative weight for records with the same priority.
  • port: the TCP or UDP port on which the service is to be found.
  • target: the canonical hostname of the machine providing the service.

An example SRV record in textual form that might be found in a zone file might be the following:

_sip._tcp.example.com. 86400 IN SRV 0 5 5060 sipserver.example.com.

Ques 6: – What is a Veritas Cluster server or VCS cluster ?

Ans: – VERITAS Cluster Server (VCS) from Symantec connects multiple, independent systems into a management framework for increased availability. Each system, or node, runs its own operating system and cooperates at the software level to form a cluster. VCS links commodity hardware with intelligent software to provide application failover and control. When a node or a monitored application fails, other nodes can take predefined actions to take over and bring up services elsewhere in the cluster.

Ques 7: – What are On-Off & Persistent Resources in Veritas Cluster ?

Ans: – On-Off:- VCS starts and stops On-Off resources as required. For example, VCS imports a disk group when required, and deports it when it is no longer needed.

Persistent:- These resources cannot be brought online or taken offline. For example, a network interface card cannot be started or stopped, but it is required to configure an IP address. A Persistent resource has an operation value of none. VCS monitors Persistent resources to ensure their status and operation. Failure of a Persistent resource triggers a service group failover

Ques 8: – What are the Active directory requirements to install Exchange Server 2007?

Ans:

  1. Domain functional level at least windows server 2000 native or higher
  2. Schema Master must be run on windows 2003 server with sp1
  3. At least one Domain Controller, in each domain with windows server 2003 sp1
  4. At least one global catalog server in Active Directory Site which hosts exchange Server 2007
  5. 4:1 ratio of Exchange processor to global catalog server processors

Ques 9: – What are Veritas Cluster or VCS User Account Privileges ?

Ans:

Cluster Administrator :- Full Privileges

Cluster Operator :- All cluster, service group, and resources-level operations.

Cluster Guest  :- Read-only access: new users created as cluster guest accounts by default.

Group Administrator :- All service group operations for a specified service group, except deleting service group.

Group Operator :- Bring service groups and resources online and take offline, temporarily freeze or unfreeze service groups

Ques 10: – What is Transition in Exchange Server 2007?

Ans: – Transition is the scenario in which you upgrade an existing Exchange organization to Microsoft Exchange Server 2007. To perform the transition, you must move data from the existing Exchange servers to new Exchange 2007 servers. For example, when upgrading from an Exchange Server 2003 or Exchange 2000 Server organization to an Exchange 2007 organization, you perform a transition. When transitioning to Exchange 2007, you cannot perform an in-place server upgrade on an existing Exchange server. Instead, you must install a new Exchange 2007 server into the existing organization, and then move data to the new Exchange 2007 server

System Admin Q & A – XI

Ques 1: – What is Open vSwitch?

Ans: – Open vSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized server environments. A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network. Open vSwitch supports standard management interfaces (e.g. sFlow, NetFlow, RSPAN, CLI), and is open to programmatic extension and control using OpenFlow and the OVSDB management protocol.

Open vSwitch as designed to be compatible with modern switching chipsets. This means that it can be ported to existing high-fanout switches allowing the same flexible control of the physical infrastructure as the virtual infrastructure. It also means that Open vSwitch will be able to take advantage of on-NIC switching chipsets as their functionality matures.

Ques 2: – What is Trunk Port ?

Ans: –A Trunk Link, or ‘Trunk’ is a port configured to carry packets for any VLAN. These type of ports are usually found in connections between switches. These links require the ability to carry packets from all available VLANs because VLANs span over multiple switches.

Ques 3: – What virtualization platforms can use Open vSwitch?

Ans: – Open vSwitch can currently run on any Linux-based virtualization platform (kernel 2.6.18 and newer), including: KVM, VirtualBox, Xen, Xen Cloud Platform, XenServer. As of Linux 3.3 it is part of the mainline kernel.
The bulk of the code is written in platform- independent C and is easily ported to other environments.

Ques 4: – What is VLAN and its advantages ?

Ans: – VLAN refers to Virtual Local Area Network is a virtual LAN that extends its functionalities beyond a single LAN. Through VLAN a network is divided into different logical segments known as broadcast domains. The computers in the VLAN acts as they are connected with the same LAN segment even they are located on the different network segments. In the VLAN, computers can move from one location to another and they can still be the part of the same VLAN. VLAN offers many advantages over the traditional local area network.

The main advantages of the VLAN includes high performance, simplified network administration, security, low cost and the creation of the virtual groups to avoid the collision and data loss in the network. VLAN controls the bandwidth allocations and provides the flexibility and ease of work to the users.In the VLAN, the computers do not need to be physically located at the same place. Though it is a logical entity it is created and configured through the software.

Ques 5: – What are VLAN’s Classifications ?

Ans: –VLAN can be classified into the following types.

  • Layer1 VLAN: It is based on the ports that belongs the VLAN.
  • Layer2VLAN: It is based on the MAC address of the computer. Layer2 VLAN is also based on the protocol type.
  • Layer3VLAN: It is based on the layer3 header. The IP address and the subnet mask are used to determine and classify the VLAN membership.
  • High Layer VLAN: The membership of the VLAN is determined by using the service of applications or the combination of both.

Ques 6: – What could DUP mean when using ping?

Ans: – DUP means duplicate packet.ping will report duplicate and damaged packets. Duplicate packets should never occur, and seem to be caused by inappropriate link-level retransmissions. Duplicates may occur in many situations and are rarely (if ever) a good sign, although the presence of low levels of duplicates may not always be cause for alarm.

Damaged packets are obviously serious cause for alarm and often indicate broken hardware somewhere in the ping packet’s path (in the network or in the hosts).

Ques 7: – What is IP Masquerade ?

Ans: – IP Masquerade is a networking function in Linux similar to the one-to-many (1:Many) NAT (Network Address Translation) servers found in many commercial firewalls and network routers. For example, if a Linux host is connected to the Internet via PPP, Ethernet, etc., the IP Masquerade feature allows other “internal” computers connected to this Linux box (via PPP, Ethernet, etc.) to also reach the Internet as well. Linux IP Masquerading allows for this functionality even though these internal machines don’t have an officially assigned IP address.

 MASQ allows a set of machines to invisibly access the Internet via the MASQ gateway. To other machines on the Internet, the outgoing traffic will appear to be from the IP MASQ Linux server itself. In addition to the added functionality, IP Masquerade provides the foundation to create a HEAVILY secured networking environment. With a well built firewall, breaking the security of a well configured masquerading system and internal LAN should be considerably difficult to accomplish.

Ques 8: – What is GFS2 filesystem ?

Ans: – GFS2 is a shared file system used by Red Hat Cluster node member simultaneously. GFS2
allows all nodes to have direct concurrent access to the same shared block storage. In addition, GFS2 can also be used as a local filesystem. The principle component to allow such access is lock management. GFS2 uses DLM or Distributed Lock Management to achieve this. Also clustered LVM is used to communicate LVM meta data changes across nodes.

Ques 9: – What is fencing in clustering and why it is required ?

Ans: – Fencing is the process of isolating a node of a computer cluster when the former is malfunctioning. Isolating a node means ensuring that I/O can no longer be done from it. Fencing is typically done automatically, by cluster infrastructure such as shared disk file systems, in order to
protect processes from other active nodes modifying the resources during node failures.

Fencing is required because it is impossible to distinguish between a real failure and a
temporary hang. If the malfunctioning node is really down, then it cannot do any
damage, so theoretically no action would be required (it could simply be brought back
into the cluster with the usual join process).

However, because there is a possibility that a malfunctioning node could itself consider the rest of the cluster to be the one that is malfunctioning, a race condition could ensue, and cause data corruption. Instead, the system has to assume the worst scenario and always fence in case of problems