How to remove IP address from a NIC
root [AIXServer] /: chdev -l en1 -a state=down
en1 changed
root [AIXServer] /: chdev -l en1 -a netaddr=''
en1 changed
root [AIXServer] /: chdev -l en1 -a netmask=''
en1 changed
root [AIXServer] /: lsattr -El en1
alias4 IPv4 Alias including Subnet Mask True
alias6 IPv6 Alias including Prefix Length True
arp on Address Resolution Protocol (ARP) True
authority Authorized Users True
broadcast Broadcast Address True
mtu 1500 Maximum IP Packet Size for This Device True
netaddr Internet Address True
netaddr6 IPv6 Internet Address True
netmask Subnet Mask True
prefixlen Prefix Length for IPv6 Internet Address True
remmtu 576 Maximum IP Packet Size for REMOTE Networks True
rfc1323 Enable/Disable TCP RFC 1323 Window Scaling True
security none Security Level True
state down Current Interface Status True
tcp_mssdflt Set TCP Maximum Segment Size True
tcp_nodelay Enable/Disable TCP_NODELAY Option True
tcp_recvspace Set Socket Buffer Space for Receiving True
tcp_sendspace Set Socket Buffer Space for Sending True
root [AIXServer] /:
Wednesday, September 29, 2010
Add a route with a specific mtu value
Question
How do you add a route with a specific mtu value when it is different than the interfaces default mtu value?
Answer
To add a route with a different mtu value other than interfaces default mtu value you will need to run the "route add" command. You can not add the route via smit or smitty.
Add a network specific route with mtu of 1500.
#route add -net -mtu 1500
Example: Add route to 192.18.5.0 network using gateway address of 192.19.88.1 with an mtu of 1500.
#route add 192.18.5.0 192.19.88.1 -mtu 1500
Add a host specific route with mtu of 1500.
#route add -host -mtu 1500
Example: Add a route to 10.55.44.22 host using the gateway of 192.88.5.1 with the mtu of 1500.
#route add -host 10.55.44.22 192.88.5.1 -mtu 1500
To display newly added route:
#pmtu display
Example:
dst gw If pmtu refcnt redisc_t exp
192.18.5.0 192.19.88.1 en0 1500
10.55.44.22 192.88.5.1 en1 1500
How do you add a route with a specific mtu value when it is different than the interfaces default mtu value?
Answer
To add a route with a different mtu value other than interfaces default mtu value you will need to run the "route add" command. You can not add the route via smit or smitty.
Add a network specific route with mtu of 1500.
#route add -net
Example: Add route to 192.18.5.0 network using gateway address of 192.19.88.1 with an mtu of 1500.
#route add 192.18.5.0 192.19.88.1 -mtu 1500
Add a host specific route with mtu of 1500.
#route add -host
Example: Add a route to 10.55.44.22 host using the gateway of 192.88.5.1 with the mtu of 1500.
#route add -host 10.55.44.22 192.88.5.1 -mtu 1500
To display newly added route:
#pmtu display
Example:
dst gw If pmtu refcnt redisc_t exp
192.18.5.0 192.19.88.1 en0 1500
10.55.44.22 192.88.5.1 en1 1500
Device Driver Fileset for SCSI Adapter
How do you determine which fileset delivers the device driver that controls
an adapter?
Answer
The odm will have the name of the device driver file that controls the adapter.
* For example, to determine which fileset will deliver the device driver that controls the scsi0 card, enter the following command:
odmget -q name=scsi0 CuDv
The command will display the following output:
CuDv:
name = "scsi0"
status = 1
chgstatus = 2
ddins = "pci/s_scsidd"
location = "10-60"
parent = "pci0"
connwhere = "96"
PdDvLn = "adapter/pci/ncr825"
ddins field shows the name of the device driver that is controlling the scsi adapter.
* To determine where to find the file in file system, enter:
find / -name s_scsidd
/usr/lib/drivers/pci/s_scsidd
* To find the fileset, enter:
lslpp -w /usr/lib/drivers/pci/s_scsidd
Which displays the fileset:
devices.pci.00100f00.rte
NOTE: This procedure is only effective for any adapter that is already installed in the system.
an adapter?
Answer
The odm will have the name of the device driver file that controls the adapter.
* For example, to determine which fileset will deliver the device driver that controls the scsi0 card, enter the following command:
odmget -q name=scsi0 CuDv
The command will display the following output:
CuDv:
name = "scsi0"
status = 1
chgstatus = 2
ddins = "pci/s_scsidd"
location = "10-60"
parent = "pci0"
connwhere = "96"
PdDvLn = "adapter/pci/ncr825"
ddins field shows the name of the device driver that is controlling the scsi adapter.
* To determine where to find the file in file system, enter:
find / -name s_scsidd
/usr/lib/drivers/pci/s_scsidd
* To find the fileset, enter:
lslpp -w /usr/lib/drivers/pci/s_scsidd
Which displays the fileset:
devices.pci.00100f00.rte
NOTE: This procedure is only effective for any adapter that is already installed in the system.
Command to “unexpire” password on AIX
Once a password has been expired, you could reset the password.
To “unexpire” a password without setting a new one, this would do it.
chsec -f /etc/security/passwd -s username -a lastupdate=`perl -e 'print time'`
To set password to be unexpired for a user id, this would do it.
chuser maxage=0 username
To “unexpire” a password without setting a new one, this would do it.
chsec -f /etc/security/passwd -s username -a lastupdate=`perl -e 'print time'`
To set password to be unexpired for a user id, this would do it.
chuser maxage=0 username
SNMP Query in AIX
I see that AIX 6.1 supports Counter64 MIBs as defined in the /etc/mib.defs file, but I can't list any of these MIBs using the 'snmpinfo' command. How can I query these Counter64 MIBs using an AIX command?
Answer
Since the Counter64 MIBs are part of SMI-v2, they are not supported by the SNMPv1 protocol so you must enable SNMPv2 or v3 in order to query them. The snmpinfo command only supports SNMPv1 as well so you would have to use 'clsnmp' command on AIX to make SNMPv2 or v3 queries.
You can set up SNMP v2 on AIX via the procedure below.
Note: In this example, we're going to define a new community name "publicv2c". If you want to use "public", you can just replace publicv2c with public.
- Stop snmpd
# stopsrc -s snmpd
- In /etc/snmpdv3.conf file, add following lines:
VACM_GROUP group2 SNMPv2c publicv2c -
VACM_ACCESS group2 - - noAuthNoPriv SNMPv2c defaultView - defaultView -
COMMUNITY publicv2c publicv2c noAuthNoPriv 0.0.0.0 0.0.0.0 -
- Start snmpd
# startsrc -s snmpd
- In /etc/clsnmp.conf file, add this line:
v2c 127.0.0.1 snmpv2c
- Using clsnmp to query v2c view
clsnmp -h v2c -c publicv2c walk system
Once you have clsnmp configured, you can use it to query one of the Counter64 MIBs, like this:
# clsnmp -h v2c -v -c publicv2c walk ipSystemStatsHCInReceives
ipSystemStatsHCInReceives.1 = 4247601
ipSystemStatsHCInReceives.2 = 25833
Please contact IBM AIX Support for further questions.
Answer
Since the Counter64 MIBs are part of SMI-v2, they are not supported by the SNMPv1 protocol so you must enable SNMPv2 or v3 in order to query them. The snmpinfo command only supports SNMPv1 as well so you would have to use 'clsnmp' command on AIX to make SNMPv2 or v3 queries.
You can set up SNMP v2 on AIX via the procedure below.
Note: In this example, we're going to define a new community name "publicv2c". If you want to use "public", you can just replace publicv2c with public.
- Stop snmpd
# stopsrc -s snmpd
- In /etc/snmpdv3.conf file, add following lines:
VACM_GROUP group2 SNMPv2c publicv2c -
VACM_ACCESS group2 - - noAuthNoPriv SNMPv2c defaultView - defaultView -
COMMUNITY publicv2c publicv2c noAuthNoPriv 0.0.0.0 0.0.0.0 -
- Start snmpd
# startsrc -s snmpd
- In /etc/clsnmp.conf file, add this line:
v2c 127.0.0.1 snmpv2c
- Using clsnmp to query v2c view
clsnmp -h v2c -c publicv2c walk system
Once you have clsnmp configured, you can use it to query one of the Counter64 MIBs, like this:
# clsnmp -h v2c -v -c publicv2c walk ipSystemStatsHCInReceives
ipSystemStatsHCInReceives.1 = 4247601
ipSystemStatsHCInReceives.2 = 25833
Please contact IBM AIX Support for further questions.
File Time in AIX
Question
This technote discusses timestamps associated with files in filesystems on AIX.
Answer
In AIX each file has three different timestamps associated with it. These can be seen in the system include file /usr/include/sys/stat.h :
st_atime Time when file data was last accessed.
st_mtime Time when file data was last modified.
st_ctime Time when the file metadata was last changed.
All times recorded are in seconds since the Unix epoch. (Note for completeness there are also counters for these in nanoseconds)
Access Time (atime)
This is a timestamp recorded in the filesystem when the file was last opened for reading. The timestamp reflects when the open() on the file was performed, not necessarily when data was last read from it.
The access time can be viewed via ls using the -u flag.
Modification Time (mtime)
This denotes when the content of the file was most recently changed.
The modification time is what ls -l reports by default.
Change time (ctime)
This marks when a file's metadata was changed, such as permissions or ownership.
This time cannot be seen with the 'ls' command.
Other Notes
Some operating systems also include a "file creation" time, but AIX does not.
These times can be seen via commands such as 'ls' or 'find' with the appropriate arguments given to print out the value desired.
An easy way to view all three simultaneously is with the /usr/bin/istat command:
$ istat p.out
Inode 263 on device 10/8 File
Protection: rw-r--r--
Owner: 0(root) Group: 0(system)
Link count: 1 Length 14682 bytes
Last updated: Tue Sep 15 10:50:15 PDT 2009
Last modified: Tue Sep 15 10:50:15 PDT 2009
Last accessed: Tue Nov 3 12:01:12 PST 2009
So this file had its contents modified on Sep 15, and that is also the time the metadata for the file was changed. The file was read last on Nov 3.
Some utilities such as tar specifically modify a file's time values to record a different time than would normally be present. For example, the default behavior of tar when restoring a file is to create the file, then set the modification time back to what it was set to in the tar archive.
This technote discusses timestamps associated with files in filesystems on AIX.
Answer
In AIX each file has three different timestamps associated with it. These can be seen in the system include file /usr/include/sys/stat.h :
st_atime Time when file data was last accessed.
st_mtime Time when file data was last modified.
st_ctime Time when the file metadata was last changed.
All times recorded are in seconds since the Unix epoch. (Note for completeness there are also counters for these in nanoseconds)
Access Time (atime)
This is a timestamp recorded in the filesystem when the file was last opened for reading. The timestamp reflects when the open() on the file was performed, not necessarily when data was last read from it.
The access time can be viewed via ls using the -u flag.
Modification Time (mtime)
This denotes when the content of the file was most recently changed.
The modification time is what ls -l reports by default.
Change time (ctime)
This marks when a file's metadata was changed, such as permissions or ownership.
This time cannot be seen with the 'ls' command.
Other Notes
Some operating systems also include a "file creation" time, but AIX does not.
These times can be seen via commands such as 'ls' or 'find' with the appropriate arguments given to print out the value desired.
An easy way to view all three simultaneously is with the /usr/bin/istat command:
$ istat p.out
Inode 263 on device 10/8 File
Protection: rw-r--r--
Owner: 0(root) Group: 0(system)
Link count: 1 Length 14682 bytes
Last updated: Tue Sep 15 10:50:15 PDT 2009
Last modified: Tue Sep 15 10:50:15 PDT 2009
Last accessed: Tue Nov 3 12:01:12 PST 2009
So this file had its contents modified on Sep 15, and that is also the time the metadata for the file was changed. The file was read last on Nov 3.
Some utilities such as tar specifically modify a file's time values to record a different time than would normally be present. For example, the default behavior of tar when restoring a file is to create the file, then set the modification time back to what it was set to in the tar archive.
AIX NIM
AIX NIM Master Tuning (no options, max_nimesis_threads, global_export)
by admin in AIX
1) To support a high number (16 or more) simultaneous installs, you should consider:
increasing max_nimesis_threads
nim -o change -a max_nimesis_threads=60 master
2) no options tcp_sendspace, tcp_recvspace, rfc1323 should already be set in the default AIX install. Watch for them on ifconfig -a, and verify that use_isno is on.
# ifconfig en0
en0: flags=1e080863,4c0
inet 9.19.51.115 netmask 0xffffff00 broadcast 9.19.51.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
# no -a | grep isno
use_isno = 1
# no -F -a | grep isno (restricted setting in 6.1. Use -F)
use_isno = 1
3) Consider setting global_export=yes. If you perform frequent simultaneous installs, when one install completes, the default behavior of the master is to unexport NFS exports, remove the completed client from the export lists and re-export the filesystems. During this interval, other “in-flight” client installs may see the message “NFS server not responding, still trying” on the client console.
As an alternative, set global_export. With no clients enabled for install:
# nim -o change -a global_export=yes master
In this configuration, resources are exported read-only for every enabled client, and held exported until the last client completes.
Before, exports list every specific client allowed to mount
# showmount -e
export list for bmark29:
/export/mksysb/image_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/lppsource_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/spot_53ML2/usr sq07.dfw.ibm.com,sq08.dfw.ibm.com
With global_export, exports are read-only for everyone
# exportfs
/export/mksysb/image_53ML3 -ro,anon=0
/export/53/lppsource_53ML3 -ro,anon=0
/export/53/spot_53ML3/usr -ro,anon=0
Realize, of course, anyone can mount these, even if they are not a NIM client
(read-only, AIX install content. Security issue? Probably not for most cases)
by admin in AIX
1) To support a high number (16 or more) simultaneous installs, you should consider:
increasing max_nimesis_threads
nim -o change -a max_nimesis_threads=60 master
2) no options tcp_sendspace, tcp_recvspace, rfc1323 should already be set in the default AIX install. Watch for them on ifconfig -a, and verify that use_isno is on.
# ifconfig en0
en0: flags=1e080863,4c0
inet 9.19.51.115 netmask 0xffffff00 broadcast 9.19.51.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
# no -a | grep isno
use_isno = 1
# no -F -a | grep isno (restricted setting in 6.1. Use -F)
use_isno = 1
3) Consider setting global_export=yes. If you perform frequent simultaneous installs, when one install completes, the default behavior of the master is to unexport NFS exports, remove the completed client from the export lists and re-export the filesystems. During this interval, other “in-flight” client installs may see the message “NFS server not responding, still trying” on the client console.
As an alternative, set global_export. With no clients enabled for install:
# nim -o change -a global_export=yes master
In this configuration, resources are exported read-only for every enabled client, and held exported until the last client completes.
Before, exports list every specific client allowed to mount
# showmount -e
export list for bmark29:
/export/mksysb/image_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/lppsource_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/spot_53ML2/usr sq07.dfw.ibm.com,sq08.dfw.ibm.com
With global_export, exports are read-only for everyone
# exportfs
/export/mksysb/image_53ML3 -ro,anon=0
/export/53/lppsource_53ML3 -ro,anon=0
/export/53/spot_53ML3/usr -ro,anon=0
Realize, of course, anyone can mount these, even if they are not a NIM client
(read-only, AIX install content. Security issue? Probably not for most cases)
Subscribe to:
Posts (Atom)