Wednesday, September 29, 2010

How to remove IP address from a NIC

How to remove IP address from a NIC

root [AIXServer] /: chdev -l en1 -a state=down
en1 changed

root [AIXServer] /: chdev -l en1 -a netaddr=''
en1 changed
root [AIXServer] /: chdev -l en1 -a netmask=''
en1 changed

root [AIXServer] /: lsattr -El en1
alias4 IPv4 Alias including Subnet Mask True
alias6 IPv6 Alias including Prefix Length True
arp on Address Resolution Protocol (ARP) True
authority Authorized Users True
broadcast Broadcast Address True
mtu 1500 Maximum IP Packet Size for This Device True
netaddr Internet Address True
netaddr6 IPv6 Internet Address True
netmask Subnet Mask True
prefixlen Prefix Length for IPv6 Internet Address True
remmtu 576 Maximum IP Packet Size for REMOTE Networks True
rfc1323 Enable/Disable TCP RFC 1323 Window Scaling True
security none Security Level True
state down Current Interface Status True
tcp_mssdflt Set TCP Maximum Segment Size True
tcp_nodelay Enable/Disable TCP_NODELAY Option True
tcp_recvspace Set Socket Buffer Space for Receiving True
tcp_sendspace Set Socket Buffer Space for Sending True
root [AIXServer] /:

Add a route with a specific mtu value

Question

How do you add a route with a specific mtu value when it is different than the interfaces default mtu value?
Answer

To add a route with a different mtu value other than interfaces default mtu value you will need to run the "route add" command. You can not add the route via smit or smitty.

Add a network specific route with mtu of 1500.
#route add -net -mtu 1500

Example: Add route to 192.18.5.0 network using gateway address of 192.19.88.1 with an mtu of 1500.
#route add 192.18.5.0 192.19.88.1 -mtu 1500

Add a host specific route with mtu of 1500.
#route add -host -mtu 1500

Example: Add a route to 10.55.44.22 host using the gateway of 192.88.5.1 with the mtu of 1500.
#route add -host 10.55.44.22 192.88.5.1 -mtu 1500

To display newly added route:

#pmtu display

Example:
dst gw If pmtu refcnt redisc_t exp
192.18.5.0 192.19.88.1 en0 1500
10.55.44.22 192.88.5.1 en1 1500

Device Driver Fileset for SCSI Adapter

How do you determine which fileset delivers the device driver that controls
an adapter?

Answer

The odm will have the name of the device driver file that controls the adapter.

* For example, to determine which fileset will deliver the device driver that controls the scsi0 card, enter the following command:

odmget -q name=scsi0 CuDv

The command will display the following output:

CuDv:
name = "scsi0"
status = 1
chgstatus = 2
ddins = "pci/s_scsidd"
location = "10-60"
parent = "pci0"
connwhere = "96"
PdDvLn = "adapter/pci/ncr825"

ddins field shows the name of the device driver that is controlling the scsi adapter.
* To determine where to find the file in file system, enter:

find / -name s_scsidd
/usr/lib/drivers/pci/s_scsidd

* To find the fileset, enter:

lslpp -w /usr/lib/drivers/pci/s_scsidd

Which displays the fileset:

devices.pci.00100f00.rte

NOTE: This procedure is only effective for any adapter that is already installed in the system.

Command to “unexpire” password on AIX

Once a password has been expired, you could reset the password.

To “unexpire” a password without setting a new one, this would do it.

chsec -f /etc/security/passwd -s username -a lastupdate=`perl -e 'print time'`

To set password to be unexpired for a user id, this would do it.

chuser maxage=0 username

SNMP Query in AIX

I see that AIX 6.1 supports Counter64 MIBs as defined in the /etc/mib.defs file, but I can't list any of these MIBs using the 'snmpinfo' command. How can I query these Counter64 MIBs using an AIX command?

Answer
Since the Counter64 MIBs are part of SMI-v2, they are not supported by the SNMPv1 protocol so you must enable SNMPv2 or v3 in order to query them. The snmpinfo command only supports SNMPv1 as well so you would have to use 'clsnmp' command on AIX to make SNMPv2 or v3 queries.
You can set up SNMP v2 on AIX via the procedure below.

Note: In this example, we're going to define a new community name "publicv2c". If you want to use "public", you can just replace publicv2c with public.

- Stop snmpd
# stopsrc -s snmpd

- In /etc/snmpdv3.conf file, add following lines:
VACM_GROUP group2 SNMPv2c publicv2c -
VACM_ACCESS group2 - - noAuthNoPriv SNMPv2c defaultView - defaultView -
COMMUNITY publicv2c publicv2c noAuthNoPriv 0.0.0.0 0.0.0.0 -

- Start snmpd
# startsrc -s snmpd

- In /etc/clsnmp.conf file, add this line:
v2c 127.0.0.1 snmpv2c

- Using clsnmp to query v2c view
clsnmp -h v2c -c publicv2c walk system

Once you have clsnmp configured, you can use it to query one of the Counter64 MIBs, like this:
# clsnmp -h v2c -v -c publicv2c walk ipSystemStatsHCInReceives
ipSystemStatsHCInReceives.1 = 4247601
ipSystemStatsHCInReceives.2 = 25833

Please contact IBM AIX Support for further questions.

File Time in AIX

Question
This technote discusses timestamps associated with files in filesystems on AIX.

Answer
In AIX each file has three different timestamps associated with it. These can be seen in the system include file /usr/include/sys/stat.h :

st_atime Time when file data was last accessed.
st_mtime Time when file data was last modified.
st_ctime Time when the file metadata was last changed.

All times recorded are in seconds since the Unix epoch. (Note for completeness there are also counters for these in nanoseconds)

Access Time (atime)
This is a timestamp recorded in the filesystem when the file was last opened for reading. The timestamp reflects when the open() on the file was performed, not necessarily when data was last read from it.

The access time can be viewed via ls using the -u flag.

Modification Time (mtime)
This denotes when the content of the file was most recently changed.

The modification time is what ls -l reports by default.

Change time (ctime)
This marks when a file's metadata was changed, such as permissions or ownership.

This time cannot be seen with the 'ls' command.

Other Notes
Some operating systems also include a "file creation" time, but AIX does not.

These times can be seen via commands such as 'ls' or 'find' with the appropriate arguments given to print out the value desired.

An easy way to view all three simultaneously is with the /usr/bin/istat command:

$ istat p.out
Inode 263 on device 10/8 File
Protection: rw-r--r--
Owner: 0(root) Group: 0(system)
Link count: 1 Length 14682 bytes

Last updated: Tue Sep 15 10:50:15 PDT 2009
Last modified: Tue Sep 15 10:50:15 PDT 2009
Last accessed: Tue Nov 3 12:01:12 PST 2009

So this file had its contents modified on Sep 15, and that is also the time the metadata for the file was changed. The file was read last on Nov 3.

Some utilities such as tar specifically modify a file's time values to record a different time than would normally be present. For example, the default behavior of tar when restoring a file is to create the file, then set the modification time back to what it was set to in the tar archive.

AIX NIM

AIX NIM Master Tuning (no options, max_nimesis_threads, global_export)
by admin in AIX

1) To support a high number (16 or more) simultaneous installs, you should consider:
increasing max_nimesis_threads
nim -o change -a max_nimesis_threads=60 master

2) no options tcp_sendspace, tcp_recvspace, rfc1323 should already be set in the default AIX install. Watch for them on ifconfig -a, and verify that use_isno is on.

# ifconfig en0
en0: flags=1e080863,4c0T,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN>
inet 9.19.51.115 netmask 0xffffff00 broadcast 9.19.51.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1

# no -a | grep isno
use_isno = 1

# no -F -a | grep isno (restricted setting in 6.1. Use -F)
use_isno = 1

3) Consider setting global_export=yes. If you perform frequent simultaneous installs, when one install completes, the default behavior of the master is to unexport NFS exports, remove the completed client from the export lists and re-export the filesystems. During this interval, other “in-flight” client installs may see the message “NFS server not responding, still trying” on the client console.

As an alternative, set global_export. With no clients enabled for install:
# nim -o change -a global_export=yes master

In this configuration, resources are exported read-only for every enabled client, and held exported until the last client completes.

Before, exports list every specific client allowed to mount

# showmount -e
export list for bmark29:
/export/mksysb/image_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/lppsource_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/spot_53ML2/usr sq07.dfw.ibm.com,sq08.dfw.ibm.com

With global_export, exports are read-only for everyone

# exportfs
/export/mksysb/image_53ML3 -ro,anon=0
/export/53/lppsource_53ML3 -ro,anon=0
/export/53/spot_53ML3/usr -ro,anon=0

Realize, of course, anyone can mount these, even if they are not a NIM client
(read-only, AIX install content. Security issue? Probably not for most cases)

AIX RC Scripts

Starting and Stopping Software via RC Directories
by admin in AIX

Technote (FAQ)

Question
How can I start up and stop my software on AIX?

Answer
Starting and Stopping Software via RC Directories

This document applies to AIX version 4.3.3 ML 05, AIX versions 5L and 6 (run level directories were introduced in AIX 433 Maintenance Level 05).

This document describes how to start and stop software using run level directories via /etc/inittab. A run level is a software configuration that allows only a selected group of processes to exist.

For another method to start or stop an application during a reboot or shutdown, refer to the document, Automated Startup and Shutdown of Custom Software.

The objective of run level script feature is to allow customers to start and stop selected applications by changing the run level. The directories are provided for customers to place their own stop and start scripts.
Background
Scripts to stop or start applications
Background

During system startup, after the root file system has been mounted in the pre-initialization process, the init command is run as the last step of the startup process. The init command attempts to read the /etc/inittab file. If the file exists, init attempts to locate an initdefault in /etc/inittab. If initdefault entry exists, the init command uses the specified run level as the initial system run level. Run level 2 is defined by default to contain all of the terminal processes and daemons that are run in the multiuser environment. This can be seen in the /etc/inittab file:

lsitab -a|grep init => init:2:initdefault

NOTE: Booting the system into mulitiuser mode using a runlevel other than the default, 2, is not supported by IBM. For a list of valid run levels, see man pages for init or telinit.

Upon the installation of the feature, the following are added to your system:

1. Nine directories:

/etc/rc.d
/etc/rc.d/rc2.d
/etc/rc.d/rc3.d
/etc/rc.d/rc4.d
/etc/rc.d/rc5.d
/etc/rc.d/rc6.d
/etc/rc.d/rc7.d
/etc/rc.d/rc8.d
/etc/rc.d/rc9.d

2. Eight new entries are added to your /etc/inittab

l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
l7:7:wait:/etc/rc.d/rc 7
l8:8:wait:/etc/rc.d/rc 8
l9:9:wait:/etc/rc.d/rc 9

The system will automatically run the "K" or kill scripts when entering a given run level, then proceed to run all "S" or start scripts to start up the applications necessary at that level. In this manner, some applications could be stopped while others started when entering a run level.
3. When shutting down the system or rebooting using the /usr/sbin/shutdown command, all "K" or kill scripts for every run level will be run. This ensures all custom applications are finished before fully shutting down AIX.
4. /etc/rc.d/rc script - This script is designed to use the input run level to visit the appropriate /etc/rc.d/rc.d. It first executes scripts in this directory starting with K to stop the applications. Then, it executes scripts starting with S to start the applications.

Sample scripts are provided in the /etc/rc.d/samples directory. See the Commands Reference for information about /etc/inittab, telinit, and init command.
Scripts to stop or start applications

1. Create a shell script that includes the commands (provided by the application vendor) to stop or start that program. To use the scripts, the user must copy them to the appropriate /etc/rc.d/rc.d directory. The /etc/rc.d/rc shell script will only vist the directory structures under rc.d.

NOTE: The script name must start with a K to stop or an S to start the application.
2. Make the script executable by running the chmod command.

In both cases, it is adviseable to use a file naming convention with a numeric after the K or S, and a short description of the process or service to be killed or started. The controlling RC script will run these in numeric order as it finds them. For example, a script to stop and start lpd daemon can be named K70lpd and S70lpd, respectively.
3. The run level can be changed by running:

telinit

This tells the init command to place the system in one of the run levels. When the init command requests a change to run levels 0-9, it kills all processes at the current run levels and then restarts any processes associated with the new run levels.

To check current run level, run who -r. It will return something similar to the following output:

run level 2 Oct 4 14:23 2
0 S

In this example, the system is running at the default run level 2.

networkk

Using AIX Tools to Debug Network Problems
by admin in AIX

Technote (FAQ)

Problem
Using AIX Tools to Debug Network Problems

Solution

This document discusses some standard AIX commands that can check for network connectivity or performance problems.

From time to time users may be unable to access servers via their client applications or they may experience performance problems. When application and system checks do not indicate the problem, the system administrator may need to check the network or the system's network settings to find the problem. Using standard AIX tools, you can quicky determine if a server is experiencing a network problem due to configuration or network issues. These tools include the netstat and tcpdump commands, which can help you isolate problems, from loss of connectivity to more complex network performance problems.

Basic tools and the OSI-RM
Using the netstat command
Using the tcpdump command
Basic tools and the OSI-RM

The AIX commands you can use for a quick checkup include the lsdev, errpt, netstat and tcpdump commands. With these tools, you can assess the lower layers of your system's network configuration within the model known as the Open Systems Interconnection (OSI) Reference Model (RM) (see Table 1). Using the OSI-RM allows you to check common points of failure, without spending too much time looking at elusive errors that might be caused by loss of network access within an application.
Open Systems Interconnection Reference Model

Model Layer Function Assessment Tools

7. Application Layer Consists of application .
programs that use the network.
6. Presentation Layer Standardizes data presentation
to the applications.
5. Session Layer Manages sessions between
applications.
4. Transport Layer Organizes data grams into netstat -s
segments and reliably delivers iptrace
them to upper layers. tcpdump
3. Network Layer Manages connections across the netstat -in, -rn, -s, -D
network for the upper layers. topas
iptrace
tcpdump
2. Data Link Layer Provides reliable data delivery netstat -v, -D
across the physical link. iptrace
tcpdump
1. Physical Layer Defines the physical netstat -v, -D
characteristics of the lsdev -C
network media. errpt
iptrace
tcpdump

Using the netstat command

One of the netstat tools, the netstat -v command, can help you decide if corrective action needs to be taken on the server or elsewhere in the network. Output from this command is the same as the entstat, tokstat, fddistat, and atmstat commands combined. The netstat -v command assesses the physical and data link layers of the OSI-RM. Thus, it is one of the first commands you should use, after determining that there is no hardware availability problem. (The errpt and lsdev -C commands can help determine availability.) The netstat -v output can indicate whether you need to adjust configuration of a network adapter (to reestablish or improve communications) or tune an adapter for better data throughput.
Sample scenario

A simple scenario illustrates how the netstat -v command helps determine why a system is not communicating on its network.

The scenario assumes a system with the following characteristics:

* An IBM 4-Port 10/100 Mbps Ethernet PCI Adapter (ent0 - ent3)
* An onboard IBM 10/100 Mbps Ethernet PCI Adapter (ent4)
* A single cable connected to one of the ports on the four-port adapters
* A single IP address configured, on en0, which also maps to one of the logical devices (ent0) on the 4-Port card

The problem: Since TCP/IP was configured on en0, the system has been unable to ping any system on the network.
Example 1

1. The lsdev -C and errpt commands were used to verify the availability of the adapter and interface.'


2. The netstat -in command (interface configuration) and the netstat -rn (route configuration) command were used to check the IP configuration.


3. After the first two preliminary steps, the next step is to use the netstat -v command to review specific statistics for adapter operations. Without a filter, the netstat -v command produces at least 10 screens of data, so this examples uses the netstat -v ent0 command to limit the output as follows:

netstat -v ent0 | grep -p "Specific Statistics"

The RJ45 Port Link Status line in the sample output indicates whether or not the adapter has a link to the network. In this example, the RJ45 Port Link Status is down.

IBM 4-Port 10/100 Base-TX Ethernet PCI Adapter Specific Statistics:
------------------------------------------------
Chip Version: 26
RJ45 Port Link Status : down
Media Speed Selected: Auto negotiation
Media Speed Running: 100 Mbps Full Duplex
Receive Pool Buffer Size: 384
Free Receive Pool Buffers: 128
No Receive Pool Buffer Errors: 0
Inter Packet Gap: 96
Adapter Restarts due to IOCTL commands: 1

4. Running netstat -v a second time without a filter allows you to check the port link status for every adapter. For example, enter:

netstat -v | more

and then use /Specific as the search string for the more command. In this example, such a search shows that ent3, not ent0, shows a port link status of up. This information indicates that the cable is in the wrong port on the 4-Port Adapter, and that moving the cable to the correct (that is, configured) port fixes the problem.

Example 2

Interpreting the portion of the netstat -v output that indicates adapter resource configuration can help isolate a system configuration problem. When setting up servers that provide for network backup (such as, TSM or SysBack), administrators commonly do some preliminary testing and achieve good results. Then, as more remote servers are added to the backup schedule, performance can decrease. Where network throughput was once good, but then has decreased, netstat -v can uncover potential problems with adapter resources.

Many modern adapters have tunable buffers that allow you to adjust the resources a device can obtain. When a backup server requires extensive resources to handle data reception, looking at the output of netstat -v for Receive Statistics and for Adapter Specific Statistics can help isolate potential network performance bottlenecks. It is not uncommon to see errors in the Adapter Specific section of the 10/100 Mbps adapter that indicate "No Receive Pool Buffer Errors". In Example 2 the netstat -v command is run twice, 30 seconds apart, while the server is handling several backup jobs. The output shows the default setting of 384 on the receive pool buffer needs to be adjusted higher. As long as no other errors suggesting additional problems show up in the output, you can safely assume that performance will improve when the receive pool buffer on ent4 is adjusted.

1. Run the following command to see specific statistics for en4:

netstat -v ent4 | grep -p "Specific Statistics"

Command output is similar to the following:

IBM 4-Port 10/100 Base-TX Ethernet PCI Adapter Specific Statistics:
------------------------------------------------
Chip Version: 26
RJ45 Port Link Status : up
Media Speed Selected: Auto negotiation
Media Speed Running: 100 Mbps Full Duplex
Receive Pool Buffer Size: 384
Free Receive Pool Buffers: 128
No Receive Pool Buffer Errors: 999875
Inter Packet Gap: 96
Adapter Restarts due to IOCTL commands: 1

2. Run the following commands to check the No Receive Pool Buffer Errors after 30 seconds:

sleep 30 ; netstat -v ent4 | grep "Receive Pool Buffer Errors"

Output is similar to the following:

No Receive Pool Buffer Errors: 1005761

Using the tcpdump command

The netstat tools (netstat -in, netstat -rn and netstat -v) cannot always determine the nature of a connection problem.
Example 3

Suppose your server has four separate network adapters configured and attached to separate network segments. Two are working fine (VLAN A and B) while no connections can be established to your server on the other two segments (VLAN C and D). The output of netstat -v shows that data is coming in on all four adapters and no errors are being logged, indicating that the configuration at the physical and data link layers is working. In such a case, you need to examine the inbound data itself. You can use the tcpdump tool to examine the data online to help you determine the connection problem.

The tcpdump command provides much data, but for quick analysis only some basics pieces of its output (IP addresses) are needed:

You also want to consider the logical configuration you have set up for your interfaces (netstat -in). In this example, en2 was configured with address 9.3.6.225 and is in VLAN C (IP network 9.3.6.224, netmask 255.255.255.240); en3 was configured with address 9.3.6.243 and is in VLAN D (IP network 9.3.6.240, netmask 255.255.255.240).

1. Run the following command to check traffic on en2:

tcpdump -i en2 -I -n

Output similar to the following is displayed:

-TIME STAMP- -SOURCE IP- -DESTINATION IP- -FLAG -ADDITION INFO-
09:04:27.313527323 9.3.6.244.23 > 9.3.6.241.38160: P 7:9(2) ack 8 win
65535
09:04:27.402377282 9.3.6.245.45017 > 9.53.168.52.23: . ack 24 win
17520 (DF) [tos 0x10]
09:04:27.418818536 9.3.6.241.38160 > 9.3.6.244.23: . ack 9 win 65535
[tos 0x10
09:04:27.419054751 9.3.6.244.23 > 9.3.6.241.38160: P 9:49(40) ack 8
win 65535
09:04:27.524512144 9.3.6.245.45017 > 9.53.168.52.23: P 4:5(1) ack 24
win 17520 (DF) [tos 0x10]
09:04:27.526159054 9.53.168.52.23 > 9.3.6.245.45017: P 24:25(1) ack 5
win 2482 (DF)
09:04:27.602600775 9.3.6.245.45017 > 9.53.168.52.23: . ack 25 win
17520 (DF) [tos 0x10]
09:04:27.628488745 9.3.6.241.38160 > 9.3.6.244.23: . ack 49 win 65535
[tos 0x1

2. Press Ctrl-C to stop the output display:

^C

38 packets received by filter
0 packets dropped by kernel

Useful data can be gained from the tcpdump output simply by recognizing the source IP addresses in the traffice (shown in bold type in the sample output). Thus, the sample output shows that ent2 is physically attached to the wrong network segment. The source IP addressses should be in the 9.2.6.22x range, not the 9.3.6.24x range. It is possible that swapping the cables for ent2 and ent3 may solve the problem. If not, you may need to ask your network administrator to reconfigure switch ports to pass the correct traffic. With the information you gain from using the netstat -v and tcpdump tools, you can better decide which action is most appropriate.

AIX provides many tools for querying TCP/IP status on AIX servers. However, the netstat and tcpdump commands do provide some methods for quick problem determination. For example, these tools can help determine if you own the problem or if it needs to be addressed by a network administrator.

For additional information, please refer to AIX Online Documents at the following URL:
http://publib16.boulder.ibm.com/pseries/

interview questions

Linux network administrator questions
1 comment
by admin in UNIX Interview questions and answers

1. Give an example of set of shell commands that will give you the number of files in a directory
2. How do you tell what process has a TCP port open in Linux
3. On a Red Hat Linux Variant how do you control whether a service starts when the system boots
4. How do you tell the amount of free disk space left on a volume
5. Give an example of a set of shell commands to tell how many times “bob” has logged on to the system this month
6. Give an example of a recursively copying a directory from one location to another.
7. How do you modify the IP and Net mask of a system running a Red Hat Variant of Linux
8. Give an example of a set of shell commands that will give you the number of “httpd” processes running on a Linux box.
9. On CentOS or Fedora based system using the package management application, how do you tell what package provided the file “libnss_ldap.so”
10. What is the difference between VTP client, server, and transparent
11. What is the maximum length of CAT6
12. How does one set up a layer two link to share VLANs
13. How does one implement redundant links at Layer 2
14. What is the difference between a hub, switch, and a router
a. What are the security advantages of switch vs. hub
15. Show an example of using telnet to learn the headers of an http server.
16. In what OSI layer does PPP exist
17. What’s the difference between TCP and UDP
18. Given a DNS server that has just started (with an empty cache) and host contacting this DNS server (using it’s OS setting) to learn an address for google.com, list the steps the DNS server will take to learn it with IP addresses (each step will have multiple possible IP addresses – you need choose only one per step).
19. Why are layer 2 loops bad, and what protocol was designed to prevent them
20. Given a radius server at 10.0.0.2 and a shared key of ‘abc123’ show the IOS commands necessary to authenticate switch users against the radius server, while still allowing the use of local username / password pairs
tags: administrator, Interview, linux, network, Questions
1 comment...
July 12, 2010 11:42 pm
Basic sed questions and answers
1 comment
by admin in UNIX Interview questions and answers

1. What is sed? – sed is stream editor, a Unix tool for working with streams of text data. See the awful truth about sed.
2. How do you substitute strings with sed? – Use ’s/old/new’ command, so sed ’s/hello/goodbye/’ would substitute the occurrence of the word hello to goodbye.
3. How do you inject text with sed? – & in the substitution string defines the pattern found in the search string. As an example, here’s us trying to find a word ‘hello’ and replacing it with ‘hello and how are you’:

echo ‘hello there’ | sed ’s/^hello/& and how are you/’
4. Can I find several patterns and refer to them in the replacement string? – Yes, use (pattern) and then refer to your patterns as \1, \2, \3 and so on.
5. If the string is ‘old old old’ and I run ’s/old/new’, I get ‘new old old’ as the result. I need ‘new new new‘. – You forgot the global modifier, which would replace every occurrence of the pattern with the substitution. ’s/old/new/g‘ will work.
6. But I want ‘old old new’ from the previous example. – Just use the numeric modifier saying you want the third occurrence to be replaced. ’s/old/new/3‘ will work.
7. I wrote a rather complex sed script. How do I save and run it? – Assuming that your file is named myscript1.sed, you can invoke sed -f myscript1.sed.
8. How do I delete trailing whitespaces from each line? – sed ’s/[ \t]*$//’ Here we’re replacing any occurrence of a space or a tab with nothing. Check sed one-liners for more examples.
9. How do you print just a few first lines of the file? – sed 1q will give you just the first line, sed 10q the first 10 lines.
10. How do you replace a pattern only if it’s found, so that it’s executed faster? – Nest the replacement statement: sed ‘/old/ s/old/new/g’ file.txt

Original Article: http://www.ugetjob.com/?p=428
tags: interview questions and answers, sed, UNIX
1 comment...
May 8, 2010 6:45 pm
AIX Interview Questions and Answers
1 comment
by admin in UNIX Interview questions and answers

I collected some useful interview questions from various sites and I thought these questions might help our readers or job seekers to strength their knowledge. Most of the questions are AIX, HACMP, Network related. Enjoy.

Can you explain the steps to Mirroring rootvg in your environment?

Mirroring “rootvg” protects the operating system from a disk failure. Mirroring “rootvg” requires a couple extra steps compared to other volume groups. The mirrored rootvg disk must be bootable *and* in the bootlist. Otherwise, if the primary disk fails, you’ll continue to run, but you won’t be able to reboot.

In brief, the procedure to mirror rootvg on hdisk0 to hdisk1 is

1. Add hdisk1 to rootvg: extendvg rootvg hdisk1

2. Mirror rootvg to hdisk1: mirrorvg rootvg hdisk1 (or smitty mirrorvg)

3. Create boot images on hdisk1: bosboot -ad /dev/hdisk1

4. Add hdisk1 to the bootlist:bootlist -m normal hdisk0 hdisk1

5. Reboot to disable quorum checking on rootvg. The mirrorvg turns off quorum by default, but the system needs to be rebooted for it to take effect.

What is VPN and how it works?

A VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses “virtual” connections routed rough the Internet from the company’s private network to the remote site or employee.

What is daemon?

A daemon (pronounced DEE-muhn) is a program that runs continuously and exists for the purpose of handling periodic service requests that a computer system expects to receive. The daemon program forwards the requests to other programs (or processes) as appropriate. Each server of pages on the Web has an HTTPD or Hypertext Transfer Protocol daemon that continually waits for requests to come in from Web clients and their users.

There are several daemon in AIX environment, such as, sshd, inetd, and so on.

Can you describe SAN in your won word?

A storage area network (SAN) is a high-speed special-purpose network (or subnetwork) that interconnects different kinds of data storage devices with associated data servers on behalf of a larger network of users. Typically, a storage area network is part of the overall network of computing resources for an enterprise. A storage area network is usually clustered in close proximity to other computing resources such as IBM Power5 boxes but may also extend to remote locations for backup and archival storage, using wide area network carrier technologies such as ATM or SONET .

A storage area network can use existing communication technology such as IBM’s optical fiber ESCON or it may use the newer Fibre Channel technology. Some SAN system integrators liken it to the common storage bus (flow of data) in a personal computer that is shared by different kinds of storage devices such as a hard disk or a CD-ROM player.

SANs support disk mirroring, backup and restore, archival and retrieval of archived data, data migration from one storage device to another, and the sharing of data among different servers in a network. SANs can incorporate subnetworks with network-attached storage (NAS) systems.

So you mention NAS, but What is NAS?

Network-attached storage (NAS) is hard disk storage that is set up with its own network address rather than being attached to the department computer that is serving applications to a network’s workstation users. By removing storage access and its management from the department server, both application programming and files can be served faster because they are not competing for the same processor resources. The network-attached storage device is attached to a local area network (typically, an Ethernet network) and assigned an IP address. File requests are mapped by the main server to the NAS file server.

Network-attached storage consists of hard disk storage, including multi-disk RAID systems, and software for configuring and mapping file locations to the network-attached device. Network-attached storage can be a step toward and included as part of a more sophisticated storage system known as a storage area network (SAN).

NAS software can usually handle a number of network protocols, including Microsoft’s Internetwork Packet Exchange and NetBEUI, Novell’s Netware Internetwork Packet Exchange, and Sun Microsystems’ Network File System. Configuration, including the setting of user access priorities, is usually possible using a Web browser.

What is SMTP and how it works?

SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server. In other words, users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving e-mail. On Unix-based systems, sendmail is the most widely-used SMTP server for e-mail. A commercial package, Sendmail, includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be set up to include POP3 support.

SMTP usually is implemented to operate over Internet port 25.

Do you have any idea about NAT?

Short for Network Address Translation, an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations.

NAT serves three main purposes:

* Provides a type of firewall by hiding internal IP addresses
* Enables a company to use more internal IP addresses. Since they’re used internally only, there’s no possibility of conflict with IP addresses used by other companies and organizations.
* Allows a company to combine multiple ISDN connections into a single Internet connection.

Explain DHCP and its uses to an environment?

Short for Dynamic Host Configuration Protocol, a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device’s IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.

Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. Many ISPs use dynamic IP addressing for dial-up users.

What does SNMP stands for?

Short for Simple Network Management Protocol, a set of protocols for managing complex networks. SNMP works by sending messages, called Protocol Data Units, to different parts of a network. SNMP-compliant devices, called Agents, store data about themselves in Management Information Bases and return this data to the SNMP requesters.

What do you know about TCPDump?

TCPdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Tcpdump works on most Unix-like platforms: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. On Windows, WinDump can be used; it’s a port of tcpdump to Windows.

You must have a root or super user authority to use TCPdumps in UNIX like envrionment.

How do I remove a volume group with no disks?

This is a very common question about AIX LVM and I knew that you will ask me this one. Within a volume group there is a Volume Group Descriptor Area (VGDA) which is kinda a “suitcase” of lvm information. This is what allows you to pick up your drives and take them to another machine, importvg them, and get filesystems automatically defined.

What happens, when you importvg the volume group, the command goes out and reads the VGDA and finds out about all the logical volumes and filesystems that may exist on the
volume group. It then checks for clashes (name conflicts, etc..) on its own machine and then, populates its own database with information about the new volume group and
its associated logical volumes. In cases of file systems, it will go into the /etc/filesystems file and add the new filesystem entries that came along with the imported volume group.

The main question I see is “I’ve taken away the disks, but how do I get rid of the volume group”. The question should really say, “How do I get rid of the volume group INFORMATION” since that’s all you have on the system. You’ve got possible entries in
the /etc/filesystems and definitely entries in the ODM. Just do:
exportvg

It does a reverse importvg, except it doesn’t go off and read the VGDA. It nukes anything relating to the volume group in the /etc/filesystems and ODM. The only time this won’t work is if the system detects that the volume group is varied on. Then, it would be like trying to change tires on a moving car, we won’t let you do it!

How do you you get rid of a disk that is no longer really in the VG?
In this case, you DON’T want to do an exportvg. What you want to do is tell the system you want to cut out the memory of the old, bad disk from the RS/6000 AND from the VGDA of the volume group. You simply do: reducevg -d -f
or if the hdname can’t be found:
reducevg -d -f
Be careful with this command. Unlike the exportvg command, actions done
with this command WILL affect the VGDA information on the platter.

What is Capacity on Demand?

Capacity on Demand (CoD) encompasses the various capabilities for you to dynamically activate one or more resources on your server as your business peaks dictate. You can activate inactive processors or memory units that are already installed on your server on a temporary and permanent basis.

Usually, the Capacity on Demand is used for IBM System i5™ and eServer™ i5 and IBM System p5™ and eServer p5 520, 550, 570, 590, and 595 models. Some servers include a number of active and inactive resources. Active processors and active memory units are resources that are available for use on your server when it comes from the manufacturer. Inactive processors and inactive memory units are resources that are included with your server but are not available for use until you activate them.

What is Hardware Management Console (HMC)?

The HMC is a server or stand alone machine that provides a graphical user interface tool to manage several Power Systems. The HMC manages system through hypervisor and operating system. From version 7 it is truly web based and you can configure, installs and manage, partitioned, virtualization most of your Power5 and 6 boxes via HMC. There are many tasks you can do with HMC, such as,

* Powering off and on of the partition
* Configure and activate resources to the system
* Creates and stores LPAR profiles and allocated resources to them.
* HMC do the dynamic memory reconfiguration of the partition.
* Setup VIO server and VIO client thru HMC and do micro-partition, create storage
* pool and processor pool with it
* Provide virtual console to the partition

Most of the time we installed dual HMC for redundancy and make sure to achieve more uptime in a wide system

Why do I need a Hardware Management Console, anyway?

You need a HMC if you plan to:

– Configure and manage logical partitions and partition profiles (selected models can configure LINUX partitions without a HMC).
– Perform DLPAR (dynamic LPAR) functions.
– Activate and manage Capacity on Demand resources.

You can also use the HMC to:
– Perform service functions
– Manage frames (towers), IOPs and IOAs. * Note that you cannot see below the IOA to the device level.
– Manage system profiles (yes, you can have more than one!)
– Power on and power down. The Service Processor is always hot if there is power to the server.
– Activate and manage Virtualization Engine technologies.
– 5250 emulation so you can get a console up on a i5/OS partition or a virtual terminal window for AIX or LINUX.

What is kernel?

The kernel is the essential center of a computer operating system, the core that provides basic services for all other parts of the operating system. A synonym is nucleus. A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands. Kernel and shell are terms used more frequently in UNIX operating systems than in IBM mainframe or Microsoft Windows systems.

Typically, a kernel (or any comparable center of an operating system) includes an interrupt handler that handles all requests or completed I/O operations that compete for the kernel’s services, a scheduler that determines which programs share the kernel’s processing time in what order, and a supervisor that actually gives use of the computer to each process when it is scheduled. A kernel may also include a manager of the operating system’s address spaces in memory or storage, sharing these among all components and other users of the kernel’s services. A kernel’s services are requested by other parts of the operating system or by application programs through a specified set of program interfaces sometimes known as system calls.

What is RMC?

The Resource Monitoring and Control (RMC) subsystem is the scalable backbone of RSCT that provides a generalized framework for managing resources within a single system or a cluster. Its generalized framework is used by cluster management tools to monitor, query, modify, and control cluster resources. RMC provides a single monitoring and management infrastructure for both RSCT peer domains and management domains. RMC can also be used on a single machine, enabling you to monitor and manage the resources of that machine. However, when a group of machines, each running RMC, are clustered together, the RMC framework allows a process on any node to perform an operation on one or more resources on any other node in the domain.

What information is stored in Object Data Manager?

It is a database of system and device configuration information integrated into IBM’s AIX operating system. The ODM is unique to AIX compared to other UNIX operating systems.

Example of information stored in the ODM database are:

* Network configuration
* Logical volume management configuration
* Installed software information
* Devices that AIX has drivers for
* Logical devices or software drivers
* Physical hardware device installed
* Menus, screens and commands that SMIT uses

Explain a little about Vital Product Data (VPD)?

VPD in AIX and Linux is a collection of configuration and informational data associated with a particular set of hardware or software. VPD refers to a subset of database tables in the Object Data Manager (ODM), Therefore the VPD and ODM terms are sometimes referred to interchangeably.

Vital product data (VPD) stores information such as part numbers, serial numbers, and engineering change levels from the Customized VPD object class or platform specific areas, not all devices contain VPD data.

Does HACMP work on different operating systems?

Yes. HACMP is tightly integrated with the AIX 5L operating system and System p servers allowing for a rich set of features which are not available with any other combination of operating system and hardware. HACMP V5 introduces support for the Linux operating system on POWER servers. HACMP for Linux supports a subset of the features available on AIX 5L, however this mutli-platform support provides a common availability infrastructure for your entire enterprise.
What applications work with HACMP?

All popular applications work with HACMP including DB2, Oracle, SAP, WebSphere, etc. HACMP provides Smart Assist agents to let you quickly and easily configure HACMP with specific applications. HACMP includes flexible configuration parameters that let you easily set it up for just about any application there is.
Does HACMP support dynamic LPAR, CUoD, On/Off CoD, or CBU?

HACMP supports Dynamic Logical Partitioning, Capacity Upgrade on Demand, On/Off Capacity on Demand and Capacity Backup Upgrade.
If a server has LPAR capability, can two or more LPARs be configured with unique instances of HACMP running on them without incurring additional license charges?

Yes. HACMP is a server product that has one charge unit: number of processors on which HACMP will be installed or run. Regardless of how many LPARs or instances of AIX 5L that run in the server, you are charged based on the number of active processors in the server that is running HACMP. Note that HACMP configurations containing multiple LPARs within a single server may represent a potential single point-of-failure. To avoid this, it is recommended that the backup for an LPAR be an LPAR on a different server or a standalone server.

Does HACMP support non-IBM hardware or operating systems?

Yes. HACMP for AIX 5L supports the hardware and operating systems as specified in the manual where HACMP V5.4 includes support for Red Hat and SUSE Linux.
What is nmon tool do?

The nmon tool is designed for AIX and Linux performance specialists to use for monitoring and analyzing performance data, including:

* CPU utilization
* Memory use
* Kernel statistics and run queue information
* Disks I/O rates, transfers, and read/write ratios
* Free space on file systems
* Disk adapters
* Network I/O rates, transfers, and read/write ratios
* Paging space and paging rates
* CPU and AIX specification
* Top processors
* IBM HTTP Web cache
* User-defined disk groups
* Machine details and resources
* Asynchronous I/O — AIX only
* Workload Manager (WLM) — AIX only
* IBM TotalStorage® Enterprise Storage Server® (ESS) disks — AIX only
* Network File System (NFS)
* Dynamic LPAR (DLPAR) changes — only pSeries p5 and OpenPower for either AIX or Linux

Also included is a new tool to generate graphs from the nmon output and create .gif files that can be displayed on a Web site.

What is Logical Volume Manager(LVM) means?

The set of operating system commands, library subroutines and other tools that allow you to establish and control logical volume storage is called the Logical Volume Manager (LVM).

What is a Logical partition?

A logical partition (LPAR) is the division of a computer’s processors, memory, and hardware resources into multiple environments so that each environment can be operated independently with its own operating system and applications.

Explain Network File Systems(NFS)?

The Network File System (NFS) is a distributed file system that allows users to access files and directories of remote servers as if they were local. Suppose,

Server A, that makes its file systems, directories, and other resources available for remote access. Client’s computers, or their processes, that use a server’s resources.

Export the act of making file systems available to remote clients.

Mount the act of a client accessing the file systems that a server exports.

What is Network Information Service (NIS)?

NIS was developed to simplify the task of administrating a number of machines over a network. In particular was the requirement to maintain copies of common files (e.g. password, group and host) across different systems.

What is software RAID Levels do?
Redundant Arrays of Independent Disks (RAID) is formally defined as a method to store data on any type of disk medium.

LDAP

The Light Directory Access Protocol (LDAP) defines a standard method for accessing and updating information in a directory (a database) either locally or remotely in a client-server model.

network

How to remove IP address from a NIC
no comments
by admin in AIX

How to remove IP address from a NIC

root [AIXServer] /: chdev -l en1 -a state=down
en1 changed

root [AIXServer] /: chdev -l en1 -a netaddr=''
en1 changed
root [AIXServer] /: chdev -l en1 -a netmask=''
en1 changed

root [AIXServer] /: lsattr -El en1
alias4 IPv4 Alias including Subnet Mask True
alias6 IPv6 Alias including Prefix Length True
arp on Address Resolution Protocol (ARP) True
authority Authorized Users True
broadcast Broadcast Address True
mtu 1500 Maximum IP Packet Size for This Device True
netaddr Internet Address True
netaddr6 IPv6 Internet Address True
netmask Subnet Mask True
prefixlen Prefix Length for IPv6 Internet Address True
remmtu 576 Maximum IP Packet Size for REMOTE Networks True
rfc1323 Enable/Disable TCP RFC 1323 Window Scaling True
security none Security Level True
state down Current Interface Status True
tcp_mssdflt Set TCP Maximum Segment Size True
tcp_nodelay Enable/Disable TCP_NODELAY Option True
tcp_recvspace Set Socket Buffer Space for Receiving True
tcp_sendspace Set Socket Buffer Space for Sending True
root [AIXServer] /:

tags: IP address, NIC, Remove
No comment?
September 17, 2010 11:33 pm
Add a route with a specific mtu value
no comments
by admin in AIX

Technote (FAQ)

This document applies only to the following language version(s):

US English
Question

How do you add a route with a specific mtu value when it is different than the interfaces default mtu value?
Answer

To add a route with a different mtu value other than interfaces default mtu value you will need to run the "route add" command. You can not add the route via smit or smitty.

Add a network specific route with mtu of 1500.
#route add -net -mtu 1500

Example: Add route to 192.18.5.0 network using gateway address of 192.19.88.1 with an mtu of 1500.
#route add 192.18.5.0 192.19.88.1 -mtu 1500

Add a host specific route with mtu of 1500.
#route add -host -mtu 1500

Example: Add a route to 10.55.44.22 host using the gateway of 192.88.5.1 with the mtu of 1500.
#route add -host 10.55.44.22 192.88.5.1 -mtu 1500

To display newly added route:

#pmtu display

Example:
dst gw If pmtu refcnt redisc_t exp
192.18.5.0 192.19.88.1 en0 1500
10.55.44.22 192.88.5.1 en1 1500

tags: route, specifi MTU
No comment?
11:33 pm
Verify MTU value of route.
no comments
by admin in AIX

Technote (FAQ)

This document applies only to the following language version(s):

US English
Question

How do you verify a route is using an MTU value of 1500 versus 9000 (jumbo frames)?
Answer

To verify that the route is using an MTU of 1500 instead 9000 (jumbo frames) run iptrace and capture the 3-way handshake of a connection. Look at the MSS value. If the MSS is lower than 1500 then it isn't using jumbo frames.


1. Start iptrace:
#startsrc -s iptrace -a "-a -d /tmp/filename.ipt"

2. Use telnet or ssh to connect to the ip address of the route that you are trying to verify mtu value of.

3. Stop the iptrace:
#stopsrc -s iptrace

Run ipreport on the binary output file:

#ipreport -rnsC /tmp/filename.ipt > /tmp/filename.ipt.txt

Use vi to view the text output file. Search for SYN/ACK packet in the 3 way handshake.

Example of output:
Packet Number 2
ETH: ====( 74 bytes received on interface en3 )==== 14:59:21.176136222
ETH: [ 00:01:e8:53:47:1c -> 00:1a:64:fb:3f:60 ] type 800 (IP)
IP: < SRC = 10.199.172.200 >
IP: < DST = 192.58.3.186 >
IP: ip_v=4, ip_hl=20, ip_tos=0, ip_len=60, ip_id=0, ip_off=0 DF
IP: ip_ttl=63, ip_sum=c038 (valid), ip_p = 6 (TCP)
TCP:
TCP: th_seq=4187237060, th_ack=2426507443
TCP: th_off=10, flags
TCP: th_win=5792, th_sum=df6 (valid), th_urp=0
TCP: mss 1460
TCP: nop
TCP: nop
TCP: timestamps TSVal: 0x1479d1e6 TSEcho: 0x4cdba034
TCP: nop
TCP: wscale 7

The mss is 1460 so it is indeed using the mtu value of 1500 and not using an mtu of 9000 (jumbo frames).

Read

This document applies only to the following language version(s):

US English
Question

How to verify that a UDP port is open and how to test that the port is working for a third party application.
Answer

Command to verify that a port is open to receive incoming connections.

#netstat -an |grep

Example: tftp uses port 69 to transfer data

#netstat -an |grep .69

Proto Recv-Q Send-Q Local Address Foreign Address (state)
udp 0 0 *.69 *.*


To capture the udp packets to prove that a specific port is being used you can either run the tcpdump command or the iptrace command.

#tcpdump "port #" (where # is the number of the port you are testing)

or
#startsrc -s iptrace -a "-a -p # /tmp/udp.port" (where # is the number of the port you are testing)
#stopsrc -s iptrace (stop iptrace command)
#ipreport -rnsC /tmp/udp.port /tmp/udp.port.out (format the iptrace binary to a text readable format)

Example: Start the packet capture.

#tcpdump 'port 69'

Then use tftp to transfer a file. This is an example of transferring the /etc/motd file from a system called dipperbso to a system called burritobso.

#tftp -p /etc/motd burritobso /tmp/motd

Example of the output:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en0, link-type 1, capture size 96 bytes
08:50:24.627840 IP dipperbso.52046 > burritobso.tftp: 21 WRQ "/tmp/motd" netascii

tags: iptrace, netsta, network, Open, port, tcpdump, UDP
No comment?
April 18, 2010 4:21 pm
Taking tcpdumps on SLES10 Linux for zSeries
no comments
by admin in linux

Technote (FAQ)

Question
How to take a tcpdump on Linux for zSeries

Answer

Depending on the virtual switch type, special considerations need to be taken in order to collect a usable tcpdump on a Linus Guest running on a zSeries. This document addresses SLES 10.


DETERMINE THE SWITCH TYPE
-------------------------
Verify that you have vmcp installed. (You are going to need other tools
provide by teh S390-tools RPM as well.)
# rpm -q --whatprovides /sbin/vmcp
s390-tools-1.6.3-0.10

Make sure the module is loaded.
# modprobe vmcp

Display the switch detail
# vmcp q vswitch detail

You re looking for a field that will be either be LL2VSW for layer2 or
LL3VSW for layer 3. For example:

VSWITCH SYSTEM LL2VSW Type: VSWITCH Connected: 4 Maxconn: INFINITE
PERSISTENT RESTRICTED ETHERNET Accounting: OFF
VLAN Unaware
MAC address: 02-00-00-00-00-02
State: Disconnected - operator
IPTimeout: 5 QueueStorage: 8


LAYER TWO SWITCH ENVIRONMENT
----------------------------
In a layer two switch environment tcpdump will work as expected.


LAYER THREE SWITCH ENVIRONMENT
------------------------------
You will find a lot of documentation regarding setting the fake_ll
option to collect proper tcpdumps. This is not really a full working
solution as it only "patches" the incoming frames. Outgoing frames are
not corrected. For example the outgoing frames are of type "Unknown"
For example:

4:44:43.917779 00:00:40:01:c2:f1 (oui Unknown) > 45:00:00:54:23:ea (oui
Unknown), ethertype Unknown (0x092f), length 84:
0x0000: 4166 092f 400a 0000 f4eb d92d 0007 ec2f
Unknown (0x092f), length 84:
0x0000: 4166 092f 400a 0000 f4eb d92d 0007 ec2f Af./@......-.../
0x0010: 4849 0c63 0600 0809 0a0b 0c0d 0e0f 1011 HI.c............
0x0020: 1213 1415 1617 1819 1a1b 1c1d 1e1f 2021 ...............!
0x0030: 2223 2425 2627 2829 2a2b 2c2d 2e2f 3031 "#$%&'()*+,-./01
0x0040: 3233 3435 3637 234567
Af /@
.....-.../HI.c...
.................. !"#$%&'()*+,-./01234567
44:44.918537 IP svcprod.svc.beaverton.ibm.com > z900sles10.svc.beaverton.ibm.com: ICMP echo request, id 55597, seq 8, length 64
E..T..@.?... /@
/Af.....-.../HIAf...
.................. !"#$%&'()*+,-./01234567
THE TCPWRAPPER SCRIPT
---------------------
SLES10 provides a Perl script that can be used insted of the
actual tcpdump command. The script is part of the tcpdump RPM.
The script works the same regardless of the setting of fake_ll.

For example:
z900sles10:/etc/sysconfig # rpm -q --list tcpdump-3.9.4-14.6
/usr/sbin/tcpdump
/usr/sbin/tcpdump-qeth <- -the script

The script uses the same syntax as the actual tcpdump command.

For example, we take a capture:
# /usr/sbin/tcpdump-qeth -r /tmp/out

We then display the capture.
# tcpdump -r /tmp/out

or using he script

# /usr/sbin/tcpdump-qeth -r

By default the script only displays the default 98 bytes. If you need to
capture and display the full 1500 bytes you can patch the script as follows.

NOTE: This is current as of SLES10 SP2
# cd /usr/sbin/ # cp tcpdump-qeth tcpdump-qeth.org # patch < tcpdump-qeth.patch
after you create:

# cat tcpdump-qeth.patch --- tcpdump-qeth.org 2008-12-19 11:13:07.000000000 +0000 +++ tcpdump-qeth 2008-12-19 14:17:28.000000000 +0000 @@ -17,7 +17,7 @@ $incmd = "cat $options{'r'}"; $filter_out = 1; } else { - $incmd = "tcpdump -l -w -"; + $incmd = "tcpdump -s 0 -l -w -"; $filter_out = 0; if ( defined($options{'i'}) ) { $incmd .= " -i ".$options{'i'};




tags: linux, SLES10, tcpdump, zSeries
No comment?
April 13, 2010 3:04 pm
Using AIX Tools to Debug Network Problems
no comments
by admin in AIX

Technote (FAQ)

Problem
Using AIX Tools to Debug Network Problems

Solution

This document discusses some standard AIX commands that can check for network connectivity or performance problems.

From time to time users may be unable to access servers via their client applications or they may experience performance problems. When application and system checks do not indicate the problem, the system administrator may need to check the network or the system's network settings to find the problem. Using standard AIX tools, you can quicky determine if a server is experiencing a network problem due to configuration or network issues. These tools include the netstat and tcpdump commands, which can help you isolate problems, from loss of connectivity to more complex network performance problems.

Basic tools and the OSI-RM
Using the netstat command
Using the tcpdump command
Basic tools and the OSI-RM

The AIX commands you can use for a quick checkup include the lsdev, errpt, netstat and tcpdump commands. With these tools, you can assess the lower layers of your system's network configuration within the model known as the Open Systems Interconnection (OSI) Reference Model (RM) (see Table 1). Using the OSI-RM allows you to check common points of failure, without spending too much time looking at elusive errors that might be caused by loss of network access within an application.
Open Systems Interconnection Reference Model

Model Layer Function Assessment Tools

7. Application Layer Consists of application .
programs that use the network.
6. Presentation Layer Standardizes data presentation
to the applications.
5. Session Layer Manages sessions between
applications.
4. Transport Layer Organizes data grams into netstat -s
segments and reliably delivers iptrace
them to upper layers. tcpdump
3. Network Layer Manages connections across the netstat -in, -rn, -s, -D
network for the upper layers. topas
iptrace
tcpdump
2. Data Link Layer Provides reliable data delivery netstat -v, -D
across the physical link. iptrace
tcpdump
1. Physical Layer Defines the physical netstat -v, -D
characteristics of the lsdev -C
network media. errpt
iptrace
tcpdump

Using the netstat command

One of the netstat tools, the netstat -v command, can help you decide if corrective action needs to be taken on the server or elsewhere in the network. Output from this command is the same as the entstat, tokstat, fddistat, and atmstat commands combined. The netstat -v command assesses the physical and data link layers of the OSI-RM. Thus, it is one of the first commands you should use, after determining that there is no hardware availability problem. (The errpt and lsdev -C commands can help determine availability.) The netstat -v output can indicate whether you need to adjust configuration of a network adapter (to reestablish or improve communications) or tune an adapter for better data throughput.
Sample scenario

A simple scenario illustrates how the netstat -v command helps determine why a system is not communicating on its network.

The scenario assumes a system with the following characteristics:

* An IBM 4-Port 10/100 Mbps Ethernet PCI Adapter (ent0 - ent3)
* An onboard IBM 10/100 Mbps Ethernet PCI Adapter (ent4)
* A single cable connected to one of the ports on the four-port adapters
* A single IP address configured, on en0, which also maps to one of the logical devices (ent0) on the 4-Port card

The problem: Since TCP/IP was configured on en0, the system has been unable to ping any system on the network.
Example 1

1. The lsdev -C and errpt commands were used to verify the availability of the adapter and interface.'


2. The netstat -in command (interface configuration) and the netstat -rn (route configuration) command were used to check the IP configuration.


3. After the first two preliminary steps, the next step is to use the netstat -v command to review specific statistics for adapter operations. Without a filter, the netstat -v command produces at least 10 screens of data, so this examples uses the netstat -v ent0 command to limit the output as follows:

netstat -v ent0 | grep -p "Specific Statistics"

The RJ45 Port Link Status line in the sample output indicates whether or not the adapter has a link to the network. In this example, the RJ45 Port Link Status is down.

IBM 4-Port 10/100 Base-TX Ethernet PCI Adapter Specific Statistics:
------------------------------------------------
Chip Version: 26
RJ45 Port Link Status : down
Media Speed Selected: Auto negotiation
Media Speed Running: 100 Mbps Full Duplex
Receive Pool Buffer Size: 384
Free Receive Pool Buffers: 128
No Receive Pool Buffer Errors: 0
Inter Packet Gap: 96
Adapter Restarts due to IOCTL commands: 1

4. Running netstat -v a second time without a filter allows you to check the port link status for every adapter. For example, enter:

netstat -v | more

and then use /Specific as the search string for the more command. In this example, such a search shows that ent3, not ent0, shows a port link status of up. This information indicates that the cable is in the wrong port on the 4-Port Adapter, and that moving the cable to the correct (that is, configured) port fixes the problem.

Example 2

Interpreting the portion of the netstat -v output that indicates adapter resource configuration can help isolate a system configuration problem. When setting up servers that provide for network backup (such as, TSM or SysBack), administrators commonly do some preliminary testing and achieve good results. Then, as more remote servers are added to the backup schedule, performance can decrease. Where network throughput was once good, but then has decreased, netstat -v can uncover potential problems with adapter resources.

Many modern adapters have tunable buffers that allow you to adjust the resources a device can obtain. When a backup server requires extensive resources to handle data reception, looking at the output of netstat -v for Receive Statistics and for Adapter Specific Statistics can help isolate potential network performance bottlenecks. It is not uncommon to see errors in the Adapter Specific section of the 10/100 Mbps adapter that indicate "No Receive Pool Buffer Errors". In Example 2 the netstat -v command is run twice, 30 seconds apart, while the server is handling several backup jobs. The output shows the default setting of 384 on the receive pool buffer needs to be adjusted higher. As long as no other errors suggesting additional problems show up in the output, you can safely assume that performance will improve when the receive pool buffer on ent4 is adjusted.

1. Run the following command to see specific statistics for en4:

netstat -v ent4 | grep -p "Specific Statistics"

Command output is similar to the following:

IBM 4-Port 10/100 Base-TX Ethernet PCI Adapter Specific Statistics:
------------------------------------------------
Chip Version: 26
RJ45 Port Link Status : up
Media Speed Selected: Auto negotiation
Media Speed Running: 100 Mbps Full Duplex
Receive Pool Buffer Size: 384
Free Receive Pool Buffers: 128
No Receive Pool Buffer Errors: 999875
Inter Packet Gap: 96
Adapter Restarts due to IOCTL commands: 1

2. Run the following commands to check the No Receive Pool Buffer Errors after 30 seconds:

sleep 30 ; netstat -v ent4 | grep "Receive Pool Buffer Errors"

Output is similar to the following:

No Receive Pool Buffer Errors: 1005761

Using the tcpdump command

The netstat tools (netstat -in, netstat -rn and netstat -v) cannot always determine the nature of a connection problem.
Example 3

Suppose your server has four separate network adapters configured and attached to separate network segments. Two are working fine (VLAN A and B) while no connections can be established to your server on the other two segments (VLAN C and D). The output of netstat -v shows that data is coming in on all four adapters and no errors are being logged, indicating that the configuration at the physical and data link layers is working. In such a case, you need to examine the inbound data itself. You can use the tcpdump tool to examine the data online to help you determine the connection problem.

The tcpdump command provides much data, but for quick analysis only some basics pieces of its output (IP addresses) are needed:

You also want to consider the logical configuration you have set up for your interfaces (netstat -in). In this example, en2 was configured with address 9.3.6.225 and is in VLAN C (IP network 9.3.6.224, netmask 255.255.255.240); en3 was configured with address 9.3.6.243 and is in VLAN D (IP network 9.3.6.240, netmask 255.255.255.240).

1. Run the following command to check traffic on en2:

tcpdump -i en2 -I -n

Output similar to the following is displayed:

-TIME STAMP- -SOURCE IP- -DESTINATION IP- -FLAG -ADDITION INFO-
09:04:27.313527323 9.3.6.244.23 > 9.3.6.241.38160: P 7:9(2) ack 8 win
65535
09:04:27.402377282 9.3.6.245.45017 > 9.53.168.52.23: . ack 24 win
17520 (DF) [tos 0x10]
09:04:27.418818536 9.3.6.241.38160 > 9.3.6.244.23: . ack 9 win 65535
[tos 0x10
09:04:27.419054751 9.3.6.244.23 > 9.3.6.241.38160: P 9:49(40) ack 8
win 65535
09:04:27.524512144 9.3.6.245.45017 > 9.53.168.52.23: P 4:5(1) ack 24
win 17520 (DF) [tos 0x10]
09:04:27.526159054 9.53.168.52.23 > 9.3.6.245.45017: P 24:25(1) ack 5
win 2482 (DF)
09:04:27.602600775 9.3.6.245.45017 > 9.53.168.52.23: . ack 25 win
17520 (DF) [tos 0x10]
09:04:27.628488745 9.3.6.241.38160 > 9.3.6.244.23: . ack 49 win 65535
[tos 0x1

2. Press Ctrl-C to stop the output display:

^C

38 packets received by filter
0 packets dropped by kernel

Useful data can be gained from the tcpdump output simply by recognizing the source IP addresses in the traffice (shown in bold type in the sample output). Thus, the sample output shows that ent2 is physically attached to the wrong network segment. The source IP addressses should be in the 9.2.6.22x range, not the 9.3.6.24x range. It is possible that swapping the cables for ent2 and ent3 may solve the problem. If not, you may need to ask your network administrator to reconfigure switch ports to pass the correct traffic. With the information you gain from using the netstat -v and tcpdump tools, you can better decide which action is most appropriate.

AIX provides many tools for querying TCP/IP status on AIX servers. However, the netstat and tcpdump commands do provide some methods for quick problem determination. For example, these tools can help determine if you own the problem or if it needs to be addressed by a network administrator.

For additional information, please refer to AIX Online Documents at the following URL:
http://publib16.boulder.ibm.com/pseries/

Special shell variables in AIX

There are some variables which are set internally by the shell and which are
available to the user:


$1 - $9 these variables are the positional parameters.
$0 the name of the command currently being executed.
$argv[20] refers to the 20th command line argument
$# the number of positional arguments given to this
invocation of the shell.
$? the exit status of the last command executed is
given as a decimal string. When a command
completes successfully, it returns the exit status
of 0 (zero), otherwise it returns a non-zero exit
status.
$$ the process number of this shell - useful for
including in filenames, to make them unique.
$! the process id of the last command run in
the background.
$- the current options supplied to this invocation
of the shell.
$* a string containing all the arguments to the
shell, starting at $1.
$@ same as above, except when quoted :
"$*" expanded into ONE long element : "$1 $2 $3"
"$@" expanded into THREE elements : "$1" "$2" "$3"
shift : $2 -> $1 ...)


special characters


The special chars of the Korn shell are :
$ \ # ? [ ] * + & | ( ) ; ` " '
- A pair of simple quotes '...' turns off the significance of ALL enclosed
chars
- A pair of double quotes "..." : idem except for $ ` " \
- A '\' shuts off the special meaning of the char immediately to its right.
Thus, \$ is equivalent to '$'.
- In a script shell :
# : all text that follow it up the newline is a comment
\ : if it is the last char on a line, signals a continuation line
qui suit est la continuation de celle-ci


Evaluating shell variables
The following set of rules govern the evaluation of all shell variables.


$var signifies the value of var or nothing,
if var is undefined.
${var} same as above except the braces enclose
the name of the variable to be substituted.
+-------------------+---------------------------+-------------------+
| Operation | if str is unset or null | else |
+-------------------+---------------------------+-------------------+
| var=${str:-expr} | var= expr | var= ${string} |
| var=${str:=expr} | str= expr ; var= expr | var= ${string} |
| var=${str:+expr} | var becomes null | var= expr |
| var=${str:?expr} | expr is printed on stderr | var= ${string} |
+-------------------+---------------------------+-------------------+


The if statement
The if statement uses the exit status of the given command


if test
then
commands (if condition is true)
else
commands (if condition is false)
fi


if statements may be nested:


if ...
then ...
else if ...
...
fi
fi


Test on numbers :


((number1 == number2))
((number1 != number2))
((number1 number2))
((number1 > number2))
((number1 = number2))
((number1 >= number2))
Warning : 5 different possible syntaxes (not absolutely identical) :
if ((x == y))
if test $x -eq $y
if let "$x == $y"
if [ $x -eq $y ]
if [[ $x -eq $y ]]


Test on strings: (pattern may contain special chars)


[[string = pattern]]
[[string != pattern]]
[[string1 string2]]
[[string1 > string2]]
[[ -z string]] true if length is zero
[[ -n string]] true if length is not zero
Warning : 3 different possible syntaxes :
if [[ $str1 = $str2 ]]
if [ "$str1" = "$str2" ]
if test "$str1" = "$str2"


Test on objects : files, directories, links ...


examples :
[[ -f $myfile ]] # is $myfile a regular file?
[[ -x /usr/users/judyt ]] # is this file executable?
+---------------+---------------------------------------------------+
| Test | Returns true if object... |
+---------------+---------------------------------------------------+
| -a object | exist; any type of object |
| -f object | is a regular file or a symbolic link |
| -d object | is a directory |
| -c object | is a character special file |
| -b object | is a block special file |
| -p object | is a named pipe |
| -S object | is a socket |
| -L object | is a symbolic (soft) link with another object |
| -k object | object's "sticky bit" is set |
| -s object | object isn't empty |
| -r object | I may read this object |
| -w object | I may write to (modify) this object |
| -x object | object is an executable file |
| | or a directory I can search |
| -O object | I ownn this object |
| -G object | the group to which I belong owns object |
| -u object | object's set-user-id bit is set |
| -g object | object's set-group-id bit is set |
| obj1 -nt obj2 | obj1 is newer than obj2 |
| obj1 -ot obj2 | obj1 is older than obj2 |
| obj1 -ef obj2 | obj1 is another name for obj2 (equivalent) |
+---------------+---------------------------------------------------+


The logical operators
You can use the && operator to execute a command and, if it is successful,
execute the next command in the list. For example:


cmd1 && cmd2


cmd1 is executed and its exit status examined. Only if cmd1 succeeds is
cmd2 executed. You can use the || operator to execute a command and, if it
fails, execute the next command in the command list.


cmd1 || cmd2


Of course, ll combinaisons of these 2 operators are possible. Example :


cmd1 || cmd2 && cmd3


Math operators
First, don't forget that you have to enclose the entire mathematical
operation within a DOUBLE pair of parentheses. A single pair has a
completely different meaning to the Korn-Shell.


+-----------+-----------+-------------------------+
| operator | operation | example |
+-----------+-----------+-------------------------+
| + | add. | ((y = 7 + 10)) |
| - | sub. | ((y = 7 - 10)) |
| * | mult. | ((y = 7 * 4)) |
| / | div. | ((y = 37 / 5)) |
| % | modulo | ((y = 37 + 5)) |
| | shift | ((y = 2#1011 2)) |
| >> | shift | ((y = 2#1011 >> 2)) |
| & | AND | ((y = 2#1011 & 2#1100)) |
| ^ | excl OR | ((y = 2#1011 ^ 2#1100)) |
| | | OR | ((y = 2#1011 | 2#1100)) |
+-----------+-----------+-------------------------+



Controlling execution


goto my_label
......
my_label:
-----
case value in
pattern1) command1 ; ... ; commandN;;
pattern2) command1 ; ... ; commandN;;
........
patternN) command1 ; ... ; commandN;;
esac
where : value value of a variable
pattern any constant, pattern or group of pattern
command name of any program, shell script or ksh statement
example 1 :
case $advice in
[Yy][Ee][Ss]) print "A yes answer";;
[Mm]*) print "M followed by anything";;
+([0-9)) print "Any integer...";;
"oui" | "bof") print "one or the other";;
*) print "Default";;
example 2 : Creating nice menus
PS3="Enter your choice :"
select menu_list in English francais
do
case $menu_list in
English) print "Thank you";;
francais) print "Merci";;
*) print "???"; break;;
esac
done
-----
while( logical expression)
do
....
done
while : # infinite loop
....
done
while read line # read until an EOF (or )
do
....
done fname # redirect input within this while loop
until( logical expression)
do
....
done fout # redirect both input and output
-----
for name in 1 2 3 4 # a list of elements
do
....
done
for obj in * # list of every object in the current directory
do
....
done
for obj in * */* # $PWD and the next level below it contain
do
....
done
-----
break; # to leave a loop (while, until, for)
continue; # to skip part of one loop iteration
# nested loops are allowed in ksh
----
select ident in two # a list of identifiers
do
case $ident in
one) ....... ;;
two) ..... ;;
*) print "none" ;;
esac
done


Debug mode


> ksh -x script_name
or, in a 'shell script' :
set -x # start debug mode
set +x # stop debug mode


Examples
Example 1 : loops, cases ...


#!/bin/ksh
USAGE="usage : fmr [dir_name]" # how to invoke this script
print "
+------------------------+
| Start fmr shell script |
+------------------------+
"
function fonc
{
echo "Loop over params, with shift function"
for i do
print "parameter $1" # print is equivalent to echo
shift
done # Beware that $# in now = 0 !!!
}
echo "Loop over all ($#) parameters : $*"
for i do
echo "parameter $i"
done
#----------------------
if (( $# > 0 )) # Is the first arg. a directory name ?
then
dir_name=$1
else
print -n "Directory name:"
read dir_name
fi
print "You specified the following directory; $dir_name"
if [[ ! -d $dir_name ]]
then
print "Sorry, but $dir_name isn't the name of a directory"
else
echo "-------- List of directory $dir_name -----------------"
ls -l $dir_name
echo "------------------------------------------------------"
fi
#----------------------
echo "switch on #params"
case $# in
0) echo "command with no parameter";;
1) echo "there is only one parameter : $1";;
2) echo "there are two parameters";;
[3,4]) echo "3 or 4 params";;
*) echo "more than 4 params";;
esac
#----------------------
fonc
echo "Parameters number (after function fonc) : $#"
#------- To read and execute a command
echo "==> Enter a name"
while read com
do
case $com in
tristram) echo "gerard";;
guglielmi) echo "laurent";;
dolbeau) echo "Jean";;
poutot) echo "Daniel ou Claude ?";;
lutz | frenkiel) echo "Pierre";;
brunet) echo "You lost !!!"; exit ;;
*) echo "Unknown guy !!! ( $com )"; break ;;
esac
echo "==> another name, please"
done
#------ The test function :
echo "Enter a file name"
read name
if [ -r $name ]
then echo "This file is readable"
fi
if [ -w $name ]
then echo "This file is writable"
fi
if [ -x $name ]
then echo "This file is executable"
fi
#------
echo "--------------- Menu select ----------"
PS3="Enter your choice: "
select menu_list in English francais quit
do
case $menu_list in
English) print "Thank you";;
francais) print "Merci.";;
quit) break;;
*) print " ????";;
esac
done
print "So long!"


Example 2 : switches


#!/bin/ksh
USAGE="usage: gopt.ksh [+-d] [ +-q]" # + and - switches
while getopts :dq arguments # note the leading colon
do
case $arguments in
d) compile=on;; # don't precede d with a minus sign
+d) compile=off;;
q) verbose=on;;
+q) verbose=off;;
\?) print "$OPTARG is not a valid option"
print "$USAGE";;
esac
done
print "compile=$compile - verbose= $verbose"


Example 3


###############################################################
# This is a function named 'sqrt'
function sqrt # square the input argument
{
((s = $1 * $1 ))
}
# In fact, all KornShell variables are, by default, global
# (execpt when defined with typeset, integer or readonly)
# So, you don't have to use 'return $s'
###############################################################
# The shell script begins execution at the next line
print -n "Enter an integer : "
read an_integer
sqrt $an_integer
print "The square of $an_integer is $s"


Example 4


#!/bin/ksh
############ Using exec to do I/O on multiple files ############
USAGE="usage : ex4.ksh file1 file2"
if (($# != 2)) # this script needs 2 arguments
then
print "$USAGE"
exit 1
fi

############ Both arguments must be readable regular files
if [[ (-f $1) && (-f $2) && (-r $1) && (-r $2) ]]
then # use exec to open 4 files
exec 3 <$1 # open $1 for input
exec 4 <$2 # open $2 for input
exec 5> match # open file "match" for output
exec 6> nomatch # open file "nomatch" for output
else # if user enters bad arguments
print "$ USAGE"
exit 2
fi
while read -u3 lineA # read a line on descriptor 3
do
read -u4 lineB # read a line on descriptor 4
if [ "$lineA" = "$lineB" ]
then # send matching line to one file
print -u5 "$lineA"
else # send nonmatching lines to another
print -u6 "$lineA; $lineB"
fi
done

print "Done, today : $(date)" # $(date) : output of 'date' command
date_var=$(date) # or put it in a variable
print " I said $date_var" # and print it...


Example 5


############ String manipulation examples ##################
read str1?"Enter a string: "
print "\nYou said : $str1"
typeset -u str1 # Convert to uppercase
print "UPPERCASE: $str1"
typeset -l str1 # Convert to lowercase
print "lowercase: $str1"
typeset +l str1 # turn off lowercase attribute
read str2?"Enter another one: "
str="$str1 and $str2" #concatenate 2 strings
print "String concatenation : $str"
# use '#' to delete from left
# '##' to delete all
# '%' to delete all
# '%%' to delete from right
print "\nRemove the first 2 chars -- ${str#??}"
print "Remove up to (including) the first 'e' -- ${str#*e}"
print "Remove the first 2 words -- ${str#* * }"
print "\nRemove the last 2 chars -- ${str%??}"
print "Remove from last 'e' -- ${str%e*}"
print "Remove the last 2 tokens -- ${str% * *}"
print "length of the string= ${#str}"
########################
# Parsing strings into words :
typeset -l line # line will be stored in lowercase
read finp?"Pathname of the file to analyze: "
read fout?"Pathname of the file to store words: "
# Set IFS equal to newline, space, tab and common punctuation marks
IFS="
,. ;!?"
while read line # read one line of text
do # then Parse it :
if [[ "$line" != "" ]] # ignore blank lines
then
set $line # parse the line into words
print "$*" # print each word on a separate line
fi
done < $finp > $fout # define the input & output paths
sort $fout | uniq | wc -l # UNIX utilities

Logical volume control block

Background

A raw logical volume is a physical partition that is not directly controlled by
AIX and the file system. Usually it is for use with databases that need better
performance than they would normally get with file systems.

Whatever the reason for using a raw logical volume, you must remember that AIX
has the ability to allow a database program to use a raw logical volume for
storing data, but expects that database program or utilities for that program
to manage the data stored in that location. AIX data management tools are
designed for working at the file system level, which is one level above the
logical volume level.

WARNING: Please note that due to the nature and differences of the databases
available today, IBM does not guarantee that any data in a database (raw or
otherwise) will be recoverable using any AIX commands.

--------------------------------------------------------------------------------

Logical volume control block

Every AIX logical volume has a 512-byte block at the beginning of the LV called
the Logical Volume Control Block (LVCB). The LVCB keeps track of information in
the logical volume. Some database vendors have chosen to write over the LVCB and
use their own methods of keeping track of the information in the LV.

When using the AIX dd command for archiving and retrieving raw logical volumes,
it is important to know if your database vendor uses the AIX LVCB or writes over
it. This information is important and is referenced later in this document.

--------------------------------------------------------------------------------

dd limitations

The AIX dd command has some limitations which must be taken into consideration
prior to archiving a raw logical volume.

The dd command cannot span multiple tapes. You must be able to fit the entire
raw logical volume onto one tape. If you require multiple tapes, your only AIX
option for archiving a raw logical volume is to use SYSBACK 6000.

The dd command in AIX 3.2 and 4.1 cannot archive a single file (or logical
volume) greater than 2GB. In AIX 4.2, the dd command has been designed to archive
data greater than 2GB in size.

--------------------------------------------------------------------------------

Steps to archive raw logical volumes
Decide on the appropriate tape device blocksize.

To check the device blocksize, execute the following command:
tctl -f /dev/rmt0 status

To change a device blocksize, execute the following command:
chdev -l rmt0 -a block_size=

Recommended values are:

9track/ 1/4in = 512
8mm/4mm/dlt = 1024


Create an archived raw logical volume.

NOTE: When you use the conv=sync flag, all reads that are smaller than the ibs
value will be padded to equal the ibs value. This can greatly affect files
sensitive to change, such as database files.

For example:

ibs=512; file filesize = 52 bytes
52 bytes + 460 blanks = 512 bytes


To archive without software compression, run the following command:
dd if= of=/dev/rmt0 ibs=512 obs= conv=sync

To archive with software compression, run the following command:
dd if= bs=512 | compress | \
dd of=/dev/rmt0 ibs=512 obs= conv=sync

Restoring a raw logical volume archive.

To restore a raw logical volume archive we must know whether or not to overwrite
the Logical Volume Control Block. For more info on the LVCB, see the section
"Logical volume control block".

NOTE: The skip=1 allows the read function to skip over one 512-byte block on the
tape. The seek=1 allows the write function to skip over one 512-byte block on
the disk.

Using the Current System LVCB

To restore without software compression, run the following command:
dd if=/dev/rmt0 ibs= obs=512 | \
dd of=/dev/ bs=512 skip=1 seek=1

To restore with software compression, run the following command:
dd if=/dev/rmt0 ibs= obs=512 | \
uncompress | dd of=/dev/ bs=512 skip=1 seek=1

Overwriting the Current System LVCB
WARNING: You must NOT overwrite the LVCB unless you are certain you need to.

To restore without software compression, run the following command;
dd if=/dev/rmt0 of=/dev/ ibs obs=512

To restore with software compression, run the following command:
dd if=/dev/rmt0 ibs= obs=512 | \
uncompress | dd of=/dev/ bs=512