How to Remove Unwanted route to 169.254.0.0 in RHEL Linux
Every time the system boots, You may have seen the following with the route to 169.254.0.0.
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.2.0 * 255.255.255.0 U 0 0 0 bond0
10.10.2.0 * 255.255.255.0 U 0 0 0 eth3
169.254.0.0 * 255.255.0.0 U 0 0 0 eth3
default 10.10.2.254 0.0.0.0 UG 0 0 0 bond0
This is the zeroconf route (169.254.0.0). You manually disable it by turning off the firewall and remove the route with 169.254.0.0 / 255.255.0.0 using the route command.
Permanent Solution: To disable the zeroconf route during system boot, edit the /etc/sysconfig/network file and add the following NOZEROCONF value to the end of the file:
NETWORKING=YES
HOSTNAME=localhost.localdomain
NOZEROCONF=yes
Layman Explanation: Zeroconf, or Zero Configuration Networking, is a set of techniques that automatically create a usable IP network without configuration or special servers. This allows inexpert users to connect computers, networked printers, and other network devices and expect a functioning network to be established automatically. Without Zeroconf, a user must either set up special services, like DHCP and DNS, or set up each computer’s network settings manually, which may be challenging for non-technical or novice users.
How to recover accidentally deleted .bash_profile
Issue : How to recover server’s .bash_profile which got deleted accidentally ?
Solution : This can be restored from /etc/skel. Copy the required file to /root and log in to the server again.
# cp -rvdf /etc/skel/.bash_profile /root/
That should resolve the issue.
How to Install Ruby on Rails
Here is following steps to install:-
# wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p2.tar.gz
# tar xzvf ruby-1.8.5-p2.tar.gz
# cd ruby-1.8.5-p2
# ./configure
# make
# make install
# cd /root/source
# wget http://rubyforge.org/frs/download.php/11289/rubygems-0.9.0.tgz
# tar xzvf rubygems-0.9.0.tgz
# cd rubygems-0.9.0
# ruby setup.rb
# gem install rails –include-dependencies
# gem install mongrel –include-dependencies
# gem install mongrel_cluster –include-dependencies
That’s it.
Unable to open pty: No such file or directory in Virtuozzo
# vzctl enter 1053
enter into VE 1053failed
Unable to open pty: No such file or directory
Solution :-
# vzctl exec 1053 /sbin/MAKEDEV tty
# vzctl exec 1053 /sbin/MAKEDEV pty
# vzctl enter 1053
Restart that VE.
sysctl-tunner-update.sh
##############################################################################
# sysctl is an interface that allows you to make changes to a running Linux kernel. ####################### ####################
# With /etc/sysctl.conf you can configure various Linux networking and system settings such as: ########################################
###############################################################################
## 1. Limit network-transmitted configuration for IPv4 ################################################################
## 2. Limit network-transmitted configuration for IPv6 ################################################################
## 3. Turn on execshield protection ###########################################################################
## 4. Prevent against the common ‘syn flood attack’ ##################################################################
## 5. Turn on source IP address verification ######################################################################
## 6. Prevents a cracker from using a spoofing attack against the IP address of the server. ############################################
## 7. Logs several types of suspicious packets, such as spoofed packets, source-routed packets & redirects. ###################################
##############################################################################
# The sysctl command is used to modify kernel parameters at runtime. /etc/sysctl.conf is a text file containing sysctl values to be read in and set by sysct at boot time. ##
#!/bin/bash
function sysctlw {
if [ `grep -c $1 /etc/sysctl.conf` -eq 0 ]; then
echo “$1=$2“ >> /etc/sysctl.conf
echo “Added sysctl preference ‘$1‘=’$2‘”
fi
}
echo “Tuning network stack..”
# Controls IP packet forwarding
sysctlw “net.ipv4.ip_forward” “0“
sysctlw “net.ipv4.conf.default.rp_filter” “1“
# Controls the System Request debugging functionality of the kernel
sysctlw “kernel.sysrq” “0“
sysctlw “kernel.core_uses_pid” “0“
sysctlw “net.ipv4.ipfrag_time” “30“
sysctlw “net.core.rmem_default” “262141“
sysctlw “net.core.rmem_max” “12582912“
sysctlw “net.ipv4.tcp_rmem” “10240 87380 12582912“
sysctlw “net.core.wmem_default” “262141“
sysctlw “net.core.wmem_max” “12582912“
sysctlw “net.ipv4.tcp_wmem” “10240 87380 12582912“
sysctlw “net.ipv4.tcp_mem” “195584 196096 196608“
sysctlw “net.core.optmem_max” “20480“
sysctlw “net.ipv4.tcp_max_tw_buckets” “360000“
sysctlw “net.core.hot_list_length” “256“
#Set maximum number of packets, queued on the INPUT side, when the interface receives packets faster than kernel can process them
sysctlw “net.core.netdev_max_backlog” “262144“
sysctlw “net.core.somaxconn” “262144“
sysctlw “net.ipv4.tcp_reordering” “3“
# Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast
sysctlw “net.ipv4.icmp_echo_ignore_broadcasts” “1“
sysctlw “net.ipv4.icmp_ignore_bogus_error_responses” “1“
# Controls the use of TCP syncookies
sysctlw “net.ipv4.tcp_synack_retries” “2“
sysctlw “net.ipv4.tcp_syn_retries” “3“
# Prevent against the common ‘syn flood attack’
sysctlw “net.ipv4.tcp_syncookies” “1“
#Enable timestamps as defined in RFC1323
sysctlw “net.ipv4.tcp_timestamps” “1“
#Enable select acknowledgments
sysctlw “net.ipv4.tcp_sack” “1“
#By default, TCP saves various connection metrics in the route cache when the connection closes,
#so that connections established in the near future can use these to set initial conditions. Usually,
#this increases overall performance, but may sometimes cause performance degradation.
#If set, TCP will not cache metrics on closing connections
sysctlw “net.ipv4.tcp_no_metrics_save“ “1“
#Turn on window scaling which can be an option to enlarge the transfer window
sysctlw “net.ipv4.tcp_window_scaling” “1“
sysctlw “net.ipv4.tcp_keepalive_time” “1200“
sysctlw “net.ipv4.tcp_fin_timeout” “15“
sysctlw “net.ipv4.tcp_tw_recycle” “1“
sysctlw “net.ipv4.conf.default.log_martians” “1“
# Log packets with impossible addresses to kernel log? yes
sysctlw “net.ipv4.conf.all.log_martians” “1“
sysctlw “net.ipv4.conf.default.accept_redirects” “0“
# Accept Redirects? No, this is not router
sysctlw “net.ipv4.conf.all.accept_redirects” “0“
sysctlw “net.ipv4.conf.all.secure_redirects“ “0“
sysctlw “net.ipv4.conf.default.accept_source_route” “0“
# Accept packets with SRR option? No
sysctlw “net.ipv4.conf.all.accept_source_route” “0“
# Enable source validation by reversed path, as specified in RFC1812
sysctlw “net.ipv4.conf.all.rp_filter” “1“
# Controls source route verification
sysctlw “net.ipv4.conf.default.rp_filter” “1“
# Do not accept source routing
sysctlw “net.ipv4.conf.default.accept_source_route” “0“
# Send redirects, if router, but this is just server
sysctlw “net.ipv4.conf.default.send_redirects” “0“
sysctlw “net.ipv4.conf.default.mc_forwarding” “0“
sysctlw “net.ipv4.conf.default.forwarding” “0“
sysctlw “net.ipv4.conf.all.bootp_relay” “0“
sysctlw “net.ipv4.conf.all.proxy_arp” “0“
#arp
sysctlw “net.ipv4.neigh.default.gc_thresh3? “2048“
sysctlw “net.ipv4.neigh.default.gc_thresh2? “1024“
sysctlw “net.ipv4.neigh.default.gc_thresh1? “32“
sysctlw “net.ipv4.neigh.default.gc_interval” “30“
sysctlw “net.ipv4.neigh.default.proxy_qlen” “96“
sysctlw “net.ipv4.neigh.default.unres_qlen” “6“
#tcp options
sysctlw “net.ipv4.tcp_dsack” “0“
sysctlw “net.ipv4.tcp_fack” “0“
sysctlw “net.ipv4.tcp_ecn” “0“
sysctlw “net.ipv4.tcp_max_syn_backlog” “2048“
sysctlw “net.ipv4.tcp_retries2? “15“
sysctlw “net.ipv4.tcp_retries1? “3“
sysctlw “net.ipv4.tcp_rfc1337? “1“
sysctlw “net.ipv4.netfilter.ip_conntrack_max” “1048576“
sysctlw “net.nf_conntrack_max” “1048576“
sysctlw “sunrpc.tcp_slot_table_entries” “32“
sysctlw “sunrpc.udp_slot_table_entries” “32“
sysctlw “net.unix.max_dgram_qlen” “50“
sysctlw “net.core.netdev_max_backlog” “5000“
sysctlw “net.core.dev_weight” “64“
#Enable ExecShield protection
sysctlw “kernel.exec-shield“ “1“
sysctlw “kernel.randomize_va_space“ “1“
echo “Optimizing filesystem…”
sysctlw “fs.file-max” “209708“
sysctlw “kernel.ctrl-alt-del” “0“
echo “Optimizing kernel…”
sysctlw “kernel.printk” “4 4 1 7“
sysctlw “kernel.maps_protect” “1“
sysctlw “vm.mmap_min_addr” “65536“
sysctlw “vm.page-cluster” “6“
sysctlw “kernel.shmmax” “67108864“
echo “Setting up host.conf…”
cp /etc/host.conf /etc/host.conf.bak
cat <<HOSTCONF >/etc/host.conf
order bind,hosts
multi on
nospoof on
HOSTCONF
/sbin/sysctl -p &>/dev/null &
/sbin/sysctl -w net.ipv4.route.flush=1
echo “Disabling unneeded services…”
for i in acpid anacron auditd autofs avahi-daemon bluetooth cpuspeed \
gpm ip6tables irqbalance mcstrans netfs nfslock pcscd \
portmap rpcgssd rpcidmapd setroubleshoot xfs; do
service $i stop &>/dev/null
chkconfig –level 3 $i off &>/dev/null
done
Rails applications cannot be started from cPanel
The applications show as ‘not running’ when restarted.
Make sure that APF or CSF is off. Then do the following.
# /scripts/installruby –force
# /usr/local/cpanel/bin/ror_setup
# gem install rubygems-update
# update_rubygems
Now your RoR application should start.