Posts filed under 'Uncategorized'

DHCP + DNS (bind) == DDNS

DHCP + DNS (bind) == DDNS

摘�
Linuxæœ?务器实现办公室内网IP动æ€?分é…?å?Žçš„机器å??访问。(2004-06-21 22:11:13)

By lanf, 出处:http://bbs.chinaunix.net/forum/viewtopic.php?t=344701

作者:q1208c

我们在办公室的时候,有时会去访问别的机器,如果是在windows下,我们多数时候会用机器å??去访问,因为netbios/wins会帮我们æ?¥æŠŠ 机器å?? 转æˆ?IP的。下é?¢ç»™å¤§å®¶ä»‹ç»?一ç§?用动æ€?DNSæ?¥è§£æž?机器å??的办法。ä¸?过,ä¸?是用的w2kçš„DDNS,而是用的Linux.

准备:一�(或两�)Linux�务器,用��DHCP server和DNS server。也�以把它��两��务器。

安装:�务器的安装过程,请�考其它文档,记�把 dhcp 和 bind, bind-utils 装上就行了。

�置:

一�DHCP的�置:

�置DHCP server 时很简�,�以�考 /usr/share/doc/dhcp-x.xx/dhcpd.conf.sample��。也�以先把这个文件cp 到 /etc/dhcpd.conf,然�根�自己的需��适当修改。下�贴出我的一个/etc/dhcpd.conf,供大家�考:

ddns-update-style interim;
ignore client-updates;

key DHCP_UPDATER {
algorithm HMAC-MD5;
secret qhB++OR5yWo8BTXwk/m4ng;
};

zone bj.pnx. {
primary 127.0.0.1;
key DHCP_UPDATER;
}

zone 251.168.192.in-addr.arpa. {
primary 127.0.0.1;
key DHCP_UPDATER;
}

subnet 192.168.251.0 netmask 255.255.255.0 {
range 192.168.251.100 192.168.251.200;
# — default gateway
option routers 192.168.251.254;
option subnet-mask 255.255.255.0;

# option nis-domain “domain.org�;
option domain-name “bj.pnx�;
option domain-name-servers 192.168.251.63,192.168.251.254;

# option time-offset 28800; # PRC Standard Time
# option ntp-servers 192.168.251.220;
# option netbios-name-servers 192.168.1.1;

# range dynamic-bootp 192.168.0.128 192.168.0.255;
default-lease-time 21600;
max-lease-time 43200;

}

几个�注�的地方:
1. ‘ddns-update-style’
这个就是动�DNS的更新方�,有几个选项,我用的是interim,�以用 man dhcpd.conf找到�外的几个选项。

2. ‘ignore client-updates’
这个选项是��许客户机更新DNS记录。当然,也�能�许,但会有一点问题。

3. ‘key DHCP_UPDATER’
这个是更新DNS的KEY,是必须的。其中algorithm �的是生�key的算法,key的生�是用 ‘dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER’。

4. ‘zone’
�更新的zone,如果是本机就是DNS server,primay 就写127.0.0.1,�是其它机器是DNS server, 就写那�机器的IP。

别的都是一般DNS该有的了,�注�的是一定�有 range 那一行,�然就分�了IP啦。

�好以�,�以�动一下试试, service dhcpd start,如果没问题,把dhcpd改�开机就�动,chkconfig –level 2345 dhcpd on。

二�bind(named)的�置。

关于bind(named)�置的文章有很多了。这里�把与普通�置��的地方写出�。
下�给我的named.conf供大家�考:

// generated by named-bootconf.pl

options {
directory “/var/named�;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// forwarders { 192.168.1.254; };
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

key DHCP_UPDATER {
algorithm HMAC-MD5;
secret qhB++OR5yWo8BTXwk/m4ng;
};

zone “.� IN {
type hint;
file “named.ca�;
};

zone “localhost� IN {
type master;
file “localhost.zone�;
allow-update { none; };
};

zone “0.0.127.in-addr.arpa� IN {
type master;
file “named.local�;
allow-update { none; };
};

zone “1.168.192.in-addr.arpa� IN {
type master;
file “1.168.192.zone�;
allow-update { key DHCP_UPDATER; };
};

zone “test.com� IN {
type master;
file “test.com�;
allow-update { key DHCP_UPDATER; };
};
include “/etc/rndc.key�;

其中多了的是

key DHCP_UPDATER {
algorithm HMAC-MD5;
secret qhB++OR5yWo8BTXwk/m4ng;
};

这就是更新dns�用的key,必须和dhcpd.conf里的一样。

还有就是�个 zone 都�以用 key �update了。

这样就行了。然��动一下试试�。

ä½ å°±å?¯ä»¥ping 机器å??æ?¥æ‰¾ä½ å?Œäº‹çš„机器了。

本人å?ªåœ¨windows客户机上试验过,Linux好象会有一点问题。哪ä½?有兴趣,共å?Œç ”究一下。给Linux分é…?çš„IP都 是没有主机å??的。 因为我的客户机都是windows的,Linux的我都用é?™æ€?IP。
hongfengyue 的补充
当客户端是linux时,需�在linux客户端编辑一个文件/etc/dhclient.confDNS�能更新,�信你�以看看/var/lib/dhcp/的文件的内容,客户端分�的IP没有Hostname的记录。
我的/etc/dhclient.conf内容如下:

send fqdn.fqdn "hostname";send fqdn.encoded on;send fqdn.server-update off;

但是我在Redhat8&9中还是�行,�有在/etc/rc.d/rc.local中加入下�的命令:
/sbin/dhclient
注�必须在/sbin存在这个�执行的文件。我知�在redhat中是存在的。

4 comments December 24, 2005

FLASH网页��

在flash中定义一个��,例如theurl, 按钮上写 on (release) { _root.getURL(theurl); }  在html页�中,用flashVars�数�以给flash里�的��赋值:

Add comment December 24, 2005

3Com SuperStack3 Switch4200系列交æ?¢æœºä¸­æ–‡ç”µå­?手抄本

3Com SuperStack3 Switch4200系列交�机中文电�手抄本

作者:�祥 文章��:Internet 点击数:226 更新时间:2005-4-7

版本信�

Version 1.00

2004-05-31

Version 1.01

2004-06-01 版本说明:

1.修改了VLAN设置中注�事项三的错误说法

2.增加了STP/RSTP中交�机Priority�端�cost的设置说明

3.增加了Security中有关端�安全的内容

�文档说明】

1. 本文档为�费文档,请勿用作商业用途。

2. 虽然作者�图��错误的�生,但由于水平��解能力的影�,文档中还是�能存在错误。如果�现文档中的错误,请�邮件通知作者,作者的邮箱地�为: Aaron_Zhao@Huawei-3Com.com

先在此��现问题并通知作者的��表示严�感谢,希望大家多交�。

3. 欢迎大家将此文档�外��,��时请勿对文档内容进行修改。

4. 对于使用本文档中的内容,对交�机进行�置时�能引起的故障�错误,作者本人�负任何责任。

5. 以上说明�款�具有强制性,目的是为了大家得到更好帮助信�。对于��守以上�款的人,作者�日将鄙视之一至两次或更多。。。

[�考信�]

1.3Com交�机软件�文档页�

http://www.3com.com/products/en_US/downloadsindex.jsp?home1=supportdownload

2.3Com Knowledgebase主页

http://3kb.3com.com

3.�为3Com热线电� 800-810-0504

4.3Com技术支�电� 800-810-3033

SS3 4200交�机介�

SS3 4200系列交�机是3Com生产的一款�管�的二层交�机,该系列交�机目�包括三个型�,分别是4226T(3C17300)�4250T(3C17302)�4228G(3C17304)。其中:

l 4226T 包括24个10Base-T/100Base-Tx自适应�,2个10Base-T/100Base-Tx/1000Base-T自适应�

l 4250T 包括48个10Base-T/100Base-Tx自适应�,2个10Base-T/100Base-Tx/1000Base-T自适应�

l 4228G 包括24个10Base-T/100Base-Tx自适应�,2个10Base-T/100Base-Tx/1000Base-T自适应�,2个GBIC �。GBIC��以选�3Com的GBIC模�,包括1000Base-SX(3CGBIC91)�1000Base-LX(3CGBIC92)� 1000Base-T(3CGBIC93)�1000Base-LH70(3CGBIC97) GBIC

4200系列交�机的端�都是固定的,没有扩展槽�,�能增加模�。�有4228G交�机有2个GBIC�,�以�3Com的GBIC�兆模�。

作为一款二层交�机,4200的定�是边缘接入�桌�交�机。相对�样定�的4400系列交�机�讲,4200系列的交�机价格比较低,相对功能也比4400系列�少,因此适用于追求端�密度,但对边缘交�机功能�求一般的用户环境。

从功能和性能上讲,4200具有以下特点:

l �堆�。详细情况��章节介�

l 除通过Console�进行管�外,还�以�置管�地�,远程通过Telnet方��Web方��进行管�。但是,强烈建议用户�代�商��使用Web方�(因为显得太�专业了)。支�基于SNMP的网管

l 基本的二层交�功能,其性能为:4226T交�容�8.8Gbps,包转�率6.6MPPS;4228G交�容�12.8Gbps,包转�率9.5MPPS;4226T交�容�13.6Gbps,包转�率10.1MPPS

l 所有端å?£æ”¯æŒ?自å??商Auto-Negotiationå?ŠMDI/MDIX自适应

l 支�VLAN�STP�Multicast Filter�BroadcastControl等功能,详细�置情况,��章节具体介�

SS3 4200交�机典型�置

�管�方�】

4200交�机支�通过Console�(串�)管���置管�IP�用Telnet/Web方�管�,以�通过标准的SNMP网管系统进行管�。

建议用户尽�使用命令行方�(CLI-Command Line Interface)对交�机进行�置管�,包括Console��Telnet方�。对于Web方��网管系统,用�观察监控交�机的�行情况�以,用�作为�置的手段,�建议使用。

一�Console�管�方�

通过Console�对交�机进行管�是最基本的一�方�,也是最�一�管�方�,当其他管�方�都�能进入交�机时,用Console线连到交�机的管�端�试一试。如果通过Console�都�能进入交�机,那说明交�机问题比较严�,有�能需�进行硬件返修。

Console �,也�以�管��,在4200交�机的机箱��,是一个9针的串�。一般通过专用的Console线与计算机的串�(COM1或COM2)相连,在计算机上用超级终端(HyperTerminal)作为工具,��实现对交�机的管�。超级终端的串�速率设置为:端�速率9600/数��8/�止�1/奇�校验无/�控无。连接计算机与交�机的控制线��空Modem线(Null Modem),其线�如下所示。

二�通过设置管�IP方��管�

给4200交�机设置一个管�IP�,就�以通过网络进行远程管�。管�的方�包括Telnet和Web方�。

设置4200管�IP的命令如下所示。

Select menu option: pro ip basic

Enter configuration method (auto,manual,none)[auto]: manual

Enter IP address [0.0.0.0 ]: 10.10.10.3

Enter subnet mask [0.0.0.0 ]: 255.255.255.0

Enter gateway IP address [0.0.0.0 ]: 10.10.10.1

IP address: 10.10.10.3

Subnet mask: 255.255.255.0

Gateway IP address: 10.10.10.1

Select menu option:

[说明]

1. 黑体字为输入的命令��数

2. 4200的管�地�有手工方�(manual)�自动方�两�。如果是设置�自动方�,则用户的网络中需�有一个DHCP Server,4200开机�会自动去申请一个IP地�。这�自动方��建议用户使用,建议用户手工设定管�地�。上�例�中是用manual方�手工设置一个管�IP,地�为10.10.10.3/24,其默认网关为10.10.10.1

3. 4200的管�地�是设在VLAN 1上的,这点�能改�。所以连到4200交�机VLAN 1上的计算机�直接对4200进行管�。属于4200其他VLAN的计算机需�通过三层路由�能访问4200的管�IP,�使该计算机直接连接到4200上

4. 4200是二层交�机,管�IP的设置方�与3Com三层交�机设置VLAN Interface的方�完全相�,但一定�注�,4200上的管�IP�能用作网管,�是作三层转�的。

三�4200交�机网管的设置

4200 交�机设置管�IP�,还�以通过网管系统进行管�,如3Com的�费网管软件3Com Network Supervisor。一般情况下用4200默认的�置就�以,根�情况也�以进行修改。主�的包括设置网管软件对交�机进行读/写的Community 字串,以�交�机�网管软件��Trap的目的地�,如下所示。

Select menu option: sys man snmp comm

Enter new community for user ‘admin’ [private]: write001

Enter new community for user ‘manager’ [manager]: write000

Enter new community for user ‘monitor’ [public]: read001

Select menu option:

[说明]

以上设置将网管系统读的Community字串设为read001,将改�置和修改系统�数的Community字串设为write001�write000

Select menu option: sys man snmp trap create

Enter the trap community string [monitor]:

Enter the trap destination address: 10.10.10.8

Select menu option:

[说明]

以上设置使交�机将monitor的trap信��到地�为10.10.10.8的网管系统或其他�接收trap的系统。

�以设置多个目的地�

�4200系统信�】

Select menu option: sys summ

3Com SuperStack 3

System Name : Office Test

Location : Huawei-3Com, BeiJing

Contact : Aaron Zhao

Time Since Reset : 1 Hrs 9 Mins 16 Seconds

Operational Version : 02.03p14

Hardware Version : 01.01.00

Boot Version : 1.00

MAC Address : 00-0a-04-64-38-80

Product Number : 3C17302

Serial Number : 7Y3V1D7643880

Select menu option:

[说明]

由以上命令�以得到该4200交�机的系统信�,按��程度,说明如下:

1. 版本信�,包括Operation版本,Hardware版本�Boot版本。我们�的是Operation版本信�,3Com在网站上�布的版本�我们��级的版本也都是Operation版本。其他两个版本信���常用到。

2. 系统�行时间-Time Since Reset,从这里�以看到系统到目�已��行了多常时间。

3. 产å“?åº?列å?·-Serial Number,这个åº?列å?·æ˜¯å”¯ä¸€çš„,æ¯?å?°4200设备都ä¸?相å?Œã€‚用户在3Com网站上注册该产å“?时需è¦?输入这个åº?列å?·ï¼Œäº§å“?有硬件故障需è¦?æ›´æ?¢æ—¶ä¹Ÿè¦?å?‘3Comæ??供这个åº?列å?·ã€‚该åº?列å?·åœ¨æœºç®±åº•é?¢çš„标签处也å?¯ä»¥æŸ¥åˆ°ã€‚

系统信�中的System Name�Location�Contact�以由用户自行设置,命令如下:

Select menu option: system management name

Select menu option: system management location

Select menu option: system management contact

��项功能】

下�列出的是一些大家�常用到的�项功能。

4200交æ?¢æœºçš„默认用户å??是 admin,密ç ?没有

Login: admin

Password:

Menu options: ————–3Com SuperStack 3 Switch 4200—————

bridge – Administer bridge-wide parameters

gettingStarted – Basic device configuration

logout – Logout of the Command Line Interface

physicalInterface – Administer physical interfaces

protocol – Administer protocols

security – Administer security

system – Administer system-level functions

trafficManagement – Administer traffic management

Type ? for help

—————————————– (1)—————————

Select menu option:

将�置清空为出厂值

Select menu option: system control init

WARNING: This command initializes the system to factory defaults

(excluding Management IP configuration) and causes a reset.

Do you wish to continue (yes,no)[no]: y

Login:

[说明]

1. 管�IP�会清空�出厂值,需�到设置管�IP的��下�独设置

2. �置清空�,机器会��动

3. 3Com交�机的�置�需�save�write等命令进行�存,设置�系统自动�存,�新开机��置�会丢失

4. 建议拿到一�交�机�,开始�置�,先将其�置清空为出厂值

密�丢失

Login: recover

Password:

*** Password Recovery Mode ***

The administrative password will be cleared if a hard reset operation is

carried out on the device within 30 seconds.

If a hard reset operation is not carried out during this period, the device

will return to the CLI login prompt

countdown = 30 29 28 27 26

*** Password Recovery Mode ***

Enter the new password for the admin user:

Re-enter the new password:

The Password Recovery feature is enabled.

Enter new value (enable,disable)[enable]:

Menu options: ————–3Com SuperStack 3 Switch 4200—————

bridge – Administer bridge-wide parameters

gettingStarted – Basic device configuration

logout – Logout of the Command Line Interface

physicalInterface – Administer physical interfaces

protocol – Administer protocols

security – Administer security

system – Administer system-level functions

trafficManagement – Administer traffic management

Type ? for help

—————————————– (1) —————————

Select menu option:

[说明]

1. 在登录æ??示时输入用户å??recover,密ç ?也是recover

2. 在系统æ??示的时间内(30秒),对交æ?¢æœºæ–­ç”µï¼Œå†?加电

3. 系统é‡?æ–°å?¯åŠ¨å?Žï¼Œä¼šæ??示你输入新的admin用户的密ç ?

4. 系统还会æ??示是å?¦å°†æ­¤å¯†ç ?æ?¢å¤?的功能开å?¯è¿˜æ˜¯å…³é—­ï¼Œé»˜è®¤æ˜¯å¼€å?¯çŠ¶æ€?

修改登录密�

Select menu option: sys mana password

Old password:

Enter new password:

Retype password:

The command line interface password has been successfully changed.

Select menu option:

�基本的二层交�功能】

4200的基本数�交�功能�需��任何设置。这一部分对我们有用的信�是MAC地��端�对照表,通过以下命令�以看到。

Select menu option: bri add summ

This operation may take a number of seconds

Select bridge ports (AL1-AL4,unit:port…,all,?): all

Location Address VLAN ID Permanent

—————————————————————–

Unit 1 Port 3 00-10-4b-a0-91-64 1 No

Unit 1 Port 11 00-09-6b-7a-6a-c6 1 No

Unit 1 Port 13 00-10-4b-a0-91-64 2 No

Select menu option:

[说明]

由上��以看到�个端�所连设备的MAC地�,以�相关的VLAN信�。如果一个端�下�连的是交�机或者集线器,那么这个端�上会对应多个MAC地�。

上�例�中最�一项是Permanent,所列的地�都是No,说明这几个地�都是交�机学习而�的,当这个端�所连机器断开�,这个地�项在一段时间�会自动从表中清除。

�以手工把�个机器(实际是该机器的网�)的MAC地�加到表中,如下所示:

Select menu option: bri address add

This operation may take a number of seconds

Select bridge port (AL1-AL4,unit:port,?): 1:8

Enter address: 00-10-4b-a0-91-64

Enter VLAN ID (1-2)[1]: 1

Select menu option: bri address summ

This operation may take a number of seconds

Select bridge ports (AL1-AL4,unit:port…,all,?): all

Location Address VLAN ID Permanent

—————————————————————–

Unit 1 Port 8 00-10-4b-a0-91-64 1 Yes

Unit 1 Port 11 00-09-6b-7a-6a-c6 1 No

Select menu option:

[说明]

以上例�把MAC地�00-10-4b-a0-91-64加到Unit 1的端�8上,所属的VLAN是1。此时,MAC地�为00-10-4b-a0-91-64的计算机�有连到Unit 1的端�8上�能通,连到其他端��能通。

注�:

1. 其他MAC地�的计算机连接到端�8上,通信完全正常。

2. �以将多个MAC地�手工写到�一个端�上。

如下所示:

Select menu option (bridge/addressDatabase): summ

This operation may take a number of seconds

Select bridge ports (AL1-AL4,unit:port…,all,?): all

Location Address VLAN ID Permanent

—————————————————————–

Unit 1 Port 8 00-09-6b-7a-6a-c6 1 No

Unit 1 Port 8 00-10-4b-a0-91-24 1 Yes

Unit 1 Port 8 00-10-4b-a0-91-64 1 Yes

Select menu option (bridge/addressDatabase):

�VLAN功能】

除了基本的数�交�功能,VLAN是我们在�置交�机中碰到最多的了。下�举两个例��说明如何�置。

案例1:

在一�4200交�机�创建3个VLAN,分别为工程师�财务�人事部门使用,默认VLAN1�动,作为管�VLAN,�置如下:

[创建VLAN]

Select menu option: bri vlan create

Select VLAN ID (2-4094)[2]: 2

Enter VLAN Name [VLAN 2]: engineer

Select menu option: bri vlan create 3 finance

Select menu option: bri vlan create 4 hr

Select menu option: bri vlan summ all

VLAN ID Name

——————————————

1 Default VLAN

2 engineer

3 finance

4 hr

Select menu option:

[��个VLAN里加端�]

elect menu option: bri vlan modi add

Select VLAN ID (1-4)[1]: 2

Select bridge ports (AL1-AL4,unit:port…,?): 1:1-1:9

Enter tag type (untagged,tagged): un

Select menu option: bri vlan modi add 3 1:10-1:19 un

Select menu option: bri vlan modi add 4 1:20-1:29 un

Select menu option:

�过以上�置,端�1到9划到VLAN2里,端�10到19划到VLAN3里,端�20到29划分到VLAN3中,其他端��留在VLAN1中。

在�一VLAN内的计算机�以互相通信,��VLAN之间�能通信。

案例2:

继续案例1。案例1中的4200放在公å?¸çš„2楼,继续å?‘工程师ã€?财务å?Šäººäº‹éƒ¨é—¨æ??供接入端å?£ã€‚现在在3楼å?ˆæ·»åŠ äº†ä¸€å?°4200,但三楼有工程师å?Šè´¢åŠ¡éƒ¨é—¨ï¼Œæ²¡æœ‰äººäº‹éƒ¨é—¨ï¼Œè€Œä¸”多了市场部门。两å?°äº¤æ?¢æœºé€šè¿‡å?ƒå…†ç«¯å?£50(4250T交æ?¢æœº)互è?”。è¦?求2楼和3楼的工程师部门和财务部内部能互通,部门之间还是ä¿?æŒ?ä¸?通(没有三层设备,相通也没门儿)。

[2楼4200添加如下�置]

Select menu option: bri vlan modi remove 1 1:50

WARNING: Ports 1:50 are no longer members of any VLANs.

;将50端�从VLAN1中除去,因为此时50端�是untag端�。

Select menu option: bri vlan modi add 1 1:50 tag

;将50端��新加入VLAN1(管�VLAN),打上tag。

Select menu option: bri vlan modi add 2 1:50 tag

;将50端�加入VLAN2(工程师VLAN),打上tag。

Select menu option: bri vlan modi add 3 1:50 tag

;将50端�加入VLAN3(财务VLAN),打上tag。

[3楼4200�置]

创建VLAN

Select menu option: bri vlan create 2 engineer

Select menu option: bri vlan create 3 finance

Select menu option: bri vlan create 5 marketing

��个VLAN中加端�

Select menu option: bri vlan modi add 5 1:1-1:9 un

Select menu option: bri vlan modi add 2 1:10-1:19 un

Select menu option: bri vlan modi add 3 1:20-1:29 un

将端�50划到VLAN1,2,3中

Select menu option: bri vlan modi remove 1 1:50

Select menu option: bri vlan modi add 1 1:50 tag

Select menu option: bri vlan modi add 2 1:50 tag

Select menu option: bri vlan modi add 3 1:50 tag

�过以上�置,两�4200通过端�50,�以使VLAN1(管�VLAN)�VLAN2(工程师VLAN)�VLAN3(财务VLAN)内部�以互通,工程师部门和财务部门的计算机�使�在一个一层楼,也能互相通信。为了方便管�,让管�VLAN,�VLAN1也能够互通。��VLAN之间还是���通。

严é‡?æ??醒:3Com交æ?¢æœºVLANé…?置中有关端å?£æ‰“Tag(以å‰?å?«802.1Q)的三原则

1. 交�机上的�个端��属于多个VLAN,则该端�一定�打tag

2. 交�机的�个端�打了tag,与它相连的对端的交�机端� (或网�)也�打tag

3. �个端��以在一个VLAN中是untag方�(收��带802.1Q的数�包),在其他多个VLAN中是tag方�(收�带802.1Q的数�包)。这时如果两端设置�当,会使��VLAN互通,因此需注�。

[注:有关VLAN,猫腻的东西还是挺多的,如4200支�的是Open VLAN方�,那�大哥闲�没事干,�以�磨�磨]

�端�设置】

对4200交�机端�的设置包括将端�block,解除block,改�端�的工作状�等。命令在Select menu option (physicalInterface/ethernet): ���下。下�举例列出一些�能用到的设置

将端�1到10阻塞,block�,端�的状��会在绿/黄之间交互闪�

Select menu option (physicalInterface/ethernet): portstate

This operation may take a number of seconds

Select Ethernet ports (unit:port…,?): 1:1-1:10

Enter new value (enable,disable)[enable]: dis

改å?˜ç«¯å?£2到5的自å??商方å¼?

Select menu option (physicalInterface/ethernet): portmode

This operation may take a number of seconds

Select Ethernet ports (unit:port…,?): 1:2-1:5

Enter auto-negotiation mode (enable,disable)[disable]: en

Enter fallback port mode (10half,10full,100half,100full)[10half]: 10full

[说明]

端å?£é»˜è®¤æƒ…况下auto-negotiationæ–¹å¼?是enable的。Fallback port mode是指当端å?£è‡ªå??商方å¼?失败时,最å?Žåˆ°é‚£ä¸ªå·¥ä½œé€ŸçŽ‡

如果�指定端�的工作速率�全�工模�,需�将auto-negotiation关闭,�设置速率��工模�

smartAutosense的设置

Select menu option (physicalInterface/ethernet): smartau

Enter new value (enable,disable)[enable]: en

Select menu option (physicalInterface/ethernet):

[说明]

smartAutosense是一个对交�机的设置,�能指定具体端�进行设置。

当smartAutosense 设置为enable时,对于在auto-negotiation状�的端�,交�机会根�该端�统计的错误包数�调整端�速率。例如,端�5的auto- negotiation为enable,当�工作方�为100full,如果该端�在�一时间段内收到的错误包数超过了一定数�,则交�机自动将该端�的工作模��下�。

�堆�】

4200交�机在v2.0版本以�,支�堆�功能。堆�以�的交�机�以作为一个整体�管�,如下图所示:

注�点如下:

1. 4200的堆��需��外�置模�(你想�也没地方�啊)。�需�用超5类的网线将交�机的UP�DOWN端�如上图所示连接起��完�,�需�在交�机里作任何�置。

2. 一个堆�最多�能有4�交�机,交�机型��以��,但强烈建议其软件版本一致。最好在堆��对其软件版本进行检查,并将没�设备的�置清空到出厂值��堆�。

3. UP�DOWN端�在�堆�时,�以作为普通的10/100/1000Base-T端��用。在堆�时,必须是UP-DOWN相连,�能UP-UP或 DOWN-DOWN相连。也��许将最上�交�机的UP�与最下�交�机的DOWN端�相连,���许形�环。

4. å‰?é?¢åœ¨å¾ˆå¤šåœ°æ–¹æ??到过Unit,Unit就是指在一个堆å? ä¸­çš„计算机。如果1å?°è®¡ç®—机没有堆å? ï¼Œåˆ™å®ƒå?ªæ˜¯Unit 1。如果1个堆å? ä¸­æœ‰3å?°è®¡ç®—机,则应该分别是Unit 1ã€?2ã€?3。具体的Unitå?·åœ¨äº¤æ?¢æœºå‰?é?¢æ?¿ä¸Šæœ‰æŒ‡ç¤ºç?¯æ˜¾ç¤ºã€‚

5. 当登录到交�机上对交�机进行�置时,�次你输入命令�,都有一行虚线的指示行。该行括�中的数字�是你所�置的交�机在堆�中的Unit�。如下�就在�置Unit 2。

—————————————– (2)—————————

Select menu option:

6. 在�一个堆�里,如果你�从一个Unit转到�一个Unit,在以下��中选择��(本例�中�有一�设备,所以�有一个选择):

—————————————– (1)—————————

Select menu option: sys unit select

Select unit (1):

7. 当你进行设置时,�置会在整个堆�内生效,如创建的VLAN。在�VLAN里加端�时,也�以通过指定��的Unit�将��Unit上的端�划到�一个VLAN中。

�生�树-Spanning Tree Protocol】

4200支æŒ?生æˆ?æ ‘STP和快速生æˆ?æ ‘RSTPå??议。RSTP是STP的改进版本,并且å?‘下兼容,å?³å¦‚下情况,当4200交æ?¢æœºä¸Šå?¯åŠ¨RSTP,当端å?£æ£€æµ‹åˆ°è¯¥ç«¯å?£æ‰€è¿žè®¾å¤‡å?ªæ”¯æŒ?STP时,该端å?£ä¼šè‡ªåŠ¨é™?到支æŒ?STP。

STP/RSTP常用的设置有如下一些:

Select menu option: bri spann stpver

Enter Spanning Tree version – 0=STP, or 2=RSTP (0,2)[2]: 2

Select menu option:

[说明]

�以设置修改4200支�RSTP还是STP,默认是RSTP。

Select menu option: bri spann stpstate

Enter new value (enable,disable)[enable]: dis

Select menu option:

[说明]

将RSTP/STP功能激活或者关闭,对整个交�机有效。交�机默认时有效。

Select menu option: bri spann stppri

Select stp priority (?)[32768]: ?

One of the following items may be selected at this prompt:

0,4096,8192,12288,16384,20480,24576,28672,32768,36864,40960,45056,49152,53248,57

344,61440

Select stp priority (?)[32768]: 8192

[说明]

设置交�机在选择生�树根时的优先值,该值越�表示优先值越高。如果所有交�机的优先值一样,生�树会选择MAC�的交�机作为生�树的根(优先值+MAC)。

Select menu option: bri port stpfa

This operation may take a number of seconds

Select bridge ports (AL1-AL4,unit:port…,?): 1:9

Enter new value (enable,disable)[enable]: dis

Select menu option:

[说明]

以上命令�以对交�机�个端�的StpFastStart进行设置。这个�数�有当STP/RSTP功能�动时�起作用。

Select menu option: bri port stpcost

This operation may take a number of seconds

Select bridge ports (AL1-AL4,unit:port…,?): 1:3

Enter new value (1-200000000,auto)[19]: 10

Select menu option:

[说明]

对端�的cost值进行设置,这样�以手工改�端�在STP/RSTP选择中的优先顺�。Cost值越低,被选中作为forwarding端�的优先级越高。

如上�例�中所示,将端�3的cost值设为10,其他端�的默认值19��。则当端�3�加STP/RSTP选择forwarding端�时,会别优先选中为forwarding,其他�加选择的端�为block状�。

�端�安全PortSecurity】

��在基本的二层交�功能中介�过,�以把��设备的MAC地�手工写到4200的�个端�上,这样,这个设备�能连到该端�,如果连到其他端�,则�通。

用户在使用中ç»?常有与其相å??的应用,å?³æŸ?个端å?£å?ªå…?许æŸ?一å?°æˆ–几å?°è®¾å¤‡æŽ¥å…¥ï¼Œè€Œä¸?å…?许其他设备接入,这时候å?¯ä»¥åˆ©ç”¨4200交æ?¢æœºçš„PortSecurity功能。

Select menu option: secu net acc

Menu options: ————–3Com SuperStack 3 Switch 4200—————

portSecurity – Configure port security

Type \”quit\” to return to the previous menu or ? for help

—————————————– (1)—————————

Select menu option (security/network/access): ports

Select user ports (unit:port…,?): 1:3

Enter mode of operation (?)[noSecurity]: ?

One of the following items may be selected at this prompt:

noSecurity,continuallyLearn,autoLearn

Enter mode of operation (?)[noSecurity]: autol

Enter the number of authorized addresses (0-79)[1]: 5

Enter Disconnect Unauthorized Device mode (?)[noAction]: ?

One of the following items may be selected at this prompt:

noAction,permanentlyDisable,temporaryDisable

Enter Disconnect Unauthorized Device mode (?)[noAction]: noac

Select menu option (security/network/access):

[说明]

上�例�中,端�3设置为autolearn方�,�许的地�个数为5个(该端�所学到的�5个地�),对于5个以�的MAC地�,设备�使连到端�3上,也�能通信。

下�是一些简�的�数说明,mode of operation有3个�数,noSecurity,continuallyLearn�autoLearn。如果针对一个端�设置,选择autoLearn。

DUD-Disconnect Unauthorized Device模�有三个,noAction,permanentlyDisable,temporaryDisable。如果选择�两个,当端�上所学到的MAC地�超过�许的个数时,该端�会自动down掉;如果选择noAction,端��会闭塞,但��连上�的设备�能通信,这是大部分情况下我们希望的。

�组播过虑-Multicast Filter】

4200支�组播过虑功能。�以通过设置IGMP的Snooping和Querying�实现。其命令行方�如下:

Select menu option: bri multi igmp

Menu options: ————–3Com SuperStack 3 Switch 4200—————

queryMode – Enable/disable IGMP querying

snoopMode – Enable/disable IGMP Multicast learning

Type \”quit\” to return to the previous menu or ? for help

—————————————– (1)—————————

Select menu option (bridge/multicastFilter/igmp): query

Enter new value (enable,disable)[disable]: en

Select menu option (bridge/multicastFilter/igmp): snoopmo

Enter new value (enable,disable)[enable]: en

[说明]

当snoopmode为disable时,交�机会把组播数�包当作广播�处�,��所有端�转�。此时网络环境中如果有组播应用,一定会通,但浪费带宽,丧失了组播的优势。

当snoopmode为enable时,4200交�机会对组播数�进行过虑,端�所连设备�接�组播数�,就�该端�转�,�则,就��该端�转�。

注�当snoopmode为enable时,本网段中必须有一�设备的querymode设置为enable,这样,�能知�网络中那些计算机�接�组播。

�软件�级】

4200的软件�以在3Com的英文网站�费获得,但需�用户先注册,并将4200产�进行注册,当然,产����注册一���。

建议用TFTP方�对4200交�机进行�级,�级时,4200作为Client端,存有4200软件的计算机作为TFTP的Server 端。TFTP的软件在3Com的网站上�以�费下载,在�机的光盘中也有。

�级过程在�个版本的ReleaseNote中有详细介�,一般在文档的最�。

Select menu option: sys con

Menu options: ————–3Com SuperStack 3 Switch 4200—————

initialize – Reset to factory defaults

reboot – Perform system reboot

softwareUpgrade – Perform agent software upgrade

Type \”quit\” to return to the previous menu or ? for help

—————————————– (1)—————————

Select menu option (system/control): soft

TFTP Server Address [0.0.0.0]:10.10.10.8

File Name []:s4202_03.bin

[说明]

以上10.10.10.8是与4200所连的TFTP Server的地�。

S4202_03.bin 是从3Com网站上下载的4200的软件,应该ä¿?存在TFTP Server的默认目录下。从3Com网站上下载的是.exe文件,è¿?è¡Œå?Žé‡Šæ”¾å‡ºå?‡çº§è½¯ä»¶å?Šè¯¥è½¯ä»¶ç‰ˆæœ¬çš„ReleaseNotes,è¦?求用户在å?‡çº§å‰?一定è¦?读一é??ReleaseNotes。

Add comment December 24, 2005

Squid

使用Squid�代��务器
http://www.sina.com.cn 2001/10/31 17:03 赛迪网-中国计算机报

文/��

说到代ç?†æœ?务器,我们最先想到的å?¯èƒ½æ˜¯ä¸€äº›ä¸“门的代ç?†æœ?务器网站,æŸ?些情况下,通过它们能加快访问互è?”网的速度。其实,在需è¦?访问外部的局域网中,我们自己就能设置代ç?†ï¼ŒæŠŠè®¿é—®æ¬¡æ•°è¾ƒå¤šçš„网页ä¿?存在缓存中,从而“æ??高â€?网络速度。更é‡?è¦?的是,我们能通过代ç?†æœ?务器,达到控制访问æ?ƒé™?的目的。在Windows中,有很多这样的软件,如:WinGateã€?SyGate等,ä¸?过,本文è¦?讨论的,是能给你充分自由的Linux下的Squid。



Linux下的代��务器软件也�是�有Squid,�过在大部分Linux版本中都带有它。

走进“代��

首先,我们�了解一下代��务器的工作原�。代��务器其实就是基于TCP/IP的一�软件,它在TCP的�个端�上进行监�,例如:4444,其他客户机(就是想通过代�上网的那些Windows系统)�置好应用软件,如:IE。其中需�填上代��务器的端�,��例中的4444,这样代��务器�知�你�访问的地�。如果你是�法用户的�,它就�得你想�的网页,然��通过4444这个端�传递给你,上网时你�会感觉到代��务器的存在。

而代��务器的真正�义在于:一�由于它是先将网页下载到本地使用,因此访问频率越高的站点速度就会越快;二�如果你没有访问�个站点的��而它有,你就能通过它访问到该站点;三�它�以控制你的访问。

当今,通过窄带è?”å…¥Internetçš„æ??怕ä»?然å? å¤§å¤šæ•°ï¼Œä»£ç?†æœ?务器的æ??速作用也就å??分明显了。

熟悉Linux的朋å?‹å?¯èƒ½çŸ¥é?“,在Linux下有Ipchainså?¯ä»¥å?šè·¯ç”±å™¨ï¼Œä¸€æ ·å?¯ä»¥æŽ§åˆ¶è®¿é—®æ?ƒé™?,但Ipchains的缺点是ä¸?支æŒ? DNS解æž?,如果你想通过它控制客户机的访问,就必须一一指定目的地的IP,如果有è°?把Ipchains用在访问Internet上,那他一定是疯了,因为Internet上的IP地å?€ä¸?但多得åƒ?天上的星星,而且和星星一样éš?时都在å?˜åŒ–。Squidå°±ä¸?å?Œï¼Œå®ƒå?¯ä»¥æŒ‡å®šå“ªäº›åŸŸå?Žç¼€ä¸?能访问,如:.twã€?. net等,这样就把域å??对IP的映射交给ISP去å?šäº†ã€‚

�置举例

在这个例�中,我们使用的是一�普通�牌机�代��务器,内装两�网�,第一�eth0接的是本��的局域网,第二�eth1接的是一�简�的Internet共享器,�作系统是RedHat Linux 6.1,Ipchains和Squid都是系统自带的。

åƒ?大多数Linux软件一样,Squid是通过é…?置文件工作的,它的默认é…?置文件是/etc/squid/squid.conf,原始文件长达数å??页,给出了详细的é…?置说明,其中真正用得上的,å?¯èƒ½å?ªæ˜¯å¾ˆå°?的一部分。看看下é?¢è¿™ä¸ªé…?置文件,其实很多选项都是一目了然的:

http_port 4444

#代��务器监�的端�

cache_dir /var/cache/squid 100 16 32

#缓存目录 大�(兆) 第一级�目录个数 第二级�目录个数

cache_access_log /var/log/squid/access.log

cache_log /var/log/squid/cache.log

acl all src 0.0.0.0/0.0.0.0

acl head src 192.168.0.2/255.255.255. 255 192.168.0.3/255.255.255.255

acl normal src 192.168.0.21-192.168. 0.99/255.255.255.255

acl denysite dstdomain tw net

acl denyip dst 61.136.135.04/255.255. 255.255

acl dnsport port 53

http_access allow head

http_access deny denysite

http_access deny denyip

http_access allow normal

http_access deny dnsport

实例分�

上�的内容,就是一个基本Squid所需�的全部�置,是�是很简�?�

从上�我们�以看到,代��务器使用4444这个端�进行监�,缓存目录为100MB,IP地�为192.168.0.2和 192.168.0.3的用户�访问所有站点,而IP地�为192.168.0.21~99的用户�能访问�缀为tw和net的站点,也�能访问IP地�为61.136.135.04的站点(如果dst 61.136.135.04/255.255.255.255��dst 61.136.135.04/255.255.255.0,指的是61.136.135.0这个网络)。

很明显,Squid使用aclæ?¥å®šä¹‰ç”¨æˆ·ç»„,并使用http_accessæ?¥æŽ§åˆ¶ç”¨æˆ·ç»„çš„æ?ƒé™?。aclå?Žé?¢å?¯ä»¥æ˜¯src(æº?地å?€)ã€?dst(目标地å?€)ã€?proto(å??è®®)ã€?port(端å?£)ã€? srcdomain(æº?域)ã€?dstdomain(目标域)等,Squid的控制功能å??分强大,你甚至å?¯ä»¥ç”¨acl aclname time指定用户组生效的时间,ä¸?过è¦?注æ„?,用http_access设置ä¸?å?Œç”¨æˆ·ç»„çš„æ?ƒé™?时,Squid是按从上到下的顺åº?执行的,如果你想关闭一个组访问æŸ?些站点的æ?ƒé™?,就必须把deny的相应å?¥å­?放在这个组的å‰?é?¢ã€‚

å?¦å¤–,Squid文档中特别指出,如果没有相应的access设置,那么默认的æ?ƒé™?与最å?Žä¸€è¡Œç›¸å??,在上例中,一个IP为192.168.0.5的客户未被定义å?´èƒ½è®¿é—®å¤–部网络,因此,在最å?Žä¸€è¡Œè®¾ç½®http_access deny all是很有必è¦?的。

设置完æˆ?å?Žï¼Œå°±å?¯ä»¥ç›´æŽ¥è¿?è¡ŒSquidæ?¥å?¯åŠ¨å®ƒï¼Œå¦‚æžœé…?置文件有误,Squid会给出相应的æ??示。然å?Žå†?使用Ipchains设置包的转å?‘规则,如å?ªå…?许客户机使用POP3(110)ã€?SMTP(25)ã€?DNS(53)这几个端å?£æ”¶å?‘信件,æµ?览网页å?ªèƒ½ä½¿ç”¨ä»£ç?†ï¼Œè¿™æ ·ç½‘络就安全得多了。

Add comment December 24, 2005

Ten Rules For Web Startups

Ten Rules for Web Startups

#1: Be Narrow
Focus on the smallest possible problem you could solve that would
potentially be useful. Most companies start out trying to do too many
things, which makes life difficult and turns you into a me-too.
Focusing on a small niche has so many advantages: With much less work,
you can be the best at what you do. Small things, like a microscopic
world, almost always turn out to be bigger than you think when you zoom
in. You can much more easily position and market yourself when more
focused. And when it comes to partnering, or being acquired,
there’s less chance for conflict. This is all so logical and,
yet, there’s a resistance to focusing. I think it comes from a
fear of being trivial. Just remember: If you get to be #1 in your
category, but your category is too small, then you can broaden your
scope—and you can do so with leverage.

#2: Be Different
Ideas are in the air. There are lots of people thinking about—and
probably working on—the same thing you are. And one of them is
Google. Deal with it. How? First of all, realize that no sufficiently
interesting space will be limited to one player. In a sense,
competition actually is good—especially to legitimize new
markets. Second, see #1—the specialist will almost always kick
the generalist’s ass. Third, consider doing something
that’s not so cutting edge. Many highly successful
companies—the aforementioned big G being one—have thrived
by taking on areas that everyone thought were done and redoing them
right. Also? Get a good, non-generic name. Easier said than done,
granted. But the most common mistake in naming is trying to be too
descriptive, which leads to lots of hard-to-distinguish names. How many
blogging companies have “blog� in their name, RSS companies
“feed,� or podcasting companies “pod� or
“cast�? Rarely are they the ones that stand out.

#3: Be Casual
We’re moving into what I call the era of the “Casual Web� (and casual content creation).
This is much bigger than the hobbyist web or the professional web. Why?
Because people have lives. And now, people with lives also have
broadband. If you want to hit the really big home runs, create services
that fit in with—and, indeed, help—people’s everyday
lives without requiring lots of commitment or identity change. Flickr
enables personal publishing among millions of folks who would never
consider themselves personal publishers—they’re just
sharing pictures with friends and family, a casual activity. Casual games are huge. Skype enables casual conversations.

#4: Be Picky
Another perennial business rule, and it applies to everything you do:
features, employees, investors, partners, press opportunities. Startups
are often too eager to accept people or ideas into their world. You can
almost always afford to wait if something doesn’t feel just
right, and false negatives are usually better than false positives. One
of Google’s biggest strengths—and sources of frustration
for outsiders—was their willingness to say no to opportunities,
easy money, potential employees, and deals.

#5: Be User-Centric
User experience is everything. It always has been, but it’s still
undervalued and under-invested in. If you don’t know
user-centered design, study it. Hire people who know it. Obsess over
it. Live and breathe it. Get your whole company on board. Better to
iterate a hundred times to get the right feature right than to add a
hundred more. The point of Ajax is that it can make a site more
responsive, not that it’s sexy. Tags can make things easier to
find and classify, but maybe not in your application. The point of an
API is so developers can add value for users, not to impress the geeks.
Don’t get sidetracked by technologies or the blog-worthiness of
your next feature. Always focus on the user and all will be well.

#6: Be Self-Centered
Great products almost always come from someone scratching their own
itch. Create something you want to exist in the world. Be a user of
your own product. Hire people who are users of your product. Make it
better based on your own desires. (But don’t trick yourself into
thinking you are your user, when it comes to usability.) Another aspect
of this is to not get seduced into doing deals with big companies at
the expense or your users or at the expense of making your product
better. When you’re small and they’re big, it’s hard
to say no, but see #4.

#7: Be Greedy
It’s always good to have options. One of the best ways to do that
is to have income. While it’s true that traffic is now again
actually worth something, the
give-everything-away-and-make-it-up-on-volume strategy stamps an
expiration date on your company’s ass. In other words, design
something to charge for into your product and start taking money within
6 months (and do it with PayPal). Done right, charging money can
actually accelerate growth, not impede it, because then you have
something to fuel marketing costs with. More importantly, having money
coming in the door puts you in a much more powerful position when it
comes to your next round of funding or acquisition talks. In fact,
consider whether you need to have a free version at all. The TypePad
approach—taking the high-end position in the market—makes
for a great business model in the right market. Less support. Less
scalability concerns. Less abuse. And much higher margins.

#8: Be Tiny
It’s standard web startup wisdom by now that with the substantially lower costs to starting something on the web, the difficulty of IPOs,
and the willingness of the big guys to shell out for small teams doing
innovative stuff, the most likely end game if you’re successful
is acquisition. Acquisitions are much easier if they’re small.
And small acquisitions are possible if valuations are kept low from the
get go. And keeping valuations low is possible because it doesn’t
cost much to start something anymore (especially if you keep the scope
narrow). Besides the obvious techniques, one way to do this is to use
turnkey services to lower your overhead—Administaff, ServerBeach, web apps, maybe even Elance.

#9: Be Agile
You know that old saw about a plane flying from California to Hawaii
being off course 99% of the time—but constantly correcting? The
same is true of successful startups—except they may start out
heading toward Alaska. Many dot-com bubble companies that died could
have eventually been successful had they been able to adjust and change
their plans instead of running as fast as they could until they burned
out, based on their initial assumptions. Pyra was started to build a
project-management app, not Blogger. Flickr’s company was
building a game. Ebay was going to sell auction software. Initial
assumptions are almost always wrong. That’s why the waterfall
approach to building software is obsolete in favor agile techniques. The same philosophy should be applied to building a company.

#10: Be Balanced
What is a startup without bleary-eyed, junk-food-fueled,
balls-to-the-wall days and sleepless, caffeine-fueled,
relationship-stressing nights? Answer?: A lot more enjoyable place to
work. Yes, high levels of commitment are crucial. And yes, crunch times
come and sometimes require an inordinate, painful, apologies-to-the-SO
amount of work. But it can’t be all the time. Nature requires
balance for health—as do the bodies and minds who work for you
and, without which, your company will be worthless. There is no better
way to maintain balance and lower your stress that I’ve found
than David Allen’s GTD process. Learn it. Live it. Make it a part of your company, and you’ll have a secret weapon.

#11 (bonus!): Be Wary
Overgeneralized lists of business “rules� are not to be taken too literally. There are exceptions to everything.

Add comment December 24, 2005

apt命令

  • APT

    apt-get update
从 /etc/apt/source.list 中�的更新软件包列表, 当�的内容改�或�能确定时,�行

apt-cache search search-string
查找æ??述如 search-string 的软件包

apt-cache policy package-name
显示软件包的版本和优先级

apt-cache show package-name
显示文件的æ??è¿°ä¿¡æ?¯

apt-cache showpkg package-name
显示软件包的�赖关系

apt-get install package-name
从�安装软件包�其所有�赖包

apt-get upgrade
将当�安装的软件包更新到最新

apt-get dist-upgrade
如 apt-get upgrade, 但是自动解决冲�

apt-get remove package-names
删除软件包, �其所有�赖它的包

apt-cache depends package-names
列出指定包的所有�赖包

apt-cache rdepends package-names
列出�赖于给定包的所有软件包

apt-file upgrade
从�更新内容列表, 详� apt-get upgrade

apt-file search file-name
查找包�文件的软件包

apt-file search package-name
列出软件包的内容

auto-apt
如果需��以自动安装软件包, �以替代 apt-file, 需�安装 auto-apt.

aptitude
APT 的控制�接�, 需�安装 aptitude

synaptic
APT的GUI接�, 需�安装synaptic

Add comment December 24, 2005

Mysql优化

(1)�back_log:
�求 MySQL 能有的连接数�。当主�MySQL线程在一个很短时间内得到�常多的连接请求,这就起作用,然�主线程花些时间(尽管很短)检查连接并且�动一个新线程。
back_log值指出在MySQL暂时�止回答新请求之�的短时间内多少个请求�以被存在堆栈中。�有如果期望在一个短时间内有很多连接,你需�增加
它,���说,这值对到�的TCP/IP连接的侦�队列的大�。你的�作系统在这个队列大�上有它自己的�制。
试图设定back_log高于你的�作系统的�制将是无效的。
当你观察你的主机进程列表,�现大� 264084 | unauthenticated user | xxx.xxx.xxx.xxx |
NULL | Connect | NULL | login | NULL 的待连接进程时,就�加大 back_log
的值了。默认数值是50,我把它改为500。

(2)�interactive_timeout:
�务器在关闭它�在一个交互连接上等待行动的秒数。一个交互的客户被定义为对 mysql_real_connect()使用 CLIENT_INTERACTIVE 选项的客户。 默认数值是28800,我把它改为7200。

(3)�key_buffer_size:
索引�是缓冲的并且被所有的线程共享。key_buffer_size是用于索引�的缓冲区大�,增加它�得到更好处�的索引(对所有读和多�写),到你
能负担得起那样多。如果你使它太大,系统将开始�页并且真的�慢了。默认数值是8388600(8M),我的MySQL主机有2GB内存,所以我把它改为
402649088(400MB)。

(4)�max_connections:
å…?许的å?Œæ—¶å®¢æˆ·çš„æ•°é‡?。增加该值增加 mysqld è¦?求的文件æ??述符的数é‡?。这个数字应该增加,å?¦åˆ™ï¼Œä½ å°†ç»?常看到 Too many connections 错误。 默认数值是100,我把它改为1024 。

(5)�record_buffer:
æ¯?个进行一个顺åº?扫æ??的线程为其扫æ??çš„æ¯?张表分é…?这个大å°?的一个缓冲区。如果你å?šå¾ˆå¤šé¡ºåº?扫æ??,你å?¯èƒ½æƒ³è¦?增加该值。默认数值是131072(128K),我把它改为16773120 (16M)

(6)�sort_buffer:
�个需�进行排�的线程分�该大�的一个缓冲区。增加这值加速ORDER BY或GROUP BY�作。默认数值是2097144(2M),我把它改为 16777208 (16M)。

(7)�table_cache:
为所有线程打开表的数é‡?。增加该值能增加mysqldè¦?求的文件æ??述符的数é‡?。MySQL对æ¯?个唯一打开的表需è¦?2个文件æ??述符。默认数值是64,我把它改为512。

(8)�thread_cache_size:
å?¯ä»¥å¤?用的ä¿?存在中的线程的数é‡?。如果有,新的线程从缓存中å?–得,当断开连接的时候如果有空间,客户的线置在缓存中。如果有很多新的线程,为了æ??高性能å?¯
以这个��值。通过比较 Connections 和 Threads_created 状�的��,�以看到这个��的作用。我把它设置为 80。

(10)�wait_timeout:
�务器在关闭它之�在一个连接上等待行动的秒数。 默认数值是28800,我把它改为7200。

注:�数的调整�以通过修改 /etc/my.cnf 文件并�� MySQL 实现。这是一个比较谨慎的工作,上�的结果也仅仅是我的一些看法,你�以根�你自己主机的硬件情况(特别是内存大�)进一步修改。

12 comments December 24, 2005

中文字符split in ruby

Try the script with $KCODE = “E�

split chinese word by string opertion

Add comment December 24, 2005

使用REMS包

结论: �使用gem中的包, 3个办法
1 使用RUBYOPT=’rubygems’
2 先require ‘rubygems’ 或者 ‘ubygems’
3 使用require_gem

Add comment December 24, 2005

Webdav è®¾ç½®

DAV OnAuthType BasicAuthName “WebDAV Restricted�AuthUserFile /export/http/webs/pri.mcslp/dav/.DAVlogin

Require user webdav

The last step is to create our password file (unless we’re
using an existing one) and if necessary the directory we’re
enabling with WebDAV:

mkdir /export/http/webs/pri.mcslp/davchgrp www /export/http/webs/pri.mcslp/davchmod 775 /export/http/webs/pri.mcslp/davhtpasswd -c /export/http/webs/pri.mcslp/dav/.DAVlogin webdav

Add comment December 24, 2005

Previous Posts

Calendar

November 2009
M T W T F S S
« Dec    
 1
2345678
9101112131415
16171819202122
23242526272829
30  

Posts by Month

Posts by Category