lost and found ( for me ? )

KVM virsh : How to check whether your Intel's CPU turns on Hyper Threading or not

Here's an explanation of how to check whether your Intel's CPU turns on Hyper Threading or not w/ virsh command.

# cat /proc/cpuinfo | grep "model name" | uniq
model name      : Intel(R) Xeon(R) CPU           X5650  @ 2.67GHz

just type "virsh nodeinfo"

# LANG=C virsh nodeinfo
CPU model:           x86_64
CPU(s):              12
CPU frequency:       2666 MHz
CPU socket(s):       1
Core(s) per socket:  6
Thread(s) per core:  2
NUMA cell(s):        1
Memory size:         12317420 kB

Totally 12 cores.
1 socket * 6 cores * 2 threads = 12 cores

In case of AMD. 
plz note that AMD does not support Hyper Threading.

# cat /proc/cpuinfo | grep "model name" | uniq
model name : AMD Phenom(tm) II X4 925 Processor

# LANG=C virsh nodeinfo
CPU model:           x86_64
CPU(s):              4
CPU frequency:       800 MHz
CPU socket(s):       1
Core(s) per socket:  4
Thread(s) per core:  1 
NUMA cell(s):        1
Memory size:         7927716 kB

ht flags of /proc/cpuinfo means that OS ( not CPU ! ) supports Hyper Threading.

# cat /proc/cpuinfo | grep flags | grep ht | uniq
flags  : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt npt lbrv svm_lock nrip_save

How to install dnssec-tools from source code on CentOS 5.6 64bit.

source RPM of dnssec-tools is a bit old , so I installed the latest dnssec-tools from source code.

[ procedure ]

download source code
install perl modules that are needed for dnssec-tools
compile and install dnssec-tools

[ logs ]

download dnssec-tools-1.9.tar.gz

install perl modules via CPAN that are needed for dnssec-tools ( mandatory )
# perl -MCPAN -e shell
cpan> install Net::DNS Net::DNS::SEC

install perl modules ( optional )
cpan> install Text::Wrap Date::Parse ExtUtils::MakeMaker MailTools Test::Builder String::Diff GraphViz Gtk2 QWizard Getopt::GUI::Long Tk Text::Diff

download and install graphviz ( optional )
# wget http://pkgs.repoforge.org/graphviz/graphviz-2.22.0-4.el5.rf.x86_64.rpm
# rpm -ivh graphviz-2.22.0-4.el5.rf.x86_64.rpm

compile dnssec-tools
# tar xzvf dnssec-tools-1.9.tar.gz
# cd dnssec-tools-1.9
# ./configure --with-ipv6 --with-nsec3

---------------------------------------------------------
      DNSSEC-Tool Validator configuration summary:
---------------------------------------------------------
 system configuration directory : /usr/local/etc
 Validator configuration file: /usr/local/etc/dnssec-tools/dnsval.conf
 NSEC3 support                  : Yes
 DLV support                    : Yes
 IPv6 support                   : Yes
 Thread support                 : Yes
 Developer flags                :
 libval resolver configuration  : /usr/local/etc/dnssec-tools/resolv.conf
 libval root hints              : /usr/local/etc/dnssec-tools/root.hints
---------------------------------------------------------

# make
# make install

configuration file will be stored in /usr/local/etc/dnssec-tools directory.
# head -20 /usr/local/etc/dnssec-tools/dnssec-tools.conf
#
# DNSSEC-Tools Configuration
#

#
# Settings for DNSSEC-Tools administration.
#
admin-email     dnssec-tools@example.com


#
# Paths to needed programs.  These may need adjusting for individual hosts.
#
keyarch         /usr/bin/keyarch
keygen          /usr/local/sbin/dnssec-keygen
rndc            /usr/local/sbin/rndc
zonecheck       /usr/local/sbin/named-checkzone
zonesign        /usr/local/sbin/dnssec-signzone
rollchk         /usr/bin/rollchk
zonesigner      /usr/bin/zonesigner


# zonesigner --algorithm RSASHA256 -genkeys -zone example.jp example.jp.db

       if zonesigner appears hung, strike keys until the program completes
       (see the "Entropy" section in the man page for details)

Generating key pair............++++++ .........++++++
Generating key pair..++++++ ..++++++
Generating key pair......+++ ..............................................+++
Verifying the zone using the following algorithms: RSASHA256.
Zone signing complete:
Algorithm: RSASHA256: KSKs: 1 active, 0 stand-by, 1 revoked
                     ZSKs: 1 active, 1 stand-by, 0 revoked

zone signed successfully

example.jp:
       KSK (cur) 26845  -b 2048  06/21/11      (signing-set-3000000000000000000000000)
       KSK (rev) 57805  -b 2048  06/21/11      (signing-set-3000000000000000000000)
       ZSK (cur) 28494  -b 1024  06/21/11      (signing-set-3000000000000000)
       ZSK (pub) 48498  -b 1024  06/21/11      (signing-set-3000000000000000000)

zone will expire in 4 weeks, 2 days, 0 seconds

How to install dnssec-tools from RPM source on CentOS 5.6 64bit ver.

Here’s an explanation of how to install dnssec-tools from source RPM on CentOS 5.6 64bit.

[ procedure ]

1. download source RPM
2. build RPM from source RPM
3. install RPM

[ logs ]


2. build RPM from source RPM
# rpmbuild --rebuild dnssec-tools-1.3.2-1.src.rpm


RPMs you built will be stored under /usr/src/redhat/RPMS/x86_64 directory.
# ls /usr/src/redhat/RPMS/x86_64/dnssec-tools-*
/usr/src/redhat/RPMS/x86_64/dnssec-tools-1.3.2-1.x86_64.rpm
/usr/src/redhat/RPMS/x86_64/dnssec-tools-debuginfo-1.3.2-1.x86_64.rpm
/usr/src/redhat/RPMS/x86_64/dnssec-tools-libs-1.3.2-1.x86_64.rpm
/usr/src/redhat/RPMS/x86_64/dnssec-tools-libs-devel-1.3.2-1.x86_64.rpm
/usr/src/redhat/RPMS/x86_64/dnssec-tools-perlmods-1.3.2-1.x86_64.rpm


3. install all dnssec-xxx RPMs
# pwd
/usr/src/redhat/RPMS/x86_64

# rpm -ivh --nodeps dnssec-tools-*
準備中...                ########################################### [100%]
  1:dnssec-tools-libs      ########################################### [ 20%]
  2:dnssec-tools-perlmods  ########################################### [ 40%]
  3:dnssec-tools           ########################################### [ 60%]
  4:dnssec-tools-debuginfo ########################################### [ 80%]
  5:dnssec-tools-libs-devel########################################### [100%]

How to reconfigure perl CPAN settings

start CPAN shell and just type “cpan> o conf init”
# perl -MCPAN -e shell
cpan> o conf init

that’s it !

Ubuntu 11.04 : how to trim directory paths in bash prompt

This method is configurable on bash 4.
# bash --version | head -1
GNU bash, バージョン 4.2.8(1)-release (x86_64-pc-linux-gnu)

edit ( make )  ~/.bashrc file and add the following line.
# tail -1 /root/.bashrc
export PROMPT_DIRTRIM=1

before
root@ubuntu-2:~/dir1/dir2/dir3/dir4#

after
# cd dir1/dir2/dir3/dir4/
root@ubuntu-2:~/.../dir4#

that’s it

tcpreplay

[ what’s tcpreplay ? ]

http://tcpreplay.synfin.net/
Tcpreplay replys a pcap file.
This tool is useful for testing DUT such as Firewall , IDS etc.

[ how to install tcpreplay on Ubuntu 11.04 ]

You can install tcpreplay through apt-get.
root@hat1:~# tail -1 /etc/lsb-release
DISTRIB_DESCRIPTION="Ubuntu 11.04"

root@hat1:~# apt-get install tcpreplay

/usr/bin/tcpreplay
/usr/bin/tcpprep  
/usr/bin/tcprewrite
/usr/bin/tcpreplay-edit
/usr/bin/tcpbridge

[ how to use : replay UDP packets ]

let’s send DNS ( DUP ) packets.

client 192.168.11.100  -------- unbound 192.168.11.14

prepare a capture file.
root@hat1:~# dig @192.168.11.14 www.isc.org +dnssec +multiline


capture data
root@hat1:~# tshark -r dns.pcap
 1   0.000000 192.168.11.100 -> 192.168.11.14 DNS Standard query A www.isc.org
 2   0.000693 192.168.11.14 -> 192.168.11.100 IP Fragmented IP protocol (proto=UDP 0x11, off=0, ID=20a8)

extract a request packet ( client -> server )
root@hat1:~# tshark -R "ip.src==192.168.11.100" -r dns.pcap -w client_dns.pcap

root@hat1:~# tshark -r client_dns.pcap
Running as user "root" and group "root". This could be dangerous.
 1   0.000000 192.168.11.100 -> 192.168.11.14 DNS Standard query A www.isc.org

Let’s replay client_dns.pcap

on client
root@hat1:~# tcpreplay --pps=1 --intf1=eth0 client_dns.pcap
sending out eth0
processing file: client_dns.pcap
Actual: 1 packets (82 bytes) sent in 0.07 seconds
Rated: 1171.4 bps, 0.01 Mbps, 14.29 pps
Statistics for network device: eth0
Attempted packets:         1
Successful packets:        1
Failed packets:            0
Retried packets (ENOBUFS): 0
Retried packets (EAGAIN):  0

on server
root@hat2:~# tshark -i eth0 port 53
 0.000000 192.168.11.100 -> 192.168.11.14 DNS Standard query A www.isc.org
 0.000120 192.168.11.14 -> 192.168.11.100 IP Fragmented IP protocol (proto=UDP 0x11, off=0, ID=20ab)

useful options :

--loop=number : how many times you replay pcap file
--topspeed : replay pcap as quickly as possible
--mbps=10.0 : bandwidth

If the pcap file(s) you are looping are small enough to fit in available RAM, consider using the --enable-file-cache option. This option caches each packet in RAM so that subsequent reads don't have to hit the slower disk. It does have a slight performance hit for the first iteration of the loop since it has to call malloc() for each packet, but after that it seems to improve performance by around 5-10%. Of course if you don't have enough free RAM, then this will cause your system to swap which will dramatically decrease performance.

Another useful option is --quiet. This suppresses printing out to the screen each time tcpreplay starts a new iteration. This can have a dramatic performance boost for systems with slower consoles.

--loop=0 menas replay forever untile you enter Ctrl-Z
root@hat1:~# tcpreplay --loop=0 --enable-file-cache --quiet --intf1=eth0 client_dns.pcap

an output of dnstop on server
Source         Query Name      Count      %
-------------- ----------- --------- ------
192.168.11.100 www.isc.org       152  100.0

DNS request is one packet. --pps=50000 means sending 50,000 queries per sec.
root@hat1:~# tcpreplay --loop=0 --enable-file-cache --pps=50000 --quiet --intf1=eth0 client_dns.pcap

unbound log
hat2 unbound: [3644:0] notice: sendto failed: Resource temporarily unavailable

Xbox 360: How to cancel your xbox live gold membership or turn off auto-renewal

I decided to cancel my Xbox live account , 'cause my Xbox's 3 years warranty has expired.
During the 3 years warranty , my Xbox360 has broken 2 times ( RROD , Red Ring of Death ).

Of course I enjoyed xbox 360 , love Halo , Gears of War , Project Gotham Racing etc. 
I think Xbox 360 is one of the best video game consoles , but that's enough for me.

By default ,  Xbox live Auto renewal is enabled. How can I terminate it?

Seen from http://support.xbox.com/en-us/pages/xbox-live/how-to/xbox-live-account-management/cancel-account.aspx , there are two ways to cancel your Xbox live.

1. call Xbox support

or

2. login to https://login.live.com w/ your xbox live account n' turn off auto-renewal

Which is the easiest way ?

My answer is 1.

[ 1 call Xbox support ]

Before calling xbox support , plz prepare last four digits of your credit card n' phone number you registered.
In my case , it took 5 minutes or so to cancel.

[ 2. login to https:://login.live.com n' turn off auto-renewal ]

login -> My xbox -> accounts 

click "turn off auto-renewal"

Big problem is .... when I go to My xbox -> accounts , I always face an error as below.












Why ???  explanation is .. occurs an error in system ..
The root cause is what ?

Okay , I'm using Google Chromium browser , is this problem ??

Let's access w/ Windows Internet Explorer 9 on Windows7.
I think this combination has a good compatibility 'cause M$ sells Xbox 360 n' Windows 7 :)

The result is ... same error... occurs an error in system.















Can't reach My xbox account setting n' can't turn off auto-renewal !!!

I tried 'bout 10 times ......result is ... again !

Can't reach My xbox account setting n' can't turn off auto-renewal !!!


Auto renewal should be off by default !!!

Waste of time n' money.
From the M$ point of view , this is good system , 'cause M$ can get much $ every month from auto-renewal subscription fee.

So I would recommend you call Xbox support :)

Thx for stoppin' by.