Script to Automatically Detect and Restart Linux PPTP Client

Script to Automatically Detect and Restart Linux PPTP Client

Tags :

Category : How-to

Get Social!

Linux penguinThe default PPTP client for Linux does not automatically start on boot, or restart on a failed or dropped connection. I have written a short script to ping your VPN server gateway IP address and start the PPTP client if a ping does not succeed.

See my other post if you have not yet set up your PPTP VPN client.

Create this script and make it executable:

vi /root/cron/pptp_cron.sh
chmod +x /root/cron/pptp_cron.sh

Add the below script to the file and change the following attributes for your own values:

  • your-vpn-host-or-ip-address
  • your-vpn-username
  • your-vpn-password
#!/bin/bash

HOST=your-vpn-host-or-ip-address
PPTPUSER=your-vpn-username
PPTPPASS=your-vpn-password

DATE=`date`
PINGRES=`ping -c 2 $HOST`
PLOSS=`echo $PINGRES : | grep -oP '\d+(?=% packet loss)'`
echo "$DATE : Loss Result : $PLOSS"

if [ "100" -eq "$PLOSS" ];
then
    echo "$DATE : Starting : $HOST"
    /usr/sbin/pptp pty file /etc/ppp/options.pptp user $PPTPUSER password $PPTPPASS
    echo "$DATE : Now running : $HOST"
else
    echo "$DATE : Already running : $HOST"
fi

Add the following entry to your cron to execute the script every minute.

crontab -e
 */1  * * * * /root/cron/pptp_cron.sh >> /var/log/pptp_pinger.log 2>&1

See my other post if you have not yet set up your PPTP VPN client.

Linux PPTP Client Error: “pty option precludes specifying device name”

Tags :

Category : How-to

Get Social!

Linux penguinI was receiving this error when I was trying to start a PPTP client connection in a Linux cron. The error was reported by pptp when issuing the start command:

pon VPNname

The error was:

/usr/sbin/pppd: pty option precludes specifying device name

I changed my PPTP client start up command to the below which fixed the issue:

pptp pty file /etc/ppp/options.pptp user [USER] password [PASSWORD]

Substitute the below attributes for your own values:

  • [USER] – PPTP VPN account user name.
  • [PASSWORD] – PPTP VPN account password.

Set up Linux PPTP Client from the Terminal

Tags :

Category : How-to

Get Social!

Linux penguinA Virtual Private Network, or VPN, allows the client computer to connect to a remote local network to use it’s resources such as printers and file shares. There are several types of VPN such as PPTP and LP2SEC with varying types of protection. PPTP is not the most secure type of VPN but its the easiest to set up.

PPTP has numerous security risks which means that the data you are transferring through your VPN can easily be unencrypted. L2TP/IPsec is becoming the standard VPN technology of choice. PPTP should not be used unless security of each end point and the data transferred is not required.

Take the quick VPN Poll to tell us what type of VPN you use.

This tutorial assumes you have a PPTP server already set up with the following details:

  • Hostname: pptp.jamescoyle.net
  • Username: pptpuser
  • Password: pptppassword

Open a Terminal and install the required PPTP client packages.

apt-get install pptp-linux network-manager-pptp

Create a credentials file with the username and password of the PPTP server:

vi /etc/ppp/chap-secrets

Add your entry using the below attributes

  • [USER] – user name to log in to the VPN server
  • [SERVER] – name of server to use, PPTP in our case.
  • [SECRET] – password of the above [USER].
  • [IP] – ip of the server, * means all IPs.
[USER]    [SERVER]    [SECRET]    [IP]

Example:

pptpuser    PPTP    pptppassword    *

Create a file which will be executed when the PPTP connection is started. This can contain additional commands to run when the connection is started such as adding new routes or firewall exceptions.

vi /etc/ppp/ip-up.d/route-traffic

The below examle script adds a route from the PPTP connection to any computers on the PPTP servers local network with IPs in the 10.0.0.0 or 192.0.0.0 ranges. This means that on the PPTP client, any machines on the above IP ranges will be accessible. This script may not be required for your environment and is simply used as an example. Note: a route should automatically be added to your VPN gateway.

#!/bin/bash
NET1="10.0.0.0/8"
NET2="192.0.0.0/8"
IFACE="ppp0"
route add -net ${NET1} dev ${IFACE}
route add -net ${NET2} dev ${IFACE}

Allow execution of the script:

chmod +x /etc/ppp/ip-up.d/route-traffic

Add the PPTP client connection pool and any additional settings which are required. The connection name, jamescoyle.net, can be changed to suite your connection. 

vi /etc/ppp/peers/jamescoyle.net

Add the details of the PPTP server. The below are the basic options required to connect to the server using mppe-128 encryption. Edit the below attributes to match your environment:

  • [USER] – user name to log in to the VPN server
  • [HOST] – host name or IP address of the PPTP server.
pty "pptp [HOST] --nolaunchpppd"
name [USER]
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam jamescoyle.net

You must add rules to your firewall to allow connections to and from this interface as well as through your existing public interface to make the PPTP connection.  The below rules open all traffic on the new pptp interface using iptables. You may need to change this once the connection has been tested to increase security.

iptables -A INPUT -i pptp -j ACCEPT
iptables -A OUTPUT -o pptp -j ACCEPT

Finally you will need to start your PPTP client connection. Use pon and poff to start and stop your PPTP client. Replace [CONNECTION] with the name you gave to the file in /etc/ppp/peers/.

pon [CONNECTON]
poff [CONNECTION]

See my script on automatically detecting a disconnect and restarting the PPTP client connection.

The Difference Between a tmpfs and ramfs RAM Disk

Tags :

Category : Knowledge

Get Social!

Linux penguinThere are two file system types built into most modern Linux distributions which allow you to create a RAM based storage area which can be mounted and used link a normal folder.

Before using this type of file system you must understand the benefits and problems of memory file system in general, as well as the two different types. The two types of RAM disk file systems are tmpfs and ramfs and each type has it’s own strengths and weaknesses.

See my other post for details on how to create a RAM disk in Linux.

What is a memory based file system (RAM disk)?

A memory based file system is something which creates a storage area directly in a computers RAM as if it were a partition on a disk drive. As RAM is a volatile type of memory which means when the system is restarted or crashes the file system is lost along with all it’s data.

The major benefit to memory based file systems is that they are very fast – 10s of times faster than modern SSDs. Read and write performance is massively increased for all workload types. These types of fast storage areas are ideally suited for applications which need repetitively small data areas for caching or using as temporary space. As the data is lost when the machine reboots the data must not be  precious as even scheduling backups cannot guarantee that all the data will be replicated in the even of a system crash.

tmpfs vs. ramfs

The two main RAM based file system types in Linux are tmpfs and ramfs. ramfs is the older file system type and is largely replaced in most scenarios by tmpfs.

ramfs

ramfs creates an in memory file system which uses the same mechanism and storage space as Linux file system cache. Running the command free in Linux will show you the amount of RAM you have on your system, including the amount of file system cache in use. The below is an example of a 31GB of ram in a production server.

free -g
       total used free shared buffers cached
Mem:   31    29   2    0      0       8
-/+ buffers/cache: 20 11
Swap:  13    6    7

Currently 8GB of file system cache is in use on the system. This memory is generally used by Linux to cache recently accessed files so that the next time they are requested then can be fetched from RAM very quickly. ramfs uses this same memory and exactly the same mechanism which causes Linux to cache files with the exception that it is not removed when the memory used exceeds threshold set by the system.

ramfs file systems cannot be limited in size like a disk base file system which is limited by it’s capacity. ramfs will continue using memory storage until the system runs out of RAM and likely crashes or becomes unresponsive. This is a problem if the application writing to the file system cannot be limited in total size. Another issue is you cannot see the size of the file system in df and it can only be estimated by looking at the cached entry in free.

tmpfs

tmpfs is a more recent RAM file system which overcomes many of the drawbacks with ramfs. You can specify a size limit in tmpfs which will give a ‘disk full’ error when the limit is reached. This behaviour is exactly the same as a partition of a physical disk.

The size and used amount of space on  a tmpfs partition is also displayed in df. The below example shows an empty 512MB RAM disk.

df -h /mnt/ramdisk
Filesystem Size Used Avail Use% Mounted on
tmpfs      512M 0    512M  0%   /mnt/ramdisk

These two differences between ramfs and tmpfs make tmpfs much more manageable  however this is one major drawback; tmpfs may use SWAP space. If your system runs out of physical RAM, files in your tmpfs partitions may be written to disk based SWAP partitions and will have to be read from disk when the file is next accessed. In some environments this can be seen as a benefit as you are less likely to get out of memory exceptions as you could with ramfs because more ‘memory’ is available to use.

See my other post for details on how to create a RAM disk in Linux.

Create a RAM disk in Linux

Tags :

Category : How-to

Get Social!

Linux penguinThere are many reasons for creating a memory based file system in Linux, not least of which is to provide a near zero latency and extremely fast area to story files. A prime use of a RAM disk is for application caching directories or work areas.

There are two main types of RAM disk which can be used in Linux and each have their own benefits and weaknesses:

  • ramfs
  • tmpfs

See my other post for the differences between ramfs and tmpfs.

Check the amount of free RAM you have left on your machine before creating a RAM disk. Use the Linux command free to see the unused RAM. The below is an example of a 31GB of ram in a production server.

free -g
       total used free shared buffers cached
Mem:   31    29   2    0      0       8
-/+ buffers/cache: 20 11
Swap:  13    6    7

The free command shows the amount of RAM availale on your system in addition to the amount of memory used, free and used for caching. SWAP space is also displayed and shows if your system is writing memory to disk.

Create a folder to use as a mount point for your RAM disk.

mkdir /mnt/ramdisk

Then use the mount command to create a RAM disk.

mount -t [TYPE] -o size=[SIZE] [FSTYPE] [MOUNTPOINT]

Substitute the following attirbutes for your own values:

  • [TYPE] is the type of RAM disk to use; either tmpfs or ramfs.
  • [SIZE] is the size to use for the file system. Remember that ramfs does not have a physical limit and is specified as a starting size.
  • [FSTYPE] is the type of RAM disk to use; either tmpfsramfsext4, etc.

Example:

mount -t tmpfs -o size=512m tmpfs /mnt/ramdisk

You can add the mount entry into /etc/fstab to make the RAM disk persist over reboots. Remember however, that the data will disappear each time the machine is restarted.

vi /etc/fstab
tmpfs       /mnt/ramdisk tmpfs   nodev,nosuid,noexec,nodiratime,size=1024M   0 0

See my other post for the differences between ramfs and tmpfs.

Increase mdadm raid rebuild speed

Tags :

Category : How-to

Get Social!

Linux penguinmdadm can take quite a while when rebuilding arrays and the more disks there are, the longer it will take. As an example, it took 5 x 2TB WD green disks 3 days to complete.

There are two main ways to increase the rebuild speed of a mdadm array which are detailed below. Remember that it doesn’t matter what options you use here – you can still be limited by your CPU, memory and hard disk channel bandwidth.

Remove the mdadm rebuild speed restriction

mdadm has a parameter which restricts the speed of the rebuild process on each array. The idea behind this is to stop mdadm from making the rest of your system unusable by guaranteeing that it doesn’t consume all the available resource and IO bandwidth. The attributes can be increased to raise the speed limit on mdadm and reduce the time it takes to complete the rebuild process.

You will be editing your sysctl.conf file which holds many attributes for the Linux system. As always, and before editing any configuration file, you should take a backup.

cp /etc/sysctl.conf /etc/sysctl.conf_ORIG

Open the sysctl.conf file with a text editor.

vi /etc/sysctl.conf

Find or add the below parameter and set the value to the speed in KB/s which you would like to use. The below example sets the speed limit to 50 MB/s.

dev.raid.speed_limit_max = 51200

You will then need to load the settings using the sysctl command.

/sbin/sysctl -p

Add bitmap indexes to mdadm

Adding a bitmap index to a mdadm before rebuilding the array can dramatically speed up the rebuild process.

Use the below command to add a bitmap index to an array. The example assumes your array is found at /dev/md0.

mdadm --grow --bitmap=internal /dev/md0

Once the process has completed, use the below command to remove the mdadm bitmap index. Again, this example assumes your array is found at /dev/md0.

mdadm --grow --bitmap=none /dev/md0

 

« Previous PageNext Page »

Visit our advertisers

Search

Quick Poll

How many Proxmox servers do you work with?
Results

Recent Posts

Visit our advertisers

Site Links
Blog
Rated Sites

JamesCoyle.net Limited