How to fix wlanO not found

The problem statement is while doing an *ip a* on the terminal and its output doesn’t show the wireless device, like below:

wlan0_not_showing_2017-01-27-22-17-20

The dmesg says like this below:

iwlwifi_firmware_not_found_2017-01-28-04-20-26

Let me cross check that file is present in the system or not,  just like below:

firmware_file_present_2017-01-28-04-23-41

So, it is very much seated there, where it suppose to be  Well, that trigger me trip to visit some kernel config variables, like below:

kernel_var_2017-01-28-04-31-25

It looks fine, then?? well, that warrant few more checks, well I made some trip to *gentoo forum* to know what is missing. And someone in the closed thread mentioned that The variable in question is CONFIG_IWLWIFI which is recommended =m and that necessarily meant I have to recompile the kernel one more time with that variable set to the module in the kernel.

Next, I went ahead and compile the kernel with that mentioned variable as the module. Okay, I have rebooted my machine and here is the outcome,

wlan0_showing_2017-01-28-05-14-35

Cool, but why we have to turn it to a module within the kernel than just straight built into the kernel not showing the device ?? The reason, by the time kernel boot and the firmware file, reside on the filesystem not yet read so it was missing.

Hope this will help.

 

 

 

 

Advertisements

GNU/Linux container internals aka Cgroups and Namespaces

In this post, I will shed some light on the GNU/Linux container internals.Basically, what is underlying technology driving that. Here we go,without much ado:

What is GNU/Linux Container?

Is an operating system-level virtualization method for running multiple isolated GNU/Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space. This is provided by cgroups ( we will give details about it later) features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.
Before I give you the information about LXC , let me make you aware of the two crucial aspect of it ,namely cgroups and namespace.

Cgroups AKA Control Group:

It is a Linux kernel feature to limit, police and account the resource usage of certain processes (actually process groups).

  • Create and manage them on the fly using tools like cgcreate, cgexec, cgclassify etc
  • The “rules engine daemon”, to automatically move certain users/groups/commands to groups (/etc/cgrules.conf and /usr/lib/systemd/system/cgconfig.service)
  • Through other software such as (LXC) virtualization
  • (control groups) subsystem is a Resource Management solution providing a generic process-grouping framework
  • Cgroups provide resource management solution (handling groups)

For Cgroups implementation need a few simple hook into rest of the kernel,namely :

a) For each process :/proc/pid/cgroup

b) System-wide: /proc/cgroup
But we are lucky enough that, newer distribution running systemd comes along with all those tweak by default,so don’t sweat.

A little internals does not harm!! here we go :

First,cgroups use VFS(virtual file systems),all entries created in it ,are not persistent,means deleted on reboot.

Second, all cgroups actions are performed via file systems actions(create/remove directory,reading/writing to the files in it,mounting/mount options).

For example :

cgroup inode_operations for cgroup mkdir/rmdir.

cgroup file_system_type for cgroup mount/unmount.

cgroup file_operations for reading/writing to control files.

Systemd uses control groups only for the process grouping ;not for anything else like allocating resources like block io, bandwidth,etc.

It look something like this :

#subsys_name hierarchy    enabled

cpuset  8    1    1

cpu 3    2    1

cpuacct 3    2    1

blkio   4    2    1

memory  7    2    1

devices 2    41   1

freezer 5    1    1

net_cls 6    1    1

Below are few things you can do with cgroup,provided the library is installed:

Example:

cgcreate -g cpuset:/test

cgset -r cpuset.cpus=1 /test

cgset -r cpuset.mems=0 /test

cgexec -g

I have touched the tip of ice-burg ,if you are really interested to explore more , then you should follow the below mentioned link.

To use the effect of it ,you got to install libcgroup. The best place to know about cgroups is here and here and here  . Please read those mentioned link before to get a thorough understanding of cgroups.

Namespaces:

a)It is light weight process virtualization.

b) Isolation : enable a process or group of process to view the system in different perspective.

c)Much like zones in Solaris.

d)No hypervisor layer(as in OS virtualization like kvm and xen)

There are currently 6 namespaces,those are:

  • mnt(mount points and filesystems)
  • pid(processes)
  • net(network stack)
  • ipc(system v ipc)
  • uts(hostname)
  • user(UIDs)

Namespace first appear in Linux kernel 2.4.19,way back in 2002!!

** Each namespace has a unique inode number.

You need to know which config options are get effected ,while manipulating it(namespace). Here are those :

Kernel config items:

CONFIG_NAMESPACES

CONFIG_UTS_NS

CONFIG_IPC_NS

CONFIG_USER_NS

CONFIG_PID_NS

CONFIG_NET_NS

Each and every option doing the specific duty,as mentioned earlier. And in user space you have two package to play with it,those are :

iproute and util_linux 

Please explore those package in and the offering in detail to work with the above.Plus one has care about below findings:

How to find all existing namespace in GNU/Linux?

If you execute as root,you get the list of attached namespaces of the init process using PID=1.

In order to find other namespaces with attached processes in the system, we use these entries of the PID=1 as a reference. Any process or thread in the system, which has not the same namespace ID as PID=1 is not belonging to the DEFAULT namespace.

Additionally, you find the namespaces created by “ip netns add ” by default in /var/run/netns/ .

Okay, credit has to be given where it’s due……

Rami Rosen was kind enough to provide lots of information about those and most importantly share with public.Thanks Rami!  Here is his paper about it.

Check out this wonderful guide about it at LWN. Equally well written blog about it on opencloudblog and  here .

How docker use namespace,specifically about mount namespace.

Justin Weissig written a wonderful article about cgroups.

A must view place is kernel documentation about cgroups.

Ginny Henningsen and Lenz Grimmer written a magnificent blog at Oracle site.

Hope this will give you heads up.

Cheers!

Converting ext3 to ext4 filesystem

Here is a little tip which might help people to do the required thing to get the job done. As the title of this post said..will outline the procedure for that.

Here we go..


bhaskar@GentooLinux_10:50:09_Thu Mar 28:~> sudo blkid
Password:
/dev/sda1: LABEL="ARCH" UUID="9db5a364-ee86-4c57-8252-bfff8581e4b6" TYPE="ext4"
/dev/sda2: LABEL="Fedora-boot" UUID="ff94a6b0-3eee-4dc9-83e0-cbde449e93d7" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda3: UUID="kiCF1K-xTxV-t2Yu-CrBX-oENB-1kSn-6UY4Va" TYPE="LVM2_member"
/dev/sda5: UUID="X2MDAl-EaD9-s0kY-FbpZ-X6Wo-GowQ-yvTu1z" TYPE="LVM2_member"
/dev/sda6: LABEL="Fedora" UUID="7945ae6e-7061-4153-a5a1-ab9f60f693ae" TYPE="ext4"
/dev/sda7: UUID="61147c93-cf06-4d45-8204-b79b5b5d19a4" TYPE="swap"
/dev/sda8: LABEL="Slackware" UUID="77de30c7-fb6a-42d8-9cc3-7bd29e2cba06" TYPE="ext4"
/dev/sda9: LABEL="Gentoo" UUID="d83b45ce-ce1c-4678-9663-b884bab6f5cb" TYPE="ext4"
/dev/sda10: LABEL="Debian" UUID="1c0feb69-e586-4b2a-b774-176066a12e00" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda11: LABEL="ScientificLinux" UUID="7dedb9fe-8d77-4c93-bdbd-3297281041be" TYPE="ext4"
/dev/sda12: LABEL="openSUSE" UUID="924f28b3-8cda-4d7e-a833-c7687580e113" TYPE="ext4"
/dev/sda13: UUID="1Ke3cG-vv1Y-vgi6-Sszr-r3nz-xbQx-QzFyp1" TYPE="LVM2_member"
/dev/mapper/home-home: UUID="9fa403bf-858d-4ce2-9b5e-03bdeb2e9406" TYPE="ext3"
/dev/mapper/data-lvmdata: UUID="569e992f-3782-4689-8abf-85b59af4ba17" TYPE="ext3"
bhaskar@GentooLinux_11:58:30_Thu Mar 28:~> cat convert_to_ext4
tune2fs -O extents,uninit_bg,dir_index /dev/dev-name

For example convert /dev/sdb1 to ext4, enter:
# cd /; umount /dev/sdb1
# tune2fs -O extents,uninit_bg,dir_index /dev/sdb1
Next run fsck, enter:
# fsck -pf /dev/sdb1
a10skar@GentooLinux_11:58:38_Thu Mar 28:~> sudo tune2fs -O extents,uninit_bg,dir_index /dev/sda10
tune2fs 1.42 (29-Nov-2011)
bhaskar@GentooLinux_11:59:18_Thu Mar 28:~> fsck -pf /dev/sda10
bash: fsck: command not found
bhaskar@GentooLinux_11:59:36_Thu Mar 28:~> whereis fsck
fsck: /sbin/fsck.cramfs /sbin/fsck.minix /sbin/fsck.ext2 /sbin/fsck.ext4dev /sbin/fsck.ext4 /sbin/fsck.ext3 /sbin/fsck /usr/share/man/man8/fsck.8.bz2
bhaskar@GentooLinux_11:59:42_Thu Mar 28:~> sudo /sbin/fsck -pf /dev/sda10
fsck from util-linux 2.21.2
Debian: 261230/1220608 files (1.1% non-contiguous), 1666171/4882432 blockssudo blkid
/dev/sda1: LABEL="ARCH" UUID="9db5a364-ee86-4c57-8252-bfff8581e4b6" TYPE="ext4"
/dev/sda2: LABEL="Fedora-boot" UUID="ff94a6b0-3eee-4dc9-83e0-cbde449e93d7" SEC_TYPE="ext2" TYPE="ext3"
/dev/sda3: UUID="kiCF1K-xTxV-t2Yu-CrBX-oENB-1kSn-6UY4Va" TYPE="LVM2_member"
/dev/sda5: UUID="X2MDAl-EaD9-s0kY-FbpZ-X6Wo-GowQ-yvTu1z" TYPE="LVM2_member"
/dev/sda6: LABEL="Fedora" UUID="7945ae6e-7061-4153-a5a1-ab9f60f693ae" TYPE="ext4"
/dev/sda7: UUID="61147c93-cf06-4d45-8204-b79b5b5d19a4" TYPE="swap"
/dev/sda8: LABEL="Slackware" UUID="77de30c7-fb6a-42d8-9cc3-7bd29e2cba06" TYPE="ext4"
/dev/sda9: LABEL="Gentoo" UUID="d83b45ce-ce1c-4678-9663-b884bab6f5cb" TYPE="ext4"
/dev/sda10: LABEL="Debian" UUID="1c0feb69-e586-4b2a-b774-176066a12e00" TYPE="ext4"
/dev/sda11: LABEL="ScientificLinux" UUID="7dedb9fe-8d77-4c93-bdbd-3297281041be" TYPE="ext4"
/dev/sda12: LABEL="openSUSE" UUID="924f28b3-8cda-4d7e-a833-c7687580e113" TYPE="ext4"
/dev/sda13: UUID="1Ke3cG-vv1Y-vgi6-Sszr-r3nz-xbQx-QzFyp1" TYPE="LVM2_member"
/dev/mapper/home-home: UUID="9fa403bf-858d-4ce2-9b5e-03bdeb2e9406" TYPE="ext3"
/dev/mapper/data-lvmdata: UUID="569e992f-3782-4689-8abf-85b59af4ba17" TYPE="ext3"

In the many partition I have changed the “Debian” partition from ext3 to ext4.Next time you get into that specific drive …please check the file /proc/filesystems …and it should enlist ext4 in it.

Hope this will help.

Cheers!
Bhaskar

Get information about packages through yaourt

In this article I will show you how you can obtain the information about the packages in the system through package manager wrapper.I am sitting on Arch Linux and the default package manager is pacman. But here I am going to demonstrate a wrapper over pacman called “yaourt“.

So,without much ado, here is what it produced when I asked for the system package stats:

bhaskar@bhaskar-laptop_14:22:00_Wed Mar 30:~> sudo yaourt --stats
-------------------------------------------------------------------------------------------------------------------------------------------------------------
| Archlinux (yaourt 0.9.5.3) |
-------------------------------------------------------------------------------------------------------------------------------------------------------------

-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total installed packages: 772
Explicitly installed packages: 279
Packages installed as dependencies to run other packages: 493
Packages out of date: 45
Where 27 packages seems no more used by any package:
beanshell eggdbus hsqldb-java kernel26-headers ladspa libgphoto2 libgsf-gnome libmspack liboil libtracker libvncserver libxfontcache libxxf86misc
lirc-utils loudmouth lucene musicbrainz nickle perl-dbd-mysql perl-term-readkey saxon seed vbetool vigra xcursor-themes xorg-apps xorg-xkb-utils
Hold packages: (2) pacman glibc
Ignored packages: (0)
Ignored groups: (0)

-------------------------------------------------------------------------------------------------------------------------------------------------------------
Number of configured repositories: 7
Packages by repositories (ordered by pacmans priority):
core(159), extra(550), extra(0), community(31), extra(0), archlinuxfr(3), extra(0), others*(29)

*others are packages from local build or AUR Unsupported

-------------------------------------------------------------------------------------------------------------------------------------------------------------

Theorical space used by packages: 3649M
Real space used by packages: 3202M
Space used by pkg downloaded in cache (cachedir): 8.0G
Space used by src downloaded in cache: null

Hope this will help.

Cheers!
Bhaskar

How to overcome shared library saga on open system

First of all this is just an instance I recover …not always the same path or procedure apply..but surely help.But please refrain yourself doing it on the production box..

I do not issue any guarantee that it will work for you.

So one of OS got clobbered and a specific piece of library is the culprit to prohibit lot of services to start and even run. Because that library is somehow attached to those daemons and services.Now I was discovering a nice piece of software and the part of it to run ssh and sftp. When I start experimenting with it throws error that it cannot connect to the server. So my little experience tell that services might not be running on the box.

As I cross checked it and found it was the case. Second step I tried to start the service and stumbled over with this error:


sudo /sbin/service sshd start
Starting sshd: /usr/sbin/sshd: error while loading shared libraries: libgssapi_krb5.so.2: cannot open shared object file: No such file or directory
[FAILED]

Oooops!! I as discover that when system boot it failed many service like this.So few hover here and the within the system checked those ld.con… related stuff and running “ldconfig” showing that library is very much there in the system and rightly linked. Then the last resort plan to reinstall the that fellow( the krb5-libs) . But doing so might break other thing too in the system. Fortunately I was doing it on test bed not in the production box.Then I have to think different ways.So i went on reinstalling that lib like below:


sudo yum install krb5-libs
Loaded plugins: langpacks, presto, refresh-packagekit
Adding en_US to language list
google-chrome | 951 B 00:00
Setting up Install Process
Package krb5-libs-1.8.2-8.fc14.i686 already installed and latest version
Nothing to do
bhaskar@bhaskar-laptop_18:23:39_Mon Mar 07:~/Downloads/wimleers-fileconveyor-207361c/code> sudo yum reinstall krb5-libs
Loaded plugins: langpacks, presto, refresh-packagekit
Adding en_US to language list
Setting up Reinstall Process
Resolving Dependencies
--> Running transaction check
---> Package krb5-libs.i686 0:1.8.2-8.fc14 set to be reinstalled
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================================
Reinstalling:
krb5-libs i686 1.8.2-8.fc14 updates 693 k

Transaction Summary
=============================================================================================================================================================
Reinstall 1 Package(s)

Total download size: 693 k
Installed size: 1.7 M
Is this ok [y/N]: y
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 693 k
krb5-libs-1.8.2-8.fc14.i686.rpm | 693 kB 00:32
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : krb5-libs-1.8.2-8.fc14.i686 1/1

Installed:
krb5-libs.i686 0:1.8.2-8.fc14

Complete!

Now retry the service I want to start and it’s working!!!..


sudo /sbin/service sshd start
Starting sshd: [ OK ]

Another one coming up…..

sudo /sbin/service puppetmaster sta
Starting puppetmaster: [ OK ]

Yes, as I said this not the optimal solution ..but I will take it.

Hope this will help.

Cheers!
Bhaskar

How to fix security loophole in Gentoo

>

Security is an ongoing matter for all the open system. So it’s upto the guy who in charge of it and some company forces it too.In this article I will show you how you can fix the security hole in Gentoo.

Say you come to know that an security vulnarability has found on some particular and that software were loaded in your box.Here is how you can fix those:


bhaskar@bhaskar-laptop_15:03:56_Tue Jan 25:~> sudo glsa-check -f all
fixing 200812-12
fixing 200802-11
fixing 200705-23
fixing 200406-17
fixing 200804-13
fixing 200409-20
fixing 200708-01
fixing 200801-18
fixing 201001-04
fixing 201011-01
fixing 200909-11
fixing 200509-13
fixing 200612-16
fixing 200606-25
fixing 200405-22
fixing 200711-17
fixing 200510-19
fixing 201006-20
fixing 200602-08
fixing 200310-03
fixing 200506-16

….output is omitted for the sake of brevity, Yes,you spotted it right,glsa-check is an utility in Gentoo system to check security.Once it finished running then just run this command with different arguments; like below:


bhaskar@bhaskar-laptop_15:05:34_Tue Jan 25:~> sudo glsa-check -l affected
[A] means this GLSA was already applied,
[U] means the system is not affected and
[N] indicates that the system might be affected.

Now let me tell you that those alphabet in the left side within square bracket come with different colors. The A will be on normal white,the U will be green and the N in red.Important part to check how many N you have .

So,one tiny utility can do wonder,indeed.You can put it into the cron to run it periodically.

Hope this will help.

Cheers!
Bhaskar

The mystery behind LUN(Logical Unit Number)

>After being amazed and bewildered for sometime and listening to people talking so geeky about it ;I decided to unearth few intricacies about it.As we all know few parts of the world where people making simple thing complicated to others which benifit few blunt headed idiots to get cheap credit and save thier arse.

Oh! by the way forgot to mention that(those of you ignore the title)this is all about telling some intricacies about LUN(Logical Unit Number) .So without much ado lets dive into it.

Let me give you a clear cut definition I have come across so far is this “A LUN is a Logical Unit Number. It can be used to refer to an entire physical disk, or a subset of a larger physical disk or disk volume. The physical disk or disk volume could be an entire single disk drive, a partition (subset) of a single disk drive, or disk volume from a RAID controller comprising multiple disk drives aggregated together for larger capacity and redundancy. LUNs represent a logical abstraction or, if you prefer, virtualization layer between the physical disk device/volume and the applications.”

So how can you detect the LUN?

So there are two common ways to detect it,one is through /proc filesystes check and second is create a initrd image with it so time of os boot it can be detected.

Take the first case by scanning the /proc filesystem check; we need to the following to get a sense of it or aware of it:


bhaskar@bhaskar-laptop_06:55:52_Wed Nov 17:~> sudo cat /proc/scsi/scsi
Password:
Attached devices:
Host: scsi0 Channel: 00 Id: 00 Lun: 00
Vendor: ATA Model: ST9160821AS Rev: 3.BH
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi3 Channel: 00 Id: 00 Lun: 00
Vendor: Optiarc Model: DVD RW AD-7560A Rev: DH10
Type: CD-ROM ANSI SCSI revision: 05

As you can see it from the out of that scan of /proc filesystem.Now the next one getting the LUN thing detected when the os boots.

Detect LUNs automatically at system boot

The second method of configuring LUNs for a Linux system with only LUN 0 configured involves setting the parameter for the SCSI mid-layer driver that controls how many LUNs are scanned during a SCSI bus scan. The following procedure works for both 2.4 and 2.6 kernels, but it assumes the SCSI mid-layer driver is compiled as a scsi_mod module that is loaded automatically at system boot time. For Linux 2.4 kernels, to set the maximum number of disk devices under Linux to properly detect all volumes, you need to set the max_scsi_luns option for the SCSI mid-layer driver. For example, if max_scsi_luns is set to 1 this limits SCSI bus scans to only LUN 0. This value should be set to the respective maximum number of disks the kernel can support, for example, 128 or 256. In Linux 2.6 kernels, the same procedure applies, except that the parameter has been renamed from max_scsi_luns to max_luns.

1. Edit the /etc/modules.conf file.
2. Add the following line:
* options scsi_mod max_scsi_luns= (where is the total number of luns to probe.
3. Save the file.
4. Run the mkinitrd command to rebuild the ram-disk associated with the current kernel. You can use the following figures examples of what mkinitrd command to run for your operating system. refers to the ‘uname –r’ output which displays the currently running kernel level, for example:. 2.4.21-292-smp.
For SUSE distributions, use the following command:

cd /boot
mkinitrd –k vmlinuz- -i initrd-

For Red Hat distributions, use the following command:

cd /boot
mkinitrd –v initrd-.img

5. Reboot the host.
6. Verify that the boot files are correctly configured for the newly created initrd image in the /boot/grub/menu.lst file.

The basics behind it somewhat is this LUNs are created as a basic part of the storage provisioning process using software tools that typically accompany the particular storage platform. However, there is not a 1-to-1 ratio between drives and LUNs. Many LUNs can easily be carved out of a single disk drive.

For example, a 500 GB drive can be partitioned into one 200 GB LUN and one 300 GB LUN, which would appear as two unique drives to the host server. Conversely, storage administrators can employ Logical Volume Manager software to combine multiple LUNs into a larger volume. Veritas Volume Manager from Symantec Corp. is one example of this software. In actual practice, disks are first gathered into a RAID group for larger capacity and redundancy (e.g., RAID-50), and then LUNs are carved from that RAID group.

LUNs are often referred to as logical “volumes,” reflecting the traditional use of drive volume letters, such as volume C: or volume F: on your computer. But some experts warn against mixing the two terms, noting that the term “volume” is often used to denote the large volume created when multiple LUNs are combined with volume manager software. In this context, a volume may involve numerous LUNs and can confuse storage allocation.

Once created, LUNs can also be shared between multiple servers. For example, a LUN might be shared between an active and standby server. If the active server fails, the standby server can immediately take over. However, it can be catastrophic for multiple servers to access the same LUN simultaneously without a means of coordinating changed blocks to ensure data integrity. Cooordinating data changes requires clustering software, such as a clustered volume manager, a clustered file system, a clustered application or a network file system using NFS or CIFS.

LUN scaling and performance

LUNs are based on disks, so LUN performance and reliability will vary for the same reasons. For example, a LUN carved from a Fibre Channel 15K rpm disk will perform far better than a LUN of the same size taken from a 7,200 rpm SATA disk. This is also true of LUNs based on RAID arrays where the mirroring of a RAID-0 group may offer significantly different performance than the parity protection of a RAID-5 or RAID-6/dual parity (DP) group. Proper RAID group configuration will have a profound impact on LUN performance.

An organization may utilize hundreds or even thousands of LUNs, so the choice of storage resources has vast implications for a storage administrator. Not only is it necessary to supply an application with adequate capacity (in gigabytes), but the LUN must also be drawn from disk storage with suitable characteristics.

LUN management tools

Since an enterprise array may host more than 10,000 LUNs, software tools are vital for efficient LUN creation, manipulation and reporting. Such management tools are readily available; almost every storage vendor provides some type of management software to accompany products ranging from direct-attached storage (DAS) devices to enterprise arrays.

Administrators typically opt for vendor-specific or heterogeneous tools. A data center with one storage array or a single-vendor shop would do well with the indigenous LUN management tool that accompanied their storage system. Multivendor shops should at least consider heterogeneous tools that allow LUN management across all of the storage platforms.

A LUN management tool should also support the entire storage provisioning process. Features should include mapping to specific array ports and masking specific host bus adapters (HBA), along with comprehensive reporting. The LUN management tool should also be able to reclaim storage that is no longer needed. Although a few LUN management products support autonomous provisioning, some administrators have reservations about such automation.

SAN zoning and masking

LUNs are the basic vehicle for delivering storage, but provisioning SAN storage isn’t just a matter of creating LUNs or volumes; the SAN fabric itself must be configured so that disks and their LUNs are matched to the appropriate servers. Proper configuration helps to manage storage traffic and maintain SAN security by preventing any server from accessing any LUN.

Zoning makes it possible for devices in a Fibre Channel network to see each other. By limiting the visibility of end devices, servers (hosts) can only see and access storage devices that are placed into the same zone. In more practical terms, zoning allows certain servers to see one or more ports on a disk array. Bandwidth, and thus minimum service levels, can be reserved by dedicating certain ports to a zone or isolate incompatible ports from one another.

Zoning is an important element of SAN security and high-availability SAN design. Zoning can typically be broken down into hard and soft zoning. With hard zoning, each device is assigned to a zone, and that assignment can never change. In soft zoning, the device assignments can be changed by the network administrator.

LUN masking adds granularity to this concept. Just because you zone a server and disk together doesn’t mean that the server should be able to see all of the LUNs on that disk. Once the SAN is zoned, LUNs are masked so that each host server can only see specific LUNs.

Suppose that a disk has two LUNs: LUN_A and LUN_B. If we zoned two servers to that disk, both servers would see both LUNs. However, we can use LUN masking to allow one server to see only LUN_A and mask the other server to see only LUN_B. Port-based LUN masking is granular to the storage array port, so any disks on a given port will be accessible to any servers on that port. Server-based LUN masking is a bit more granular; a server will see only the LUNs assigned to it, regardless of the other disks or servers connected.

Adding/Removing a Logical Unit Through rescan-scsi-bus.sh

The sg3_utils package provides the rescan-scsi-bus.sh script, which can automatically update the logical unit configuration of the host as needed (after a device has been added to the system). The rescan-scsi-bus.sh script can also perform an issue_lip on supported devices. For more information about how to use this script, refer to rescan-scsi-bus.sh –help.
To install the sg3_utils package, run yum install sg3_utils.

Known Issues With rescan-scsi-bus.sh

When using the rescan-scsi-bus.sh script, take note of the following known issues:

In order for rescan-scsi-bus.sh to work properly, LUN0 must be the first mapped logical unit. The rescan-scsi-bus.sh can only detect the first mapped logical unit if it is LUN0. The rescan-scsi-bus.sh will not be able to scan any other logical unit unless it detects the first mapped logical unit even if you use the –nooptscan option.

A race condition requires that rescan-scsi-bus.sh be run twice if logical units are mapped for the first time. During the first scan, rescan-scsi-bus.sh only adds LUN0; all other logical units are added in the second scan.

A bug in the rescan-scsi-bus.sh script incorrectly executes the functionality for recognizing a change in logical unit size when the –remove option is used.

The rescan-scsi-bus.sh script does not recognize ISCSI logical unit removals.

Resources:

1) http://publib.boulder.ibm.com/infocenter/dsichelp/ds6000ic/index.jsp?topic=%2Fcom.ibm.storage.smric.help.doc%2Ff2c_linuxlunconfig_2hsaga.html

2) http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/html/Online_Storage_Reconfiguration_Guide/rescan-scsi-bus.html

Hope this will help.

Cheers!
Bhaskar