Showing posts with label Server Troubleshooting. Show all posts
Showing posts with label Server Troubleshooting. Show all posts

Troubleshooting Squid Reverse Proxy Server

0 comments 1/07/2010 08:15:00 AM Posted by Meghana M Bhombhore
Labels: ,

Reverse Proxy Implementation


Step1 : Check Squid is running or not

#psef | grep squid

This command should give you

Five internal dns server running process

Two squid demon(squid –D)

One unlinked process.

If all the mentions process are running fine means, it indicates that your Squid server is running fine.

ps -ef | grep squid

root 31617 1 0 15:06 ? 00:00:00 /opt/squid/sbin/squid -D

squid 31619 31617 0 15:06 ? 00:00:00 (squid) -D

squid 31623 31619 0 15:06 ? 00:00:00 (dnsserver)

squid 31624 31619 0 15:06 ? 00:00:00 (dnsserver)

squid 31625 31619 0 15:06 ? 00:00:00 (dnsserver)

squid 31626 31619 0 15:06 ? 00:00:00 (dnsserver)

squid 31627 31619 0 15:06 ? 00:00:00 (dnsserver)

squid 31628 31619 0 15:06 ? 00:00:00 (unlinkd)


Step2 : Check back end server is able to access from your reverse proxy or not?

#links web425.example.co.in


Step3 : Check system default logs for any suspected activity.

#tail –f /var/log/messages


Step4 : Check squid access logs, cache logs, store logs if you can able to find any issues

#tail –f /opt/squid/var/logs/access.log

#tail –f /opt/squid/var/logs/cache.log

#tail –f /opt/squid/var/logs/store.log


Step5 : Check whether your syntx in squid is fine or not with the following commands

/opt/squid/sbin/squid -k check
/opt/squid/sbin/squid -k parse


Please comment your thoughts regarding this post:-)


  • Like the post? Please Subscribe to free RSS feed to get updates

    • Surendra's DIG Notes

    0 comments 11/24/2009 09:39:00 AM Posted by Surendra Kumar Anne
    Labels: , , ,

    In this post i am going to teach How to use DIG and DIG by examples.

    DIG is one of the most important tool in debugging DNS server related issues.


    Some points to be noted about DIG.

    1. DIG full-form/abbreviation is Domain Information Groper

    2. DIG can work on command line or as well in batch mode

    3. DIG supports IDN convections too.

    4. DIG is more advanced than older tools such as nslookup and host commands.
    5. DIG output have so much information than any other tool, such as Question/Answer/Authority sections(which we are going to discuses in this post)


    Usage1 : Using DIG in basic form.
    #dig hostname

    Example :
    [root@ts6741 ~]# dig www.google.com
    ; <<>> DiG 9.3.3rc2 <<>> www.google.com
    ; (1 server found)
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52434
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
    ;; QUESTION SECTION:
    ;www.google.com. IN A
    ;; ANSWER SECTION:
    http://www.google.com/. 43200 IN A 200.99.187.2
    ;; AUTHORITY SECTION:
    http://www.google.com/. 43200 IN NS ns2.google.com.
    http://www.google.com/. 43200 IN NS ns3.google.com.
    http://www.google.com/. 43200 IN NS ns1.google.com.
    ;; ADDITIONAL SECTION:
    ns1.google.com. 43200 IN A 222.54.11.86
    ns2.google.com. 43200 IN A 220.225.37.222
    ns3.google.com. 43200 IN A 203.199.147.233
    ;; Query time: 1 msec
    ;; SERVER: 222.54.11.86#53(222.54.11.86)
    ;; WHEN: Wed Nov 18 18:31:12 2009
    ;; MSG SIZE rcvd: 152
    [root@ts6741 ~]#




    Here important points to know

    1. DIG version in Green (9.3).

    2. Question section in blue (Here it will show what you asked DIG to show up?).

    3. Answer secession in red (which will show you the answer for the query you asked).

    4. Authority section in brown (Which will show you who given the answer).

    5. Addition Section in light blue (It will show you if any additional info that DNS server provided).

    6. Total Query time in light green (Which will show how much time it takes to provide the answer).

    7. Server info in light brown (This will show what the port DNS server is working).

    8. Query execute date and time in dark red.




    Usage2 : Using DIG for reverse lookup entries
    #dig –x ipadd


    Example :
    #dig –x 192.56.78.1

    Usage3 : Digging with specified DNS server. Let me put it in this way. My dns server is not working properly and I want to test some server details, for this DIG will allow you to provide a DNS sever so that DIG will get information about the required system from that DNS server. We can provide DNS server by using @ symbol as shown below.
    #dig @ns-server hostname

    Example :

    #dig @223.125.43.67 http://www.google.com/

    Note : Here in this example my dig will not check /etc/resolve.conf file for default DNS server entry, it will just request details of http://www.google.com/ from a outside world DNS server ie 223.125.43.67





    Usage4 : To dig a DNS server on a perticular port,where DNS server is running .
    #dig @223.125.43.67 -p 2345 www.google.com


    Note:here 223.125.43.67 is the DNS server and port 2345 where that DNS service is running.



    Usage5 : To check the trace of the path.
    #dig http://www.google.com/ +trace

    Usage6 : To get mail server details
    #dig mx www.google.com

    Note : This will provied all the mail servers in google.com

    Usage7: To get Name server details
    #dig ns http://www.google.com/



    Note :     This will provide all the Name Server records.

    Please comment your thoughts regarding this post:-)

  • Like the post? Please Subscribe to free RSS feed to get updates

    • How To Log DNS Server Activity?

    0 comments 11/18/2009 05:16:00 AM Posted by Surendra Kumar Anne
    Labels: , ,

    How to log DNS server activity?
    Ans : Sometimes you require DNS server activity to be logged to a file for future reference to analyze the activity on DNS server and whether DNS server is properly resolving accurately or not. rndc is the command to use for DNS server activity logging. Let’s have a look how to log DNS server activity. In order to log DNS server entries just execute below command (you have to do this one as root user)
    #rndc querylog
    Note : When you execute the above command DNS server activity is logged on to server /var/log/messages file.

    Example output of the clipped log file
    bash-2.05b# /usr/sbin/rndc querylog
    bash-2.05b# tail -f /var/log/messages
    Nov 18 18:00:16 ns1.abc.in named[29413]: query logging is now on
    Nov 18 18:00:18 ns1.abc.in named[29413]: client 194.158.122.34#43071: query: abc.co.in IN MX
    Nov 18 18:00:18 ns1.abc.in named[29413]: client 194.158.122.6#43587: query: smtp.abc.co.in IN A
    Nov 18 18:00:19 ns1.abc.in named[29413]: client 82.8.211.193#19305: query: MX2.abc.co.in IN A
    Nov 18 18:00:20 ns1.abc.in named[29413]: client 200.49.130.26#4111: query: abc.co.in IN MX
    Nov 18 18:00:21 ns1.abc.in named[29413]: client 212.24.128.8#46547: query: abc.co.in IN MX
    Nov 18 18:00:22 ns1.abc.in named[29413]: client 200.75.51.132#26540: query: MX2.abc.co.in IN A
    In order to stop DNS logging activity please execute below command
    #rndc querylog
    Note : If you observe this command it is same as for starting the log activity, it is similar way how walky-talky works.. You have to press same button for both on/off operations.
    Example output of how it is stopped
    bash-2.05b# /usr/sbin/rndc querylog
    bash-2.05b# tail -f messages
    Nov 18 18:08:53 ns1.abc.com named[29413]: client 200.12.232.4#60450: query: abc.co.in IN MX
    Nov 18 18:08:59 ns1.abc.com named[29413]: client 212.54.35.233#39027: query: ns1.abc.co.in IN A
    Nov 18 18:08:59 ns1.abc.com named[29413]: client 212.54.35.233#10163: query: ns1.abc.co.in IN A
    Nov 18 18:09:00 ns1.abc.com named[29413]: client 88.156.63.9#3661: query: abc.co.in IN MX
    Nov 18 18:09:00 ns1.abc.com named[29413]: client 89.2.2.146#44622: query: abc.co.in IN MX
    Nov 18 18:09:05 ns1.abc.com named[29413]: client 203.199.147.5#14678: query: cmex01.clairmail.local.intranet.abc.co.in IN A
    Nov 18 18:09:06 ns1.abc.com named[29413]: client 117.98.17.34#1766: query: abc.co.in IN MX
    Nov 18 18:09:06 ns1.abc.com named[29413]: client 203.119.8.106#28142: query: abc.co.in IN MX
    Nov 18 18:09:11 ns1.abc.com named[29413]: client 217.171.113.9#4861: query: MX2.abc.co.in IN A
    Nov 18 18:09:11 ns1.abc.com named[29413]: query logging is now off
    Some FAQ’s:
    1.Is it advaisable to restart a production DNS server?
    Ans : No, Never try to restart a production DNS server with out prior notice from your higher officials.
    2.Then how can I update any changes I made to DNS server?
    Ans :     You can use rndc command to update the changes to dns server.
    3.I want to update DNS server zone file entries to DNS server without restarting the named/bind server?
    Ans :     We can do it by using rndc command
    #rndc reload
    4.I want to reload named.conf file with out restarting DNS server?
    #rndc refresh.
    Please Comment your thoughts regarding this post:-)

  • Like the post? Please Subscribe to free RSS feed to get updates

    • Server configuration file syntax Checking commands

    2 comments 7/01/2009 09:58:00 PM Posted by Surendra Kumar Anne
    Labels: , , , , ,

    SERVER CONFIGURATION FILE SYNTAX CHECKING COMMANDS.

    I have planned to write this post some long time ago, now the time has come to do it.

    Basically configuring servers in Linux/*nix include editing of configuration files and saving them. Once editing the files if any syntax error is there and when we start the service they will show some wearied errors which we cant resolve.
    For counter attacking this type of issues for each service there will be one command to check this syntax errors before starting of the service/server, I have collected these commands from my experience and from some of my friends. Please feel free to comment on this if you know some other commands so that I will update my post.

    SSHD server check for syntax error
    =========================
    sshd -t

    FTP server check for syntax error
    =========================
    #vsftpd

    DNS server check for syntax error
    ==========================

    For checking syntax errors in main configuration file..
    #named-checkconf main-config-file

    Example:
    #named-checkconf named.conf
    Syntax OK

    #named-checkzone domain zonefile-loc

    Example:
    #named-checkzone example.com /var/named/chroot/var/named/exaple-zone.frd

    SAMBA server check for syntax error
    =============================
    #testparm

    APACHE server check for syntax error
    =============================
    httpd -t

    For virtual hosts

    httpd -t -D DUMP_VHOSTS

    TCP Wrappers check for syntax error
    ============================
    tcpdchk
    tcpdchk -v

    Postfox server check for syntax error
    ============================
    postfix check
    postfix -vv


    LIGHTTPD     server check for syntax error
    =============================
    lighttpd -t -f /etc/lighttpd/lighttpd.conf

    Squid     server check for syntax error
    ==========================
    squid -k check
    squid -k parse

    NAGIOS server check for syntax error
    ====================================
    /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

  • Like the post? Please Subscribe to free RSS feed to get updates

    • Subscribe to: Comments (Atom)

    Archive

    Translate this page

     

    The Linux Juggernaut | Copyright 2006-2009 Surendra Kumar Anne | Surendra's Home Page | Give us feedback how we are doing, Click here

    AltStyle によって変換されたページ (->オリジナル) /