Gratuitous ARPs whenever you need them

Today I cloned a VM which had several IPs bounded to eth0. When I brought up the clone eth0 answered pings from my workstation (which is on a different network), but eth0:1, eth0:2, .. eth0:N did not. virt-clone had changed the MAC address as expected but why would a mac address change cause this problem? Turns out that the router between my workstation and dom0 had the old MAC address in its ARP cache and the ARP cache timeout is set high enough that I'd have to wait for it in order to reach the other IPs. But why wouldn't eth0 also be affected? Apparently when you boot a server it sends a Gratuitous ARP for eth0 but not eth0:1 etc. So the ARP cache for eth0 was updated but not the other IPs bound to eth0. What I wanted was to send a Gratuitous ARP for every IP bound to eth0 so that the cache would be refreshed. This is where arping is useful. E.g. to send a gratuitous ARP for the IP 192.168.6.212 whose gateway is 192.168.6.1, run:

/sbin/arping -s 192.168.6.212 -I eth0 192.168.6.1

From there it was just a matter of using a bash loop:

for x in `ifconfig | grep 192 | awk {'print $2'} | sed s/addr://g`; 
  do /sbin/arping -c 1 -s $x -I eth0 192.168.6.1 ;
done

I'm lucky my co-workers were able to help me understand this problem.

shaping like behavior while doing an scp

While scp'ing a large file between two systems on the same network I experienced something similar to shaping, though I was not shaped:

$ scp drupal1* user@host:/var/foo/
drupal1_data.img.gz                             2% 3122MB  33.6MB/s 
...
drupal1_data.img.gz                            20%  294MB   0.0KB/s -
stalled -Write failed: Broken pipe
lost connection
$

The ascii illustration above isn't a direct paste but should convey what happened. I watched 33.6MB/s show down to a complete stop. What's odd is that I was then able to do the scp again and maintain 33.6MB/s and get the scp done. However, I also saw the issue above now and then intermittently. I was going from Fedora 12 to RHEL5.5. I'm curious and want to look into this more. Someone suggested I would find relative information at High Performance SSH/SCP - HPN-SSH

Update Dec 2011::
A solution to the above is posted at linuxsecure.blogspot.com. It comes down to adding:

net.ipv4.tcp_sack = 0

to /etc/sysctl.conf and then enacting it with "sysctl -p".

Python SSH with Paramiko quickly

A quick python script to SSH into a server and run a list of commands. Uses Paramiko (doc). Fedora has a package:

yum install python-paramiko

Assumes you are using RSA Public Key Authentication:

#!/usr/bin/python
import paramiko, os, getpass

# Variables
username = 'you'
host = 'your.server.com'
port = 22
key = '~/.ssh/id_rsa'
msg = "Enter passphrase for key '" + key + "': "
private_key_pass = getpass.getpass(prompt=msg)
private_key_file = os.path.expanduser(key)

# Connctions
pkey = paramiko.RSAKey.from_private_key_file(private_key_file,\
                                              private_key_pass)
transport = paramiko.Transport((host, port))
transport.connect(username = username, pkey = pkey)

# Commands
cmds = ['ls', 'ls /foo']
for cmd in cmds:
    channel = transport.open_session()
    channel.exec_command(cmd)
    output = channel.makefile('rb', -1).readlines()
    if output:
        print "Success:"
        print output
    else:
        print "Error:"
        print channel.makefile_stderr('rb', -1).readlines()

transport.close()

Eben Moglen - Freedom in the Cloud

I am just embedding what many have already linked to. I recently saw Eben Moglen speak (not at the event below) but he talked about the same topics. Brilliant.

Python: MySQL & SSH

I needed to write some Python this Saturday and hack time is over for now so I'm documenting what I picked up. On vanilla Fedora 12 you can install the necessary packages with:

yum install MySQL-python 
yum install python-twisted python-twisted-conch

I then had what I needed to get Python SSH'ing into a server and talking to MySQL. Some examples:

• Python DB-API and MySQL
• Twisted is a networking engine written in Python
• Twisted.Conch code examples
• Fedora Python Packages