Configure the PTR record on the DNS server

It was necessary to somehow configure the Reverse DNS zone for the mail server, since some servers did not want to receive mail from it.

Let’s assume our domain mail.example.com located on the IP address 192.168.1.100, and 192.168.1.1 – the server of the Internet provider.

You can check from Windows with commands (where 192.168.1.100 for example is the address of our mail server, and 192.168.1.1 DNS on which the request is sent):

nslookup mail.example.com
nslookup 192.168.1.100
nslookup 192.168.1.100 192.168.1.1

In response, the first command will be 192.168.1.100, and in response the second one is nothing (it should be mail.example.com), since the PTR record is not configured in DNS.

From Linux, you can check:

dig -x 192.168.1.100

At the registrar of domain names in DNS we will add the NS-server of the Internet provider ns1.example.com 192.168.1.1.

On the provider’s server (on the test I use Bind9 on Ubuntu Server), open the DNS configuration file for example in the nano editor (CTRL+X for exit, y/x and Enter for saving or canceling changes):

sudo nano /etc/bind/named.conf

And add the following lines:

zone "1.168.192.in-addr.arpa" {
type master;
file "/etc/bind/1.168.192.in-addr.arpa";
};

The first line indicates which zone we will manage, the second type – the main one (this DNS will manage it), the third one – in which file the configuration for this zone will be registered.

Open a new file for zone settings:

sudo nano /etc/bind/1.168.192.in-addr.arpa

And add to it:

$TTL 3600
@          IN SOA ns1.example.com. admin.example.com. (
              2016112301       ; Serial
              21600             ; refresh
              3600              ; retry
              3600000           ; expire
              86400 )           ; minimum

        IN  NS ns1.hosting.com.
        IN  NS ns2.hosting.com.

$ORIGIN 1.168.192.in-addr.arpa.
100      IN PTR  mail.example.com.

admin.example.com – the contact address of the person responsible for the zone, the @ symbol is not indicated.
Serial – this is the serial number of the zone file version, it should change to the big side with each change, it is usually written in the form of the year month the number is the number of the change, according to it other DNS determine that it is necessary to update the information.
Refresh – the time interval in seconds through which the secondary server will check whether the information needs to be updated.
Retry – the time interval in seconds through which the secondary server will retry calls on failure.
Expire – the time interval in seconds through which the secondary server will consider the information it has obsolete.
Minimum – the interval of information lifetime on caching servers.
ns1.hosting.com and ns2.hosting.com this is the DNS of this domain.
The number 100 in the last line means the end of IP address 192.168.1, similarly you can specify entries for other domains, for example 101 IN PTR … for 192.168.1.101, etc.

Restart the DNS server to apply the changes.
Bind9 can be commanded by:

sudo /etc/init.d/bind9 restart

Done.

See also:
Configuring Reverse DNS (PTR) in Hetzner

Description of VLAN Types in Huawei OLT

In Huawei OLT, there are several types of VLAN, briefly describe them:

1) Standard VLAN
Ethernet ports in the Standard VLAN see each other, Ethernet ports of different VLANs are isolated from each other.

2) Smart VLAN
Smart VLAN can have many service ports that are isolated from one another in one VLAN, service ports in different VLANs are also isolated from each other. This type I usually use when setting up Huawei OLT.

3) MUX VLAN
One MUX VLAN can only contain one service port. service ports in different MUX VLANs are isolated from each other.

4) Super VLAN
Super VLAN is based on the 3 level, contains the subvlans (mux or smart), which can interact via arp-proxy.

Installing and using ioping

ioping – a simple tool for monitoring disk I/O delays in real time, similar to ping showing network latency.

You can install in Ubuntu / Debian using the command:

sudo apt-get install ioping

Here is an example of a run with 10 requests for a delay test to the / tmp directory:

ioping -c 10 /tmp

An example of a query with an interval of 0.2ms and an increased query size:

ioping -i 0.2 -c 10 -s 1M -S 5M /tmp

Test to disk:

ioping -R /dev/sda
ioping -RL /dev/sda

I’ll describe the possible startup options:
-c count (stop after the specified number of requests)
-w deadline (stop after the specified amount of time)
-p period (display raw statistics after each specified number of requests)
-P period (display raw statistics after each specified number of seconds)
-i interval (the interval between requests in seconds)
-s size (request size (4k))
-S size (size of the working set)
-k (after the command is finished, leave (do not delete) the working file ioping.tmp)
-L (sequential operations instead of random ones, this will also set the query size to 256k (like -s 256k))
-A (asynchronous I/O)
-C (cached I/O)
-D (straight I/O)
-B (do not display execution information, it will only appear when the command is finished in raw format)
-q (do not display execution information, it will be displayed only when the command completes)
-h (display help)
-v (view version)

How to enable SMTP without SSL on port 25 in iRedMail / Postfix

To allow the sending of messages on the mail server without encryption via port 25, you need to open the Postfix configuration file, for example, in the nano editor (in which Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/postfix/main.cf

And uncomment two lines:

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

And leave the commented line:

#smtpd_tls_auth_only=yes

Reload Postfix to apply the changes:

sudo service postfix restart

After that it will be possible to send messages via SMTP through port 25 without SSL, and as usual through 587 with SSL.

See also:
Allow insecure connections to POP3 / IMAP iRedMail

Adding vlan to Ubuntu for ABillS

Here is an example of adding a VLAN to Ubuntu Server for ABillS.

Switch to the root user:

sudo su

First of all, install the vlan package and load the 8021q module:

apt-get install vlan
modprobe 8021q

To autorun it after restarting the system, open the file /etc/modules, for example, in the text editor nano (Ctrl+X to exit, y/n to save or cancel changes):

nano /etc/modules

And add if it’s not there:

8021q

Create a script:

nano /etc/network/vlan.sh

Add content to it (in IFACE we specify the network interface for vlan, in VLANS – the VLAN list):

#!/bin/bash
IFACE="eth1"
VLANS="51,200-350,700-1000"

  /sbin/vconfig set_name_type VLAN_PLUS_VID_NO_PAD
  VLANS=`echo ${VLANS} | sed 'N;s/\n/ /' |sed 's/,/ /g'`
  for i in $VLANS; do
    if [[ $i =~ - ]]; then
      IFS='-' read -a start_stop <<< "$i"
      for cur_iface in `seq ${start_stop[0]} ${start_stop[1]}`;
      do
        echo "${cur_iface}";
        /sbin/vconfig add ${IFACE} ${cur_iface}
        /sbin/ifconfig vlan${cur_iface} up
      done
    else
    echo "$i";
      /sbin/vconfig add ${IFACE} ${i}
      /sbin/ifconfig vlan${i} up
    fi;
  done

We make the script executable:

chmod +x /etc/network/vlan.sh

Run the script:

/etc/network/vlan.sh

To autorun the script, open the configuration of the network interfaces:

nano /etc/network/interfaces

And add at the end of the line:

post-up /etc/network/vlan.sh

See also my articles:
Configuring VLANs in Ubuntu
Install and configure accel-ppp (IPoE) for ABillS

The solution of error “ERROR 1067 (42000) at line 211: Invalid default value for ‘blablabla'”

I noticed once when importing a sql file the following error:

ERROR 1067 (42000) at line 211: Invalid default value for ‘blablabla’

It arises because new versions of MySQL server use strict mode and parameters such as NO_ZERO_DATE do not allow entering date values like ‘0000-00-00’ into the database.

Connect to mysql server:

mysql -u root -p

Execute a query that displays the values of sql_mode:

show variables like 'sql_mode';

Copy the string with these values and exit mysql:

exit

Open the configuration file for example in the text editor nano (Ctrl+X for exit, y/n for saving or canceling the changes):

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

I did not have sql_mode = in the file, so at the end of the file I inserted the line with the previously copied values, removing NO_ZERO_IN_DATE, NO_ZERO_DATE from it, in my case, the following happened:

sql_mode=ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

Restart mysql to apply the changes:

sudo service mysql restart

Done, now when importing this error should not be.

The solution to the error “Service virtual port has existed already”

I noticed once on Huawei MA5683T when I added the service port for ONT the following error:

Failure: Service virtual port has existed already

As reported by the error, the service port is already registered for this ONT.
In my case, there was simply a misprint in ONT ID, it was accidentally indicated by the wrong one, after specifying the correct service port, it was registered.

And if you need to register several service port for one ONT, then see my article – Adding an ONT with trunk port to Huawei SmartAX MA5683T