User:Rpeters

From Info Wiki
Revision as of 13:44, 27 November 2012 by Rpeters (talk | contribs)

Jump to: navigation, search

Templates

this is it -Rpeters13:25, 24 August 2012 (EST) --

def
definition list
def
definition list

For General Users

Overview

Advanced Format (AF) Hard Disk Drives are used in many pre-built computers and USB drives from about 2011 onwards.. By way of explanation

  • AF drives have 4 kB hard sectors in lieu of
  • the traditional 512 B sectors

Advantages

  • much faster (less disk overhead)
  • more space efficient (larger disk capacity from same hardware)
  • overcomes immutable capacity limit of ~2.19 TeraByte for conventional drives

Disadvantages

  • Windows 32 bit systems cannot boot from AF drives
    • requires driver from HDD manufacturer, to use as data only internal drives

No action is required by the typical purchaser, because the manufacturer will have taken care of the special formatting required with AF drives. Getting Technical below, provides guidelines for those needing to:

  • repartition drives
  • install new, "bare" drives

Getting Technical

Advanced Format Drives

New HDD from about 2011 onwards are likely to be Advance Formatted

  • usually pre-formatted
  • likely to be stated on drive or packaging
  • essential for drives over 2.1 TeraByte capacity
  • has been used on new drives as small as 250GB

Avoid reformatting drives to MBR

  • performance loss of up to 40% if reformatted MBR
  • requires special procedure - see "Strictly for Geeks" below

. A new type of partition table called Globally Unique Identifier(GUID) Partition Table (GPT) is required to optimise the performance of AF disks. The partition table previously in common use has no univerwsally agreed name but is given the nomenclature Master Boot Record (MBR), because that was a unique feature of it.

Legacy partitioning tools do not handle GPT. A suitable tool for intermediate users is "parted" or its GUI front-end "gparted". The simplest way to use these is from a bootable utility CD

http://www.sysresccd.org/Download http://partedmagic.com/doku.php?id=downloads

Altering Partitions

It is not advisable to delete or alter patitions of type ef01 or ef02, because these have a special purpose in GPT. Other partitions may be re-sized or added, as required. Note that:

  • all partitons in GPT are Primary
  • up to 128 primaries are permitted
  • GPT has no concept of "Extended" or "Logical" partitions.
  • partition type numbers sometimes differ from those used with MBR partition tables

A compleat description of GPT is available at:

http://www.rodsbooks.com/gdisk

New Drives

The full capacity of Drives over 2.1 TB can be utilised only via recent mainboards or add-on SATA controllers

  • support for SATA 3 (aka 6 Gb/sec) is required

The boot flag in GPT does *not* make a disk bootable from a BIOS mainboard. See the procedures at:

http://www.sysresccd.org/Sysresccd-Partitioning-EN-The-new-GPT-disk-layout



Strictly for Geeks

Capacity

The international standard for data capacity uses multipliers of 2 ^ 10 in lieu of SI decimal multipliers of 10 ^ 3 eg

  • kiB = 1024 Bytes
  • kB = 1000 Bytes

through

  • TiB = 2.198 TB

Why does this matter ?

  1. drives have always had sectors that are multiples of kiB
    • 0.5 kiB for conventional HDD
    • 2 kiB for CD & some Magneto Optics
    • 4 kiB for AF drives
    • 32 kiB for DVD
  2. advanced formatting tools allocate partitions in MiB, GiB, TiB increments
    • partition sizes will be reported larger by older OS
    • formatted capacity of a drive will be somewhat less than manufacturer's nameplate rating, which is usually in decimal
  3. advanced formatting tools might align partitions on MiB boundaries
    • helps optimise performance

Tools

A more capable partitioning tool is required to set up the advanced features of GPT. The partitioning tool gdisk is downloadable from http://www.rodsbooks.com/gdisk/download.html

Partition Conversion

MBR drives can be converted to GPT partition table, without erasing data, subject to some limitations and risks

  • essential to backup data & system files
  • use the "r" menu option in gdisk, followed by "g"
  • some partition numbers might be changed

Advanced Patitioning Layouts

  • non-sequential partition numbering
  • spaces between partitions
  • partition alignment on 1 MiB boundaries


Re-formatting

Drives up to 2.1 TB,manufactured during the transitional period, logically divide each 4kB sector into eight 512 B sectors

  • permits partitioning using legacy programs
  • deprecated because doing so can decrease performance up to 40%
    • essential for boot drives in Windows 32 bit systems

AF drives that are re-formatted to MBR might behave unreliably unless expert options in gdisk are used

  • see "z" menu option

File Migration

The simplest approach is to install additional HDD before any systems are installed or data created. If that is not feasible then any existing files/folders at the intended mount point need to be migrated

  1. ensure that the files to be migrated are firstly backed up to independent media
  2. as user root mount the new partition to a temporary point, typically /mnt/
  3. cd to the mount point that will later be used permantly for the new partition
  4. use the "cp -ax" command to copy all files from within the folder of the mount point to ./mnt
    • do not use use file managers for this purpose, because those may set incorrect timestamps, permisisons etc for files
  5. unount from the temporary point
  6. set the permanent mount point (and change permissions, if necessary) as in sections "User Storage" or "System Storage" below
  7. the above procedure duplicates existing files. To remove the originals:
    • temporarily unmount the new partition
    • delete all files in the folder of the permanent mount point
    • remount the new partition to its permanent mount point


Firewalls

Packet-Filtering v Router

a perenniel question is whether it is preferable to run a packet-filtering style firewall on each workstation/laptop/pocket-PC or to use a single "hardware" router to protect the whole LAN

Packet-Filtering v Router

Advantages

  • no additional hardware, cost, wattage
  • zero acreage

Disadvantages

  • generally less "hardened"
    • many more background prolcesses need to be running to support user apps

Linux

Most Linux include a packet-filtering style firewall

  • usually activated, by default
    • but check
  • efficacy likely to be similar
    • based on iptables
    • may also include ip6tables and ebtables
  • administrative interface specific to distribution
    • "Guarddog" in KDE provides consistent interface

Mac OSX

citation needed

Windows

citation needed

Gateway/Router

  • generally regarded as "abandon-ware" by manufacturers - typically
    • updates are not announced
    • only a few updates provided
    • for about three years only

Firewalls

Packet-Filtering v Router

a perenniel question is whether it is preferable to run a packet-filtering style firewall on each workstation/laptop/pocket-PC or to use a single "hardware" router to protect the whole LAN

Packet-Filtering

Advantages

  • no additional hardware, cost, wattage
  • zero acreage

Disadvantages

  • generally less "hardened"
    • many more background prolcesses need to be running to support user apps

Linux

Most Linux include a packet-filtering style firewall

  • usually activated, by default
    • but check
  • efficacy likely to be similar
    • based on iptables
    • may also include ip6tables and ebtables
  • administrative interface specific to distribution
    • "Guarddog" in KDE provides consistent interface

Mac OSX

citation needed

Windows

citation needed

Gateway/Router

Although these are typically a separate hardware item they are not necessarily an additional hardware item, often being combined with an ethernet switch and/or DSL modem

Advantages

  • generally more "hardened"
    • by eliminating many background prolcesses that are not needed to support user apps
  • single point of installation, configuration and update


Disadvantages

  • possible additional hardware, cost, wattage
  • update support for commercial units is typically infrequent and limited-term

zero acreage

Linux

Most Linux include a packet-filtering style firewall

  • usually activated, by default

Gateway/Router

For General Users

The relative advantages of a separate gateway/router are discussed at

A packaged commercial uint is the most suitable option

  • ADSL modem/router for ADSL users
  • "broadband" roiuter for other connection types
    • as of 2012, a router for dial-up connections appears to be unavailable

Disadvantages

  • generally regarded as "abandon-ware" by manufacturers - typically
    • updates are not announced
    • only a few updates provided
    • for about three years only
  • firewalling functions eg SPI, often default to DISABLED
    • apparently to ensure that it "just works"
    • ensure that these functions are re-configured to ENABLED

Recommendations

A commerical uint that overcomes the above disadvantages at a price is the FritzBox

A much lower pirced unit is the DLink DIR-615

  • this is a broadband router only (no modem)

Getting Technical

DIY routers overcome the support limitations of commercial units, although until recently this has been at a cost of:

  • acreage
  • wattage
  • additional terminology

Most DIY units have been based on superceded PC. Additional hardware will be required:

  • modem (if not provided by ISP as modem or Set Top Box)
  • ethernet switch (unless only one computer will be accessing the Internet)
  • WiFi Access Point
    • if required
    • might be implemented as a PCI/PCIe WiFi card in the routing PC

Hardware

Minimum suggested specs are approximately

  • CPU - any X86 compatible of 333 Mhz or faster
    • ARM CPU may now be viable in lieu x86 compatible see "Strictly for Geeks" below
  • RAM - 256 MB
    • additional functions, particularly caching, require extra RAM
  • storage - 2 GB
    • effective caching requires several GB more disk space
  • network interfaces
    • PCI, PCIe or USB-Ethernet required
    • 10 Mb/s suffice - unless running ADSL 2 or faster link
    • NB - speed of other devices on the LAN is irrelevant, LAN performance depends on the ethernet switch deployed

Wattage for DIY has been somewhat higher than for commerical routers. A suitable objective, using 2010 or later componentry is 25 W. Lower wattage units are addressed under "Strictly for Geeks" below. CPU wattage is a poor indicator because other chips and peripherals consume somewhat more. Suggested basis for low wattage router:

  1. HP Proliant Microserver
  2. mainboards based on C50 CPU - which appears to have been used only in netbooks
  3. mainboards based on E350 CPU
  4. mainboards based on Atom CPU are something of an enigma
    • can be the lowest cost available but
    • wattage surprisingly high, because of associated chips
  5. mainboards based on VIA CPU
    • expensive unless s/hand
    • not particularly low wattage
  6. mainboards based on Pentium III CPU
    • reliability might be reduced because of age
    • zero cost & acceptable wattage

Software

Many Linux and BSD can be configured a gateway-router, but it is generally simpler and more watt efficient to use a specialised firewall/gateway distribution. Better known ones are listed in Linux_Distribution_Recommendations Although BSD based distributions such as Monowall are quite functional, their use would involve an additional learning curve for most people

Zoning

Software for DIY routers implements similar network zoning to that in commercial routers. An aspect that is different is the colour coding of zones:

  • RED for untrusted/unfiltered Internet
  • GREEN for most trusted, wired LAN connections
  • BLUE for less trusted WiFi connections
  • PURPLE for additional LAN zone
  • ORANGE for Demilitarized Zone, (DMZ)
    • not required by most home users
    • typically used for stand-alone servers, to which access from the Internet is permitted

Strictly for Geeks

DIY routers based on ARM CPU have become viable during 2012.

  1. have potential to match commerical routers in wattage and acreage
    • whilst maintaining advantage of frequent software updates
  2. require more careful matching of hardware and software
    • ARM compilations are not as "portable" as x86 compilations
      • advisable to select hardware having an ARM CPU series matching the compilation
  3. raspberry pi is best known hardware example - see Raspberry Pi
    • IPFire is the only well-known firewall/router that has reached released level for it
    • alternatively, raspbian could be adapted as a firewall/router for it


Grub Rescue CD

GRUB-legacy and GRUB2 have provisions for making bootable GRUB CD (ISO images, from which a CD may be burnt)

  • the command to create the ISO image is less complicated in GRUB2

It is diffcult to create a generic boot CD because GRUB looks for particular hard disk drives, partition numbers, kernal images and initrd images

  • downloadable rescue CD images do a good job of providing a generic CD
    • Parted Magic
    • Supergrub
    • Systemrescue
  • using the /boot/grub2/grub.cfg file from the specific PC to be booted is a useful starting point for a custom rescue CD
  1. read the outine of process that is provided by via the commnad "info grub"
  2. create a folder to hold the contents of files to be used for the image
    • $mkdir ISO
    • $mkdir -p ISO/boot/grub2
    • $cp -a /boot/grub2/* ISO/boot/grub2/
    • edit the file ISO/boot/grub2/grub.cfg to remove references to specific kernel versions
    • eg linux /vmlinuz-3.4.6-12 becomes /vmlinuz
    • /initrd-3.4.6-12 becomes /initrd
    • check that your distribution has created the logical links vmlinuz & initrd. If not, then create them manually to point to the current kernel & initrd
    • any menu items for Windows should work unchanged


    • the file

Distribution specific notes;

  • openSUSE postfixes all grub 2 related material with "2"
    • default folder becomes /boot/grub2
    • commands become eg grub2-mkrescue

YMMV with other distributions