May 012015

World IBD Day is Tuesday 19 May

World IBD Day is a day for everyone affected by Inflammatory Bowel Disease to stand up, take action, raise awareness and support the 300,000 people in the UK and millions more worldwide living with Crohn’s Disease, Ulcerative Colitis and other types of IBD.

Please wear purple (the international colour for IBD) on World IBD Day. Ask your friends, family, school and workplace to join in and be powerful in purple to help boost awareness about Crohn’s Disease and Ulcerative Colitis, and raise crucial funds for Crohn’s and Colitis UK.

You can donate any amount. To donate £5, you would Text PURP19 £5 to 70070
Alternatively, you can make an online donation at

world IDB day poster

world IDB day poster 2

nf_conntrack: table full, dropping packet.

 Linux  Comments Off on nf_conntrack: table full, dropping packet.
Aug 272014

I have several Xen and KVM vps servers and they all suffer with the same problem of “nf_conntrack: table full, dropping packet” but its an easy fix

You can check what the current number of nf_conntrack_max is set to.
cat /proc/sys/net/nf_conntrack_max
the default is 65535 but all mine were set to 15000.

Now to increase the number of nf_conntrack_max
echo 100000 > /proc/sys/net/nf_conntrack_max
Now if you check again it should be the new value.

Now to make the change permanent we add the following to the bottom of /etc/sysctl.conf
net.nf_conntrack_max = 100000

Please note that the directory path to “nf_conntrack_max” differs between Linux distributions, the above works for CentOS

Aug 262014

I’ve been playing around and getting to know CentOS 7 and have decided i prefer iptables (over firewalld) which i have been using for the last few years so here’s how to swap firewalld for iptables.

Disable Firewalld Service.
systemctl disable firewalld
Stop Firewalld Service.
systemctl stop firewalld
Now we install the iptables services.
yum -y install iptables-services
Start iptables at boot.
systemctl enable iptables
Start ip6tables at boot. (skip if you don’t use ipv6)
systemctl enable ip6tables
Finally we start iptables.
systemctl start iptables
Finally we start ip6tables. (skip if you don’t use ipv6)
systemctl start ip6tables

Now our firewall uses iptables and we can add our rules like we always have.

centos 7 released

 Linux  Comments Off on centos 7 released
Jul 072014

Centos 7 has now been released to the public.

Release announcement can be found here
Release notes can be found here
The fastest way to download is via torrent, I’m currently seeding all images available and am pushing approx 300Mbps (megabits per second) across my servers and have done 200GB+ of bandwidth in under 3 hours.

I will be updating most of my servers over the next few weeks/months and will start updating my tutorials again, happy testing.

Backup and Raid

 Backup  Comments Off on Backup and Raid
May 242014

I often hear “I don’t need a backup I’m running a raid array” which is completely wrong. Raid has several types but most types allow for 1 or more dries to fail without losing data but this is not a backup it just keeps your storage online/active.


A backup is a separate copy of your data, as a rule if you don’t have 3 copies of your data you don’t have proper backups. 1=Live storage, 2=On-site backup, 3=Off-site backup.

Business user

Now the setup i use for my commercial clients is Raid 1 or 5 in the storage server (This is my Live storage), I then use a NAS box again with raid 1 for on-site backups which i normally locate in a different part of the building where possible. Finally i have off-site backup, now depending on the size of the data to be stored and the average churn of data i use: If its small i use an online server or service but for larger uses i use a simple external usb3 hard drive which is then taken off-site, the other factor for online backup services is the speed of your internet connection.

Here’s a real world example:
Server – Raid 1 with 4TB usable storage
NAS – Raid 1 with 4TB usable storage
Usb3 HDD – 4TB

This client has a really slow internet connection (0.3 meg upload) and a high churn rate on the data in excess of 250GB a week so it would take forever to upload so we have to use an external usb3 HDD.
The server sync’s its files with the NAS over a gigabit network and does this nightly. This give us a full backup but we can only go back 1 day, for some clients they require several days worth of backups in which case you need more storage on the NAS and use an incremental backup system or similar.

Home user

Now for the average home user your backup requirements will be different and can be done very cheaply. I use 2 backup solutions myself, a system like above for my critical business files and a simple backup solution for the non critical personal files (pictures/videos/documents).
I store all of these in a online sync service like Dropbox or Google Drive. This gives me a local copy plus an off-site copy that can be accessed anywhere in the world online. I have used Dropbox pro for years but am moving over to Google drive for 1 reason – Price, i can get 1TB of storage with Google Drive for the same price as 100GB with Dropbox.

In my next post i will discuss how i backup web-servers.

 Posted by at 5:08 PM