Matt-J.co.uk : Ramblings

Once again, many days have gone by, and no posts. There is still a LOT of stuff i need to blogify, but with current coursework, work, placement presentations and other such joyous stuff, I just have not had the time..

This however, required a mention!
On saturday, Martin was telling me about the features of the switch he has bought (L3 Gigabit, 3com, pretty nice)  and mentioned it supported OSPF. As mine, Martins and Daves crazy LAN topologies are linked using VPN’s, I have been wanting to impliment some dynamic routing for a while (As having to add eachothers routes when someone decides they need a new subnet is VERY tedious)

So out came quagga (emerge quagga) an implimentation of OSPF2 (and rip2, ospf3, ripng, bgp) for *nix.
Martin would also have to run this on his debian tunnel endpoint, however the OSPF area could then be extended to the switch, allowing his L3 switch to become his default gateway for his lan, and dynamically know where all our subnets were, even if one of us added a new one without telling anyone else.

The config started out slow, with me printing the quagga docs (hate reading on a screen), but these turned out to be more a command reference than a guide, and so we busked it.

A couple of minor routing loops later:

• One because we had not removed the static routes for each other before enabling OSPF.
• The second because OSPF was distributing my locally terminated public IP that martin’s VPN connected down, and so OpenVPN at his end saw this local route to my public IP, and tried to send the tunnel establishing UDP packets down it’s own tunnel interface.. which soon collapsed in on itself :P.
  I soon noticed this with wireshark and masked OSPF from advertising that route.

After this, everything worked! and many repetitions of ‘epic win’ were enjoyed.

Today, we contacted dave and got him quagga’d up.. This time the whole process took maybe 10 mins, including firewall rules for daves OSPF traffic (i’m a little paranoid)

Updates of subnets accross the whole atonomous system are sub second. This rocks!

If anyone wants my notes on ospf quagga setup please let me know.

It works!!

In other news today, it snowed here in fleet. Looky:

That’s all for now, off to do some more coursework :(

//Matt

.. By a fair, fair amount!

Check this out!!

http://blogs.sun.com/jonathan/entry/lone_ranger

Built on all open software too..
Is it wrong of me to be thinking of re-creating this software setup at home to see how it works (lustre, sun grid etc).. only with iSCSI and gig-e interconnects?

Makes me proud to currently be working for sun! it *****ng rocks!

*wants to borrow it for a day to generate some rainbow tables (not as gay as they sound.. see rainbow tables)*

Ahh the joys of XKCD!

Tim U recently said in one of his blog posts that is is pretty weird having to schedule downtime on your own HOME network..

I now completely agree with him, after we moved the ’server room’ into a much smaller airing cupboard type room so that the servers were not directly over someones bedroom.

The result’s seem pretty good, and everything came back up first time (So glad we labeled the cables :P) and the house seems happier once again (Wonder what next weeks problem will be… the fun never stops :P)

There are however a couple of possible drawbacks:

One is that the room is so small it did not have a door, just a door frame. To solve this we have pinched the door off the old server room, however, not wanting to drill holes for the hinges in the freshly painted frame (in our rented house) the door is propped up, with a couple of ropes to the stairs Bannister ‘Just in case’.

The second is that the room is so small.. I am worried what the temperature in there will settle at..
And so, in true geeky style, I was hoping to monitor the temperature sensor of my 1U server or the switches via SNMP..

Only none of them have temp sensors in :( Ahh well, I guess i’ll just have to check in there tomorrow that it’s not *Too* warm.

Anyway, pictures (Made much easier by yesterday’s Nokia N95 firmware update)..

Back to work tomorrow! I will eventually find time for more ‘catch up’ posts.. Honest :P

//Matt

Woo! New firmware update for my Nokia N95.

Have only been playing round with it for a few mins, but one change that rocks, is that it now does ‘upload photo to flickr’ uploads in the background, and just gives you as nice notification when finished, instead of hogging the phone screen until it finishes.

Also, small waits while handling image processing / saving are handled better (’Image Processing’ message instead of just a UI hang)

Apparently there are quite a few under the bonnet updates like on demand paging, meaning you have a lot more ram free more of the time (30MB free at bootup)

One thing I will say, is if you are going to do a backup/restore from the nokia pcsuite (Which you will need to do to keep your stuff, as a firmware update nukes everything on your phones memory) MAKE SURE you are running the special ‘Nokia N95 PC Suite’ This has a black user interface, and you gettit from HERE.

Compared to the normal nokia PC suite, which has a white interface, and will hang on 60% of your ‘restore backup’ procedure.

//Matt

WOW!

It’s 1.00am, Was talking to Martin (who’s back in manchester) about some crazy network security stuff.
I had just put the phone down and sat back down at my PC when my desk, monitors and chair were rocked by something. As I looked out of the window to see what the hell it was.. Martin called me and said ‘Dude! There’s just been an earthquake!’

That’s damn impressive if it was felt 250 miles apart!

OCUK forum already has hundreds of posts (Does no-one sleep anymore ;) )

//Matt

Hi all,

Thought I would write a quick post for those that don’t know,
On wed night while heading back north for the rest of my week off, an articulated lorry changed lanes into the side of me, and span my car off and over into the hard shoulder, on it’s side.

I dont think I can say anymore or give exact details until the police have finished their investigation, but apart from neck/back pain and stitches down my right arm, i’m fine.

Sadly, the truck driver did not stop, and no-one got the registration number, so depending on what the insurance company say, I could be without a car for quite a while.

Anyway, Thanks to everyone that stopped on the M1, and the ambulance team/doctors at Watford A+E.

//Matt

OK. This is the first in a number of ‘update posts’ covering what I have been upto in the past few months.

A while ago (Jan 4th I think) While searching for a new server to replace my Dell poweredge (huge, heavy, and pretty slow) for something with a little more horsepower, I noticed a server on E-bay, that was going for stupidly cheap, with not long to go.

In the description of the auction, it said the system would not boot, and powered itself down within 5seconds of startup with what was basically fan error. I pulled up the specs/hardware docs for the server and decided at worst it would be a broken fan module, and at the following specs, it would be worth taking the risk of 100 quid (would usually go for at least 500).

Specs:

• 1U compaq server
• Redundant hot swappable PSU’s (2)
• 2x 2.8Ghz Intel Xeon CPU’s
• 4GB ECC DDR RAM
• 2 x36GB Ultra320 Hot swappable SCSI Drives
• Hardware Raid for scsi drives
• Integrated LOM (remote on/off/IP KVM console)
• 2X inbuilt gigabit ethernet ports
• 1X quad port intel/pro PCI-X

I Won the server (bidding via a friend as I was in the pub at the time ;) ) for 113 quid, and the next day (sunday) embarked on driving through central london to pick it up. (which although slow moving, was actually nice to familiarize myself with driving into the capital / where things are :) )

Picked the server up and drove home (1.30 hrs each way I think) I got it home, plugged it in (loud!!) and yup, the error message was still there.
But all of the fans I could see were spinning, so I tried to reset the error, or mask the error in the bios / LOM.. No luck.

Next I took the fan module out that the system was complaining about (PSU / System board fan modules at LHS of unit) and tried turning each of the six fans (3×2 configuration) manually… One was stuck!

Looked inside it.. and there was a tiny bit of muck/wood chip/plasterboard/something wedged between the fan blade and the outside casing of the fan. Removed it with pliers… and put the fan module back in..

System instantly booted, right into RHEL5. Fast as foobar!

At this point, as you can imagine, I was damn chuffed, and proceeded to put Vmware on it (as this is going to replace my old Vmware server, for running a few basic vm’s (more later))

Anyway… Before we proceed, Pictures!

Not bad for 113 cashmonies!

Anyway, The next task was going to be moving all my virtual machines off the old VMserver onto this one (and then take the old one offline) However, As I am using different versions of Vmware.. That didn’t turn out to work.

So I used this as an opportunity to move the VM’s away from gentoo and do a full re-install of the services from scratch.
I wanted to move them away from gentoo for two reasons:

• Keeping 6 gentoo boxes upto date (including desktops/servers) / error free was taking up way to much of my time, especially since they were only running things like DHCP / DNS / Hellanzb
• I wanted to give my new Solaris skills a try (and I would have felt bad NOT using solaris, as it rocks :P but that’s for another ramble)

My old VM server had the following:

• DHCP/DNS - Gentoo 2007.1 VM, running dhcpd and maradns
• HellaNzb - Gentoo 2007.1 VM, running hellanzb for usenet and IRCD for an internal IRC server
• Centos4 - Running a test Scalix Mail install

I also had other servers (Old desktops) for:

• Trixbox (asterisk and freepbx) VOIP PBX server - Headless Desktop, 512Mb/ram, 40Gb IDE HDD, 1Ghz Athlon CPU
• Old compaq server, Dual 500Mhz Xeons, 1GB ECC Ram, 36Gb Scsi disk. Running pfsense for house firewall.

So, I slowly started to install new VM’s on the new server to replace these old systems. I have now ended up with the following:

• Solaris snv_78 - running Bind 9 and solaris dhcp server (bind rocks! it’s not complicated at all, as some people make out)
• Pfsense - 2 NIC’s from the server provided exclusively to this vm, allowing me to virtualise the house Firewall, keeping it separate from the internal network.
• Ubuntu 7.10 Server- a ‘general server’ vm, for testing bits of stuff out on (chose this OS due to the ‘hands off maintenance’ and the power/speed and ease of apt-get. this runs internal webpages and also HellaNZB and IRCD
• Trixbox (centos5) - Installed the newest version of trixbox onto a VM (even though it says it dosnt get on with virtualisation) and it works fine (NTPD was needed to adjust for clock skew… but you should be running this anyway) We were having some stutter problems in calls, but this seems to be Martin’s IAX softphone (zoiper, used to be idefisk.. and now sucks soooo many balls!)
• Centos5 - This runs Scalix mail services, which I will eventually use as my main mail system (currently using it for the amazing web interface and calDav calender stuff for centralised todo lists / calendars) (Installer for community edition is now completely pain free)

The new server has taken on these tasks without a problem, and it’s also interesting to see how many resources are used by each of these OS’s at idle. (Centos looses, hands down!.. solaris and ubuntu (without gui’s) Pwn!.. 50 - 300mhz, and around 100-200mb ram for solaris (less for ubuntu))

Old server has now been taken offline, and will be flogging it so that I dont have to move it when i move house!

Here are the systems made redundant by this new system and the new server in it’s place:

After such a geeky post… is anyone up for a Saturday afternoon pint or twelve?

I know I still need to write up a load of technical stuff I have been working on;
But just a quick post for anyone that hasnt heard about [LINK FIXED] THIS

A pretty nasty Linux privilege exploit coving kernels upto ” Linux kernel 2.6.24 -rc5″

Users should patch / upgrade. And if you can’t.. At least disable shell logins for anyone other than yourself ;P

Actually I have been damn busy! But that usually means the blog suffers, sorry.

I do have lots of new stuff to talk about, so stay tuned :P

Also, I’m amazed how many comments the petrol prices post is getting :P

–Matt