Tag Archives: network

Astaro ASG as OpenVPN Access Server client

Just about four weeks ago I posted about the resurrection of the .ovpn to .apc converter script. In the meantime Alois told me in the comments that while this was nice it didn’t work for current versions of the OpenVPN Access Server and the .ovpn files it creates.

Well, since there’s been nothing much else to do I did some more work on the script and I can now happily say that it now also converts the new .ovpn format to an .apc the Astaro can understand. Unfortunately, there’s a little catch: the OpenVPN Access Server relies on ‘tls-auth’ for client connections and the Astaro neither knows of that concept not provides a method to import the needed key file. So I had to do some creative manipulation to make the Astaro do my bidding to include the necessary config statements. In addition, you will need to manually copy the key file to the Astaro to make everything work as expected. To make things as easy as possible, the script will tell you what to do.

If you’re interested, check out the latest version of ovpn-to-apc.sh on Gitorious. If it works for you, let me know. If it doesn’t, let me know, too.

ReadyNAS: New RAIDiator – Same iSCSI Target ;)

Netgear recently updated the ReadyNAS firmware to RAIDiator 4.1.5. This version contains some fixes and updates but doesn’t change the base kernel version used. Thus, the iSCSI Target Support for ReadyNAS will continue to work unchanged.

Continue reading

VMware Player updated to 2.5.2

Actually the new version is available for some days now, but I just noticed that there’s an update available for download, containing some new features and fixes.

Continue reading

New globalSAN iSCSI Initiator for Mac

As I just found out, Studio Network Solutions have released version 3.2.0.15 of their globalSAN iSCSI initiator for OS X. I haven’t found a change log yet, but installed the new version anyway. So far no problems, Time Machine is backing up as smoothly as ever.

NcFTP 3.2.1 for ReadyNAS

Today I finally got fed up enough with the crippled and outdated version of NcFTP shipped with the ReadyNAS that I compiled my own version. The result is ncftp-3.2.1-ReadyNas.tar.gz.

Installation ist quite easy:

  1. If you haven’t done already, install the ReadyNAS extensions ToggleSSH and EnableRootSSH
  2. Copy the file to your ReadyNAS, preferrably to the /root directory using scp.
  3. Log on to the shell of your ReadyNAS using ssh as user “root”.
  4. Change to the / directory, eg “cd /”.
  5. Unpack the archive using “tar xzf /path/to/ncftp-3.2.1-ReadyNas.tar.gz”
  6. Enjoy

All files will be unpacked to /usr/local, not overwriting any existing copies of the ncftp tools previously installed. To use the new version you may have to log out and log in again.
As always: Works for me, ymmv. If using this software breaks your ReadyNAS you own the parts.

Mac and Solaris: Fix the “xterm-color” issue

Every time I connected to a Solaris machine from my Mac using ssh I ran into the dreaded “WARNING: terminal is not fully functional” problem. The reason is that the Mac sets its terminal type to “xterm-color” which isn’t known to Solaris. After fiddling with the termcap file with no success, I found the solution buried in the various tips on Phil’s site.
Just copy the xterm-color file provided by Phil (local copy) to the /usr/share/lib/terminfo/x/ directory. Done. Maybe you have to logout and login again to make it work, but that’s it.

What Java is right for you?

Intersting find today: If you’re running Solaris 10, you’re way better off using JDK 1.5.0_xx. Using JDK 1.6.0_x will result in unusual heavy loads and application crashes on Solaris 10.
However, if you’re running Linux, it’s exactly the other way round. On Linux, JDK 1.5.0_xx will consume a lot more memory than 1.6.0_x does. In fact JDK 1.5.0_xx will even consume more memory than allowed, resulting in … yep, you guessed it: heavy loads and application crashes.

iPhone: Admin’s Best Friend?

So there I was, playing with the currently “most wanted mobile phone on earth”. Game over now, the iPhone is back with Apple. Now, what did I take from playing with it? First, it’s addictive as hell. Totally. Once you’ve got your hands on it for more than five minutes, you really so want one. Second, without a good service plan, it’s only half the fun. With Internet access being so easy you’ll want to use it. Anytime, anywhere. Third, it’s not fit for hardcore admin use – yet. That’s because it lacks two features I absolutely need: Skype and an SSH terminal. Both of which may show up in time now that the SDK is available. Still, it makes me wonder that Apple built VPN capabilities into the phone but didn’t offer an SSH terminal. Sure, you could install one by jailbreaking the iPhone but I didn’t want to do that to an eval unit. This hurts even more since I found out that I could really use the onscreen keyboard – something I wasn’t really sure about before testing the iPhone.
So, for now it’s still the BlackBerry for me. But maybe, I will have another look in 60 days. If I weren’t an admin, I’d run not walk to get an iPhone.

iSCSI Target Support for ReadyNAS updated


UPDATE: Instead of writing ever new blog posts, an always up-to-date page for the iSCSI Target Support for ReadyNAS is now available.


Since the iSCSI project has released a new stable version I felt it was time to upgrade the iSCSI Kernel Modules and Utilities for ReadyNAS. Klicking on the link will give you version 0.4.16 which contains the following changes:

{openx:6}

  • fix overzealous assert() in digest_data()
  • add checking on return value of ISCSI_PARAM_GET
  • 2.6.22, 2.6.23 and 2.6.24 compile fixes
  • add conn->rwsize check
  • avoid potential NULL-ptr dereferences in rx and tx buffer
  • fix the shell syntax in init scripts
  • fix digest endieness on LE archs
  • fix SPARC alignement issues
  • fix DISTDIR in Makefile for /etc install
  • add support to nullio for volumes > 2TB
  • remove init.d memory size adjustment
  • add error code reporting to blockio_open_path
  • blockio gen_scsiid bug fix
  • add verbosity to kernel output and task management

Installation is the same as described here with one exception: The supplied configuration example is now named /etc/ietd.conf.sample, so installing the version won’t overwrite an existing configuration file. On a fresh install you’ll have to rename the example configuration to /etc/ietd.conf before you can actually use the iSCSI target support.

Tuning the Sun: Fiddling with the TCP/IP stack

Well, it’s over one and a half years that I first posted some hints about tuning the performance of a Sun web server. Now it seems that I found what looks like the optimum settings for the machines I’m currently watching over:

tcp_conn_req_max_q               1024
tcp_conn_req_max_q0              10240
tcp_rexmit_interval_min          2000
tcp_ip_abort_interval            600000
tcp_ip_abort_cinterval           60000
tcp_keepalive_interval           3600000
tcp_time_wait_interval           30000
tcp_fin_wait_2_flush_interval    67500
tcp_smallest_anon_port           8192 

That’s mostly consistent with what Jens S. Vöckler writes on his site, just a bit more condensed.

ReadyNAS goes iSCSI


UPDATE: Instead of writing ever new blog posts, an always up-to-date page for the iSCSI Target Support for ReadyNAS is now available.


iSCSI target on the ReadyNAS

As much as I like the ReadyNAS, there’s one feature I’ve been missing since day one: Being able to define an iSCSI target. Well, since the code is out there, I set about to make it work on the ReadyNAS. Luckily, there’s now some sort of development kit available, and for I had a spare ReadyNAS unit to break, there was nothing to stop me. To cut a long story (with many gory details) short: Mission accomplished.

Continue reading