Tag Archives: networking

IPv6 bei Strato mit Debian “Jessie”

Nach dem Upgrade eines meiner Server bei Strato auf Debian “Jessie” funktionierte auf einmal das Routing von IPv6 nicht mehr. Schuld ist wohl, dass Strato den Eintrag fe80::1 als Default-Route verwendet, was unter Jessie anscheinend nicht mehr so einfach möglich ist. Funktionieren tut es bei mir jetzt wieder mit diesem Eintrag in /etc/network/interfaces:

iface eth0 inet6 static
    pre-up modprobe ipv6
    address 2a01:238:429c:2900:dead:beef:2bad:4dad
    netmask 128
    gateway fe80::1
    post-up ip -6 route add default via fe80::1 dev eth0

Wichtig ist dabei die letzte Zeile. Sie weist das Betriebssystem an, das Default-Gateway über das Interface eth0 anzusprechen und nicht – wie es das normalerweise tun würde – über lo.

802.11ac: weniger ist eben doch manchmal mehr

Dank der baulichen Gegebenheiten (Stahlbeton) hatte ich bislang immer mindestens zwei WLAN-Router in Betrieb – pro Etage einen. Nur so war durchgängiger WLAN-Empfang zu gewährleisten. Dank ständiger Aktualisierung der Hardware war bislang noch 802.11n das Maß der Dinge. Seit einer Weile arbeitet hier aber auch ein Router, der das neue 802.11ac unterstützt: ein Belkin AC1200.
Und mit dessen Einzug fingen dann auch die Probleme an. Clients verloren immer wieder die Netzwerkverbindung, gelegentlich ließ sich gar keine Verbindung aufbauen und viele Ärgernisse mehr. Die Lösung war aber so einfach, dass ich zunächst gar nicht drauf gekommen bin: Einfach den zweiten WLAN-Router abschalten. Der AC1200 deckt problemlos alle Stockwerke ab, auch durch die Betonmauern. Damit wäre für mich zumindest belegt, das 802.11ac tatsächlich eine bessere Reichweite hat als seine Vorgänger. Und Strom für den zweiten Router spare ich auch noch. Fein.

Astaro ASG as OpenVPN Access Server client

Just about four weeks ago I posted about the resurrection of the .ovpn to .apc converter script. In the meantime Alois told me in the comments that while this was nice it didn’t work for current versions of the OpenVPN Access Server and the .ovpn files it creates.

Well, since there’s been nothing much else to do I did some more work on the script and I can now happily say that it now also converts the new .ovpn format to an .apc the Astaro can understand. Unfortunately, there’s a little catch: the OpenVPN Access Server relies on ‘tls-auth’ for client connections and the Astaro neither knows of that concept not provides a method to import the needed key file. So I had to do some creative manipulation to make the Astaro do my bidding to include the necessary config statements. In addition, you will need to manually copy the key file to the Astaro to make everything work as expected. To make things as easy as possible, the script will tell you what to do.

If you’re interested, check out the latest version of ovpn-to-apc.sh on Gitorious. If it works for you, let me know. If it doesn’t, let me know, too.

Kleine Erfolgserlebnisse

Vorher

Check name    Uptime    Downtime    Outages   Response time
#######       58.54%    9h 57m 02s    189      9649ms

Nachher

Check name    Uptime    Downtime    Outages   Response time
#######       100.00%   0h 00m 00s     0        647ms

.ovpn to .apc Converter Revisited

The Astaro Security Gateway (ASG) is a great firewall and remote access solution. The only flaw of it being that Astaro, too, tries to build a walled garden around their suite of products. One major drawback here is that while the ASG has outstanding capabilities as a remote access server, there’s no easy way to use it as a client to connect to an OpenVPN SSL server. The main show stopper is that the ASG expects to get all it’s connection information from a .apc file while OpenVPN at best provides a .ovpn file which has a completely different structure.
Back in 2009 Patrick Schneider provided a simple bash script that would convert .ovpn files together with the needed certificates and key files into a .apc file the ASG could read. Unfortunately the script stopped working with newer ASG releases. Since I needed the functionality for a current project, I resurrected the code, polished and updated it a bit. The result can now be found on Gitorious: the new OVPN-to-APC converter script. Feel free to clone and enhance.

Update: Just pushed a new version to Gitorious that now handles the new .ovpn format provided by the OpenVPN Access Server as well.

Nginx + Dokuwiki and nice URLs

After almost tearing my hair out while trying to get those two to fully work together, I found the solution in the end. While most of the things that can be read here and there are right and true, all solutions I found one the web have one problem: After activating nice URLs in Dokuwiki, you won’t be able to use ACLs anymore with Nginx as the web front end.
The solution is quite simple, there’s an additional global rewrite needed:

rewrite ^/?$ /doku.php last;

The reason being that if you rely on “try_files” doing the right thing, it will do what you want for normal pages. But it will trigger a 302 redirect for admin pages, thereby losing all the POST data that should have been sent. Using the rewrite will keep the POST data and thus make the ACLs editing work again, even with pretty URLs.

Best Summing-up of Google’s new Search App for iPad

Yep its great and now they can move on to a decent Google+ app for iPad.
–Carlos Rodrigues

[ More ]

The Day The Routers Died

Can’t believe I missed that.

I especially like the part about “those who stay silent”.

Connect a Mac to a Minolta 2490MF

This isn’t a very common problem but since the solution is simple, it may come in handy. Konica-Minolta is one of the rare companies that doesn’t provide Mac drivers for at least some of their printers. Luckily enough not all of their printers are manufactured by Konica-Minolta either. So to print on a MagiColor 2490MF simply install the printer drivers for the Xerox 6115MFP. Works great via both, USB and network connection.

Make your ReadyNAS a Wake-on-LAN Hub

Today an interesting request came up in the ReadyNAS forums: Would it be possible to build an add-on that could send Wake-on-LAN (WoL) packets to any host on your local network? You bet it is ;) Took me a bit time to fiddle in the password protection but here you go:

Version for the x86 ReadyNAS line: ReadyWOL_0.1-readypro-0.1.3.bin
Version for the Sparc ReadyNAS line: ReadyWOL_0.1-readynas-0.1.3.bin

After installation you can wake any machine on your LAN by requesting a special URL from your ReadyNAS. And once you’ve properly configured your router, you can even wake up machines while you’re on the road.

Dropbear for ReadyNAS (Sparc)

DropbearUsing SSH to connect to the ReadyNAS has many advantages for the experienced user. However, OpenSSH is kind of a resource hog which is especially true when being used together with rsync. To make rsync over SSH run a bit smoother I decided to replace OpenSSH with Dropbear on my Sparc line of ReadyNAS boxes. So here’s the latest addition to my add-on collection:

DropbearSSH_0.52-readynas-0.1.1.bin

Neuer Rekord für “Skype for Mac (beta)”

Gerade eben hat die neue Skype for Mac (beta) einen neuen Rekord in der Kategorie “kürzeste Verweildauer auf meinem Mac” aufgestellt. Installieren, Starten, Gruseln, Runterschmeissen – das war alles in weniger als 60 Sekunden durch. Die neue “Schaltzentrale” ist für mich total unbrauchbar. Skype for Mac beta - Main Screen
Es interessiert mich nicht, wann ich zuletzt mit wem aus meiner Kontaktliste gechattet habe – was übrigens neben “ich schick’ mal schnell die Datei” meine Hauptanwendung von Skype ist -, aber ich muss alle meine wichtigen Kontakte im Schnellzugriff haben. Naja. Die alte 2.8.0.863 wird ja hoffentlich noch ‘ne Weile funktionieren.

P.S.: Ich bin da nicht allein

SABnzbd and Python on the ReadyNAS

Since many ReadyNAS users seemed to have problems getting SABnzbd to run on their ReadyNAS, I decided to give it a try. The result:

To make those work, Python must be installed on the ReadyNAS as well. As usual, there’s Python for ReadyNAS (Intel) and Python for ReadyNAS (Sparc). Setup instructions:

Continue reading

Belkin PlayMax Saves The Day

Belkin PlayMax Router - not a beauty but has powers within ;)
Today seems to be one of these days again. Just when I started working on some projects my wireless router died. LuckilyBelkin has sent me a PlayMax router just a couple of days ago so I decided to use that one as a drop-in replacement. Installing the hardware was a breeze since all cables were already attached. Connecting to my home network only required to plug in one additional network cable. I skipped configuration and used the credentials provided on the card attached to the router to connect to the wireless network. No problems there either so I was up and running again in under five minutes. Nice: from my first judgement the PlayMax has an enhanced coverage zone. Signal strength on my Macbook Pro is a lot better than with the old WLAN router. So my first impression is very positive, we’ll see how it plays out in the long run.

{openx:6}

Building A 64-bit Resin On Solaris 10 Using SunStudio 12u1

This has been bothering me for quite some time. Resin is one of the best application servers I’ve come across. But to get the best performance out of it, you need to recompile it for your platform. While this is no problem on Linux it never quite worked out on Solaris for me when using SunStudio 12. But now I finally made it happen. Here’s how.
Continue reading

Dnsmasq for ReadyNAS (Sparc & Intel)

Two things I’ve always missed on the ReadyNAS were a DNS server to serve my local network and a fully fledged DHCP server allowing me to assign IP addresses to my machines based on their MAC address. Dnsmasq can do both and more. It even integrates a TFTP/BOOTP/PXE server to boot diskless machines off the network. So I dived into the realms of add-on programming again and baked some add-ons ;)

Continue reading

iSCSI Enterprise Target 1.4.20.1 for ReadyNAS (Sparc)

And yet another update: Took me some fixing of the sources but I finally was able to build a new release of the iSCSI Add-On for ReadyNAS. This release adds a lot of stability fixes of which mainly Solaris and Windows users will profit.

Get it here: iSCSItarget_1.4.20.1-readynas-1.0.3.bin (ReadyNAS Sparc only!)

Continue reading

WebSVN 2.3.1 for ReadyNAS (Sparc & Intel)

Since I was already updating the SVN stuff for the ReadyNAS line I thought I might as well upgrade the WebSVN add-on. So here we go:

ReadyNAS NV(+)/Duo/1100/X6: WebSVN_2.3.1-readynas-1.0.0.bin
ReadyNAS Pro/NVX/2100/3200: WebSVN_2.3.1-readypro-1.0.0.bin

Continue reading

Subversion 1.6.11 for ReadyNAS (Sparc & Intel)

Since I had some spare time I decided to upgrade my Subversion add-on for the ReadyNAS line. For a complete list of changes since the last version (1.6.6) see the official changelog.

Downloads:
For ReadyNAS NV(+)/Duo/1100/X6: subversion_1.6.11-readynas-1.0.0.bin
For ReadyNAS Pro/NVX/2100/3200: subversion_1.6.11-reaypro-1.0.0.bin

Continue reading