"; */ ?>

hardware


21
Jan 09

That Hardware RAID is FAKE!

Hardware RAIDUbuntu community is straight up about the fact that in the last few years, a number of hardware products have come onto the market claiming to be IDE or SATA RAID controllers. These have shown up in a number of desktop/workstation motherboards. Virtually none of these are true hardware RAID controllers. Instead, they are simply multi-channel disk controllers combined with special BIOS configuration options and software drivers to assist the OS in performing RAID operations. This gives the appearance of a hardware RAID, because the RAID configuration is done using a BIOS setup screen, and the operating system can be booted from the RAID.

If I read it in the news or just while browsing the net, I would not even pay attention, but…

Recently I had to setup a RAID5 on one of the P5 ASUS motherboard on Ubuntu Intrepid with 4 hard drives, 1 TB each . Let me tell you – it seems very “straight up” (like a shot of stoli), but it really is NOT..

Motherboards, like ASUS would claim to have a controller where you can configure a single RAID volume in the BIOS at the “Hardware” level. That is exactly what I tried at first, cause that just makes sense, right?

Well, it appears that this Asus RAID is not in any way “hardware”, therefore Ubuntu installation, sees all 4 drives instead of a single volume, as it should have, in case of a true hardware RAID controller.

So when Intrepid tries to create a Software RAID, out of these 4 drives, it fails, due to the reason that one layer of software RAID is already there – created by Asus.

To solve the problem Asus Raid configuration needed to be wiped out, and the “RAID” option in BIOS for SATA/SCSI should be disabled. Only then Software RAID can be manually created in Ubuntu. Manually, means answer “no” to “Activate Serial ATA RAID devices?” question, and go partition them away manually:

(just an example of a random Ubuntu install screen while configuring RAID1)

configure software raid in ubuntu

Then choose “Configure software RAID”, and create all the multidisk devices (“Create MD device”) from available volumes.

And watch out “that RAID is fake!”. Make sure you do enough research beforehand, to really make sure that the motherboard/controller that has a “Hardware RAID” support in specifications does in reality goes to the metal.

Good luck!


2
Oct 08

Configure Multiple SSIDs with One Router

One Router Multiple SSIDsA standard “home setup” for the wireless router now days consists of just hosting one Service Set IDentifier – or SSID. And if only a year ago that could seem as a router (firmware) limitation, right now using multiple SSIDs with a single wireless router is just a matter of re-configuration.

Below is a simple guide on how to configure a single affordable (from $25 and up) router, that is available to anybody, to host multiple (up to 16 – at the moment of writing) SSIDs using DD-WRT firmware. In order to install the firmware on the router, follow the official DD-WRT Installation Guide.

Below step-by-step howto is good for any routers that could be found on DD-WRT supported hardware list. Which includes pretty much any “home” router that is out there. Given that DD-WRT is installed, let’s move on to configuring it to host multiple SSIDs.

First let’s look at what we would like to archive as our “end goal”:

Multiple SSIDs by several wireless VLANs served by one router

So what we would like to have is:

  • One router with DD-WRT firmware installed, that hosts 2 (in this example) SSIDs: “Home” and “Guest”

  • Two VLANs where one network (VLAN1) can “see” another (VLAN2), but not other way around.
    What that means is that all “Home” clients (computers that are connected to “Home” SSID) can see (ping/connect to/etc.) “Guest” computers, however none of “Guest” clients can see “Home” computers. (this is a matter of configuration, and can be configured differently, depending on what you need)

Step 1. Setup DHCP server for the “Home” (main) network.

As you can see from the “end goal” diagram above, the “Home” SSID (or VLAN1) has a 10.2.1.0 subnet, and its DHCP client addresses start from 10.2.1.100. Hence that is what needs to be configured on DD-WRT’s “Setup -> Basic Setup” screen (the “Router Local IP” should be set to 10.2.1.1 which would dictate the subnet to be 10.2.1.0):

DD-WRT - DHCP settings

Note that “10.2.1.0” is just an example – you would want to use something that is appropriate for your network – e.g. “192.168.1.0”

Step 2. Setup wireless networks (SSIDs).

Now we need to create two wireless networks – one main network (e.g. “Home”), and one virtual network (e.g. “Guest”). For that go to DD-WRT “Wireless -> Basic Settings” screen:

configure wireless networks with dd-wrt

Enter a desired name for “Physical Interface’s -> Wireless Network Name(SSID)” (this is going to be the main network). You can also stick to the “end goal” diagram above, and enter “Home”.

After that is done, click “Add” to add a “Virtual Interface” and enter its SSID name as well (e.g. you can enter “Guest”). Make sure that the “Network Configuration” is set to “Bridged” as shown on the screen in this step.

Step 3. Configure wireless network security.

In the previous step we configured two wireless networks, now let’s secure them. We will use 128 bit WEP algorithm for both of them due to the reason described in “Step 5”. To accomplish this go to DD-WRT “Wireless -> Wireless Security” screen:

configure wireless security with dd-wrt

Choose “WEP” for “Security Mode”, 128 bits for “Encryption”, enter “Passphrase” and click “Generate” button.

Do it for both networks (Physical and Virtual Interfaces)

Step 4. Setup a virtual interface, and its DHCP settings.

Now we will set the bridge for the virtual network – “Guest” (or VLAN2) from the “end goal” diagram above. For that go to DD-WRT “Services -> Services” screen:

Configuring DNSMasq and DHCP for virtual network

Find “DNSMasq” section, enable “DNSMasq”, and in “Additional DNSMasq Options” enter:

interface=br1
dhcp-range=br1,192.168.2.100,192.168.2.149,255.255.255.0,1440m

This would create a DHCP server for the virtual (“Guest”, VLAN2) network.
“192.168.2.100” is again – just an example, you can use any subnet that suits your needs.

Step 5. Setup firewall rules and a startup script.

This is the most complex step, that makes many network administrators confused, and regular people to give up on DD-WRT multiple SSID configuration. But don’t worry :) – below is a “copy/paste”, working deal.

Go to the DD-WRT “Administration -> Commands” screen:

Setting up firewall rules and a startup script for multiple SSIDs - DD-WRT

Enter the following firewall rules to the “Firewall” section:

##BRI1
iptables -I INPUT -i br1 -m state --state NEW -j logaccept
iptables -I FORWARD -i br1 -o vlan1 -m state --state NEW -j ACCEPT
 
#below keeps the two networks from talking
iptables -I FORWARD -i br0 -o br1 -j logdrop

Enter the following commands to the “Startup” (it is a startup script that executes when the router starts up):

##MOVES VIRTUAL WIRELESS TO OWN BRIDGE
brctl addbr br1
brctl delif br0 wl0.1
brctl addif br1 wl0.1
ifconfig br1 192.168.2.1 netmask 255.255.255.0
ifconfig vlan2 up
brctl addif br1 vlan2
ifconfig br1 up
 
##FIX NAS. Here NAS is disabled, cause it is NOT used for WEP, and these wifi networks will use WEP (for now)
killall nas
nas -P /tmp/nas.wl0lan.pid -H 34954 -l br0 -i eth1
nas -P /tmp/nas.wl0.1lan.pid -H 34954 -l br1 -i wl0.1

Here is where it gets interesting… Remember in “Step 3”, when configuring wireless security, we chose WEP? That was done because the current DD-WRT firmware “v24-sp1 (07/27/08) micro”, that is used at the moment of writing, has a bug in starting NAS, which is a proprietary binary tool that sets up dynamic encryption (WEP/WPA) on wireless devices.

UPDATE (12/22/2008):
           Tried "v24-sp2" (09/26/08 std - build 10431M VINT Eko) for WRTG54GL v1.1 router -
           WPA worked with multiple (tried 2) SSIDs.

In a startup script above, we start NAS in “vanilla” mode for “eth1” (the main network) and for “wl0.1” (guest, virtual nework), and therefore we are using WEP for both networks.

The only line from above startup script that you might want to change is:

ifconfig br1 192.168.2.1 netmask 255.255.255.0

Here “192.168.2.1” is, again, an example, so if you chose a different subnet for the virtual network (br1), you should enter it instead.

DONE!
Now you can save all the changes and restart the router. You should be good to go!
If you have any questions or comments, you are welcome to address them below in the “comments” section.


29
Sep 08

Sure Way to Restart a Wireless Network

linux penguin is watching windows fly

While wireless signal is good, the network is dead – why is that? Many reasons, of course. You can spend time to figure out the reason and then try to fix, which is a good approach, but requires some time. Or you can restart the network to see if it resolves the issue, and if it does – forget that the problem ever existed.

However the way to restart a wireless network is not always “black and white”. Sometimes it is possible using GUI, and sometimes by typing something that means “network service restart”. And yes these ways are “clean”, but have a drawback – they rely on operating system to do what it suppose to do and restart the network.

However, OS does not always behave (yes, Linux does not always behave, along with Mac, and Windows, and “any” OS.. ). But here is a sure way to restart it – you would need to get down to the driver level though – to be less OS (or distribution) specific. But I’ll guide you through, don’t worry..

So, the signal is full/good/strong:

wireless signal is good
but there is no network:

$ ping -c 4 google.com
ping: unknown host google.com

First thing to do is to see what wireless card you are using:

$ lspci | grep -i network
08:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG Network Connection (rev 02)

In my case it is Intel 3945ABG. Next, check what driver is used for this card. I did a simple google search, and saw that the driver is “ipw”something.

Let’s see what ipw-like modules/drivers are currently running/loaded:

$ modprobe -l | grep ipw
/lib/modules/2.6.20-17-generic/kernel/ubuntu/wireless/ipw3945/ipw3945.ko
/lib/modules/2.6.20-17-generic/kernel/drivers/usb/serial/ipw.ko
/lib/modules/2.6.20-17-generic/kernel/drivers/net/wireless/ipw2200.ko
/lib/modules/2.6.20-17-generic/kernel/drivers/net/wireless/ipw2100.ko

Here it is “ipw3945”. Let’s kill it (-r stands for “remove”):

$ sudo modprobe -r ipw3945

Let’s start it back up:

$ sudo modprobe ipw3945

Checking connectivity:

$ ping -c 4 google.com
 
PING google.com (64.233.187.99) 56(84) bytes of data.
64 bytes from jc-in-f99.google.com (64.233.187.99): icmp_seq=1 ttl=238 time=43.3 ms
64 bytes from jc-in-f99.google.com (64.233.187.99): icmp_seq=2 ttl=238 time=28.9 ms
64 bytes from jc-in-f99.google.com (64.233.187.99): icmp_seq=3 ttl=238 time=27.7 ms
64 bytes from jc-in-f99.google.com (64.233.187.99): icmp_seq=4 ttl=238 time=34.7 ms
 
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 27.742/33.685/43.323/6.165 ms

Perfect!


6
Aug 08

Speed Up Ubuntu Boot Time by Starting Networking on The Background

Ubuntu Boot Up TimeIt is quite a simple change but it makes an Ubuntu laptop to boot 2-3 times faster! What takes the most time during boot in Ubuntu (and many other Linux distros) are DHCP discovery and DHCP timeout that are run by networking startup scripts. This of course can be solved with tweaking the timeout or just configuring a static IP, however this solution is not all that elegant, just because “What if the system needs this particular timeout?” or “What if it is a laptop, and it’s IP cannot be static?”

The idea to solve this is simply to take an advantage of concurrency. So instead of all other boot scripts to wait on the networking script(s) to finish its discovering and “timeouting” during a system boot, these network script(s) could be started in parallel, as separate child processes. This will speed up boot time, since the system should no longer wait on the “networking” to finish.

One thing to understand here, is that networking is not taken out of the boot process – it stills belongs to it (it is its child), and it would still run, and would do its important job – the difference is it would do it in parallel.

Here are two easy steps on howto archive this in Ubuntu (it can be applied to pretty much any Linux/Unix distribution, however the scrips/locations will/might be different) :

Step 1. Find network startup scripts:

cd /etc
 
user@host:/etc$ sudo find . | grep network
./rcS.d/S40networking
./init.d/networking
./network
./network/.interfaces.swp
./network/if-post-down.d
./network/if-post-down.d/avahi-daemon
./network/if-post-down.d/wireless-tools
./network/if-post-down.d/wpasupplicant
./network/interfaces
./network/if-up.d
./network/if-up.d/ntp
./network/if-up.d/clamav-freshclam-ifupdown
./network/if-up.d/ntpdate
./network/if-up.d/avahi-daemon
./network/if-up.d/sendmail
./network/if-up.d/avahi-autoipd
./network/if-up.d/wpasupplicant
./network/if-up.d/mountnfs
./network/if-pre-up.d
./network/if-pre-up.d/wireless-tools
./network/if-pre-up.d/wpasupplicant
./network/if-down.d
./network/if-down.d/clamav-freshclam-ifupdown
./network/if-down.d/sendmail
./network/if-down.d/avahi-autoipd
./network/if-down.d/wpasupplicant
./networks
user@host:/etc$ ll ./rcS.d/S40networking
lrwxrwxrwx 1 root root 20 2007-05-20 18:48 ./rcS.d/S40networking -> ../init.d/networking

FOUND IT: In this case the netwoking script that runs on startup is “../init.d/networking”

Step 2. Extract “start” case into a separate method:

user@host:/etc$ sudo vi ../init.d/networking

here is a “start case” in the original file:

case "$1" in
start)
	log_action_begin_msg "Configuring network interfaces"
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 120" || true
	if [ "$VERBOSE" != no ]; then
	    if ifup -a; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	else
	    if ifup -a >/dev/null 2>&1; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	fi
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 15" || true
	;;

let’s modify it by extracting the “start case” into a separate method so it can be run as a background process on the start up:

here is a “start case” in the modified file:

# adding this method so it can be run as a background process on the start up
start_on_boot () {
 
	log_action_begin_msg "Configuring network interfaces"
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 120" || true
	if [ "$VERBOSE" != no ]; then
	    if ifup -a; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	else
	    if ifup -a >/dev/null 2>&1; then
		log_action_end_msg $?
	    else
		log_action_end_msg $?
	    fi
	fi
        type usplash_write >/dev/null 2>/dev/null && usplash_write "TIMEOUT 15" || true
}
 
case "$1" in
 
start)
 
	# start networking on the background, so it does not slow down the boot time
	start_on_boot &
 
	;;

Save the file, reboot and enjoy

DONE :)

Interesting related articles:

making ubuntu boot in 19 seconds
understanding bash fork bomb


15
Jul 08

Forward VNC through SSH

linuxmce screenshotFrequently I need to access my LinuxMCE machine over VNC, due to different reasons (when I am not home, when my Wii Remote batteries died, etc..). Usually SSH solves most of my needs, but sometimes it is very nice to control my linuxMCE box over VNC.

Here I will show you several very easy steps on how to configure your server/client to be able to tunnel VNC traffic through SSH, and be able to control your server in the GUI way :) This approach will work on most systems (not LinuxMCE specific) although here I chose Ubuntu as an “example OS”.

Before we begin, I would assume that:

  • The server already has ssh server installed, if not:
    sudo apt-get install openssh-server
  • If connecting from the outside (like from work to home box), your router’s firewall forwards port 22 to your server’s IP

Here is how it is done:

Server Side Configuration

1. Installing VNC server, here I chose to install x11vnc, but it could be pretty much any VNC server of your choice (TightVNC, etc..):

sudo apt-get install x11vnc

2. Now let’s finish :) our server configuration by running the VNC server:

x11vnc

by default it is going to run without a password, and on port 5900

Client Side Configuration

1. In order to connect to the VNC server, we need to have a VNC viewer installed:

sudo apt-get install xvncviewer

* again, it can be pretty much any VNC viewer of your choice

2. Now the most interesting part of this whole process – enter this command:

ssh -L 5900:127.0.0.1:5900 yourusername@yourserver.com

this tells your system to tunnel all the traffic from the port 5900 on “yourserver.com” to the local (client’s) port 5900 via SSH. Simple, and yet very powerful – a “magic one-liner” :)

3. Fire up another shell on the client side and enter:

xvncviewer 127.0.0.1

do you see a cute colorful square screen? Do you recognize your server’s Desktop?

Done :)


P.S. For LinuxMCE specifically, you should also add a couple firewall rules:

– Go to the LinuxMCE web admin
– From the upper menu, go to “Advanced -> Network -> Firewall rules”

add this three rules:

tcp  	5900 to 5900  	5900  	192.168.80.1             port_forward
tcp 	5900 to 5900 	0 	0                        core_input
tcp  	22 to 22  	0  	0                        core_input

– The first rule allows external network (Internet) to access the VNC server on the Core (LinuxMCE server)
– The second rule allows anybody inside the home network ( since it is not wise to open 5900 port on your router to the whole world ) to have their 5900 port to be forwarded to the Core.
– The third rule (I think you already have it) allows anybody to access LinuxMCE server via port 22 (SSH)

Be careful about the rules above, as I assume that your LinuxMCE server is behind another firewall, cause you really do not want to open 5900 port to the public