January 16th, 2014 | Categories: Hardware, Linux, Personal

Today I had to reinstall my gateway/firewall but I no longer had blank CD’s.

I usually prefer to use a USB key but the asg-9.x.iso from Sophos has some issues with this.
I fixed it in a few minutes by comparing the mounts in a VM when booting from an ISO and the mounts when booting from USB.

The problem is that the installer only tries to mount the cd rom and not USB keys to /install.

  1. download the iso
  2. download rufus usb tool
  3. write the iso to the USB using rufus
  4. boot from the usb key
  5. hit ‘return’ to start the installer
  6. hit ‘ALT+F2’
  7. find the device name for your usb key (dmesg | grep sd)
  8. mount the usb on /install (mount /dev/sdb1 /install)
  9. hit ‘ALT+F1’ to return to the install
  10. installer will now work

Hopefully this is useful.

July 23rd, 2013 | Categories: Linux, Solaris, Technology

It’s been a while again! Today I will briefly talk about qemu(-kvm) and connecting to it using unix sockets with minicom.

Why is this useful and cool? Well you can connect to a linux vm without running a shell and still get the full console experience! (BDS, Solaris,… all should work)

I won’t dig deep into qemu, I will assume you are at least somewhat familiar with it.
All you need to do is add the following flags to the command you use to start your VM.

# qemu-kvm ... \
-chardev socket,id=monitor,path=/srv/kvm/${VMNAME}/run/monitor.sock,server,nowait \
-monitor chardev:monitor \
-chardev socket,id=serial0,path=/srv/kvm/${VMNAME}/run/console.sock,server,nowait \
-serial chardev:serial0

Basically we define 2 character devices of the type socket with ID’s monitor and serial0, we also specify where we want qemu to create the actual unix socket. In my case monitor.sock and console.sock in /srv/kvm/test/run.

You can then connect to them using minicom.

# cd /srv/kvm/test/run
# minicom -D unix\#console.sock

Depending on the distribution you are using you need to enable the login prompt on serial0.

You may also wish to add the following to your kernels boot options in grub.

console=tty0 console=ttyS0,115200n8

This will make the kernel print all it’s message to tty0 (screen) and to ttyS0 (serial0), the bit behind it is the baudrate, best to leave it at the default.

You should now be able to get a console using minicom. You can also connect to monitor.sock which will give you the qemu console, you can do all kind of cool stuff there.

You can take this a step further, you could use socat to expose the socket over tcp and then create a socket on another system that connects to that port! (Note this is NOT encrypted! So passwords are at risk)

qemu host machine:

# cd /srv/kvm/test/run
# socat tcp-listen:666,bind=10.123.0.5,su=nobody,fork,range=10.123.0.0/16,reuseadd unix-connect:console.sock

Note: for security we bind to our LAN address only and limit the range of allowed connections.

other machine:

# cd /tmp
# socat unix-listen:/tmp/console.sock tcp4:10.123.0.5:666 &
# minicom -D unix\#/tmp/console.sock

I hope this has been useful!

June 21st, 2013 | Categories: Networking, Personal, Solaris, Technology

It’s been a while since I posted but I only recently started tinkering with things again in my free time.
I travel a lot now for work so I spend some lonely nights in hotel rooms with no internet. I have time to play.

Anyway, I wanted to host a repository for OmniOS because I’m preparing to switch from OpenIndiana. I have some resources free on my ESXi server I have at OVH.

OVH has this strange network thingy called vmac, you essential configure your NIC in ESXi/OpenVZ with a predefined MAC address and do some strange configuration on your guest OS. It boils down to you configure a /32 on the interface. Then do some routing to get it to work. You essentially send the traffic to your ESXi hosts gateway.

It took me some tinkering to get it to work but here is how I did it. (It applies to both OmniOS and OpenIndiana, most likely other Illumos based distro’s also)

Configuring the IP

# ipadm create-if e1000g0
# ipadm create-addr -T static -a 172.16.104.233/32 e1000g0/v4
# ipadm show-addrprop e1000g0/v4

Nothing particular special here. However in the beginning I made the mistake of adding a vnic to e1000g0 and using that instead of the actually device. This had as result I was not using the OVH provided MAC address! (which does not work)

Remember to replace 172.16.104.233 with the failover ip form OVH and make sure to use /32.
Also make sure to check if the broadcast address is the SAME a your failover ip else stuff won’t work.

Setting up the routing

# route -p add 10.16.0.0/24 172.16.104.233 -interface -ifp e1000g0
# route -p add default 10.16.0.254 -static

Here it gets a bit tricky. Since we cannot reach the default gateway we need to add the network and tell the OS that is is also attached to e1000g0. The first lines accomplishes this. Then we add the default gateway as normal.

Make sure to use the network that your ESXi box is using, it is most likely an entire different network than your failover ip. The gateway for the route should be set to your failover ip, we also tell it to use e1000g0 as outgoing interface.

That’s it. At this point you should have a connection to the internet. Now all that is left is to configure the DNS client, NTP and whatever else you need.

Hopefully this is useful for somebody.

Comments Off on Running OmniOS/OpenIndiana under ESXi hosted at OVH
March 13th, 2013 | Categories: Personal

I’ve now moved to Mons. I still have some work to do in the apartment like hide my cabling mess. (Suggestions on where to find cable sleeves in Belgium are welcome.)

I’m pretty good and actually am more busy now in the weekends so I have less time to blog and play around than I like. But eventually I’ll go back to blogging.

Currently I have a few ideas as to what to write about. I will do them in whatever order I feel like but I would be open to do one first if there is demand for it.

[_] blog tigervnc + ssh forwarding
[_] solaris

[_] network configuration basics
[_] vnic and trunks and vlans
[_] ipv6 the dark side
[_] CIFS/ACL
[_] iscsi
[_] kvm

Regards

Hope to be more active soon!

Comments Off on Moved, busy with work and Life
January 3rd, 2013 | Categories: Personal

First of all I’d like to wish all my visitors a good 2013, may all your wishes come true.

I’m still very busy getting things in order for my move and start of my new Job on Monday! I also got a pretty nice Christmas card from CustomSLR! I was very surprised by that, even more so when I opened it! Not tried them yet but will on my next trip. These guys are seriously awesome!

CustomSLR Xmas

Comments Off on Happy 2013
November 18th, 2012 | Categories: Uncategorized

A lot is happening right now, I hope to have my life stable again early next year.
Change is coming, but good change!

However due to this I’ll have to part with my dell T410, it is a pretty basic server. So no PERC raid controller. Just the case, CPU, memory and motherboard. No drives included.

I’m giving it away to anyone who wants to pick it up, I’m in the Antwerp area.

Comments Off on I’m still around, but very busy…
October 31st, 2012 | Categories: Personal

I’m still around, but a lot is happening in my personal life at the moment.

I keep ending up with little time to spend on blog articles, it’s not that I don’t have ideas, I have a few actually. I just don’t have the time.

I’ve updated some bits here and there on the wiki. So also check out stuff on there.

I’ve also received a message that someone can’t access my site using chrome on windows, any body else have this issue?
Works fine for me on linux, mac and windows vista/7 with chrome.

Regards

Comments Off on Still around but a lot I happening
September 21st, 2012 | Categories: Personal, Solaris, Technology

I’ve been busy lately with various things. Can’t give a detailed update about it for now.
I have been slowly working my way through parsing my notes from my NAS installation and pulling useful snippets out of it. This was made more difficult due to my servers being offline due to a faulty 3-port NIC.

If you hit the solaris section of the wiki. You will see some new stuff, most are related to networking and one about changing your keymap.

I hope to continue expanding this as I continue to parse over my notes.

I did get a nice surprise in the mail this week! Deirdré from Joyent send those! I forgot that she mentioned she would so they came as a total surprise.

Thank you Joyent/Deirdré!

Comments Off on Solaris wiki, SmartOS T-Shirt
September 11th, 2012 | Categories: Linux, Networking, Technology

For work I was migrating an old undocumented reverse proxy configuration from 2.0 to 2.2. It contained some old perl scripts nobody understood and some strange bits here an there.

Long story short I started from scratch. I ran into the usual problems like redirects and hyperlinks being broken if they use full self referencing URL’s.

As it happened one of the perl scripts was there to fix those, it was ugly, unreadable and not very efficient.

Ofcourse I first had to deal with the redirects not working, this is easily fixed using ProxyPassReverse

ProxyRequests off
ProxyPass               /       http://jms1:7801/
ProxyPassReverse        /       http://jms1:7801/

I would have liked to have used a Location container but it was not allowed too.

This however still leaves urls inside the html, css and javascript files.
My original attempt was to do this using mod_proxy_html which worked fine, however due to it slightly reformatting it broke the 3 out of the 4 applications. I have no control over them so I had to scrap that idea.

Not wanting to go the perl route again I remembered playing with mod_substitute. After some initial issues I got it working fine. It is a bit more aggressive than mod_proxy_html but it is acceptable.

FilterDeclare DN_REPLACE_URLS
FilterProvider DN_REPLACE_URLS SUBSTITUTE resp=Content-Type $text/
FilterProvider DN_REPLACE_URLS SUBSTITUTE resp=Content-Type $/xml
FilterProvider DN_REPLACE_URLS SUBSTITUTE resp=Content-Type $/json
FilterProvider DN_REPLACE_URLS SUBSTITUTE resp=Content-Type $/javascript
FilterChain DN_REPLACE_URLS

Substitute "s|http://jms1:7801/|/|in"

Hopefully this is useful for somebody else too.

Comments Off on Reverse Proxy and Hyperlinks
September 8th, 2012 | Categories: Hardware, Personal, Technology

I bought myself an Acer Aspire V5-571G, to replace my aging netbook. I ended up going for Acer’s low-end ultrabook because it was only around 35 EUR more expensive than a AMD Fusion netbook, it comes with and i3 with IGP and an additional GPU. So bang for buck it was a clear winner.

I know when I got Acer the build quality is not that great, but for the price I payed and my intended abuse it was a bargain.

So if you are looking for a cheap ultrabook but don’t mind plastic construction and a not so great keyboard, check it out.

I plan on running Windows 8 on it to play around, then I will probably try and get Solaris to run. Lots of fun to be had in the future!

Comments Off on Acer Aspire V5-571G