Projects

Well, i’ve been very busy reacently, so busy i haven’t had time to blog so heres a bit of a roundup of what’s been going on:

OSPF:

OSPF dynamic routing protocol – me, matt and martin implemented this across our VPNs so that if one of us adds a subnet it’s instantly routable by any of us. Unfortunatly it works on a system of trust – i could add a subnet which is the same as one of matts and all those routes would propagate and really screw up. This sort of happened when some routes which shouldn’t be served were being served so the VPN tried to send VPN packets down it’s own tunnel! Once some filtering was sorted this now works fine and is quite an elegant solution to the problem. It does mean however we have to co-ordinate use of subnets though.

SyncToy:

Now that i’ve moved my desktop back to windows running on the 160Gb RAID-0 array for speed i have put one of the spare 160Gb IDE drives in the same machine as my backup disk. While searching for a backup solution i came across the windows Xp Powertoy – SyncToy, which is actually quite advanced – it supports bi-directional sync of changes/new files etc, one way copies (as backup), a contribute where files from both sides are combined and never deleted and a couple of other options. Running it with the -R flag just runs the backup automatically so i have it set up to run when i log in, though perhaps it should be when i startup instead. I’m also going to use it to sync the music collection on the laptop in the car.

Car Startup Controller:

I have been searching for some time for a mecahnism to auto-boot the laptop in the car, now, this can be done quite simply with a relay, resistors and a couple of capcitors but this is quite inflexible, the problem is that the relay has to close then open again after a short time as you can’t just hold down the power button on the laptop all the time as it won’t boot.

So i used one of the little picaxe microcontrollers – 08M, when it starts up, it waits 60s, closes the relay, waits 1s then opens it again. The best part of this solution is that it is reprogrammable – i can just plug it into my computer and upload a new program.

The Design – just a regulator on the 12v input down to 5v, the 3 resistors to ground on the serial in pin, then a transistor on the output pin with the relay and a protection diode.

Work:

Things have been hectic with all sorts going on, i’ve had 3 major projects to deal with in quite a short space of time -
1. Wrestle with the DirectX SDK to provide recording, playback and live interfacing to AXIS video servers – which use Mpeg4 over RTSP/RTP. Now that i’ve done it, i can now interface with almost any other DirectShow video source with minimal of fuss – simply a matter of changing the filters.
2. Alter the way our VHF recorder uses the windows waveOut/In devices for enumeration and record/playback. We had landed ourselves in a situation where we had a soundcard which had no mixer device – which we were previously using for enumaration and setup and also assumming that the waveOut/In ID was the same as the MixerID which in fact they’re not. So this required some alteration to the way we were using the API. As a side effect it actually makes the program more robust in situations where soundcards arn’t always as expected (one wave in, one wave out and one mixer device)
3. Dongle Licensing Protection – i have designed and implemented a dongle based protection and licencing scheme which will eventually interface into a full customer/order database system.

As well as those, we now have a need for a calandering solution so i looked at Scalix mailserver, but for us, all it really offers over our current setup is the calander, outlook connector and webmail. Since none of us in the office use webmail or outlook it is of limited use. Plus changing the MTA to postfix instead of sendmail didn’t seem all that simple. Instead i setup iCal’s on our WebDAV server which seems to work pretty well using the thunderbird lightning plug in. When i get around to it i’ll set up a private WebDAV area for each of us to use for our iCal plus a public one.

Apart from that there’s nothing much else going on at the mo, i’m moving house in 6 weeks back to manchester which should be…interesting to say the least.

So then! This was not a simple task by any means – the complete lack of documentation didn’t help, both for the modem itself (which it isn’t – it does full NAT also) and for my ISP – *Be (Be Unlimited, Be There).>

So here goes, to configure the modem in bridge mode,

1. Download the latest firmware from linksys
2. On the setup page, go to advanced routing, turn off NAT and switch into Router mode (not gateway), i set the RIP interface to LAN but i don’t think it will make much difference.
3. On the main page, choose ‘Bridged Mode Only’ set VCI to 101, VPI to zero, type is LLC (you need these settings from your ISP)
4. turn off DHCP (this is for static IP configuration) (i understand if you leave DHCP on you get your public ISP assigned IP given out)
5. Save and reboot the router
6. Setup the public interface of your other router/firewall/pc/etc with the static IP settings you got from Be and it should be working now.

This is for RFC1…somthing bridged mode – my ISP does NOT require authentication, if yours does you will most likely have to use PPPoA or PPPoE mode in half-bridge, in which case, you’re on your own, although it should work in a similar manner.
All that did the trick for me and now i have removed that double layer of nat which i really hated, my main routing/vpn box has the public IP direct which is far more elegant.

So then, Christmas has been and (almost) gone, with just the tediousness of new year to go before 2007 finally kicks the bucket. There are a few things to report on as i sit here reflecting on 2007 and all its events. First of all let me deal with Christmas, i have a few new toys to play with which is nice, so i’ll cover them each in turn and why i wanted them in the first place.

Linksys WT54GL Wireless (Cable) Router
This is the chameleon of domestic networking kit – or at least it will be once i install the open source firmware from http://www.dd-wrt.com This is very comprehensive and as well as all the traditional features you expect to find in a wifi router it will add things such as VLAN support, OpenVPN (client and server), wifi power adjust and quite a lot more, transforming this, frankly, cheap (£40) device into somthing which usually costs much more.

Since it has 4 ports of normal switching, i am also going to replace my DMZ switch with it, as this will save a full 700mA draw on the mains power (my last electricity bill was £160).

Linksys AM200 Ethernet Modem (ADSL)
Since i have a seperate server for routing, vpn, dhcp and so on, i wanted to remove the second layer of NAT that current exists between the ISP supplied BeBox router (actually a SpeedTouch 780) this modem *should* (i will explain in a bit) allow me to have the public static IP on the WAN interface of my server – with the modem itself being fully transparent.

I say *should* since on peeking through the config interface, it does actually support NAT, DHCP and whatnot – router features and thats not what i want! On upgrading to the latest firmware, i did notice that you can turn off NAT, DHCP and put it into half-bridge mode, which i think is what i want (i read this as the modem handles connection/auth etc but hands off the public ip to the client pc) But until i get back to the Wirral i can’t try it, hopefully it will ‘just work’ but given how badly ADSL is designed i’m not too hopeful. There are many other options and encapsulations which i don’t fully understand and will need to read about, but more on that when i get back to try it.

Supermicro AOC-SAT2-MV8 8 Port SATA-II PCI-X Card
Obvious really, im going to use it for my new NAS, which i have realised is only 3  disks short – everything else on it i can buy later – case, server HW, backplanes, all i need is a machine (i can dig one up from somewhere) and some disks. However, i have been reading the Sun Solaris Admin Guide for ZFS and RAIDZ (start here http://opensolaris.org/os/community/zfs/docs/) and it appears that it won’t do what i want (i need to speak to Matt as he’s the expert)

Basically i want this: a single RAIDZ array (like RAID5 but better) which i can dynamically add disks to, with the pool storage capacity increasing when it can tolerate the failure of a single drive (like a sort of dynamic RAID5). Then when i want to, be able to replace a smaller capacity drive with a larger one and again have the pool capacity increase when the array can tolerate failure of the largest capacity single drive. Simple eh? Perhaps not, maybe i’m asking too much, it appears you cannot add disks to a RAIDZ array in the future, however you can add arrays or disks to a ZFS pool dynamically, so i could add a 3 disk RAIDZ first, then later on add another 3 disk RAIDZ, then maybe even a 2 disk mirror to end on. It also seems that replacing disks with bigger ones is a possibility in RAIDZ. So it seems to do everything apart from dynamic sized RAIDZ arrays (which, to be fair, can’t be easy – i wan an 8 disk RAIDZ to tolerate a single drive failure, not asking much am i?)

Pioneer DEH-P40MP MP3-CD Car Headunit
New cd player for the car – it means i have been able to remove the other TWO head units that were in there – i had my ‘good’ Sony one which came with the car with its CD player and RDS tuner, then if i turned this unit off, the ‘amp remote’ pin would go low, allowing a relay to close turning on the other headunit, with its rubbish tuner, broken cd player BUT had a 3.5mm jack aux input – which i had the laptop connected to that’s in the boot.

The new head unit, has an aux in on the back (two in fact, one via the IP-BUS but more on that later) which is crystal clear (the annoying buzz when the laptop was off has gone also) As an added bonus the new player comes with an IR remote (must hide that from everyone) and the old wired Sony remote works with the new headunit – i’ll say that again to help the poor people who tried to google for an answer (i didn’t get anything i just had to try it) PIONEER CAR CD HEADUNITS WILL WORK WITH SONY CAR CD HEADUNIT WIRED REMOTES. There we go, all i had to do was plug in the minijack off the remote and all was well.

I’m not done yet though, i came across a project recently which was essentially a multi cd emulator unit – it emulates a cd changer and outputs over RS232 so a PC can talk to it – accepting control commands (play, pause, skip etc) and returning CD-Text and time information. This looked like a good idea – plug into the IP-Bus connector and the laptop – get full control over the music via the headunit – no more pc gamepad in the cubby under the headunit.

However, it was quite a fiddly build, with programming EEPROMs and all sorts, but help is at hand, i found a company called Car2PC (http://indashpc.org/new/adapters/car2pc-pio.html) who makes these adaptors and at £40 ($80) it doesn’t seem all that expensive (add shipping and tax and it gets to be quite a lot but still, i will probably go for it since i don’t really have time to be building one)

This would round off the front end quite nicely with full control available, it would be better with the proper Rover steering controls but getting those is both time consuming and expensive, plus you have to take the airbag out to fit it which i dont fancy to be perfectly honest.

Apart from a few other bits and bobs thats Christmas covered, i’ve also picked up a hardware USB MPEG4/MPEG2 converter (not sure why but it was £9) and an original XBOX (£25) in the hope of turning it into a Media Centre (Center, for our american friends) exetender but this is looking to be a lot harder than it originally seemed – first off the Xbox doesn’t even support VGA output! I have to hack the grapics controller firmware, and make up a custom cable to get it to work (i think i may poke around with the oscilloscope see if i can find VGA somewhere in there, although im sure someone would have documented this already if it was that simple) plus getting the software isn’t easy either, on top of all that the usb ports don’t use proper usb connectors so i cant just plug in my MCE remote to see if it works!

Looking like a bit of a waste of money now really.

New years resolutions, well, let’s see, i have decided to go on a cost cutting drive – im going to be good and not spend money on stuff i don’t need, i want to learn to cook properly – i’d like to host a dinner party in my flat before i have to move out, but we’ll see and im determined to see some of my projects through to completion – my monitoring controller for example, that only requires a few audio circuits to be made before it’s done (then the control but thats almost a seperate project). We’ll see how long it lasts, but so far i think i’m on for a good year – leap years have always been kind to me, lets see if that holds true.

So i am here, writing this with a now working trixbox pbx which i have setup to give me extensions on the 3xx range, as well as trunked to voiptalk.org for my 0560 1050 785 number (extension 300 is me). But, i don’t only have that, i also have a very special trixbox trunk to Matt who has extensions on the 600 and 700 ranges. I can direct dial an extension on his pbx and it goes right through!

But it wasn’t all plain sailing, oh no, the configuration itself became ludicrous in how it did not work although it should. We were referencing from a few different guides and websites, one of which is the notable trixbox without tears http://dumbme.voipeye.com.au/trixbox/trixbox_without_tears.htm which was very helpful.

We had tried it in the past by setting up an extension on the other box for the other user to trunk into (and essentially masquerade to put it into IP routing terms), but now we are using a friend-friend setup, which as far as i can tell is basically a ‘trust’ between the two boxes – with the boxes requiring matching configs to work.

We had the config right – but no, it still would not work, it would appear there is a bug in the version of FreePBX one or both of us has, which probably wasn’t writing the config file correctly, after lots of hair tearing and trying of different configs all of a sudden it magically worked – the authentication/call rejected errors we were seeing went far far away.

A problem which was isolated on my end of the link was down to the parking facility in trixbox, it was using extension 700 as the parking zone, i had to install the parking module, enable it and finally change the extension it uses to somthing low and irrelevent – even though it was never installed to start with! Matt also ran into a similar problem but that was easy to fix since i’d already solved it once.

On another note, i am now home in Cumbria for christmas and very nice it is too – the frost is so hard and cold that the ground is permantly white – almost like we have a light dusting of snow every day, it certainly makes the place look pretty, even if snowball fights are out of the question.

Sorry for the lack of blogging recently – i havn’t really been up to all that much. I have made some headway on my monitoring controller though, just ordered a load more components from RS tonight.

Some stuff is going to have to be re-done (or re-worked, not entirely re-done) but it shouldn’t be too tricky now i know what im doing and have all the right components! Will update soon with some pics i think.

I should write some more about the 2k3/exchange migration, so here goes:

I’m now runnign two exchange servers, my one in the wirral is MX 10 so is reached first, any mail for the rest of the family is autoforwarded to @lewthwaite.no-ip.org so it will go directly to the server at home and be accepted. The server at home is MX 20 for @lewty.org.uk so should my server be down it will go to home, outlook at my end collects my mail via pop3 for any of my mail which ends up on the home server.

It would appear exchange does NOT collect POP mail from other accounts on your behalf?� unless you use a 3rd party connector – which is expensive. This in contrast to somthing like Scalix which will do all this clever stuff for you.

So, finally got my vmware2k3 box up and running!

It has three VM’s (all 2k3) -

DC/DNS/AD
‘Incoming’
Exchange

Ive installed all the latest updates and service packs for the software and it all appears to be running nicely – now.

It took some effort to get my mailbox over from home – the silly exchange migration tools didn’t work, in the end i had to do it the client side way – export a PST backup form Outlook, then import once i’d changed over the server settings in Outlook.

I had to swap over my domain user accounts at the same time as it wouldnt login to exchange on one domain whilst logged into the machine on another (why this should be a problem when its supposed to be using FQDN’s i don’t know)

Bottom line? Make sure you get your AD domain name and Exchange organisation right the first time or you’re in for a lot of hassle if you ever want to change it…

The server is short of ram however – starting the 3 vm’s takes some luck in order for vmware server not to crash! I have however, ordered more ram (another 1Gb) and it should be with me within the next few days, i also need to get a gigabit card but then this server will be finished and i can start thinking about both the fileserver and the replacement firewall/backup DC/DNS at home.

Quite a few other things i want to buy, but all in due course, i may spend the next few weeks picking up little things – ram, gigabit card, new graphics card for mecie centre etc (i want to have keystone correction support for the projector).

Thats right, my new firewall/webserver is in comission, only one problem with it!

Copying over the old server’s settings and details wasn’t as hard as i thought -

PHPMyAdmin for exporting/importing SQL
Webmin for Config
Copied over DHCP and IPTables rules directly (made sure the NICs were labelled the same using /etc/iftab)
apt-getted everything else!

I initially had a few problems with the Ubuntu Server repositories, but all is well now, the only problem is that SSL Exploder refuses to run which is a bit odd. I think i will go for a re-install, that will probably fix it.

Final spec is as follows:

Viglen SX110 1U
Dual Pentium III 1Ghz
1Gb ECC SD133 RAM
2x Compaq 10k RPM U160 18Gb SCSI Disks (RAID-1)
On Board Dual Intel Pro/100
PCI Dual Intel Pro/100

Its a bit noisier than the old gateway, well ok, a lot noisier, but it is more compact which is good. It’s fully VPN’d up to Matt’s and Home, as well as Hamachified. This consolidates the old webserver and uni-gateway, so theres two machines out of comission now going spare. I will either have to dream up a use or scrap/keep for spares.

The other new server should arrive tomorrow, i had hoped for today but nevermind. This will take a while get running, VMWare 2k3′s, and then getting it setup for AD/Exchange and DNS. This will allow retirement of the Incoming box, and eventually the current 2k3 box , though there will be a need for a backup DC at the remote location. I did have one idea for this – virtualisation! I could get a new firewall box for home, and VM the backup DC and DNS within this box – one single neat solution for home, instead of multiple boxes.

In other news, my car has died – it sprung a coolant leak and although it is a ??10 part, it will cost me ??80 to have replaced since you have to take most of the engine apart to get to it! Nevermind i suppose, these things happen.

Will update you more when the new server arrives tomorrow.

I have ludicrously fast broadband!

The lovely people over at Be. managed to activate my line within 3 working days! The current line speed is 18meg down and 1.3 meg up.

The router they sent (free) is incredibly well specced – wifi, ADSL2+, FXS, FXO, PSTN, DSL (stuff for VOIP – which is built in). It’s just a shame it was let down by its awkwardness to configure – i wanted to change the default IP range it used – 192.168.1.0/24 because thats in use elsewhere and would have caused no end of problems but no, it wasnt a simple and easy task it should have been.

I had to change the routers IP, then the DHCP server settings and hope it set them, then change the DHCP Gateway as it couldnt change both at once (!?!) . Anyways, i did manage to do that and all is now well, i do plan to get the Linksys AM200 also though� as it will provide a far more elegant solution than the one i have. This also means i can flash the router back to factory non-modified-by-be firmware to get access to all the other features properly – including making better use of the VOIP, especially the FXS ports.

I’ve also just purchased a new server -

Viglen SX110
Dual 1GHz PIII
1Gb ECC Ram
2x 18Gb SCSI HDDs

This will become the firewall here in the wirral and replace the webserver at home. I should be able to get that sorted within a couple of weeks, it may have to wait on getting a 4-port 10/100 card though.

It’s all broken!

Or at least it seems that way, first of all the PSU fan in my desktop pc is dying – once it gets going its ok, but i have to keep checking its on – i’ve smelled it cooking twice now, i will replace it as soon as i can afford to.

Then, my mail server got attacked – i had to delete over 9,000 messages in the queue as Pipex had blocked my server from sending mail! Had to reboot the router to get a new IP to be unblocked, spent some time locking it down after that, even though all the OpenRelay tests were coming up negative…

And today, there was a powercut at home and none of the machines come back up! Had to talk my brother through it on the phone on getting them back together – DHCP failed to startup on the firewall so none of the machines got IPs which is annoying.

This led me to ring BT again to get my phoneline sorted – which there has 100% definatly been service on this line before and i was told by them that this would mean a simple ?30 reconnection fee. Alas no. Since the previous person took the number with them it means the line is properly disconnected (apparenlty) i sent a nasty e-mail, i might submit a complaint with Oftel, well, Ofcom as they are now.

I’ve got myself a lovely account on Matt’s VOIP Asterix IAX server which is very very nice, the call quality is amazing, i also have an incoming 0845 num!

Other than that not been up to much becuase of starting at Ledwood Technology which is going well, i think it’ll be a lot of fun, although, i’m having to do a crash course in C++ because uni didn’t teach me anything useful….

Anyways, i’ll go, got lots to do this weekend!

So, Martin has co-located his poweredge beast into my flat – its noisy with a capital N! But i have got my own 2k3 VM on it so i can practice migrating all the users and data off my old domain controller, although right now, the whole thing has crashed so i’m getting nowhere.

Instead i cleaned the flat and finally took some photos of the setup – check out here If theres any questions about the setup then just ask me. I’ve also stuck up some more pics of the monitoring controller now that it has all its sockets mounted and the toroid bolted in.

I also finally got rid of the annoying buzz in the car when using the car pc (caused by USB hub PSU) by fitting a +5V 3A regulator onto the 12V DC meaning i don’t have to step up to mains and back down again just to get 5V – buzz is now all gone.

I might go out to it for a bit later on today as i want to fit the bluetooth as well as copy across the refined music library – im so sick of AC/DC coming on!