I managed to screw up my Skype password, so I headed over to the Skype password reset page to get things resolved. No go. The link failed, on any platform I tried. Got locked out, tried again after 24h, but still nog go. Then chatted to customer service (after some digging to find the link to online chats; they don’t want people to find it easily I guess). Still no go. The password didn’t want to reset. I drew a blank.
The thing that struck me as particularly cruel was that there was no way Skype was going to help me. The chat resulted in them telling me that there was nothing they could do for me. And I wasn’t able to resolve the problem either apparently.
Leaving anyone just dangle with no options is bad customer care. Lessen learned? Always provide your customer with a next step, be it somewhere to go, a document to read, a forum to go through, propagate the problem internally, anything.
(*) The problem was a glitch on their end: hotmail accounts are valid for password resets, even if they are not associated to a Skype account. The person in the chat should have been able to tell that that was happening. Once I used the correct e-mail address the issue was resolved.
For the past year using (kernel) NAT together with FWD rules in ipfw has walked across my brain more often than I like to admit. But everytime I was not able to grab the concept sufficiently to get it right and make them work together. Finally today in the train, trying all sorts of combinations, pondering why it still did not work, I finally got it: If I cannot make the rules on the NAT and FWD match, I should match first, use skipto and then apply NAT and FWD to all traffic that passes in that block of firewall rules!
# NAT and forward both need to process the same packets
ipfw -q disable one_pass
ipfw -q -f flush
ipfw -q nat 123 config if em1
ipfw -q add skipto 1000 all from any to not 192.168.1.0/24
ipfw -q add skipto 65534 all from any to any
ipfw -q add 1000 nat 1 all from any to any
ipfw -q add 1100 fwd 192.168.178.1 all from any to any
where 192.168.178.1 is the gateway on em1. Now, this recipe is still missing the inbound NAT, performance considerations due to applying NAT multiple times on the packet, and probably much more, but the basic nut on how to format the ipfw ruleset has been cracked. The roost has left the nest. Policy Based Routing, here we come!
Note: after disabling ‘nat’ rules are no longer terminating the rule set, but ‘fwd’ rules are!
Smiling and helpful as usual, your BSD daemon
And there it was! All geeks unite! BSD lovers from all over Europe and the rest of the world gathered in Malta to discuss what was going on in the world of FreeBSD, NetBSD, and OpenBSD. The talks where better than ever (only 42 out of 75 submissions made it into the 3 tracks on 2 days).
Most impressive for me was the number of people using NanoBSD as a tool to provide their server, embedded systems, and node installations. But also in-depth discussions of fundamental issues like 64-bit time_t, security technologies, and performance enhancement). And of course the fun talks by the BSD veterans McKusick and phk. All in all a good BSDCOn. See you next year!
I received my Raspberry Pi, downloaded a torrent for FreeBSD Pi, and about 10 minutes later spent 1 hour zeroing, then backing up, then dumping the image onto a 8GB SD card. Spent another five minutes figuring out the power requirements (700mA over USB with a running ethernet connection, so an Apple iPhone USB power supply would do), powered it up, connected it to a network. Et voila!
root@fbsd-pi:~ # dmesg
Copyright (c) 1992-2013 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.0-CURRENT #0 r245446M: Tue Jan 15 12:53:26 SGT 2013
CPU: ARM1176JZ-S rev 7 (ARM11J core)
Supported features: ARM_ISA THUMB2 JAZELLE ARMv4 Security_Ext
WB enabled LABT branch prediction enabled
16KB/32B 4-way instruction cache
16KB/32B 4-way write-back-locking-C data cache
real memory = 536870912 (512 MB)
avail memory = 451756032 (430 MB)
And this all based on open source hardware and software. Next step is to actually modify our NanoBSD environment to build images for this platform.
UPDATE: It looks like getting our stuff running on that platform is actually more work than expected, especially the cross compiling is going to be a challenge. So, back onto the Someday/Maybe pile…
Open Source advantage
Consider this bug report for iTerm2, a terminal program for Mac OS X, where it panic’s Mac OS. The bug has been around for a while. There is no way you can actually check with Apple whether this issue has been resolved, is being worked on, will be resolved when, etc. That bug report by now contains a possible fix based on the Open Source version of the OS. In an open source OS this would be a) fixed by now by someone having the problem, b) probably be included in a release that has already shipped, and c) if not included, patchable in your local system by yourself.
The advantage of closed source is obviously blame allocation: It is their fault because I, the paying customer, say so. However, that is not much help on a thursday evening when struggling to make automated updates of 450 NanoStation M2’s work, with a laptop that crashes every hour.
In this mobile application we use a VSat (Internet over satellite link) for the heavy lifting and 3G as a fallback connection. One of the biggest issues with VSat is its latency of 700msecs up to 5000msecs, depending on the location of the satellite, and other factors. In today’s environment, with heavy dependence on DNS to provide content from different locations (hello, CDN providers!), DNS becomes a bottleneck on VSat systems.
This problem can be reduced at limited cost by doing DNS over 3G (when available). The downside to this is that availability of DNS servers changes heavily depending on the connections available. 3G is not generally available on rivers, so these DNS servers tend to arrive and disappear frequently.
Second, VSat tends to loose signal when turning too quickly, when moored in a deep lock or behind a building, or when crossing under a bridge. To provide Internet access as much as possible we automatically switch the default route to 3G when we loose signal, and switch back to VSat when reacquired. This switching again causes appearance and disappearance of DNS servers, but now also the DNS servers behind the long latency VSat link. Dropping information on timing of these DNS servers needs to be avoided to make sure that DNS servers reachable over 3G are preferred when they both come back.
With the unbound caching DNS server we’ve got a tool that allows us to modify several parameters:
- add and remove DNS forward entries
- flush DNS entries, whole zones, but also DNS resolver information
- provide local subnets / precreated zones
- increase the minimum TTL of a DNS entry from seconds to minutes to reduce requests
- do pre-fetching of DNS entries
- look at DNS resolution statistics of the running daemon
Many of these features will disagree with normal behaviour on the Internet, but given the audience on board, it is generally preferable to speed up name resolution. Adding host specific routing entries for the DNS servers, and using open DNS resolvers (Google and Level3) performance has improved considerably.
We were using the GTM382W UMTS Mini-PCI Express modem from Option. As that product has been discontinued, we have switched to the GTM661W modem, which is a half size Mini PCI Express modem, in combination with an extender plate to make it fit in existing slots.
Today we are going to a) figure out which 2 of the 7 serial ports on the USB device I need for PPP resp. control connections and b) check whether the modem still accepts all the commands we are using to interrogate the modem on the control connection hop over to this site.
One wonders why these companies go through the trouble of redesigning everything for every new modem they sell. New IDs, new port allocations, new packaging.
<a href="http://www omeprazole dr 20mg capsule.071-ict.nl/”>Tijdens het ICT Café van 071 ICT in december gaf AnyWi een korte presentatie over het project Internet op cruiseschepen. Het gebruik van iPads, tablets en smartphones wordt steeds belangrijker, ook op reis. Een goede internetverbinding is dan ook voor vele toeristen onmisbaar. Touroperators eisen steeds vaker dat cruisemaatschappijen internet aan boord leveren zoals men dat thuis gewend is. De meeste hotels bieden inmiddels gratis wifi aan hun gasten aan, maar op cruiseschepen is dit minder makkelijk te organiseren.
In zijn presentatie De iPad als reisgids. Een probleem voor Cruisemaatschappijen! vertelde Nick Hibma over de complexiteit van mobiel internet en de problemen waar cruisemaatschappijen mee geconfronteerd worden zoals:
- hoge kosten
- onbetrouwbare verbindingen
- ontevreden gasten
AnyWi werkt momenteel aan een oplossing voor deze problemen.
071 ICT is hét platform voor de Leidse ICT-branche en ICT-professionals. Het motto van 071 ICT is: Vernieuwing door ICT. 071 ICT organiseert vier keer per jaar netwerkbijeenkomsten. Naast de presentatie van AnyWi was er tijdens de laatste bijeenkomst ook een presentatie over CrowdRoaming, een project dat toeristen op een innovatieve manier probeert te voorzien van internet via de databundels van de lokale bevolking.
Van 18-10 t/m 22-10 was de jaarlijkse European BSD Conference, in Warsaw, PL. 200 mensen betrokken bij en gebruikers van de verschillende BSD smaken kwamen bijeen om ideeën uit te wisselen, cursussen te volgen en meer te leren over FreeBSD, NetBSD, OpenBSD, DragonFly BSD, etc. AnyWi maakt op veel machines gebruik van FreeBSD en is als src committer ook betrokken bij de verdere ontwikkeling daarvan.
Tijdens de conferentie waren er volop mogelijkheden om on-the-spot bugs op te lossen, met gelijkgezinden oplossingen voor prangende vragen te bespreken, of gewoon bij te praten en ideeën op te doen.
Meer informatie: http://2012.eurobsdcon.org