The Cruft Of My Brain

Ok, so that ZoneMinder install I was hoping to do in the last post…yeah….not happening.

I’ve run into this before but I’ve decided it’s just not worth the trouble of trying to fix it. For some reason when you install the PV149 video capture card in older machines it likes to have problems with IRQs. I’ve tried this a couple of times and once before I got it to work after a lot of jockeying of IRQs in the bios and the OS. It sucks and it’s just not worth it.

The PV149 will be going in a slightly more modern and definitely more mainstream desktop motherboard. I hope I don’t have the same problem with that.

I’ve decided to repurpose the ML380 G2 for my new Trixbox. Should be enough horsepower and it’s already installed cleanly. Just need to make sure I can still apply the HPASM drivers so the fans will chill. Yar!

scott Cruft, Home and Hobbies, Networking

I’ve been busy with work and haven’t been able to squeeze in much of anything else. I’ve done a couple of things like upgrading Unraid to my Pro key and swapping motherboards. In the process I discovered that at least my copy (don’t know if it’s the default behavior) decided to hang on to the MAC address from the old motherboard. That created a small problem when I put the old motherboard back into service on a different machine! Fixing it is simple, just modify the network settings on the flash drive. See my post here for the specifics.

Also, I’ve been working on getting Sage transitioned to a new PC that’ll have enough juice to run Comskip. Only problem is that it’s been flakey ever since. Random lockups, long seek times for folders. That’s what I get for running beta software. Gotta be on the bleeding edge though! On top of that I seem to have lost my meta information on the old Sage PC and all of my IMDB lookups for DVDs is gone. Argh. 300+ DVDs in there now, I think. I might have to break down and buy DVD Profiler after all. Only $30 I think.

scott Cruft, Home and Hobbies, Networking

Comcast managed to hose up my internet connection which I host this site as well as some forums on. They did this by assigning my static IP’s to another location in their network. The result was split routes at their peering routers with the majority of traffic going into a black hole and a trickle getting through to me.

Once I explained to them what they broke it was a relatively quick fix.

Then, we lost power after a storm last night. Batteries lasted about an hour but that was not nearly enough.

And traffic has really been sucky for my day job. 2.5 hours almost every trip this week. That’s each way.

Ugh. I’m tired.

scott Cisco Routing and Switching, Cruft, Home and Hobbies, Networking

I recently discovered this new Cisco AnyConnect Essentials license being touted for the 8.2 code for ASAs. It took me a little while to parse through the cryptic description on Cisco’s site but it seems that you can now get client based SSL for a couple hundres $$’s depending on the ASA model. That’s up to the platform supported max!

If you want the web portal “clientless” SSL VPN you have to pay the previous crazy pricing for the “Premium” license. For most people this won’t matter and what it means is essentially a cheap SSL client solution now. Woohoo!

This guy seemed to confirm my thoughts.

Dude stole my theme too!

scott Networking, Security

Wow…I knew I had been neglecting the blog but I didn’t realize it had been over a month!

So, what have I been doing? Working too much! This time of year has gotten worse and worse over the last several years. It seems like the kids all get busy with activities, we get the itch to work on outdoor stuff and I feel the urge to work on the Cobra a bit. The result is I always feel overworked and by this time I’m telling myself to just let it be. What get’s done, get’s done.

So, what have I been able to squeeze in? Got a new 4 post cabinet. Did I mention that already? Got it for free! Steered it away from the dumpster. I’ve been slowly migrating all my gear over to this thing and I think it’s coming along nicely. I just need to get it finished. Part of what I want to do is move more of my devices into rackable cases. I’m getting there.

As of now I have the following in separate chassis:
-DMZ VMware Server on Ubuntu for web sites
-Unraid (currently 4tb usable, got another 1tb drive ready to go in, just need more SATA ports)
-Compaq ML380 G2 that’ll probably become my video surveillance recorder
-SageTV
-TrixBox CE (needs a rackmount case)

Also sporting a couple of switches, couple of routers and a couple of UPSs.

Once I’m done with the migration I’ll post some pics.

scott Cruft, Home and Hobbies, Networking

I love this kind of stuff: http://news.cnet.com/8301-1001_3-10209580-92.html

Here you have a company that’s entirely about the efficiency of massively parallel systems. They’re finally pulling back the current a bit and showing how best it works on a scale of 1000’s of servers. One shipping container alone can hold 1160 servers! WOW! The ideas about 12v only in the PSU and the onboard battery are brilliant!

I want a couple of these for myself! Heavy processing and lots of memory with just enough hard drive! Trim the energy and heat like they do and you can do a lot with that.

scott Cruft, Home and Hobbies, Networking

I just read about SGI’s demise over on GigaOm. It seems Rackable has scooped them up for a measly 25 million. This is just depressing.

Back in the day I was infatuated with SGI. For hardcore geeks they were cool before Apple was cool, again. I wanted an O2 so bad I could taste it. I was ready to squander every penny we had (not too many of them I might add) to get one even though I had no idea how to use Irix. When I was at ERAU I had a friend in the CS program. They were working on SGI’s (early 90’s Octanes I think) to create an air traffic control simulator. The graphics capabilities of the SGI’s at that time were unrivaled. When I got into Computers professionally I signed up for SGI’s marketing list and got to go to several events including a screening of Jurassic Park. Of course, I asked a million questions and drooled all over the demo units.

When HP started coming out with some powerful graphics workstations I remember thinking that was the beginning of the end. Around the same time SGI decided to introduce some Windows NT models. I really knew it was the end then.

To look at SGI’s product line today, they still have the same aesthetic on the hardware but aside from some nice cases there’s not much sexy about them any more. They don’t sell any workstations as far as I can tell either. They long ago sold off the software assets that were cool. Today they seem like just another storage vendor.

It’s like a portion of my youth has died.

scott Cruft, Home and Hobbies, Networking

I’m not bringing this up because it’s something new…but rather because it took Cisco ages to add this to their least expensive voice solution, the CME. I have an inbound SIP trunk set up with Vitelity for my business. It comes right into the same system that’s running the home phones. It’s so nice to be able to direct that inbound route based on the DID I get from Vitelity. From there it’s a pretty simple matter to send the call where I want. Right now I direct it at a RingGroup which does RingAll. I then have my office phone and my softphone ring for business calls.

At the same time I don’t have to change the house side of things. I also have a RingAll RingGroup for the home POTS line. The POTS comes in through a Cisco 1760 which is then plar’ed to my RingGroup extension via SIP. I have the same office phone in that RingGroup as well. I prepend either Vz or Anewvo (company name) to the CID and I can see where the call is originating from. That prepending is done either in the inbound router or the RingGroup. Flexibility!

Next up, I think I’ll try some “follow me” on the business line. It’s all in there, should be pretty easy to configure.

On a related note, I’ve been quite happy with the call quality on the Vitelity trunk. It’s not like I’m hammering my link when I’m on calls but so far it’s been excellent. Price is pretty reasonable too!

scott Cruft, Networking, VoIP

I didn’t see much in the way of review info on the
NORCO RPC-450 4U Rackmount Server Case
.  On top of that, the pics almost always showed a microATX motherboard installed, which was nice for having lots of room left.  However, I had an Extended ATX or EEB motherboard that I wanted to get into this thing so it was  little bit of a gamble when I ordered it.  I’m pretty happy with the results  although there are caveats and some tight areas.  Without further ado, the review:

Newegg shipped this thing double boxed and it arrived in fine condition.  I don’t live very far from the New Jersey distribution warehouse and I’m lucky enough to get stuff from them within a day or two.

From NorcoTek RPC-450

The RPC-450 comes with 2 big 120mm fans up front. Once you remove those you can slide out the drive cages. What’s cool about this is that the drive cages are kind of like 5in3’s. As you can see in this pic the space could support 3 5.25″ drives vertically but with the cages installed there are slots for 5 3.5″ drives. The 2 cages slide in and out using the same locking tabs you’d use for drives.

From NorcoTek RPC-450

On to the motherboard installation. The EEB size motherboard really does fill the space. Making matters worse, the fans and heatsinks for the dual xeons are located way up at the front of the motherboard. Here you can see how close one of the fans is to the frame:

From NorcoTek RPC-450

In this pic you can see my thumb and also how close the installed optical drive is. If the fans are any taller you aren’t getting the optical drive in.

From NorcoTek RPC-450

You can see here that this fan problem also means you can’t put more than 2 hard drives in the middle cage. Anything below that and the plugs would interfere with the fans:

From NorcoTek RPC-450

Just an overhead shot. The power supply fit easily and didn’t get in the way. I didn’t get my hands all hacked up either like is common when I’m working in some cases. Most of the edges really are rolled.

From NorcoTek RPC-450

So, in the end, it works. If you have a smaller motherboard you’ll have almost no problems. I got a second case for my Unraid setup and that used a MicroATX motherboard. Lots of space and the cooling has been excellent. The same setup in a Coolermaster CM690 had the 1TB Hitachi drives hitting 40C+. In this case with the 120mm fans blowing right across them I’m usually in the high 20’s on the Hitachi and only occasionally does it hit 30C. That’s a lot of piece of mind for the life of my drives.

All pics are here http://picasaweb.google.com/mdgeek/NorcoTekRPC450# although the rest are fairly blurry.

scott Cisco Routing and Switching, Cruft, Home and Hobbies, Networking, Security

I might have mentioned that before.  In case I didn’t…I hate java.  Now, today’s issue didn’t come directly because of java but it was the result, and an obscure one at that.

I’ve been struggling with a client issue that basically boiled down to slow or non-responsive websites that were passing through IOS firewalls.  Most websites would work fine and if we re-routed the traffic to another outbound connection that had an ASA it would work perfectly.  Also, if we connected a laptop directly to these remote site internet connections it would be smooth sailing.  So obviously something was unhappy on the IOS firewall.  I tried changing MTU, MSS, disabling the websense (urlfilter) connection.  All kinds of different things!  Nothing made a bit of difference.

I decided to run the Tweak Test over at dslreports.com to see what the MTU and MSS results would be, thinking that’s still what I needed to fix.  Tweak test is a java applet.  I had someone onsite run it and I happened to be watching the console at the same time.  All of a sudden I start seeing “FW-3-HTTP_JAVA_BLOCK” messages popping up.  WTH!  So, I figure out that java is blocked by default on IOS firewall.  Here’s the fix:

access-list 3 permit any
ip inspect name inspect http java-list 3

Yep, basically add the acl for any and then add java-list to the end of the http inspect.  I also have a urlfilter on the end to maintain the websense checks.  ARGH!  I decided to try my problematic website, of which enterprise.com happens to be one, and it popped right up.  I never got an error message about java before trying to run this app on dslreports.com.  I never saw reference to a Java problem in any of my debugs.

I know this wasn’t java’s fault directly, but if java wasn’t such a piece of garbage it might not have to be blocked by default.

scott Cisco Routing and Switching, Cruft, Networking, Security