Category Archives: tech - Page 4

6th of the 6th, launch ALL the things

Posted by on 2012/06/06 No comments

So, it’s World IPv6 Day^W^W^WIPv6 Launch Day (rebranding lulz). Go test your IPv6 at some appropriate site like here (hosted in South Africa) or here (somewhere else than South Africa, I didn’t check).

Google also had some conference announcement about the next stage in Maps. I wonder if it’s this thing I saw on Google Maps last night: Mapmaker. It appears to be 4sq meets Waze meets .. something. Let’s see at 9am PST.

Update: here’s a screenshot.

Second update: (fuck you WordPress editor) apparently Mapmaker’s been live since mid-April. Talk about a quiet launch.

Mapmaker Intro Screen

 

Hai, can I hav sum intergnats plox?

Posted by on 2012/05/31 No comments

Alternative post title: IPv6 all up in hurr

Some years ago, before the age of cheap international access on local ISPs arrived here, dual-homing (or n-homing, depending on how pimp you were) on your residential connection was quite the fashion among .za tech-heads. But not the fancy sort with BGP and decent best-route selection, just a really grubby sort: two accounts, one local (as in .za routing table) and one international. You can read up about the full setup over here on Stefano’s site.

Due to the nature of the split, there was some fun. Fun in the order which things might come up, fun in which session’s routing is ready first, fun in DNS server overwriting, that sort of thing. Of course, I mean fun tongue-in-cheek, since it was mostly an annoyance. Especially when ddclient picks the wrong PPP session (“the config says ppp1, why are you using ppp0?”), or doesn’t want to ignore its cachefile (forcing you to wrap it in another script and delete the cache yourself), or when your line flaps and all pppd instances go into this weird race condition where they suddenly all acquire the same IP, or ….. well, I guess you get the idea. It was painful.

Thankfully times have progressed, and now it’s possible to get IPv6. Hell, if you’re in the right place you can even get a static allocation of v6. Working for AS37105, this is of course one of the work perks, since we (the tech team on the v6 deployment) dogfood it ourselves to make sure we know that things are actually working. Things we usually note are the following:

  • explosions in HE.net’s v6 core – hey, it happens
  • client apps misbehaving – surprisingly, chrome on my desktop is one of these
  • “mixed” support – mikrotik, for instance. you can telnet/ssh it on v6, but not winbox to a v6 address (I don’t recall if I’ve tested whether it connects if a hostname resolves to v6 address..mental note)

Personally, the best part for me is not having to ever deal with broken dyndns anymore, or having to maintain lots of funky NATs, or having to tunnel home and route traffic via the tunnel. If I just quickly want to ssh to my desktop, it has a hostname in DNS and it works. If I quickly want to check up on my traffic stats or anything else, I browse to yariman (my gateway/home store). It’s great, and makes my life that much nicer.

All of this said, World IPv6 Day next week! Are you all ready for your few days of carnage as other shitty ISPs run around unprepared? Bring on the future!

One other thing, props to PH.Fat for another good track. The track alone is cool enough for me to share it, but then I saw that the album (available on their website) is creative commons, and that just wins a bit harder. Nicely done, guys :)

P.S. Fuck you, WordPress content editor, and your stupidity in paragraph designation flow after bulletpoints.

In-flight wireless-less

Posted by on 2012/05/09 No comments

Ah, fantastic news strikes again. From this article:

“The system has been configured to allocate 128 IPs, with 124 IPs for passenger use. However, due to the number of passengers (115) utilising multiple devices (some as high as 2-3 devices) on the plane, more than 3 times the allowed connections were constantly requesting access to the internet,” explained WirelessG CEO Carel van der Merwe.

Now, some quick searching indicates that they’re using tech from Row 44 to do this thing. If it’s just satellite downlink, then I quite don’t get the R3.5 million (~$436k USD given a quick check of the current ZAR/USD) pricetag. If it’s the whole shebang, then I guess Row 44 is making some damn nice licensing fees out of airlines on DHCP leases.

Either way, I find it pretty damn hilarious that they didn’t plan for something like this on a flight for tech journos.

Routing for n00bs

Posted by on 2012/05/09 No comments

In lieu of solar flares, and unicorns, I propose a new protocol name to use when dealing with people who don’t understand routing and friends, people to whom any level of tech explanation would be white noise:

MGP. Stands for Magic Gateway Protocol. It knows just what to do at all times.

Todo: write RFC.

The Scene Will Be Youtube-ised!

Posted by on 2012/04/10 No comments

So, lame post titles excluded, the content.

Every now and then I run into a little something online which proves to me that the scene(s) isn’t(/aren’t) dead yet, and I’m a little bit rejoiced at it. Everyone toiling away in obscure little corners, still churning out some amazing things. And, for your enjoyment, I present the following.

Seems that today is good after all.

Theoretically Monday

Posted by on 2012/04/10 No comments

Every now and then I wake up to a good Monday, but they’re few and far between. Thankfully, today is only a theoretical Monday (it is, in fact, a Tuesday, due to the holidays from Easter weekend), but nonetheless it’s actually doing well so far.

Part of what makes it good is that unlike the recent trend in my life, nothing of any ridiculous consequence has happened over the weekend. Another part is to wake up to some great reading. Many who know me would know that I’m no great fan of PHP (probably the world’s most famous dinky toy language), although any verbal argument about it is likely to be futile because of a variety of reasons. Thus it’s quite great to find this post that articulates all sorts of issues I often encounter on random occasions when I have to deal with PHP. Link via Jeremy.

Another for fun/schadenfreude. And this wikiquote page about the author of PHP is pretty great.

Lastly, I discovered Emika‘s music over the last few days via her latest mix on Rob Booth’s site.

Here’s to hoping for a fairly sane week!

P.S. Bashing? Who, me? Nevaaaaar.

Mikrotik and Rancid

Posted by on 2012/03/12 No comments

In what’s probably turning into a series of posts detailing methods for dealing with Mikrotik routers from an operations standpoint, I’ve decided to do a bit of work detailing a bit more what I referred to in my previous post: the rancid integration for a Mikrotik router. I partly blame Lars Engström for all of this, as he recently got a Mikrotik RB1100AHx2 for their office, and has been asking me some questions about various little bits as he’s been going.

So here it is, my first ever set of commits/pushes to Github. Credit for most of the work goes to other people, linked from the readme in the repo; I just glued it all together in a nice-to-use fashion.

Oh, side mention: Lars also runs the aggregator of networking/tech blogs at this URL. It’s a pretty decent collection, and if you’re interested in networking, you might wish to follow it (for those of you who aren’t reading this post through it).

Update: as of about rancid 2.3.8, it appears that these patches have been merged into upstream. I didn’t really bother to check history, because the changelog has nothing in and I can’t be bothered to find where it was merged. One key difference is that the device type is called mikrotik (unlike mikrotik_{x86,rb}, in my setup), and presumably deals with the conditional commands by itself.

Screw you, Mikrotik

Posted by on 2012/02/29 1 comment

Particularly, your shitty scripting interface.

Using a lot of Mikrotik routers in various places, I’ve grown accustomed to the platform, and it really is quite flexible. However, it has its idiosyncracies. Among them are bugs and regressions between versions (c’mon guys, can you at least get some functional testing in place?), inconsistencies/inabilities in how some things are done at protocol level (unable to forward a default route in BGP), those sort of things. Now before I continue, let me say that I understand how such things can happen, but I do feel annoyed that they can take that long to get resolved. The lack of automated functional testing is also a major bugbear.

So, you have a router, and you probably care about its config. Most people who do this are familiar with the tool rancid (for better or worse – maybe at some point ranrod will be usable), and there are a set of patches to support mikrotik devices over here. As a side effect of this toolchain, I have a set of method that I can use to log in on many devices with a relatively low-effort command method. Consider the following scenario: someone leaves a company, and you wish to update passwords (in the case where you don’t have don’t have tacacs or radius backing auth). On a unix-like system, you have a few options, but in router-/switch-land you’re limited to some other things. Not to worry, we have shell loops, clogin/mtlogin, and a bit of ingenuity! Leading us to make this:

for location in list some locations here; do
  grep 'mikrotik.*up$' "$location/router.db"; done | cut -d':' -f 1 | while read line; do
  mtlogin -c ':global users;
              :foreach i in=[/user find where name="userinquestion"] do={:set users ($users . "," $i);};
              /user set numbers=$users password=shinymoonbicycles; quit' $line;
done

Seems sane enough. Start a for loop, parse our router.db files for a list of routers we care about, loop through those and run the following automated command sequence. Low-effort, quick, gets it all done. Except it runs into this issue:

[automation@Brain] > can't read "users": no such variable

Argh. Apparently we can’t declare or use variables in this fashion. Even though I can do that perfectly okay when I’m logged into an interactive session (…how is this determined?). “But hold on,” I think, “rancid uses +ct in the username to skip colour and terminal detection; maybe I can disable that to get it done”. And no, you can’t. QQ

In my mind, this sort of thing, on top of the earlier listed problems, the utter silliness of the scripting language (really, go look at the way I have to construct a list of users, or, well, anything), and other things such as no clear equivalent of the cisco-alike “no” command that can be used to negate/remove any statement in the config, are among the things that stand in the way of Mikrotik being taken more seriously.

Mikrotik, you have a product with pretty good potential. It wouldn’t hurt to improve these things a bit. You can sell craploads of non-wifi CPE equipment if you could win over the Cisco-hearts. Please, fix this crap.

*publishes post and mails the link to Mikrotik support*

“Maybe your problem is lint?”

Posted by on 2012/02/24 No comments

And indeed it was!

One of the products we sell at work is a caching platform, something that sells quite well into many of our African clients’ networks because transit is often ridiculously expensive and every Mbps saved is USD500~2000 you can use on something else. Traditionally we’ve been deploying on HP hardware, and as of earlier this week we have some SuperMicro equipment to try out for the platform. One 1U unit, and one 3U 8-blade unit. This post is about the latter of these two.

After racking the thing, and re-installing the blades (took them out to move the chassis. Side note: the clasp which holds the blades in is kinda crappy for self-locking. You need to wiggle it a bit to ensure the blade is properly in place). I started poking around on the systems. First issue I found is that the ethernet controllers are Intel 82580’s, which is not supported in the squeeze kernel we had on our PXEBoot server at the time (updated kernel which does have support is included in 6.0.4, or any version greater than 2.6.32-33). Now we were informed by our supplier ahead of time that there was one blade which was DOA and that they had a replacement on the way, so I got started on preparing the other systems in the meantime (as they would form a cache cluster). Doing this, I experienced some strange weirdness with the power sequence. Sometimes all the blades would power on, sometimes only the first 4 bays, sometimes only 3. Sometimes I could power 5 on, one off, another one, then attempt to reverse the power sequence of the last two but not succeed. A few more combinations like this were tried, including removing a unit far enough to disconnect it from its connector and then reseat it, but suffice it to say that it didn’t make sense.

At this point in time I’m left with the options of removing units from the bays (to eliminate PSU overload), and of changing the order of the units in the bays to see if that makes a difference (which one would not expect, but if all the possible options have been eliminated then whatever’s left is probably the answer). As I start removing the units one by one, I notice that there’s lint on the one blade’s connector. This hadn’t been there when I installed them, so I asked one of my coworkers to bring my torch over so that I could inspect the inside of the chassis. Turns out there’s a bit of lint hanging loose (about 6cm worth, presumably from the sleeving of one of the fans’ power connectors?) inside the chassis, and that it had somehow managed to get caught up in/on the connector. I remove the lint, and suddenly everything is working as expected.

Lessons learned:

  • SuperMicro BMC units probably have a shared power control bus
  • If you’re seeing weird things happening, maybe it’s lint!

Dokuwiki mredirect plugin URL bug

Posted by on 2012/02/10 No comments

At work we have an installation of Dokuwiki which is now slowly but surely being replaced by Jira (because of some context richness being easier in Jira). During this migration we wanted to be able to automatically redirect people to the new Jira entry if the content has been moved. For redirecting within the wiki, we’ve previously used the mredirect plugin, but we recently found it has a bug in handling redirect to an external URL.

So, here’s the patch:

$ diff oldaction.old action.php
25c25,31
<         $url = ($p[2] == '') ? wl($p[1]) : wl($p[1]) . '#' . sectionID($p[2], $check);
---
>         if ($p[2] == '') {
>           if (preg_match("/:\/\//", $p[0])) {
>             $url = preg_replace("/^\[\[/","",preg_replace("/\]\]$/","",$p[0]));
>           } else {
>             $url = wl($p[1]);
>           }
>         } else { $url = wl($p[1]) . '#' . sectionID($p[2], $check); }
31c37
< ?>
\ No newline at end of file
---
> ?>

This is just a very basic check to see whether the matched text contains “://”, which should never be within a Dokuwiki URL path (ie., “http://wiki.domain.tld/ns:entry” or “http://wiki.domain.tld/ns/entry” should be the only paths one can ever run across). If it contains this text, the Dokuwiki bracket syntax is stripped out of the string and the resulting content is the URL (verbatim) to redirect to.

I’ve mailed it to the author of the plugin as well, so hopefully it’ll get patched upstream and work for other people using Dokuwiki too.

Side note: I wonder what the/a nice way to post small diffs like this is instead of just dropping it in a quote on a post. Github’s gist or somesuch?

[Update] plugin author has responded and indicated that the upstream plugin is now updated.
[Update 2] thanks Axu for pointing out that I was asleep as hell when making this patch