July 31, 2009

Unsung heroes

Happy SysAdminDay! Today is the 10th Annual System Administrator Appreciation Day. I rewarded myself with a Leatherman Skeletool CX earlier this week.

And I'm taking the rest of the day off to celebrate

July 30, 2009

Large captive portal project

Earlier last month, a buddy referred me to a project he was handling. The site was way too far for him to travel to conveniently, and he was stuck with some other projects. So I decided to take a look.

The site was an apartment complex with six buildings and offers wireless Internet access to its occupants. They were having trouble with the existing system, so I accepted the project, and drove out 100 miles to look at it.

The old system: the apartment complex has six 4 Mbps ADSL lines. Every two buildings share two load balanced ADSL links. This sounds painfully slow and backwards, but 4 Mbps is the fastest we could get around here. (In fact, they had 2 Mbps ADSL until recently.)

They were using Edimax load balancers and Planet authentication gateways as the captive portal. The ADSL modems were also configured incorrectly as routers, giving three levels of NAT when it could be just two. Since there are six buildings with three sets of load balanced Internet links, it also means there are three sets of load balancers and gateways, and six modems. The real problem was that the Edimax and Planet often hang and required manual rebooting. Plus, the Edimax also oftens hangs in such a way that a cold reboot is necessary, erasing all configuration and requires manual reconfiguration. The Planet's captive portal also stops functioning randomly and would either allow the users to access the Internet without any authentication, or block Internet access completely. The biggest problem though, was that Internet access was so slow so even when the system was functioning, they were getting less and less users since the users were so sick of the slowness. And the reason they have three sets is not because they want to give more bandwidth to the users, but because originally when they had just one set, it would crash even faster.

The new system: replaced Edimax with Peplink. Replaced Planet with ALIX running m0n0wall. I recommended Peplink load balancers with 3 WAN connections, so now we can have just two sets of hardware, with three buildings sharing three load balanced ADSL links. I could have gone for a high-end Peplink with 7 WAN and combined everything into one set of hardware, but the initial investment would be much more expensive, and it's always nice to have a backup.

So I borrowed a Peplink 300 and a Peplink 380 (same as 300, plus VPN and in a rack form factor) from my friendly local Peplink dealer and deployed them. I reconfigured the ADSL modems as bridges, and set the Peplink into PPPoE mode. Unfortunately, the Peplink doesn't seem to have detailed QoS, so I configured m0n0wall to do the QoS by using the built-in Magic shaper wizard. m0n0wall was also configured as a captive portal with local users. We decided to user local users for now since the old system was based on users. We will implement a ticket selling system (called vouchers in m0n0wall) later if everything works out.

Oh, the ALIX boards I used were also the older ones I got from last year. They only have 128 MB of RAM, but seem to have no trouble handing a large number of captive portal user logins and traffic shaping.

According to the manager of the apartment complex, when the old system first went live a year ago, they could have up to 500 simultaneous users in the evenings. But because they've been having so much trouble with the system, the number had dwindled down to about 30.

We'll see how things work out.

(Doh! I forgot to take a photo after the Peplink and ALIX were installed. Will update again.)

July 29, 2009


Microsoft partners with Yahoo on long term Internet search deal. Wow!

July 24, 2009

Firefox 3.5.1 Google Gears again

Strangely enough, when I upgraded to Firefox 3.5.1 it told me that Google Gears is no longer compatible after only two days of being compatible with 3.5. But when I clicked on find updates it couldn't find a compatible version. I had to go to the Gears site and manually install it. Maybe it wasn't updated on the Firefox add-on database yet.

DD-WRT httpd vulnerability

A critical flaw was discovered in DD-WRT's httpd service. It was also covered on Slashdot. I don't need really to upgrade since my two DD-WRT routers are completely stable, and they weren't even used as Internet routers.

Just to keep this upgrade exciting, I performed the upgrade over a VDSL link during a heavy thunderstorm. The micro one was a client bridge mode connected to the std one. There were no signal drops during the upgrade process.


Before the firmware upgrade, I had a 151-day uptime on the WAP54G. Pretty incredible since the WAP54G is placed outdoors in an incredibly dusty and hot environment. As mentioned above, it's configured as a client bridge to wirelessly connect an RFID access reader to the rest of the LAN.

The Secret of Monkey Island for iPhone

One of my favorite games from my younger days was just released for the iPhone. How could I resist?

New hand drawn graphics.

New action interface optimized for the iPhone's touch screen.
Beautiful cut scenes.
Guybrush Threepwood showing off.
All the in-jokes from the original version. But I hear Loom is also being re-released. That was also one of my favorite games.
Inside the Scumm Bar.
Inside the Scumm Bar in the original PC version in EGA graphics. Note the original action interface too.
How times have changed! My handheld computer now has far more computing power than the desktop I had when I was in college. Okay, off to play the game some more now.

July 22, 2009


I should probably move to Akusekijima. The last time there was a solar eclipse, it rained. And it's raining again today. The weather was beautiful for weeks and weeks, and it had to rain today.

I wonder what kind of bandwidth they have on Akusekijima?

Update: At least with YouTube, I can pretend I watched it live.

July 21, 2009

One small step

Apollo 11 40th Anniversary: That's one small step for a man, one giant leap for mankind

July 15, 2009

Firefox 3.5 Google Gears

Google Gears for Firefox 3.5 is finally out. Now I can use my offline Gmail and Calendar again.

July 6, 2009

Delete the Internet

I got a call today from someone who just bought a new computer. He's not new to computers, it's just a new computer. He said he has video files on the new computer that he doesn't want any more. The conversation went something like this:

"I have all these video files on my new computer that I don't want, how do I delete them?"
"Er... just delete them?"
"You know... like you always do? Drag them to the trashcan? Press the delete key?"
"Didn't work."
"Oh, you probably have to close the video first, do you see the video on the screen?"
"Okay, so close the video first."
"Er... the same way you always do? Click on the X on the upper right corner?"
"But when I open it the videos are there again."
"Wait, wait. After you close the video, drag the file of the video to the trashcan."
"I can't find the file."
"Eh... if you can't find the file, how did you open it?"
"It's there when I open the computer."

Oh, this went on for something like 30 minutes. I tried everything I could think of to help him delete the videos. Finally it occurred to me that maybe the video he's talking about is actually a DVD, and some kind of player program was automatically playing the disc.

"Try right clicking on the video itself, and tell me what it says."
"About Adobe Flash Player 10."
"That's what it says."
"You're playing an Internet video? Is this YouTube?"
"Yeah, YouTube! How did you know? So how can I delete the videos?"

I spent the next 15 minutes explaining to him what YouTube is, and that he can't delete videos off YouTube if he didn't upload them.

"But I don't want to see those videos."
"So don't open the website?"

Finally I understood the poor guy. Someone had put a shortcut to YouTube on his desktop. When he clicks on the shortcut, the browser opens and goes to the YouTube website. He was trying to delete those videos on the YouTube startup page, because he doesn't want them taking up space on his computer.

I need a drink.