After moving my HP Color LaserJet Pro MFP M477fdw from my Huawei S6720-32C-PWH-SI to a Ubiquiti Unifi Switch Flex running OpenWrt master, I noticed the printer randomly coming out of standby. Looking at the OpenWrt log, I noticed the DSA interface connected to the printer to be flapping.
Tags: linux
I guess better late than never...
So we've got a failover IP, and a nice trick to be able to get the same WAN IP on both our routers. If you do stateless packet filtering, this is actually enough, and your redundant setup is already finished. However, if you do stateful packet filtering, the moment the failover IP moves to the backup router, your connection will be dropped because it doesn't have any knowledge about it in its connection tracking table.
In part 1 I went over the basics of failover. The problem with such a setup is that TCP connections will not survive a failover from ar0 to ar1, or vice versa. The main issue is that both routers have a different WAN IP, and in this case, seamless failover will never work.
Many corporate networks implement router redundancy for obvious reasons. Most of them are probably using very expensive hardware with proprietary protocols, but in fact it is possible to build such a setup for less than EUR100 and use it at home. Just get a couple of cheap routers that are well supported by LEDE/OpenWrt.
This is something that has been bothering me for a long time. I use the same SSID for both my 2.4GHz and 5GHz networks, so that clients can roam from one network to another. However, in this setup, the client decides what network it think will work best. And unfortunately, most clients just suck at making this decision.
We all know them: brute force attacks. Be it SSH, SMTP, IMAP, your favorite web application, ... they happen. And they happen all the time.
Little over a year ago I ordered 2 Yubico U2F security keys, through the Github offer. When they arrrived, I was immediately annoyed by the fact that only Chrome (and Chromium) supported the U2F standard. At that time, my main browser, did not support U2F at all, and the feature request had been open for a year, with no real progress. Sigh.
While upgrading the Linux kernel on my XPS13, I noticed that I could no longer find the option to enable the ASoC driver that is needed when the sound card is running in I2S mode. The symbol (SND_SOC_INTEL_BROADWELL_MACH) was still there, but it didn't show up at the expected location. I also had all dependencies enabled, so I was a bit surprised it didn't show up. After looking again, I noticed this in the dependencies:
DW_DMAC_CORE [=m]=y
It's not the first time I write about cgroups, but a lot has changed since I wrote that post.
Some time ago I noticed that I could no longer boot a remote machine via Wake-on-LAN. This annoyed me quite a bit, as the machine was 2100km away and there was nobody at that location who could boot it for me. I really had no clue why it stopped working. So when I recently arrived at the location again, I started looking into it. Everything I had previously configured was still in place. The BIOS option Power On by PCIE devices
was enabled, and I still had this in /etc/local.d/wol.start
:
#!/bin/sh
ethtool -s eth0 wol g
echo "GBE" > /proc/acpi/wakeup
Yet, when I ran ethtool eth0
, it showed that WOL was disabled:
Since I hate typing passwords all the time, I looked for a way to automatically unlock my SSH keys at login. This guide focuses on KDE Plasma 5 and SDDM, but it should be easy to implement it for KDE Plasma 4 and other display managers as well.
A few days ago, polkit version 0.113 was marked stable on Gentoo amd64. Since the update, I could no longer suspend my system without entering the root password. Quite annoying, especially for a laptop. When canceling the polkit dialog, this appeared in the journal (yes, I am using systemd):
sep 10 05:22:52 sylvester.nomad.adlevio.net polkitd[18113]: Operator of unix-session:3 FAILED to authenticate to gain authorization for action org.freedesktop.login1.suspend for system-bus-name::1.96 [kded5 [kdeinit5]] (owned by unix-user:stijn)
As I already mentioned in my previous post about the XPS 13, I had issues with the touchpad: it freezes rather frequently, because it looses sync a lot. After losing sync for a few times, the psmouse driver issues a reconnect request. And when that happens, the touchpad freezes. It looks like this in the kernel log:
Jul 26 15:43:19 sylvester kernel: psmouse serio1: TouchPad at isa0060/serio1/input0 lost sync at byte 4
Jul 26 15:43:19 sylvester kernel: psmouse serio1: TouchPad at isa0060/serio1/input0 lost sync at byte 1
Jul 26 15:43:19 sylvester kernel: psmouse serio1: TouchPad at isa0060/serio1/input0 lost sync at byte 1
Jul 26 15:43:19 sylvester kernel: psmouse serio1: TouchPad at isa0060/serio1/input0 lost sync at byte 1
Jul 26 15:43:19 sylvester kernel: psmouse serio1: TouchPad at isa0060/serio1/input0 lost sync at byte 1
Jul 26 15:43:19 sylvester kernel: psmouse serio1: issuing reconnect request
Many people I know use a laptop for almost anything, anywhere. When they arrive at the office, they hook it up to an external monitor, and use an external keyboard and mouse or trackpad. I prefer to have a proper workstation, with powerful CPU and GPU, lots of RAM and multiple large monitors. As it's rather difficult to take this setup with me to meetings, or when travelling, I still require a secondary device that I can take with me everywhere I go. Some people seem to be OK with a tablet for that purpose, but that just doesn't work for me.
In a previous post I explained how to configure syslog-ng to accept logs from other hosts on the network. Back then I used a filter to only write logs from a specific host to a specific destination.
When I first tried to add my two test nodes in the oVirt manager, this worked fine for the first node I added. However, when I tried to add the second node this always seems to fail. This is what I am seeing in /var/log/ovirt-engine/engine.log:
In my previous post on the subject I pointed you to the ovirt-dre repository. Today however, I found out that a CentOS dev is also working on packaging CentOS.
After getting my oVirt setup up and running, I wanted an easy way to open a Spice console to a VM on my Gentoo workstation. There are several ways to do this, as explained here. The easiest way is via the browser plugin, but I couldn't get that to compile yet. The next best option is using ovirt-shell, from the ovirt-engine-cli tools.
Recently I have been playing around with oVirt. Since oVirt is included in Fedora 18, I tried it on F18 first. Unfortunately, these packages lack the web GUI. Since this is one of the things I wanted to test, these packages are useless to me. So I started digging around, and found the ovirt-dre repository.
Since I keep finding posts that tell you to restart nscd to flush its caches, I'll tell you how to really do it. The nscd caches are saved to disk, On my Fedora system, they are located in /var/db/nscd:
It seems that Samba 3.5 has problems binding its socket when running on dual-stack Linux systems. This is what I am seeing in log.smbd, right after starting Samba:
Recently I came across this link in #xbmc-linux on Freenode: http://www.webupd8.org/2010/11/alternative-to-200-lines-kernel-patch.html
Have you ever noticed that if you put cron jobs in /etc/cron.daily on a SLES machine, they seem to run at random times? I noticed it a few times, and I find it to be really annoying. Say, I rebooted a machine yesterday around 14:00, and today at 14:15, the machine starts rebuilding the man db, backing up the rpm db, cleaning /tmp, rotating logs, etc. Huh?! Looks like a bad idea to do such things when the system is currently in use by multiple people. Imagine that you put a database backup in there, and that backup locks your database...
In case you're annoyed by the fact that backspace doesn't work by default in vim on SLES, add this to /etc/vimrc or ~/.vimrc:
As you could read in one of my previous posts, I have been investigating my Sagem F@st 3464 modem a little, to see if it ran Linux (which it does). With the help of this topic, I was able to login into the modem with telnet. After entering the password and typing the "shell" command, I was presented an ash shell with BusyBox.
Somewhere in June 2009, I became self-employed. Since it involves sending invoices, I decided to create a template with OpenOffice. After creating a new invoice, I export it as PDF and email it to the customer. Saves me paper, ink, envelopes, stamps, trips to the post office, fuel, ... You get the picture.
Unfortunately I still have to hand them in to my bookkeeping office on paper, so I still have to print them once. Which is what I've been doing since June 2009. Until I tried printing invoices from Q4 2009, somewhere in December. The printer refused to print anything.
To be able to keep some log history of my OpenWRT based router, I want to send its output to a remote syslog server.
Fortunately I have another machine that is running 24/7, so I don't have to send it over the WAN link to one of my servers in the datacenter. My HTPC is running Gentoo Linux, and I configured syslog-ng as syslog daemon.
After I got my Zimbra server up and running, and configured some domains and accounts, I started playing with the calendar sharing and syncing. What I want is simple: to access my Zimbra calendar with Lightning, a calender add-on for Mozilla Thunderbird, and with my iPhone.
Some time ago I started to experiment with Zimbra a little bit. I already installed it a few times, and I heard many good things about the new release.
Because I ran into several issues with Debian and Ubuntu in the past, I decided to try Zimbra on CentOS. So I installed a clean CentOS 5.4 VM to test Zimbra on. I downloaded ZCS 6.0.3 for RHEL5, and then the fun started ...
If you recently visited my website (let's say in the last two or three days), you might have noticed some performance issues. It seems I didn't pay that much attention to the MySQL binary logging configuration, when I enabled this feature so that I could do point-in-time recovery in case something goes wrong.
Some months ago, I ordered a Dommel SpeedConnect Plus connection. Since Dommel is using the network of the monopolist Belgacom in Belgium, I am forced to buy one specific type of VDSL2 router: Sagem F@st 3464. If you want to know why Belgacom forces this type of modem, you can find the report of the BIPT here, in English, Dutch or French.
Since Debian Lenny was finally released not so long ago, I started upgrading some machines. Unfortunately, aptitude dist-upgrade complained about a few packages:
I have always had a problem with Evolution being installed when emerging gnome on my Gentoo system. Even with "-evo -eds" use flags, it still wanted Evolution. Evolution is a BIG piece of CRAP, and I don't want it anywhere on my system
Because I always forget ... To update your Dell BIOS in Linux, download the .exe BIOS file from the Dell website. Extract the HDR file with "wine D630_A15.EXE -writehdrfile".
Finally found a better solution for accessing .cue / .bin files on Linux than converting them to ISO: cdemu.
I just installed a fresh WinXP virtual host on kvm on my Gentoo system. It didn't allow me to use the maximum resolution that my monitor supports (1440x900). So I started reading the kvm manual page, and found the --std-vga
option. After restarting my WinXP machine with this option, Windows was unable to find a driver for the graphics card. Too bad ...
Because I really dislike the default Ubuntu background color, and I always forget where to disable it:
Today I needed to enable the pure-uploadscript functionality in pure-ftpd on a SLES 10 server. According to the spec file, the pure-ftpd RPM has been built with the --enable-uploadscript option, so no need to start rebuilding anything.
Recently I have been migrating a Samba PDC and BDC from RHEL 4 to SLES 10 SP1. Everything went pretty well, until I started configuring the printers on the new Samba servers.
Today, I passed the Novell Certified Linux Professional exam.
Some time ago I tried "emerge mysql-gui-tools" on my Gentoo x86_64 box. Unfortunately, the compilation process failed because of some errors (will include the error in this post when I find the time to reproduce it). Today, I'm preparing myself for MySQL DBA certification, and I really need the MySQL Administrator tool, so at first I downloaded the precompiled tar archive from the MySQL website, which worked without any problems.
Since Apache version 2.2, the LDAP authentication module is no longer called auth_ldap, but rather authnz_ldap. During a migration of an Apache 2.0 to Apache 2.2, I ran into some problems which caused a failure to start Apache.
Ever tried setting up netconsole under Linux, but never received anything from the kernel log on the machine configured as target in the netconsole module? Check the kernel.printk setting in sysctl.
When I moved from syslog to syslog-ng on my laptop running Fedora 7, I noticed a lot of these warnings in /var/log/messages:
Jul 10 09:29:34 speedy syslog-ng[2272]: Number of allowed concurrent connections exceeded; num='10', max='10'
On Linux, there is a global and per-user limit of open file descriptors (read: maximum number of open files). The global limit is distribution and kernel specific, the per-user limit is set to 1024 by default. However, some applications, like Lotus Domino, Oracle, ... require to have more than 1024 open files.