Monthly Archives: January 2007

Strange Noises

(13:22:24) widow: my roommates make a lot of noise when they wake up
(13:23:12) widow: i dont know what that strange noise mark makes is
(13:23:37) widow: but i wouldnt even know how to try replicating it, i have no clue what part of the body it comes from.
(13:25:01) mike: rofl

All is well

Yep, I’m up early, so I can play catch-up today. A week ago, I had an eye check-up with Dr. Saxe to evaluate the progress being made in my right eye. Dispite some issues with the Swiss-made and supposedly infallible examination gear, he was able to see that my eye is doing quite well, and showing no signs of issue at this point. At a ‘normal’ distance, I was able to read the 20/20 lines on the vision tests, but at a closer range more akin to reading a book (or a computer), my vision fell off significantly to 20/80 or worse. This is due to the artificial lens, and completely expected and normal. I’ve got a prescription for glasses that I haven’t done anything with, but I’ve been considering them to help with the issues with reading.

Overall, I’m pretty happy with my eye situation. It was looking somewhat bleak for a while, and I was pretty pessimistic about the possibility of being done with the whole situation, at least for a semi-lenghty amount of time. However, at this point, everything has been calm for many months, and it seems I’m getting my respite. Hopefully it’s lenghty.

Fun With Networking

A few weeks ago, I picked up a couple old Cisco 2924XL switches from the MSU surplus store. It was my goal to use them to learn more about the inner workings of Cisco equipment, since our core network at work is comprised exclusively of Cisco equipment. I attempted this once before a few years back, but the switch model I purchased was too old and didn’t support IOS – Cisco’s Internet Operating System that runs on most of its modern switches/routers – so I wasn’t able to achieve my goals. These switches do run IOS, albeit an old version.

Getting them configured really wasn’t that hard. It seems that the knowledge that I gleaned from what I’ve done at work so far was enough to get the basic configuration in place. I ran into a few headaches with what I thought should work compared with what was actually possible, but that was due to a combination of the switch specs and the old IOS image. At work, we have things segregated into many VLANs, and the switch acts as a layer3 gateway for all machines that ‘reside’ in the VLANs provided by that switch. I was trying to duplicate that with my switches for practice, but no matter what I tried, I could only get one VLAN (VLAN1) to route an IP. I thought it was probably the old IOS image, so I tried to hit Cisco’s site to grab a newer image. Unfortunately for me, Cisco’s website sucks, and I wasted hours going in circles on their site before learning from someone else that you can’t download Cisco software images without a support contract. It would have been nice to see that somewhere in the download area, but no, they’d rather send people in and endless loop of “failed” logins. Grrr.

I was able to pull a few strings and acquired the newest IOS image from a friend who has access to Cisco’s software download site. I had the same difficulty after I upgraded the software image, but the error message I got from the newer IOS version proved helpful in isolating the cause. Those switches don’t have the capability to run with more than one virtual MAC address, so only one VLAN can be routed with an IP at a time. Once I realized this, I took down the VLAN interface I didn’t want to use, an configured the VLAN I did want to use, and everything was peachy. I’m thinking that the same technique would have worked with the old IOS image, but since I don’t feel like downgrading, I won’t know for sure.

With my new Cisco goodness in place, I was able to play with something I thought up a while back. I bought a few Linksys WRT54GL wireless routers earlier on in the summer, and flashed them with OpenWRT to get Linux on them in a form that I could manipulate. I thought it would be cool to set one of them up in a way that would mimic the networking configuration of my router machine, which has four ethernet interfaces for keeping various parts of my network segregated. Using VLANs, this was possible to replicate in the WRTs. The onboard switch can do VLAN tagging and trunking at a per-port level, so it’s possible to replicate the multiple interfaces using seperate VLANs instead of seperate physical interfaces. I was able to replicate the networking for my setup after a good amount of trial and error, with one port allocated for each of the three internal subnets and one for the internet. That left one additional port, which i set up as a trunked port that could carry all VLANs to another VLAN-aware device. Too bad I didn’t have any other VLAN-aware devices. After the initial success, I just let it sit.

Well, now I do have some VLAN-aware devices, so I’ve resumed my experimenting. The VLAN system I set up in the WRTs worked perfectly after I ws able to get over some internal problems in the OpenWRT networking scripts that kept me from using VLANs greater than 9. During some tinkering yesterday, I found that the WRTs can be set into monitor mode without affecting their capability as access points, which allows for the WRTs to function as Kismet drones at the same time as they’re functioning as access points. In a corporate setting, this would be a great feature for the security staff. While providing wireless access for employees of the company, the security staff could use Kismet (or another utility) to “patrol” for people that shouldn’t be entering the network. I don’t have much use for it really, but it is kinda neat to see the various other wireless networks that are in range of my apartment.

Jibba-Jabber

Over the past few days, I’ve been setting up a new Xen environment for my Jabber server and getting everything working with it. It proved more difficult than I would have imagined, mostly due to the fact that I wanted to be as seamless as possible. I used jabberd2 on the new environment, which uses a completely different storage backend than jabberd1.4 did. Jabberd1.4 uses a series of XML files, while jabberd2 uses a database backend (mysql in my case). This basically means that there was no direct upgrade path. There was a script included in the jabberd2 sources that was supposed to perform the migration, but it wouldn’t even run due to coding errors. I found another script that did the job, but it required that I install Ruby and mysql support for Ruby before it would even run. The former was pretty simple since it was available in RPM form, but the latter needed done manually. Since I have no experience with Ruby, this took a while. Once I got the script working, migrating things was easy.

There are a few differences that I found strange as well. Jabberd1.4 allowed for serving multiple domains just by adding a few lines in the configuration file, but jabberd2 requires that you run multiple session manager (sm) processes, one per domain. It seems like it could be a waste of resources if only one server is involved, but I believe that jabberd2 is made to be modular so it can be distributed across multiple servers to spread load or achieve redundancy. When considering it in that light, it makes sense. I also had to make a few DNS changes to get things working properly as well. The new Xen environment doesn’t have the same IP address as the neir.org domain, so the DNS records provide the link between the two.

One of the main benefits of the new Jabber server is that it allows for end-to-end encryption right inside the protocol. The old version had SSL support, but it didn’t cover the transmissions between servers, and settings had to be altered for client-to-server encryption. One thing that I found curious is that only one server I connect to actually performs server-to-server encryption – Matt’s server. Not even Google has it turned on with its Jabber-based Gmail/Google Talk system. Kind of surprising in my eyes. At least I can talk to Matt securely!

Much Mass

I just weighed both of my cats, out of curiosity. Marshall weighs 13.5 pounds. Mesa weighs 15 pounds. I have big kitties.

Xen-like state

Eeek. Yet again I have gone too long without posting. I’m thinking of starting a new category of posts for the entries that start off by saying “yah, I haven’t posted in a long time.” There have been so many of them as of late that I really should do it.

The holidays were both happy and tiresome, as per usual. I had all kinds of difficulty getting presents for everyone. I struck out the first four times I went shopping, and I was pretty distraught. I was successful eventually, and Christmas turned out well. I got some good gifts, and everyone seemed to enjoy the gifts I got for them.

It feels strange to enter another new year. It feels like I just moved in here, yet, I’ve been here an entire year. I just finished my fourth year at Liquid Web in December, yet I can still remember the old days at Jet Drive as if they were yesterday. My ten-year high school reunion takes place this year. When did I get old? I think I missed it.

Inspired by some happenings at work, I’ve been playing with Xen a fair amount over the past few weeks. Xen is a virualization system that allows for one to run multiple operating systems on the same computer simultaneously. WIth hardware that supports it, the virtualization can be done at a hardware level, allowing for unmodified guest operating systems to be run (including Windows). Otherwise, modifications must be made to the kernel to all guests for Xen to function properly. This limits the guest operating systems to open source OSs, which doesn’t bother me much since linux is my OS of choice. I’ve placed Xen on my server at work, and I’m going to use it to set up seperate OS environments for seperate services that don’t need to access the same data on the server. While it will introduce a bit of overhead, it will allow for a more secure system overall. If one environment is somehow compromised, the intrusion will be limited to that environment only. All in all, it’s a very neat system.