Stefcho's Tech Blog - Page 6 of 7 - Software Development, Cloud, DevOps and PfSense

My Network Laboratory

Posted on 29/03/2011 - 18/02/2019 by Stefan

The easiest way to learn is by practice. This is especially true in IT. I have to lab out the migration from pfSense 1.2.3 to 2.0 RC1. Furthermore I have a site-to-site VPN setup that must be tested too.

I decided to expand my laboratory setup to house not just the two versions of pfSense, but DD-WRT and OpenWrt also. This will give me a opportunity to expand my test with alternatives. That is not enough, so let’s add two of each as virtual machines. Now we need a router in the middle to move the traffic between different subnets. Using any of the above will be redundant, so after browsing the VMware market for router appliance, as first option came Untangle, but I have already played around with it, and it is not appropriate for my purposes. As reasonable alternative is Vyatta. I had no experience with this appliance, and decide to check it out.

My finale network diagram looks like this:

The Console and Client are a simple Windows XP workstation from which to manage all the routers remotely by SSH and Web Interface.

As you can imagine if all the routers WAN addresses were in one sub-net, the Vyatta would be unnecessary, but my decision was based on the need to be able to test load balancing, fail over, and other scenarios in future.

In the following post I will discuss in details the configuration of each type of route. As a brief impression from the installation and configuration starting from the easiest to setup and going to the hardest ones.

PfSense have a Live CD, and is a breeze to install and configure on x86 virtual machine.

Then is the Vyatta, also available on Live CD that can be installed on virtual machine. For the configuration I have used the shell, only later to discover that there is a web interface that is somewhat helpful.

DD-WRT is hard to get on x86 virtual machine. I have opt out to find ready-made virtual machine and only to restore it to default configuration, and then to configure it to my preferences.

OpenWrt is even harder. On the forums the recommended way is to compile it for this architecture, and then install it. There is a wonderful tutorial here how to set it up on virtual box, but it does not work on VMware workstation. My guess is if you reconfigure the hard disk portions it will work. But yet again, my decision was to use ready-made virtual machine with the latest version, and configure it to my likings.

The easiest way to learn is by practice. This is especially true in IT. So now I have to lab out the migration from pfSense 1.2.3 to 2.0 RC1. Furthermore I have a site-to-site VPN setup that must be tested too.

I decided to expand my laboratory setup to house not just the two versions of pfSense, but DD-WRT and OpenWrt also. That is not enough, so let’s add two of each as virtual machines. Now we need a router in the middle to move the traffic between different subnets. Using any of the above will be redundant, so after browsing the VMware market for router appliance, as first option came Untangle, but I have already played around with it, and it is not appropriate for my purposes. As alternative to Untangle, Vyatta pop up from the result. I had no experience with this appliance, and decide to check it out.

My finale network diagram is like this:

The console and Client are a simple Windows XP workstation from which to manage all the routers remotely by SSH and Web Interface.

As you can imagine if all the routers WAN addresses were in one subnet, the Vyatta would be unnecessary, but my decision was based on the need to be able to test load balancing, failover, and other scenarios in future.

In the following post I will discuss in details the configuration of each type of route. Now let’s go from the fore a brief impression from the installation and configuration starting from the easiest to setup and going to the hardest ones.

PfSense have a live cd, and is a breeze to install and configure on x86 virtual machine. The only interesting this here is how to publish the web interface and the SSH on the WAN.

Then is the Vyatta, also available on live cd that can be installed on virtual machine. For the configuration I have used the shell, only later to discover that there is a web interface that is somewhat helpful.

DD-WRT is hard to get on x86 virtual machine. I have opt out to find ready-made virtual machine and only to restore it to default configuration, and then to configure it to my preferences.

The easiest way to learn is by practice. This is especially true in IT. I have to lab out the migration from pfSense 1.2.3 to 2.0 RC1. Furthermore I have a site-to-site VPN setup that must be tested too.

I decided to expand my laboratory setup to house not just the two versions of pfSense, but DD-WRT and OpenWrt also. This will give me a opportunity to expand my test with alternatives. That is not enough, so let’s add two of each as virtual machines. Now we need a router in the middle to move the traffic between different subnets. Using any of the above will be redundant, so after browsing the VMware market for router appliance, as first option came Untangle, but I have already played around with it, and it is not appropriate for my purposes. As reasonable alternative is Vyatta. I had no experience with this appliance, and decide to check it out.

My finale network diagram looks like this:

The Console and Client are a simple Windows XP workstation from which to manage all the routers remotely by SSH and Web Interface.

As you can imagine if all the routers WAN addresses were in one subnet, the Vyatta would be unnecessary, but my decision was based on the need to be able to test load balancing, failover, and other scenarios in future.

In the following post I will discuss in details the configuration of each type of route. As a brief impression from the installation and configuration starting from the easiest to setup and going to the hardest ones.

PfSense have a live cd, and is a breeze to install and configure on x86 virtual machine.

Then is the Vyatta, also available on live cd that can be installed on virtual machine. For the configuration I have used the shell, only later to discover that there is a web interface that is somewhat helpful.

DD-WRT is hard to get on x86 virtual machine. I have opt out to find ready-made virtual machine and only to restore it to default configuration, and then to configure it to my preferences.

OpenWrt is even harder. On the forums the recommended way is to compile it for this architecture, and then install it. There is a wonderful tutorial here how to set it up on virtual box, but it does not work on VMware workstation. My guess is if you reconfigure the hard disk portions it will work. But yet again, my decision was to use ready-made virtual machine with the latest version, and configure it to my likings.

Asus RT-N16 supported with DD-WRT 100 pages thread

Posted on 10/03/2011 - 18/02/2019 by Stefan

One of the major sources of information about this model, and the supportability of different features was this topic.

Asus RT-N16 now supported

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=61570&postdays=0&postorder=asc&start=0

Unfortunately as the last post states:

Murrkf: This thread is way too long to be practical. Outdated info is mixed with new info and few will read all 100 pages.

So you can,

SEE SUMMARY OF THIS THREAD AND CONTINUE DISCUSSION HERE:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=88118

pfSense 2.0 RC1 released, on Hyper-V

Posted on 01/03/2011 - 18/02/2019 by Stefan

Today pfSense 2.0 RC1 was officially released. So I’ve quickly downloaded it and setup one test VM in VMWare. The new interface reveals a lot more features than the previous version 1.2.3. For full list of improvements look here: http://doc.pfsense.org/index.php/2.0_New_Features_and_Changes

What I was more interested in was the performance on Hyper-V VM. Recently I’ve setup a Hyper-V VM with 1.2.3 version and legacy network interface cards. Make a few quick file transfer tests and did not like the performance.

I’ve repeat the tests, and there is a 25% improvement over 1.2.3. This is encouraging. Unfortunately event with the new version, it is necessary to use Legacy NIC for the Hyper-V VM.

As it is stated in the Digest this is considered a stable release suitable for production use. I will continue the testing in production environment to get more realistic results.

pfSense 1.2.3 as Virtual Machine on Windows Server 2008 R2 Hyper-V

Posted on 27/02/2011 - 18/02/2019 by Stefan

After seeing pfSense working more than half year flawlessly on Alix, recently I’ve test it as virtual machine.

To avoid some compatibility issues a “Legacy Network Adapters” must be used.

For my surprise even with that trick, there was no network connectivity. The work around for this problem is explained in this thread: Pfsense 2.0-BETA4 in Hyper-V: Throughput not as expected

Open shell from the console, create new document

vi /usr/local/etc/rc.d/startup.sh

and type in

ifconfig de1 down
ifconfig de0 down
ifconfig de0 up
ifconfig de1 up

Just check before that the names of your interfaces, mine were de0,1.

For now it is stable, no issues, with very basic configuration. On the forums there are topics about possible problems with VLANs, but I didn’t need this functionality.

Upgrading DD-WRT Firmware on Asus RT-N16 with Optware Asterisk 1.4

Posted on 22/02/2011 - 18/02/2019 by Stefan

As you remember before almost a year, I’ve setup a SoHo PBX on my router. Now it is time to upgrade the firmware. Usually I perform update on monthly bases. But after such extensible configuration for the PBX, and couple of month stable work, no changes were required.

Good place to start is this topic: Firmware Recommendations – Still 14929 – 02/17/11

There are K26 firmware recommendations are for 15230, but I decide to use slightly newer build “dd-wrt.v24-15508_NEWD-2_K2.6_big.bin”
But then it hit me, if I have to do all the configuration to enable Optware and Asterisk again, this would cost me hours of configuration.

After searching through the Wiki pages and the forum, found some relevant information:
“
/opt backup
Now we have prepared /opt for adding more packages. We can also create backup of the whole /opt tree in case of router upgrade, to give preinstalled /opt to a friend or just safety backup. We will create such backup with
~ # tar czf /tmp/opt-backup.tar.gz /opt
Destination for /tmp/opt-backup.tar.gz should be large enough! Beware that /tmp is RAM. Destination should be disk or remote smbfs partition. Extracting /opt backup could be:
cd /
rm -rf opt/*
tar xvzf /tmp/opt-backup.tar.gz
If /opt space is tight and no packages requiring libstdc++ will be used (like Amule) then removing this large shared library is recommended
~ # rm /opt/lib/libstdc\*
will remove
/opt/lib/libstdc++.so /opt/lib/libstdc++.so.6 /opt/lib/libstdc++.so.6.0.8
ipkg-opt downloads packages into /opt directory and erases them after installing. If you have enough free RAM and /jffs only then adding –tmp-dir /tmp is recommended instead of default /opt
”

source: http://www.dd-wrt.com/wiki/index.php/Optware

and something more meaningful:

“ gobbledigook
DD-WRT User
Joined: 06 Apr 2009
Posts: 376
Posted: Tue Jul 20, 2010 10:55 pm Post subject:
if optware is installed to an external drive (usb) then when settings are reset all you need to do is enable usb support in services, and select the mount point as /opt/ apply and reboot
”
Check out the whole topic here: http://www.dd-wrt.com/phpBB2/viewtopic.php?p=464506

After reading this I’ve gain some confidence, and decide to upgrade.

And it was a success, no additional configuration was needed, Asterisk was up and running straight after the upgrade of the firmware.

Straight

Upmix mode Sound Blaster X-fi XtremeMusic 7.1 II

Posted on 20/02/2011 - 18/02/2019 by Stefan

After updating my drivers, I’ve found that the Creative Console has been changed. Now to perfume the same operation you will have to pass slightly different way:

1. Open Creative Console, and select this icon for X-Fi CMSS-3D

2.In this dialog click on the Surround…Button. make sure that the Stereo Envelopment is in the center.

3.Finally clock on the radio button next to Stereo Surround.

That’s it, hope this help you out.

Upmix mode Sound Blaster X-fi XtremeMusic 7.1

Posted on 24/07/2010 - 18/02/2019 by Stefan

After a successful installation of my Sound Blaster X-fi XtremeMusic and connected it to Inspire T7900. It is time for some tests. The software which came with the card really plays 5.1 audio. But here comes the problems. I’m using different players for audio and video. The problem is that they used at most 5.1.

Finally I found where you can play with the up mixing, and here it is. By default you hear Stereo Xpand upmix mode. This setting concentrates the sound on the front left, right and the central speaker. You don’t feeling like swimming in the sound. In order the sound to be spread across all the 7 speakers. Choose the Stereo Surround Upmix Mode. Then the fun begins. Play with the Stereo Envelopment control. You will definitely feel the difference.

Online Radio Recording with VLC Player

Posted on 24/07/2010 - 18/02/2019 by Stefan

Тия дни исках да запиша малко онлайн радио. Поогледах се за някоя програма която може да ми свърши работа. Естествено имаше тонове такива. Проблема е че повечето са платени. Другия им недостатък е че не поддържат един или друг формат.

След дълго лутане, ми дойде „гениалната” идея да си ползвам една от любимите програми за целта. А именно VLC player. Не знам за друга програма с толкова богата функционалност. Може би заради модулната и архитектура, тя ти позволява да направих безброй комбинации от модулите, като това ти дава огромна свобода на действието. Точно след 30 секунди вече правех това което искам, както го искам и когато го искам. Перфектно! На всичко отгоре е и БЕЗПЛАТЕН!!!

За да не се лута някой ето и простите стъпки които трябва да се следват.
1. напиши адреса на радиото
2. избери Stream/Save, после Settings
3. Ако избереш Play locally – ще чуваш / виждаш какво се записва.
4. Избираш File, избираш къде да се намира, и как да се казва файла, съдържащ желаното съдържание.
5. Избери си формат в който да се кодира съдържанието.
6. Малко OKи, готов си.

About Video Talks and Who benefits from them.

Posted on 24/07/2010 - 19/02/2019 by Stefan

Здравейте,
Днес искам да споделя една случка.
Помните ли когато телекомуникационните оператори проможаха да предлагат видео разговори? И когато почнаха да се появяват телефони с по 2 камери? Незнам колко от вас са ползвали тази услуга. Аз не съм и не мисля в скоро бъдеще, но ето какво ми се случи.
Та прибирам си се аз от работа тези дни. Студ, мраз, иска ми се ако може целия да вляза в топлата си шапка. Гледам един пич си играе с телефон на една седалка, скучно. Изведнъж набира някой. Вместо да чуя нещо на екрана му се появява някой и той започва да маха с едната ръка.
Пропуснах да ви кажа че до нас има училище за деца с увреден слух.
Казах си те каквото си казах и човека си затвори телефона. Стана ми интересно. Като се замислиш, хората дето могат да чуват и говорят, си ползват телефона по конвенционалния начин, и не съм срещал хора дето да искат да ползват видео разговори. Обаче тези хора дето не могат да чуват, за тях остава алтернативата да си счупят палците от писане на кратки съобщения, или въпросните видео разговори.
Чудя се тези големи глави, в тези големи телекомуникационни оператори, как не са се сетили да направят някакъв преференциален план, за такива хора. Хора на които тази услуга им е наистина нужна.
С други думи да изкарват пари от разговори дори и от тези дето не могат да говорят. Телефоните с 2 камери отдавна не са лукс!
Ето им малко храна за размисъл, могат да го сложат даже в графата благотворителност, за някакви данъчни облекчения, ще си подобрят корпоративния имидж пред обществото и там други такива глупости.
Обаче тези хора са важни, пътуват си с служебните коли, или по – скоро спят в задръстване някъде, и не могат да видят такива неща.