Archives for: May 2011, 30

05/30/11

  09:48:00 am, by The Dreamer   , 892 words  
Categories: Hardware, Computer, BOINC, Roku XDS, Ubuntu, Other Linux

LHAVEN is dead, long live LHAVEN?

Well, I was getting really annoyed with it complaining and kicking out the replaced disk in LHAVEN. So, I shutdown the system and took out the disk, figuring it should just continue to run fine degraded until I get around to replacing it.

Well, it wouldn't power on after that. I went through everything, no joy. It had done this a while back when I tried adding something to it. It could just be the power supply has flaked out, but I don't have a tester or multimeter handy...so I can't really test it. Could buy a new PS...and I may do that.

But, I kind of suspected the drive issues weren't actually the drive but possibly some deeper hardware problem. So, I had been planning to replace LHAVEN at some point. It has done quite well, being circa 2002. Started out as a 64MB Duron 800MHz machine, eventually peaked at 2GB Athlon XP 3000+. It had replaced a Cyrix PR233 box that had gone up in smoke during a hot summer day in 2002, when the transformer outside blew....the computer survived the brownout and then blackout, but the fans didn't spin back up when power returned...so it burned itself up. Later I found one problem with this new system. It wouldn't resume after losing power. No BIOS setting to alter this behavior and I did try to see if there was alternate BIOS updates for it. It was kind of a painful machine to manage, because for some time kernels didn't have built-in support for all the SIS chipset stuff in it....so an update would roll out, and NIC was usually one of the things to definitely go missing. Which made for fun to rebuild a custom kernel upgrade for it. Eventually it got stable.

But, needing essentials like DNS, DHCP to be available after an extended outage...I moved these to another server (originally an old Pentium 75, which has evolved into what is known as 'box' today). For the longest time it was RedHat 7.2, and then RedHat 7.3 when fedora legacy switched to only supporting 7.3 and 9 releases. It continued after fedoralegacy stopped supporting it, I was building some of the packages for it by hand...like bind (in response to the Kaminsky exploit). There were parts of my network that wouldn't function without LHAVEN...like an old Windows 2000 box that was barely functioning...(old Gumby).

I nearly lost it during the Icepocalyse....but I tracked down motherboard replacement for it from geeks.com. It was a slighty newer mobo, but equivalent chipset. It did have some things the old mobo didn't, like USB 2.0 support (I didn't use USB and still don't), support for 2GB of RAM instead of 1GB...so I upped it for better BOINC'ng. And, faster CPUs....so I upped from 2200 to 3000.

At one time, I had turned it off to do some upgrades...which didn't pan out. Tried to slap a gigabit card into it...didn't work. Wouldn't get along with the on board stuff, and the BIOS didn't have ways to get things out of the way enough. It also never fixed the resume after power loss issue. But, during this process it failed to power on....but after a couple days, it came back and I decided to upgrade its UPS and hopefully it would make one last outage. Well, there were several others since then where it came back afterwards. But, looks like this is the last time for it.

Pages: 1· 2

  12:03:00 am, by The Dreamer   , 1362 words  
Categories: Software, Computer, Networking, WiFi, Ubuntu

Freeradius & DHCP Failover

Link: http://deployingradius.com/

So, ever since I looked at adding Mac Address Access Controls to my Airport Extreme...on top of WPA2 Personal, and the fact that my DHCP server only does reserved IPs, security. I used to do Mac Address Access Controls on my previous routers, but it was an easier interface to work with on those. And, I didn't realize how the Time Access worked on the Airport Extreme, the default allow all the time rule at the top tripped me up. So, I thought if I wanted it, I would need a RADIUS server...and I didn't know if I wanted to do that....yet.

But, after I woke one morning and couldn't seem to account for why there seemed to be so much data streaming through my Cox connection...there had been strange spikes in the past, but always figured it was something updating itself while I wasn't home (like iTunes and my podcast subscriptions). But, this one morning...there was no corresponding activity from any of my computers, and I didn't see anything obvious with my TiVos/ReplayTVs. Though I could've just missed it.

So, I fixed the Timed Access control and put my current devices in. With a note that I should really look into installing RADIUS somewhere, so that it would be easier to maintain the list than the airport utility. I would lose being able to find the MAC address of some new wireless device that doesn't have the MAC address stamped on it....for addition to my DHCP server.

Later during the setup in: Another Airport comes to Lunatic Haven I had wiped out the settings....and didn't feel like putting it back in again. Which made it more urgent (in my mind) to get RADIUS working.

So, I went online and searched and searched and searched...on how to do this. I had looked before, and wasn't all that successful. There's no simple how-to apparently. But, I found bits and pieces around, and decided to just go for it.

First, I installed freeradius on my Ubuntu server 'box'.

sudo apt-get install freeradius

It starts right away, now to make it work. And, debug it. Well, most of the examples were for older freeRADIUS versions, so things weren't where it said, or command line switches were different, or it didn't work. I did find some examples of MAC address authorization, but they involved 'Auth-Type := Local' in the /etc/freeradius/users file. But, the clients.conf part seemed right. I strongly considered just doing 'Auth-Type := Accept'...but I wanted to figure this mess out.

client 192.168.1.1 {
        secret = testing123
        shortname = airport
        nastype = other
}

So kept searching and searching....eventually, I found fragments on site called "Deploying RADIUS: Practices and Principles". It confirmed that I was basically on the right track, I just needed to figure out what to put in the users file to make it go from Auth-Reject to Auth-Accept.

Well, the example for MAC Address entry for users I had found was:

001122-334455  Auth-Type := Local,  User-Password == "testing123"

At first I was pointing my Airport Extreme at it and watching the debug output, and watching everything stop working now and then. But, eventually I used 'radtest' to test my freeRADIUS configuration. And, eventually, I found that what I needed was:

001122-334455  Cleartext-Password := "testing123"

And, all was good. I pointed my main Airport Extreme to it, and it everything adjusted and worked. I then pointed the new Airport Extreme at it and things continued to work.

Yay! :cool:

Pages: 1· 2

Now instead of subjecting some poor random forum to a long rambling thought, I will try to consolidate those things into this blog where they can be more easily ignored profess to be collected thoughts from my mind.

Latest Poopli Updaters -- http://lkc.me/poop

bloglovin

There are 20 years 2 months 26 days 7 hours 18 minutes and 23 seconds until the end of time.
And, it has been 4 years 10 months 2 days 6 hours 44 minutes and 33 seconds since The Doctor saved us all from the end of the World!

Search

May 2011
Mon Tue Wed Thu Fri Sat Sun
 << < Current> >>
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
Google

Linkblog

  XML Feeds

Who's Online?

  • Guest Users: 0
This seal is issued to lawrencechen.net by StopTheHacker Inc.
Web Site Engine

hosted by
Green Web Hosting! This site hosted by DreamHost.

monitored by
Monitored by eXternalTest
SiteUptime Web Site Monitoring Service
website uptime