Tags: nginx

08/04/13

  12:25:00 pm, by The Dreamer   , 633 words  
Categories: Software, Computer, Networking

Apparently my dd-wrt does loopback now

A couple months ago I asked if mosh could be made to work if the mosh-server IP changes when roaming between networks.

Years ago, I used to have routers that did 'loopback', but haven't had ones capable of it for sometime...or so I thought. Though I hadn't really had a major need for it. Except perhaps for mosh.

mosh, MObile SHell, is an ssh replacement that supports roaming and intermittent connectivity. Since I do my IRC using irssi in screen, running all the time on a server at home. This makes staying connected to IRC on my laptop much nicer. I can close my laptop, and later open it and it'll still be connected to my screen session.

The problem was when I came home, I'd be unable to recover the connection correctly and the client goes into an unrecoverable state, so that even if I later use my laptop on an outside network the mosh session won't resume.

But, today I opened my laptop (and I just realized that I didn't do what I had intended to do) and I just minimized the window out the of the way...even though it probably wouldn't recover on Monday at work. But, the dock icon showed that something wanted my attention....probably mosh-client giving up? No. Well, my nick had come up a couple of times yesterday, but it shouldn't have known that....but not really thinking, I switch to the channel. And, it does. I switch around and its working. Wait...it shouldn't be though! :!:

So what changed? I do a tcpdump and see that it is connecting to my WAN IP and getting responses from my WAN IP....'loopback' never worked for me though....

:idea: Perhaps its 'loopback' of port forwards that has never worked....

I had moved irssi from box to dbox a while back. The router has two port forwards set related to this to box, a single port TCP forward and port range UDP forward.

But, because my other router is running stock firmware, it has a limited number of port forwards...so as I was migrating services to cbox (and using nginx to reverse proxy web services on other systems on my home network, where those that use a webserver are using apache, including local services...such as cacti on cbox and nagios on dbox), I decided that I would just make cbox the DMZ host...start running host based firewalls at home, especially on this host (it also uses an IP alias...kind of like how we do hosts behind the BigIP at work &#59;D )

So that means no port forward(s) for my dd-wrt router for WAN to dbox....so I guess the NAT allows 'loopback'ng in this case.

Wonder if the same applies to my other router.

The only problem this causes is that I had plans to replace routers. I actually have a new router to replace the current stock router....though I haven't got anything that really needs to speed upgrade to 802.11ac yet in the room where I using wireless bridging. I also had plans to replace my dd-wrt router, which had started getting unreliable which they seem to do after a while....though it seems to have helped after I deleted old traffic data....

Full story »

04/21/13

  10:52:00 pm, by The Dreamer   , 2431 words  
Categories: Software, Computer, Ubuntu, FreeBSD, CFEngine

Home server migration ran into some cacti

The home server migration that I wrote about on April 7th, hit a delay .... I started working on migrating cacti and nagios.

I probably should've started with nagios, since I don't think that would've taken as long as cacti has.

I had already been monitoring the new servers using my old cacti installation. I had pretty much decided that moving the old installation to the new servers wasn't going to straightforward.... partly because of versions, and no easy intermediary. But, I wasn't too worried about the historical data in my old cacti....

I figured that once I got things up and running, I'd just export the templates and import them into my new system and I'd be done.

But, then I hit a hitch....the squid templates I had weren't working on the new system....all I could find were old results about issues with doing SNMP to ports other than 161, and possibly due to newer versions of net-snmp....though that later turned out to be a wild goose.

Anyways...the work around was to use the proxy option in net-snmp. Though I recall having tried net-snmp before discovering bsnmpd on FreeBSD, but I gave it a shot.

Before I got to testing the proxy...I soon saw that it wasn't giving the same information as bsnmpd...specifically, for the HOST-RESOURCES-MIB and parts of UCB-SNMP-MIB. So, I decided that I could proxy net-snmp to bsnmpd and get those. But, that didn't work.....after some reading the answer was I needed to either map bsnmpd in somewhere else or exclude those areas from net-snmp.

Well, during the build of net-snmp, it did make reference to being able to set some variables in make.conf -- such as NET_SNMP_WITH_MIB_MODULE_LIST and NET_SNMP_WITHOUT_MIB_MODULE_LIST. And, by default NET_SNMP_WITH_MIB_MODULE_LIST contained "host disman/event-mib smux mibII/mta_sendmail mitII/tcpTable ucd-snmp/diskio sctp-mib if-mib"

So, I tried setting NET_SNMP_WITH_MIB_MODULE_LIST without host and ucb-snmp/diskio and tried to exclude the rest of ucb-snmp in NET_SNMP_WITHOUT_MIB_MODULE_LIST. Which got me a strange error about host being in both lists.

I delved into the Makefile, and found while the other settable NET_SNMP parameters were done as '?=' in the Makefile, the NET_SNMP_WITH_MODULE_LIST was done as '+='...with conditionals that '+=' the last two modules.

OSVERSION >= 700028 adds 'sctp-mib' and the port option MFD_REWRITES adds 'if-mib'....I had started looking at what the fix might be, but decided that all I needed to do was remove all these lines...since I'm going to have my own definition in my /etc/make.conf file.

Trying to exclude all of ucd-snmp wouldn't make things work....but I did an snmpwalk comparing bsnmpd and net-snmp, and decided that the two areas that were lacking were ucd-snmp/diskio and ucd-snmp/disk_hw. So, I recreated the 'original' NET_SNMP_WITH_MODULE_LIST in /etc/make.conf, without 'host' and 'ucd-snmp/diskio' and put 'ucd-snmp/disk_hw' in NET_SNMP_WITHOUT_MODULE_LIST. The build grumbled, but finished.

I that worked.....all my ucd/snmp host graphs were working on m new cacti server in the same detail that I was getting before (IE: the CPU Utilization gave traces for each of the 8 vCPUs...instead of just one.... I could see all the ZFS filesystems, not just the the single zroot.

So, I went back to looking at getting squid graphs to work....that didn't work.

Pages: 1· 2· 3

Now instead of subjecting some poor random forum to a long rambling thought, I will try to consolidate those things into this blog where they can be more easily ignored profess to be collected thoughts from my mind.

Latest Poopli Updaters -- http://lkc.me/poop

bloglovin

There are 20 years 7 months 24 days 30 minutes and 29 seconds until the end of time.
And, it has been 4 years 5 months 4 days 13 hours 32 minutes and 27 seconds since The Doctor saved us all from the end of the World!

Search

May 2017
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
Google

Linkblog

  XML Feeds

Who's Online?

  • Guest Users: 2
This seal is issued to lawrencechen.net by StopTheHacker Inc.
blogging software

hosted by
Green Web Hosting! This site hosted by DreamHost.

monitored by
Monitored by eXternalTest
SiteUptime Web Site Monitoring Service
website uptime