Author Archive

Thursday, September 17th, 2015 | Author:
  • Dio 1 – Uvod – Postavljanje Simple Redovi (Ovaj post)
  • Dio 2 – Pouzdano Prepoznavanje saobraćaj – Postavljanje Mangle pravila (USKORO TM)
  • Dio 3 – Prioriteti i granice – Postavljanje Queue Trees (USKORO TM)
  • Dio 4 – Monitoring Usage – Redefiniranje Redovi – Limiting Abusive Devices (USKORO TM)
  • Dio 5 – ??? Profit ???

Uvod

The first problem one usually comes across after being tasked with improving an Internet connection is that the connection is overutilised. Tipično niko ne zna zašto, ko, ili ono što izaziva problem – except of course everyone blames the ISP. Ponekad je to ISP – but typically you can’t prove that without having an alternative connection immediately available. I currently manage or help manage four “web stranice / prostorije” da je upotreba QoS da upravljaju svojim Internet povezivost. Jedan od njih je moje radno, two are home connections, and the last one is a slightly variable one – obično samo kućnu mrežu, ali alternativno, for a weekend every few months, it becomes a 140-muškarac (i rastući) LAN. Zabava. 🙂

MikroTik RouterOS i

MikroTik'S RouterOS is very powerful in the right hands. Many other routers support QoS but not with the fine-grain control MikroTik provides. Alternatively you could utilise other Linux-based router OS’s, kao što su DD-WRT, Smoothwall, Razmrsiti, i tako dalje. Većina ovih tipično zahtijevaju da imate rezervne server lagao ili kompatibilni hardver ruter. MikroTik prodaje RouterBoards koji imaju RouterOS builtin – i oni su relativno jeftin.

Moje iskustvo sa ruterima je prije svega Cisco i MikroTik – and my experience with QoS is primarily with Allot je NetEnforcer / NetXplorer sistema i MikroTik. Najpopularniji MikroTik uređaja u mom iskustvu (osim predanom dugog dometa bežične uređaje) su njihovi RB750 (Nova verzija pod nazivom “Hex“) i rb950-ploče na bazi. Imaju mnogi drugi available and are relatively inexpensive. In historical comparison with Cisco’s premium devices, Ja sam liječi opisati MikroTik-a uređaja kao “90% funkcije u 10% troškova”. Kao što je ovaj vodič je namijenjen prvenstveno malim i srednjim preduzećima / kućnu upotrebu, inexpensive makes more sense. If you’re looking at getting a MikroTik device, imajte na umu da MikroTik rutera raditi ne typically include DSL modems, na taj način vaša postojeća oprema je obično uvijek potrebno. Imajte na umu da je ovo ne tutorial o formiranju MikroTik uređaj od nule. Postoji mnogo vodiči dostupni na internetu za koje su već.

Teorija u praksi – prvi koraci

Da biste podesili QoS ispravno, you need to have an idea of a policy that takes into account the following:

  • Sveukupni brzinu veze
  • Koliko korisnika / uređaji će koristiti vezu
  • The users/devices/services/protocols that should be prioritised for latency and/or throughput

Da bi se postigao gore u mom primjerima, Ja ću pretpostaviti sljedeće:

  • MikroTik je postavljen s konfiguracijom default mreže, gdje je lokalna mreža 192.168.88.0/24 i internet veza omogućava preko PPPoE.
  • Brzinu veze je 10 / 2Mbps (10 Mbps brzina preuzimanja; 2 Mbps brzina slanja)
  • Tu će biti 5 Korisnici sa čak 15 uređaji (više računala / tableta / mobilne telefone / Wi-Fi, itd)
  • Tipična preuzimanja zahtijevaju visok prioritet s propusnosti, ali niskog prioriteta sa latencijom
  • Gaming/Skype/Administrative protocols require high priority with both latency and throughput
  • No korisnici će biti prioritet u odnosu na druge

The first and probably quickest step is to set up what RouterOS refers to as a Jednostavna Queue.

Ja sam napravio skriptu koja sam spasila na svom MikroTik uređajima za podešavanje jednostavan redovima. To je kako slijedi:

:za x iz 1 do 254 Do ={
 /red jednostavan naziv add ="Internet-usage- $ x" DST ="PPPoE" Max-limit = 1900k / 9500k target ="192.168.88.$x"
}

Ono što je gore je radi ograničite maksimalnu brzinu svakog pojedinca uređaj može koristiti za “1900k” (1.9Mb) upload i “9500k” (9.5Mb) download.

Bilješke:

  • Razlog zašto je max granice su na 95% of the line’s maximum speed is that this guarantees no single device can fully starve the connection, negatively affecting the other users. With a larger userbase I would enforce this limit further. Na primjer, sa 100 Korisnici na 20 Mb uslugu Možda ću postaviti ovo limit 15MB ili čak kao malo kao 1Mb. To je u potpunosti ovisi o tome koliko “uvredljiv” korisnici su i, kao što ste shvatiti gdje i koliko zlostavljanja javlja, you can adjust it appropriately.
  • Prefiks “Internet-korištenje” u ime parametra može se prilagoditi. Obično sam postaviti ove da se odnose na prostorije ime. Na primjer, with premises named “alfa” i “beta”, Ja obično staviti “Internet-alfa” i “Internet-beta”. Ovo pomaže sa instinktivno razlikovanje stranicama.
  • Parametar DST ima “PPPoE” u primjeru. Ovo bi trebalo biti zamijenjen s imenom sučelje that provides the Internet connection.

Osigurajte da prilagodite skripta da odgovaraju vašoj konfiguraciji. Sačuvajte skriptu na MikroTik i pokrenite ga – ili zalijepite ga direktno u MikroTik terminala za izvršenje ga.

In my next post I will go over setting up what RouterOS refers to as Komadati pravila. Ova pravila služe za identifikaciju / klasifikaciju mrežni promet kako bi za bolju QoS moguće.

udio
Category: random  | Leave a Comment
Thursday, September 17th, 2015 | Author:

Privatnost, Vrijeme, Novac

Ne volim debitnim narudžbe. Nikada nisam sviđala ideja da se još jedan entitet može, po volji, uzeti gotovo bilo koji iznos od mog novca (dobro … bez obzira je dostupan). A kolega ukazao na problem s MTN bi se mogle izbjeći da sam bio koristeći debitnu poredak. Možda je “pogodnost” faktor nije tako loše.

Pretpostavljam da je pretposljednji pitanje je da li ili ne želite da se praktičnost i mogu vjerovati institucijama (u ovom slučaju sa svojim novcem) – ili ako ne možete ih vjerovati i da su spremni da se odreknu da pogodnost. U mom slučaju, iako sam i dalje u pitanje praktičnost, Naučio sam na teži način sa MTN da dvostruko može biti nezgodno da se povezani svijet sveden na “daljinski otok” status. Gotovo svi danas ide sa faktorom pogodnost.

Pogodnost

S druge strane, sada odavno, I had a dispute with Planet Fitness gdje pogodnost je bio mač sa dvije oštrice. Prijavio sam svoje poslovne prakse Komisiji za žalbe potrošača (od re-organizovan kao Nacionalna komisija potrošača) and never got feedback from them. The gist of the issue is that Planet Fitness’s sales agent lied to me and a friend in order to get more commission/money out of my pocket.

Ja sam Discovery Vitality članica koja daje mnoge prednosti, uključujući i snižene stope na Premium marke – uglavnom se odnose na zdravlje naravno, as Discovery is a Medical Aid/Health Insurance provider. Jednostavnije rečeno, Discovery je strašan. Prednosti vitalnost pokrivaju Članstvo u teretanu što dodatno uključuje Planet Fitness. You still have to pay something, mali znak sorti, Discovery, za članstvo u teretani. Ali, uostalom, Žele da bude zdrav, so they don’t mind footing the bulk of the bill. Ali, očigledno, to znači Planet Fitness’ prodajnih agenata ne dobiti proviziju!

Dakle, ono što čini ovaj rezultat u? Rezultat je da me je prodaja agent PF dao naduvani lik za “Vitalnost na bazi” članstvo. Lagao. On je tada mi je potpiše na isprekidana linija za naduvanog cena “redovan” članstvo (da, to je zapravo više nego čak i običan članstvo bi imao trošak), ending up about 4 i 5 puta koliko članstvu u Vitality-based.

Prosvetljenja

Some time in 2011 Konačno sam wisened do troškova trebalo je da se plaća. Discovery Siguran sam da ne bi bilo previše sretan zbog ovog fijaska. Razgovarao sam sa menadžer u teretani, a ja sam siguran da će biti ukinut čitav ugovor. Ja nisam jedan za nasilje … osim ako se za sport … u Octagon … ali nakon mog 5. posjete Manager pitati zašto na teret Nalozi i dalje događa, on mi je rekao da je iznenađen što sam nije donio oružje sa mnom na posjeti. Nakon još nekoliko posjeta, Menadžer već otišli iz Planet Fitness i objasnio mi je da je “ugovor” was between myself and Head Office and that the local gym, očigledno operacija franšize-style, nije malo ili nimalo recimo o tome da li ili ne bi mogao biti otkazan. Ako Head Office rekao ne, Teška sreća.

By this point I’d lost it. I had my bank put a stop na teret narudžbe. It was a huge schlep: I had to contact the bank every month because the debit order descriptions would change ever so slightly. It also cost me a little every couple of months to “ponovo postaviti” the blocking usluga. Ja ne mogu pomoći, ali mislim da je bankarski sistem podržava regularni izrazi ali osoblje nužno ne znam kako da ga koristi.

Technically I’m still waiting on the CCC to get back to me (nikada nije dogodilo – i naravno da su reorganizirali kao što je spomenuto gore tako da je slučaj vjerojatno pao kroz pukotine). Naravno, do tog trenutka PF također želio da mi crnu listu zbog neplaćanja!

Neočekivana Hero

A nasumična spominje pitanje Discovery (Mislim Zvao sam ih oko posjeta zubaru) rezultiralo povratni poziv od strane jednog od Discovery agenti. Onda su me pitali da opiše problem, detaljno i pismeno, kako bi se bolje objasniti iz moje perspektive onoga što se stvarno dogodilo. I dužan. Ispostavilo se da sam bio u pravu o njima nisu “presretni” o tome. U stvari, oni stvarno to nije dopalo. About three weeks later, Planet Fitness me vraćen u punom za sav novac koji nikada nije platio za njih.

Discovery je Awesome. 🙂

udio
Sunday, August 04th, 2013 | Author:

I had a power outage affect my server’s large md RAID array. Rather than let the server as a whole be down while waiting for it to complete an fsck, I had it boot without the large array so I could run the fsck manually.

However, when running it manually I realised I had no way of knowing how far it was and how long it would take to complete. This is especially problematic with such a large array. With a little searching I found the tip of adding the -C parameter when calling fsck. I couldn’t find this in the documentation however: fsckhelp showed no such option.

The option turns out to be ext4-specific, and thus shows a perfectly functional progress bar with a percentage indicator. To find the information, instead offsckhelporman fsck”, you have to inputfsck.ext4helporman fsck.ext4”. 🙂

udio
Sunday, August 04th, 2013 | Author:

History

Much had changed since I last mentioned my personal serverit has grown by leaps and bounds (it now has a 7TB md RAID6) and it had recently been rebuilt with Ubuntu Server.

Arch was never a mistake. Arch Linux had already taught me so much about Linux (and will continue to do so on my other desktop). But Arch definitely requires more time and attention than I would like to spend on a server. Ideally I’d prefer to be able to forget about the server for a while until a reminder email saysumthere’s a couple updates you should look at, buddy.

Space isn’t freeand neither is space

The opportunity to migrate to Ubuntu was the fact that I had run out of SATA ports, the ports required to connect hard drives to the rest of the computerthat 7TB RAID array uses a lot of ports! I had even given away my very old 200GB hard disk as it took up one of those ports. I also warned the recipient that the disk’s SMART monitoring indicated it was unreliable. As a temporary workaround to the lack of SATA ports, I had even migrated the server’s OS to a set of four USB sticks in an md RAID1. Crazy. I know. I wasn’t too happy about the speed. I decided to go out and buy a new reliable hard drive and a SATA expansion card to go with it.

The server’s primary Arch partition was using about 7GB of disk. A big chunk of that was a swap file, cached data and otherwise miscellaneous or unnecessary files. Overall the actual size of the OS, including the /home folder, was only about 2GB. This prompted me to look into a super-fast SSD drive, thinking perhaps a smaller one might not be so expensive. It turned out that the cheapest non-SSD drive I could find actually cost more than one of these relatively small SSDs. Yay for me. 🙂

Choice? Woah?!

In choosing the OS, I’d already decided it wouldn’t be Arch. Out of all the other popular distributions, I’m most familiar with Ubuntu and CentOS. Fedora was also a possibilitybut I hadn’t seriously yet considered it for a server. Ubuntu won the round.

The next decision I had to make didn’t occur to me until Ubiquity (Ubuntu’s installation wizard) asked it of me: How to set up the partitions.

I was new to using SSDs in LinuxI’m well aware of the pitfalls of not using them correctly, mostly due to their risk of poor longevity if misused.

I didn’t want to use a dedicated swap partition. I plan on upgrading the server’s motherboard/CPU/memory not too far in the future. Based on that I decided I will put swap into a swap file on the existing md RAID. The swap won’t be particularly fast but its only purpose will be for that rare occasion when something’s gone wrong and the memory isn’t available.

This then left me to give the root path the full 60GB out of an Intel 330 SSD. I considered separating /home but it just seemed a little pointless, given how little was used in the past. I first set up the partition with LVMsomething I’ve recently been doing whenever I set up a Linux box (stvarno, there’s no excuse not to use LVM). When it got to the part where I would configure the filesystem, I clicked the drop-down and instinctively selected ext4. Then I noticed btrfs in the same list. Hang on!!

But a what?

Btrfs (“butter-eff-ess”, “better-eff-ess”, “bee-tree-eff-ess”, or whatever you fancy on the day) is a relatively new filesystem developed in order to bring Linuxfilesystem capabilities back on track with current filesystem tech. The existing King-of-the-Hill filesystem, “ext” (the current version called ext4) is pretty goodbut it is limited, stuck in an old paradigm (think of a brand new F22 Raptor vs. an F4 Phantom with a half-jested attempt at an equivalency upgrade) and is unlikely to be able to compete for very long with newer Enterprise filesystems such as Oracle’s ZFS. Btrfs still has a long way to go and is still considered experimental (depending on who you ask and what features you need). Many consider it to be stable for basic usebut nobody is going to make any guarantees. And, naravno, everyone is saying to make and test backups!

Mooooooo

The most fundamental difference between ext and btrfs is that btrfs is aCoWorCopy on Writefilesystem. This means that data is never actually deliberately overwritten by the filesystem’s internals. If you write a change to a file, btrfs will write your changes to a new location on physical media and will update the internal pointers to refer to the new location. Btrfs goes a step further in that those internal pointers (referred to as metadata) are also CoW. Older versions of ext would have simply overwritten the data. Ext4 would use a Journal to ensure that corruption won’t occur should the AC plug be yanked out at the most inopportune moment. The journal results in a similar number of steps required to update data. With an SSD, the underlying hardware operates a similar CoW process no matter what filesystem you’re using. This is because SSD drives cannot actually overwrite datathey have to copy the data (with your changes) to a new location and then erase the old block entirely. An optimisation in this area is that an SSD might not even erase the old block but rather simply make a note to erase the block at a later time when things aren’t so busy. The end result is that SSD drives fit very well with a CoW filesystem and don’t perform as well with non-CoW filesystems.

To make matters interesting, CoW in the filesystem easily goes hand in hand with a feature called deduplication. This allows two (or more) identical blocks of data to be stored using only a single copy, saving space. With CoW, if a deduplicated file is modified, the separate twin won’t be affected as the modified file’s data will have been written to a different physical block.

CoW in turn makes snapshotting relatively easy to implement. When a snapshot is made the system merely records the new snapshot as being a duplication of all data and metadata within the volume. With CoW, when changes are made, the snapshot’s data stays intact, and a consistent view of the filesystem’s status at the time the snapshot was made can be maintained.

A new friend

With the above in mind, especially as Ubuntu has made btrfs available as an install-time option, I figured it would be a good time to dive into btrfs and explore a little. 🙂

Dio 2 coming soon

udio
Monday, October 29th, 2012 | Author:

It appears that, in infinite wisdom, Google have a security feature that can block an application from accessing or using your google account. I can see how this might be a problem for Google’s users, in particular their GTalk i Gmail users. In my case it was Pidgin having an issue with the Jabber usluga (which is technically part of GTalk). I found the solution after a little digging. I was surprised at how old the issue was and how long this feature has existed!

To unlock the account and get your application online, use Google’s Captcha page here.

udio