Thursday, September 17th, 2015 | Author:
  • Part 1 – Gabatarwa – Da kafa Simple queues (Wannan post)
  • Part 2 – Dogara Gano zirga-zirga – Da kafa Mangle Dokokin (Ba da da ewa zuwa TM)
  • Part 3 – Manyan al'amurra da kuma Iyaka – Da kafa jerin gwano Bishiyoyi (Ba da da ewa zuwa TM)
  • Part 4 – Monitoring Usage – Alamar rashin queues – Limiting Abusive Devices (Ba da da ewa zuwa TM)
  • Part 5 – ??? Riba ???

Gabatarwa

The first problem one usually comes across after being tasked with improving an Internet connection is that the connection is overutilised. Yawanci babu wanda ya san dalilin da ya sa, wanda, ko abin da ake haddasa matsalar – except of course everyone blames the ISP. Wani lokacin shi ne ISP – but typically you can’t prove that without having an alternative connection immediately available. I currently manage or help manage four “sites / gabatarwa” cewa amfani QoS ka gudanar da yanar-gizo connectivity. Daya ne wurin aiki, two are home connections, and the last one is a slightly variable one – yawanci kamar wani gida dangane amma a madadin, for a weekend every few months, it becomes a 140-mutum (da kuma girma) LAN. Fun. 🙂

MikroTik RouterOS da

MikroTik'S RouterOS is very powerful in the right hands. Many other routers support QoS but not with the fine-grain control MikroTik provides. Alternatively you could utilise other Linux-based router OS’s, kamar DD-WRT, Smoothwall, Untangle, da sauransu. Mafi yawa daga cikin wadannan yawanci na bukatar cewa kana da kayayyakin uwar garken kwance game da ko mai jituwa hardware hanya tsakanin hanyoyin sadarwa. Mikrotik sayar RouterBoards da cewa suna da RouterOS builtin – kuma sun gwada da m.

My kwarewa da magudanar ne da farko da Cisco da kuma MikroTik – and my experience with QoS is primarily with Rarraba ta NetEnforcer / NetXplorer tsarin da MikroTik. Mafi mashahuri MikroTik na'urorin a kwarewa (wanin su sadaukar dogon zangon mara waya na'urorin) sun kasance su rb750 (new version mai suna “hEX“) da kuma rb950-bisa allon. Bã su da sauran jama'a available and are relatively inexpensive. In historical comparison with Cisco’s premium devices, Na kula don bayyana MikroTik ta na'urorin kamar yadda “90% da fasali a 10% kudin”. Kamar yadda wannan mai shiryarwa ne da nufin farko a SME / Home amfani, inexpensive makes more sense. If you’re looking at getting a MikroTik device, lura da cewa MikroTik magudanar yi ba typically include DSL modems, Kamar haka ku data kasance m ne yawanci har yanzu zama dole. Ka lura kuma cewa wannan ba a tutorial a kafa wani MikroTik na'urar daga karce. Akwai yalwa da Yanã shiryar da samuwa online ga cewa tuni.

Ka'idar cikin yi – farko da matakai

Don kafa QoS daidai, you need to have an idea of a policy that takes into account the following:

  • Overall dangane gudun
  • Da yawa masu amfani / na'urorin za a ta yin amfani da connection
  • The users/devices/services/protocols that should be prioritised for latency and/or throughput

A cimma sama a misalai, Zan zaton da wadannan:

  • A MikroTik aka kafa tare da tsoho cibiyar sadarwa sanyi inda gida na cibiyar sadarwa ne 192.168.88.0/24 da yanar-gizo dangane an bada via PPPoE.
  • A dangane gudun ne 10 / 2Mbps (10 Mbps download gudun; 2 Mbps upload gudun)
  • Za a yi 5 masu amfani da matsayin masu yawa kamar yadda 15 na'urorin (mahara kwakwalwa / Allunan / wayoyin hannu / WiFi da dai sauransu)
  • Hankula downloads na bukatar babban fifiko da kayan da aka samar amma low-fifiko da rashin laka
  • Gaming/Skype/Administrative protocols require high priority with both latency and throughput
  • Babu masu amfani ne da za a prioritized kan sãshe

The first and probably quickest step is to set up what RouterOS refers to as a Simple jerin gwano.

Na sanya wani ɗan gajeren rubutun da na ajiye a kan MikroTik na'urorin kafa da sauki queues. Shi ne kamar haka:

:don x daga 1 to 254 do ={
 /jerin gwano sauki add sunan ="internet-usage- $ x" dst ="pppoe" max-iyaka = 1900k / 9500k manufa ="192.168.88.$x"
}

Abin da na sama ya aikata ne iyaka matsakaicin gudun kowane mutum na'urar iya amfani da su domin “1900k” (1.9Mb) upload da “9500k” (9.5Mb) download.

Bayanan kula:

  • Dalilin da ya sa max iyaka ne a 95% of the line’s maximum speed is that this guarantees no single device can fully starve the connection, negatively affecting the other users. With a larger userbase I would enforce this limit further. Misali, tare da 100 masu amfani a kan wani 20Mb sabis na iya sa wannan iyaka zuwa 15Mb ko ma a matsayin kadan a matsayin 1MB. Wannan shi ne gaba ɗaya dogara da yadda “m” da masu amfani ne da, kamar yadda ka gane inda kuma yadda abuse auku, you can adjust it appropriately.
  • Da kari “internet-mai cutarwa” da sunan siga za a iya musamman. Yawanci na sa wadannan domin ya koma zuwa gabatarwa sunan. Misali, with premises named “alpha” da kuma “beta”, Zan yawanci sa “internet-alpha” da kuma “internet-beta”. Wannan taimaka tare da instinctively bambance tsakanin shafukan.
  • A dst siga na da “pppoe” a misali. Wannan ya kamata a sauya da sunan dubawa that provides the Internet connection.

Tabbatar da ka siffanta da rubutun ya zama ya dace to your sanyi. Ajiye rubutun ga MikroTik da gudanar da shi – ko manna shi kai tsaye a cikin MikroTik ta m zartar da shi.

In my next post I will go over setting up what RouterOS refers to as Mangle dokoki. Wadannan dokoki bauta gane / rarraba cibiyar sadarwa zirga-zirga domin ya yi finer-grained QoS yiwu.

Share
Category: random  | Leave a Comment
Thursday, September 17th, 2015 | Author:

Tsare Sirri, Time, Kudi

Ba na son zare kudi umarni. Ban taba son wannan ra'ayin cewa wani mahaluži iya, a nufin, kai kusan duk wani adadin kudi ta (da … abin da ke samuwa). A abokin aiki nuna batun tare da MTN da an kauce masa ya I an ta amfani da zare kudi domin. Wata kila da “saukaka” factor ba da irin wannan mummunan abu.

Na yi tsammani da penultimate tambaya a nan shi ne shin ko ba ka so saukaka kuma zai iya amince da cibiyoyin (a wannan yanayin da ka kudi) – ko kuma idan ba za ka iya amince da su kuma su ne shirye ya forgo cewa saukaka. A na harka, ko da yake har yanzu ina tambayar saukaka, Na koyi da wuya hanyar da MTN cewa ninki biyu na iya zama m zuwa da ka alaka duniya rage zuwa “m tsibirin” status. Kusan kowa da kowa a yau ke tare da saukaka factor.

Saukaka

A wannan bangaren, yanzu lokaci mai tsawo da suka wuce, I had a dispute with Planet Fitness inda saukaka wani mai kaifi biyu takobi. Na ruwaito su kasuwanci yi wa Mai amfani da gunaguni Hukumar (tun sake shirya yadda Mai amfani da Hukumar kasa) and never got feedback from them. The gist of the issue is that Planet Fitness’s sales agent lied to me and a friend in order to get more commission/money out of my pocket.

Ba ni da wani Samu vitality m wanda ya ba mutane da yawa amfanin, ciki har da rage kudaden a kan Premium brands – mafi yawa kiwon lafiya da alaka ba shakka, as Discovery is a Medical Aid/Health Insurance provider. A saka shi kawai, Samu ne madalla. Vitality ta amfanin rufe dakin motsa jiki mambobin da abin da kara hada da Planet Fitness. You still have to pay something, karamin alama dadin jikina, to Gano, ga dakin motsa jiki membobinsu. Amma, bayan duk, sun so ni in zama lafiya, so they don’t mind footing the bulk of the bill. Amma, a fili, wannan yana nufin Planet Fitness’ tallace-tallace jamiái ba su samu da hukumar!

To, abin da ya aikata wannan sakamakon a? A sakamakon haka ne cewa PF ta tallace-tallace wakili ya ba ni wani inflated adadi na “Vitality na tushen” membobinsu. Ya yi ƙarya. Sai ya yi mini hannu a kan cike da gidajen gona line ga wani inflated farashin mai “na yau da kullum” membobinsu (a, shi ne a zahiri fiye da ko da wani na yau da kullum membobinsu zai kudin), ending up about 4 da kuma 5 sau da yawa a matsayin vitality na tushen membobinsu.

Epiphanies

Some time in 2011 Na karshe wisened har zuwa cikin halin kaka da nake kamata da za a biya. Samu Na tabbata ba zai zama ma farin ciki game da wannan fiasco. Na yi magana da Manager a dakin motsa jiki, kuma ina da tabbacin cewa dukan kwangila za a tarwatsa. Ba na daya domin tashin hankali … sai dai idan ta ga wasanni … a cikin wani Octagon … amma bayan ta 5th ziyara a Manager su tambaye dalilin da ya sa Zare kudi oda aka har yanzu faruwa, ya ce da ni ya yi mamakin ban zo da makamai tare da ni ga ziyarar. Bayan 'yan mafi ziyara, da Manager ya zahiri bar Planet Fitness da bayyana mini cewa, “kwangila” was between myself and Head Office and that the local gym, a fili a ikon amfani da sunan kamfani-style aiki, ya little to ba ka ce game da ko ko ba haka ba za a iya soke. Idan Head Office ce ba, m arziki.

By this point I’d lost it. I had my bank put a daina da zare kudi umarni. It was a huge schlep: I had to contact the bank every month because the debit order descriptions would change ever so slightly. It also cost me a little every couple of months to “reinstate” the blocking sabis. Ba zan iya taimakawa, amma tunanin da banki tsarin na goyon bayan na yau da kullum maganganu amma ma'aikatan Ba ​​dole ba san yadda za su yi amfani da shi.

Technically I’m still waiting on the CCC to get back to me (ba ya faru – kuma ba shakka da suka kasance sunã sake shirya yadda aka ambata a sama don haka al'amarin yiwuwa fadi ta hanyar fasa). I mana, da cewa batu PF ma so ya blacklist ni ga ba biyan!

Da ba tsammani Hero

A taragutsan ambaci batun to Gano (Ina ganin na yi kira gare su game da wani likitan hakora ziyarar) sa a cikin wani callback da daya daga Gano ta jamiái. Fa, sun tambaye ni don bayyana matsalar, daki-daki da kuma a rubuce, to mafi alhẽri bayyana daga hangen zaman gaba abin da ya faru da gaske. Na zamar masa dole. Sai dai itace da na ke daidai game da su ba da “kuma farin ciki” game da shi. A gaskiya sun gaske ba su son shi. About three weeks later, Planet Fitness refunded ni a FULL ga dukan kudade da suka kasance Mai an biya musu.

Samu ne Awesome. 🙂

Share
Sunday, August 04th, 2013 | Author:

I had a power outage affect my server’s large md RAID array. Rather than let the server as a whole be down while waiting for it to complete an fsck, I had it boot without the large array so I could run the fsck manually.

However, when running it manually I realised I had no way of knowing how far it was and how long it would take to complete. This is especially problematic with such a large array. With a little searching I found the tip of adding the -C parameter when calling fsck. I couldn’t find this in the documentation however: fsckhelp showed no such option.

The option turns out to be ext4-specific, and thus shows a perfectly functional progress bar with a percentage indicator. To find the information, instead offsckhelporman fsck”, you have to inputfsck.ext4helporman fsck.ext4”. 🙂

Share
Sunday, August 04th, 2013 | Author:

History

Much had changed since I last mentioned my personal serverit has grown by leaps and bounds (it now has a 7TB md RAID6) and it had recently been rebuilt with Ubuntu Server.

Arch was never a mistake. Arch Linux had already taught me so much about Linux (and will continue to do so on my other desktop). But Arch definitely requires more time and attention than I would like to spend on a server. Ideally I’d prefer to be able to forget about the server for a while until a reminder email saysumthere’s a couple updates you should look at, buddy.

Space isn’t freeand neither is space

The opportunity to migrate to Ubuntu was the fact that I had run out of SATA ports, the ports required to connect hard drives to the rest of the computerthat 7TB RAID array uses a lot of ports! I had even given away my very old 200GB hard disk as it took up one of those ports. I also warned the recipient that the disk’s SMART monitoring indicated it was unreliable. As a temporary workaround to the lack of SATA ports, I had even migrated the server’s OS to a set of four USB sticks in an md RAID1. Crazy. I know. I wasn’t too happy about the speed. I decided to go out and buy a new reliable hard drive and a SATA expansion card to go with it.

The server’s primary Arch partition was using about 7GB of disk. A big chunk of that was a swap file, cached data and otherwise miscellaneous or unnecessary files. Overall the actual size of the OS, including the /home folder, was only about 2GB. This prompted me to look into a super-fast SSD drive, thinking perhaps a smaller one might not be so expensive. It turned out that the cheapest non-SSD drive I could find actually cost more than one of these relatively small SSDs. Yay for me. 🙂

Choice? Woah?!

In choosing the OS, I’d already decided it wouldn’t be Arch. Out of all the other popular distributions, I’m most familiar with Ubuntu and CentOS. Fedora was also a possibilitybut I hadn’t seriously yet considered it for a server. Ubuntu won the round.

The next decision I had to make didn’t occur to me until Ubiquity (Ubuntu’s installation wizard) asked it of me: How to set up the partitions.

I was new to using SSDs in LinuxI’m well aware of the pitfalls of not using them correctly, mostly due to their risk of poor longevity if misused.

I didn’t want to use a dedicated swap partition. I plan on upgrading the server’s motherboard/CPU/memory not too far in the future. Based on that I decided I will put swap into a swap file on the existing md RAID. The swap won’t be particularly fast but its only purpose will be for that rare occasion when something’s gone wrong and the memory isn’t available.

This then left me to give the root path the full 60GB out of an Intel 330 SSD. I considered separating /home but it just seemed a little pointless, given how little was used in the past. I first set up the partition with LVMsomething I’ve recently been doing whenever I set up a Linux box (gaske, there’s no excuse not to use LVM). When it got to the part where I would configure the filesystem, I clicked the drop-down and instinctively selected ext4. Then I noticed btrfs in the same list. Hang on!!

But a what?

Btrfs (“butter-eff-ess”, “better-eff-ess”, “bee-tree-eff-ess”, or whatever you fancy on the day) is a relatively new filesystem developed in order to bring Linuxfilesystem capabilities back on track with current filesystem tech. The existing King-of-the-Hill filesystem, “ext” (the current version called ext4) is pretty goodbut it is limited, stuck in an old paradigm (think of a brand new F22 Raptor vs. an F4 Phantom with a half-jested attempt at an equivalency upgrade) and is unlikely to be able to compete for very long with newer Enterprise filesystems such as Oracle’s ZFS. Btrfs still has a long way to go and is still considered experimental (depending on who you ask and what features you need). Many consider it to be stable for basic usebut nobody is going to make any guarantees. And, i mana, everyone is saying to make and test backups!

Mooooooo

The most fundamental difference between ext and btrfs is that btrfs is aCoWorCopy on Writefilesystem. This means that data is never actually deliberately overwritten by the filesystem’s internals. If you write a change to a file, btrfs will write your changes to a new location on physical media and will update the internal pointers to refer to the new location. Btrfs goes a step further in that those internal pointers (referred to as metadata) are also CoW. Older versions of ext would have simply overwritten the data. Ext4 would use a Journal to ensure that corruption won’t occur should the AC plug be yanked out at the most inopportune moment. The journal results in a similar number of steps required to update data. With an SSD, the underlying hardware operates a similar CoW process no matter what filesystem you’re using. This is because SSD drives cannot actually overwrite datathey have to copy the data (with your changes) to a new location and then erase the old block entirely. An optimisation in this area is that an SSD might not even erase the old block but rather simply make a note to erase the block at a later time when things aren’t so busy. The end result is that SSD drives fit very well with a CoW filesystem and don’t perform as well with non-CoW filesystems.

To make matters interesting, CoW in the filesystem easily goes hand in hand with a feature called deduplication. This allows two (or more) identical blocks of data to be stored using only a single copy, saving space. With CoW, if a deduplicated file is modified, the separate twin won’t be affected as the modified file’s data will have been written to a different physical block.

CoW in turn makes snapshotting relatively easy to implement. When a snapshot is made the system merely records the new snapshot as being a duplication of all data and metadata within the volume. With CoW, when changes are made, the snapshot’s data stays intact, and a consistent view of the filesystem’s status at the time the snapshot was made can be maintained.

A new friend

With the above in mind, especially as Ubuntu has made btrfs available as an install-time option, I figured it would be a good time to dive into btrfs and explore a little. 🙂

Part 2 coming soon

Share
Monday, October 29th, 2012 | Author:

It appears that, in infinite wisdom, Google have a security feature that can block an application from accessing or using your google account. I can see how this might be a problem for Google’s users, in particular their GTalk da kuma Gmail users. In my case it was Pidgin having an issue with the Jabber sabis (which is technically part of GTalk). I found the solution after a little digging. I was surprised at how old the issue was and how long this feature has existed!

To unlock the account and get your application online, use Google’s Captcha page here.

Share