Archive for the Category » random «

Thursday, September 17th, 2015 | Author:
  • Pati 1 – Entwodiksyon – Mete kanpe Ke moun kap kriye Senp (Pòs sa a)
  • Pati 2 – Fiable Idantifye trafik – Mete kanpe Mangle Règ (Vini byento TM)
  • Pati 3 – Priyorite ak Limit – Mete kanpe Pyebwa keu (Vini byento TM)
  • Pati 4 – Monitoring Usage – Rdefini Ke moun kap kriye – Limiting Abusive Devices (Vini byento TM)
  • Pati 5 – ??? Pwofi ???

Entwodiksyon

The first problem one usually comes across after being tasked with improving an Internet connection is that the connection is overutilised. Tipikman pèsonn pa konnen poukisa, ki, oswa sa ki se sa ki lakòz pwoblèm nan – except of course everyone blames the ISP. Pafwa li se ISP a – but typically you can’t prove that without having an alternative connection immediately available. I currently manage or help manage four “sit / lokal” ke itilize QoS nan jere koneksyon Entènèt yo. Youn nan se espas travay mwen an, two are home connections, and the last one is a slightly variable one – anjeneral jis yon koneksyon kay, men altènativman, for a weekend every few months, it becomes a 140-nonm (ak ap grandi) LAN. Fun. 🙂

MikroTik RouterOS ak

MikroTikNan RouterOS is very powerful in the right hands. Many other routers support QoS but not with the fine-grain control MikroTik provides. Alternatively you could utilise other Linux-based router OS’s, tankou DD-wr, Smoothwall, Débouyé, ak pou fè. Pifò nan sa yo tipikman mande pou ke ou gen yon sèvè rezèv kouche sou oswa yon routeur pyès ki nan konpitè konpatib. Mikrotik vann RouterBoards sa yo ki te RouterOS builtin – epi yo ap relativman chè.

Eksperyans mwen ak routeurs se sitou ak Cisco ak MikroTik – and my experience with QoS is primarily with Lote nan NetEnforcer / NetXplorer sistèm ak MikroTik. Ki pi popilè aparèy yo MikroTik nan eksperyans mwen (lòt pase alontèm aparèy san fil dedye yo) yo te yo rb750 (nouvo vèsyon yo te rele “Egzagòn“) ak rb950-ankadreman ki baze. Yo gen anpil lòt moun available and are relatively inexpensive. In historical comparison with Cisco’s premium devices, Mwen te te gen tandans yo dekri aparèy MikroTik a kòm “90% karakteristik yo ki nan 10% pri a”. Kòm se gid sa a ki vize prensipalman nan SME / itilizasyon nan kay, inexpensive makes more sense. If you’re looking at getting a MikroTik device, sonje ke MikroTik routeurs fè pa typically include DSL modems, konsa ekipman ki egziste deja ou se tipikman toujou nesesè. Remak tou ke sa a se pa yon leson patikilye sou mete kanpe yon aparèy MikroTik nan grate. Gen anpil gid disponib sou entènèt pou ki deja.

Teyori an pratik – premye etap

Yo mete kanpe kòrèkteman QoS, you need to have an idea of a policy that takes into account the following:

  • Vitès la koneksyon an jeneral
  • Ki jan anpil divinò / aparèy pral sèvi ak koneksyon an
  • The users/devices/services/protocols that should be prioritised for latency and/or throughput

Pou yo rive nan pi wo a la nan egzanp mwen, Mwen pral asime sa ki annapre yo:

  • MikroTik a ap mete kanpe ak configuration la, te rezo default kote rezo a lokal se 192.168.88.0/24 epi li se koneksyon sou entènèt la bay atravè Ppeu.
  • Vitès la koneksyon se 10 / 2Mbps (10 Mbps vitès download; 2 Mbps vitès téléchargement)
  • Li pral fè 5 itilizatè yo ak anpil jan 15 aparèy (miltip òdinatè / tablèt / telefòn mobil / WiFi elatriye)
  • Downloads tipik mande pou gwo priyorite ak debi men ki ba-priyorite ak latansi
  • Gaming/Skype/Administrative protocols require high priority with both latency and throughput
  • Pa gen itilizatè yo dwe priyorite sou lòt moun

The first and probably quickest step is to set up what RouterOS refers to as a Senp keu.

Mwen te fè yon script kout ke mwen te sove sou aparèy MikroTik mwen yo mete kanpe ke moun kap kriye yo ki senp. Li se jan sa a:

:pou x soti nan 1 to 254 fè ={
 /nat Non ajoute senp ="entènèt-usage- $ x" DST ="ppeu" max-limit = 1900k / 9500k sib ="192.168.88.$x"
}

Ki sa ki pi wo a la fè se limit vitès maksimòm nan nenpòt aparèy endividyèl ka itilize yo “1900k” (1.9Mb) Upload ak “9500k” (9.5Mb) download.

Nòt:

  • Rezon an pou kisa limit ki max se nan 95% of the line’s maximum speed is that this guarantees no single device can fully starve the connection, negatively affecting the other users. With a larger userbase I would enforce this limit further. Pou egzanp, ak 100 itilizatè sou yon sèvis 20MB mwen ta ka mete limit sa a 15Mb oswa menm tankou ti kòm 1Mb. Sa a se antyèman depann sou ki jan “abizif” itilizatè yo ye epi, jan ou konnen ki kote ak ki jan abi anpil fèt, you can adjust it appropriately.
  • Prefiks la “entènèt-l '” nan paramèt nan non ka Customized. Tipikman mwen mete sa yo, al gade nan non an lokal. Pou egzanp, with premises named “alfa” ak “beta”, Mwen pral tipikman mete “entènèt-alfa” ak “entènèt-beta”. Sa a ki ede avèk enstenktiv différencier ant sit.
  • Paramèt nan DST gen “ppeu” nan egzanp lan. Sa a ta dwe ranplase ak non an nan la koòdone that provides the Internet connection.

Asire ou Customize script la yo dwe apwopriye a konfigirasyon ou. Save script la MikroTik a ak kouri li – oswa kole li dirèkteman nan tèminal MikroTik nan al touye li.

In my next post I will go over setting up what RouterOS refers to as Mangle règ. Règ sa yo sèvi yo idantifye / klasifye trafik la rezo nan lòd fè QoS sibtilite-grenn fen posib.

pataje
Category: random  | Leave a Comment
Thursday, September 17th, 2015 | Author:

Privacy, Tan, Lajan

Mwen pa renmen lòd debi. Mwen pa janm te renmen lide ki fè konnen yon lòt antite kapab, nan ap, pran prèske nenpòt kantite lajan nan lajan m (byen … kèlkeswa sa ki disponib). Yon kolèg vize deyò koze a ak MTN ta yo te evite mwen te fè lè l sèvi avèk yo te yon lòd debi. Petèt a “konvenyans” faktè se pa tankou yon move bagay.

Mwen ta kwè kesyon an isit la se penultyèm si wi ou non ou vle konvenyans nan ak ka fè konfyans enstitisyon (nan ka sa a ak lajan ou) – oswa si w pa ka fè konfyans yo ak yo vle renonse ke konvenyans. Nan ka mwen an, menm si mwen toujou kesyon konvenyans nan, Mwen te aprann wout la difisil ak MTN ke li doubl kapab konvenyan gen mond konekte ou redwi a “remote zile” estati. Prèske tout moun jodi a ale ak faktè a konvenyans.

Konvenyans

Nan lòt men an, kounye a yon tan long anpil, I had a dispute with Planèt Fòm kote konvenyans te yon kouto de bò. Mwen total pratik biznis yo nan Komisyon an Konsomatè Plent (depi re-òganize kòm nan Komisyon Nasyonal Konsomatè) and never got feedback from them. The gist of the issue is that Planet Fitness’s sales agent lied to me and a friend in order to get more commission/money out of my pocket.

Mwen se yon Dekouvèt vitality manm ki bay anpil avantaj, ki gen ladan redwi pousantaj sou mak Premium – nan kou sitou asosye ak sante-, as Discovery is a Medical Aid/Health Insurance provider. Pou mete li tou senpleman, Dekouvèt se pè. Benefis vitalite la kouvri adezyon jimnastik ki plis gen ladan Fòm Planèt. You still have to pay something, yon siyal ti nan kalite, Dekouvèt, pou manm lan gym. Men,, apre tout, yo ta vle m 'rete an bòn sante, so they don’t mind footing the bulk of the bill. Men,, aparamman, sa vle di planèt Fòm’ lavant ajan pa jwenn komisyon an!

Se konsa, sa ki fè sa a rezilta nan? Rezilta a se ke lavant ajan pf a te ban m 'yon figi gonfle pou yon “Vitalite-ki baze” manm. Li bay manti. Apre sa, li te m 'siyen sou liy lan pwentiye an pou yon pri gonfle nan yon “regilye” manm (repons lan se wi, li te aktyèlman plis pase menm yon rapòte regilye ta gen pri), ending up about 4 ak 5 fwa otan ke manm yo ki baze sou vitality.

Epifani

Some time in 2011 Mwen finalman wisened jiska depans sa yo mwen te sipoze peye. Dekouvèt mwen sèten pa ta ka twò kontan sou sa a fyasko. Mwen te pale ak Manadjè a nan jimnastik la, epi mwen te asire ke ta kontra a tout antye ap trete. Mwen pa youn pou vyolans … sòf si li yo pou espò … nan yon Oktagòn … men apre 5yèm vizit mwen nan Manadjè a mande poukisa Kòmann yo debi yo te toujou ap pase, li te di m 'li te etone mwen pa te fè l' zam ansanm avè m 'yo pou vizit la. Apre yon kèk plis vizit, Manadjè a te aktyèlman kite planèt Egzèsis fizik ak eksplike m ke nan “kontra” was between myself and Head Office and that the local gym, aparamman yon operasyon franchiz ak stil, te ti kras pa gen di sou si ou pa li te kapab ap anile. Si Head Office di pa gen okenn, chans difisil.

By this point I’d lost it. I had my bank put a sispann a lòd yo debi. It was a huge schlep: I had to contact the bank every month because the debit order descriptions would change ever so slightly. It also cost me a little every couple of months to “retabli” the blocking sèvis. Mwen pa ka ede men panse sistèm bankè a sipòte ekspresyon regilye men anplwaye yo pa nesesèman konnen ki jan yo sèvi ak li.

Technically I’m still waiting on the CCC to get back to me (pa janm rive – ak nan kou yo te re-òganize kòm mansyone anwo a se konsa ka a pwobableman tonbe nan fant yo). Natirèlman, pa pwen sa PF tou te vle lis nwa m 'pou pa peye!

Ewo nan Inatandi

Yon mansyone azar nan pwoblèm nan Dekouvèt (Mwen panse ke mwen te rele yo sou yon vizit dantis) a nan yon kalbak pa youn nan ajan Dekouvèt nan. Yo Lè sa a mande m 'a dekri pwoblèm lan, an detay ak nan ekri, nan pi bon eksplike nan pèspektiv m 'sa ki te vrèman rive. Mwen oblije. Li sanble m 'te dwat sou yo pa te “twò kontan” sou li. An reyalite yo vrèman pa t 'renmen li. About three weeks later, Planèt Fòm ranbouse m 'nan plen pou tout lajan ki te tout tan tout tan te peye yo.

Dekouvèt se pè. 🙂

pataje
Monday, October 29th, 2012 | Author:

Li parèt ke, nan enfini bon konprann, Google gen yon karakteristik sekirite ki ka bloke yon aplikasyon soti nan rantre nan oswa lè l sèvi avèk kont Google ou. Mwen ka wè ki jan sa a ta kapab yon pwoblèm pou itilizatè Google la, an patikilye yo Gtolk ak Gmail itilizatè. Nan ka mwen an li te Pidjin gen yon pwoblèm ki gen nan Jabber sèvis (ki se teknikman yon pati nan gtolk). Mwen te jwenn solisyon an apre yon ti kras fouye. Mwen te etone nan ki laj kesyon an se te, ak konbyen tan sa a te karakteristik te egziste!

Déblotché kont lan epi pou yo jwenn sou entènèt aplikasyon ou lan, itilize Captcha paj Google la isit la.

pataje
Wednesday, June 08th, 2011 | Author:

I did a full update on my personal server at home as one is bound to do, often, ak Arch. It’s a headless server so there’s always that slight anxiety concerning whether or not I have to connect a keyboard/monitor when things don’t just work. The wish was not granted today:

Arch Linux started booting up normally and init starts runlevel 3, the where it stats loading daemons:

:: Adjusting Hardware Clock [Busy]

And that’s where it just hangs. No further. Ctrl+Alt+Del works, single user mode works, but standard runlevel 3 will not. It turns out that the cause is a bug between hwclock and the server’s hardware clock. The backup battery on the motherboard, powering the CMOS memory and, subsequently, the hardware clock, is dead. While the system is powered up the battery isn’t neededhowever since the hardware clock knows it has reset, it won’t tick until we tell it what the time is. Counter to this is that when hwclock starts, it’s waiting for a clock tick in order for it to know if the hardware clock’s rate of progress is good. Catch 22.

The solution in my case was to go into single user mode where I could disable hwclock in /etc/rc.conf. I’ve been using ntpd to keep the system time in sync which works just fine. I’m not too bothered with whether or not the hardware clock is rightI just want the live system’s clock to be right. It will still be a good idea to get a replacement battery since, until that’s done, every time the server boots it will think its back in 1997.

pataje
Category: random  | One Comment
Friday, September 24th, 2010 | Author:

The upgrade to WordPress 3 was long overdue (as are many draft articles). Surprisingly, nothing looks different since the upgrade has been completed, though I also would not be surprised if I’ve missed an important plugin breakage.

I’ll be spending a day this weekend solely on polishing the site and finishing up some articles. You have something to look forward to. 🙂

pataje