Author Archive

Thursday, September 17th, 2015 | Author:
  • Apá 1 – Ọrọ Iṣaaju – Eto soke Simple queues (Yi post)
  • Apá 2 – Reliably Idamo ijabọ – Eto soke Mangle Ofin (Nbọ laipẹ TM)
  • Apá 3 – Ayo ati ifilelẹ – Eto soke isinyin Igi (Nbọ laipẹ TM)
  • Apá 4 – Monitoring Usage – Redefining queues – Limiting Abusive Devices (Nbọ laipẹ TM)
  • Apá 5 – ??? Èrè ???

Ọrọ Iṣaaju

The first problem one usually comes across after being tasked with improving an Internet connection is that the connection is overutilised. Ojo melo si eniti o mo idi ti, ti o, tabi ohun ti wa ni nfa iṣoro – except of course everyone blames the ISP. Nigba miran o jẹ awọn ISP – but typically you can’t prove that without having an alternative connection immediately available. I currently manage or help manage four “ojula / agbegbe ile” pe lilo QoS lati ṣakoso awọn won Internet Asopọmọra. Ọkan ni mi ise, two are home connections, and the last one is a slightly variable one – maa o kan a ile asopọ sugbon tabi, for a weekend every few months, it becomes a 140-eniyan (ati ki o dagba) Lan. Fun. 🙂

MikroTik RouterOS ati

MikroTik'S RouterOS is very powerful in the right hands. Many other routers support QoS but not with the fine-grain control MikroTik provides. Alternatively you could utilise other Linux-based router OS’s, bi eleyi DD-WRT, Smoothwall, Untangle, ati ki o jade. Julọ ti awọn wọnyi ojo melo beere pe o ni a apoju server eke nipa tabi hardware a ibamu olulana. Mikrotik ta RouterBoards ti o ni RouterOS builtin – ati awọn ti wọn ni o jo mo ilamẹjọ.

Mi iriri pẹlu awọn onimọ jẹ nipataki pẹlu Cisco ati MikroTik – and my experience with QoS is primarily with Ẹ pín ká NetEnforcer / NetXplorer awọn ọna šiše ati MikroTik. Awọn julọ gbajumo MikroTik awọn ẹrọ ninu mi iriri (miiran ju wọn ifiṣootọ gun-ibiti o ẹrọ alailowaya) ti wọn rb750 (titun ti ikede a npè ni “hex“) ati rb950-orisun lọọgan. Won ni ọpọlọpọ awọn miran available and are relatively inexpensive. In historical comparison with Cisco’s premium devices, Mo ti sọ awọn mọlẹbi lati se apejuwe MikroTik ká ẹrọ bi “90% awọn ẹya ara ẹrọ ni 10% awọn iye owo”. Bi yi guide ti wa ni Eleto nipataki ni SME / Home lilo, inexpensive makes more sense. If you’re looking at getting a MikroTik device, akiyesi pe MikroTik awọn onimọ ṣe ko typically include DSL modems, bayi rẹ tẹlẹ itanna ni ojo melo si tun pataki. Akiyesi tun ti ni yi ko a tutorial lori eto soke a MikroTik ẹrọ kan lati ibere. Nibẹ ni o wa opolopo ti itọsọna wa online fun awọn ti o tẹlẹ.

Yii sinu iwa – akọkọ awọn igbesẹ

Lati ṣeto soke QoS ti tọ, you need to have an idea of a policy that takes into account the following:

  • The ìwò iyara asopọ
  • Bawo ni ọpọlọpọ awọn olumulo / awọn ẹrọ yoo ti wa ni lilo awọn asopọ
  • The users/devices/services/protocols that should be prioritised for latency and/or throughput

Lati se aseyori awọn loke ni mi apeere, Mo ti yoo ro awọn wọnyi:

  • The MikroTik ti wa ni ṣeto soke pẹlu awọn aiyipada nẹtiwọki iṣeto ni agbegbe ibi ti awọn nẹtiwọki wa ni 192.168.88.0/24 ati awọn asopọ ti wa ni Internet pese nipasẹ PPPoE.
  • Awọn asopọ iyara jẹ 10 / 2Mbps (10 Mbps download iyara; 2 Mbps po si iyara)
  • O maa wa nibe 5 awọn olumulo pẹlu bi ọpọlọpọ bi 15 awọn ẹrọ (ọpọ awọn kọmputa / wàláà / mobile foonu / WiFi ati be be lo)
  • Aṣoju awọn gbigba lati ayelujara beere ga ni ayo pẹlu losi sugbon kekere ni ayo-pẹlu lairi
  • Gaming/Skype/Administrative protocols require high priority with both latency and throughput
  • Ko si olumulo ni o wa lati wa ni prioritized lori awọn miran

The first and probably quickest step is to set up what RouterOS refers to as a Simple isinyin.

Mo ti sọ ṣe kukuru a akosile ti mo ti fipamọ lori mi MikroTik awọn ẹrọ lati ṣeto soke ni o rọrun queues. O ti wa ni bi wọnyi:

:fun x lati 1 si 254 ṣe ={
 /isinyi o rọrun Fikun orukọ ="-ayelujara usage- $ x" DST ="pppoe" Max-iye = 1900k / 9500k afojusun ="192.168.88.$x"
}

Ohun ti awọn loke ṣe ni iye awọn ti o pọju iyara eyikeyi kọọkan ẹrọ le lo lati “1900k” (1.9Mb) po ati “9500k” (9.5Mb) download.

Awọn akọsilẹ:

  • Awọn idi idi ti awọn Max ifilelẹ lọ ni o wa ni 95% of the line’s maximum speed is that this guarantees no single device can fully starve the connection, negatively affecting the other users. With a larger userbase I would enforce this limit further. Fun apere, pẹlu 100 awọn olumulo lori a 20Mb iṣẹ ti mo le ṣeto yi iye to si 15Mb tabi koda bi kekere bi 1MB. Eleyi ni o šee igbọkanle ti o gbẹkẹle lori bi “meedogbon” awọn olumulo ni o wa ati, bi o ba ro ero jade ibi ti ati bi Elo abuse waye, you can adjust it appropriately.
  • The ìpele “-ayelujara lilo” ni awọn orukọ igbeseô le wa ni ti adani. Ojo melo ni mo ṣeto awọn wọnyi lati tọka si awọn agbegbe ile orukọ. Fun apere, with premises named “Alpha” ati “Beta”, Mo ti yoo ojo melo fi “-Alpha ayelujara” ati “-ayelujara Beta”. Eleyi iranlọwọ pẹlu instinctively differentiating laarin awọn ojula.
  • The DST igbeseô ni o ni “pppoe” ninu awọn apẹẹrẹ. Eleyi yẹ ki o wa ni iparo pẹlu awọn orukọ ti awọn ni wiwo that provides the Internet connection.

Rii daju ti o ṣe awọn akosile lati jẹ yẹ lati rẹ iṣeto ni. Fi awọn akosile lati awọn MikroTik ati ṣiṣe awọn ti o – tabi lẹẹmọ o taara sinu awọn MikroTik ká ebute lati ìdájọ o.

In my next post I will go over setting up what RouterOS refers to as Mangle ofin. Awọn wọnyi ofin sin lati da / lẹtọ awọn nẹtiwọki ijabọ ni ibere lati ṣe finer-grained QoS ṣee.

Share
Category: random  | Leave a Comment
Thursday, September 17th, 2015 | Author:

Ìpamọ, Time, Owo

Emi ko fẹ debiti bibere. Mo ti sọ feran awọn agutan ti miiran nkankan le, ni ife, ya fere eyikeyi iye ti owo mi (daradara … ohunkohun ti o ni wa). A ẹlẹgbẹ tokasi jade ni oro pẹlu MTN yoo ti a ti yee ti mo ti a ti lilo a debiti ibere. Boya awọn “wewewe” ifosiwewe jẹ ko iru a buburu ohun.

Mo Sawon t'o ibeere nibi jẹ boya tabi ko o fẹ awọn ile itaja wewewe ati ki o le gbekele ajo (ninu apere yi pẹlu rẹ owo) – tabi ti o ba o ko ba le gbekele wọn ki o si wa setan lati forgo wipe itaja wewewe. Ni mi irú, ani tilẹ Mo si tun Ìbéèrè awọn ile itaja wewewe, Mo kọ awọn lile ọna pẹlu MTN wipe o yèkoro le jẹ inconvenient lati ni rẹ ti sopọ aye dinku si “latọna erekusu” ipo. Fere gbogbo eniyan loni lọ pẹlu awọn ile itaja wewewe ifosiwewe.

Wewewe

Ti a ba tun wo lo, bayi a igba pipẹ seyin, I had a dispute with Planet Fitness ibi ti wewewe je a ni ilopo-olójú idà. Mo royin won owo asa si awọn onibara Ẹdun Commission (niwon tun-ṣeto bi awọn National Consumer Commission) and never got feedback from them. The gist of the issue is that Planet Fitness’s sales agent lied to me and a friend in order to get more commission/money out of my pocket.

Mo wa a Awari vitality egbe eyi ti yoo fun ọpọlọpọ awọn anfani, pẹlu dinku ošuwọn lori Ere burandi – okeene ilera-jẹmọ ti dajudaju, as Discovery is a Medical Aid/Health Insurance provider. Lati fi o nìkan, Awari ti wa ni oniyi. Vitality ká anfani bo gym memberships eyi ti siwaju pẹlu Planet Fitness. You still have to pay something, a kekere àmi ti ona, Awari si, fun awọn idaraya ẹgbẹ. Ṣugbọn, lẹhinna, nwọn FẸẸ mi lati wa ni ilera, so they don’t mind footing the bulk of the bill. Ṣugbọn, nkqwe, yi tumo si aye Fitness’ tita òjíṣẹ ko si gba awọn Igbimo!

Nítorí náà, ohun ti n se yi esi ninu? Awọn abajade ni wipe PF ká tita oluranlowo fun mi ohun inflated olusin fun a “Vitality-orisun” ẹgbẹ. O si puro. O si ti mi wole lori awọn ti sami ila fun ohun inflated owo ti a “deede” ẹgbẹ (bẹẹni, o je kosi siwaju sii ju paapa a deede ẹgbẹ yoo ni iye owo), ending up about 4 ati 5 igba bi Elo bi awọn vitality-orisun ẹgbẹ.

Epiphanies

Some time in 2011 Mo nipari wisened soke to awọn owo ti mo ti ikure lati wa ni san. Awari Èmi daju yoo ko ni le ju dun nipa yi fiasco. Mo sọ fun awọn Manager ni-idaraya, ati ki o Mo ti a ti fidani wipe gbogbo guide yoo ndgbasoke. Mo wa ko ọkan fun iwa- … ayafi ti awọn oniwe-idaraya fun … ni ohun Octagon … ṣugbọn lẹhin mi 5th ibewo si awọn Manager lati beere idi ti awọn Debiti kogba won si tun ṣẹlẹ, o so fun mi o a ti ya emi kò ti mu ohun ija pẹlu mi fun awọn ibewo. Lẹhin kan diẹ diẹ ọdọọdun, awọn Manager ti kosi osi Planet Fitness ati salaye si mi pe awọn “guide” was between myself and Head Office and that the local gym, nkqwe a idibo-ara isẹ, ti kekere si ko si wipe nipa boya tabi ko o le wa ni pawonre. Ti o ba Head Office wi ko si, alakikanju orire.

By this point I’d lost it. I had my bank put a Duro si awọn debiti bibere. It was a huge schlep: I had to contact the bank every month because the debit order descriptions would change ever so slightly. It also cost me a little every couple of months to “reinstate” the blocking iṣẹ. Emi ko le ran sugbon ro awọn ile-ifowopamọ eto atilẹyin deede expressions ṣugbọn ọpá ma ko dandan mo bi lati lo o.

Technically I’m still waiting on the CCC to get back to me (kò sele – ati ti awọn dajudaju ti won ni won tun-ṣeto bi darukọ loke ki awọn irú jasi ṣubu nipasẹ awọn dojuijako). Dajudaju Of, nipa ti ojuami PF tun fe lati blacklist mi ko san fun!

The Airotẹlẹ akoni

A haphazard darukọ ti oro si Awari (Mo ro pe mo ti pè wọn nipa a ehin ibewo) yorisi ni a callback nipasẹ ọkan ninu awọn Awari ká òjíṣẹ. Won ki o si beere mi lati se apejuwe awọn isoro, ni apejuwe awọn ati ni kikọ, lati se alaye dara lati mi irisi ohun ti gan ṣẹlẹ. Mo rọ. O wa ni jade mo ti wà ọtun nipa wọn ko ni ogbon “ju dun” nipa rẹ. Ni o daju ti won gan kò fẹ o. About three weeks later, Planet Fitness refunded mi ni FULL fun gbogbo awọn ti o ti monies lailai a ti san si wọn.

Awari jẹ Awesome. 🙂

Share
Sunday, August 04th, 2013 | Author:

I had a power outage affect my server’s large md RAID array. Rather than let the server as a whole be down while waiting for it to complete an fsck, I had it boot without the large array so I could run the fsck manually.

However, when running it manually I realised I had no way of knowing how far it was and how long it would take to complete. This is especially problematic with such a large array. With a little searching I found the tip of adding the -C parameter when calling fsck. I couldn’t find this in the documentation however: fsckhelp showed no such option.

The option turns out to be ext4-specific, and thus shows a perfectly functional progress bar with a percentage indicator. To find the information, instead offsckhelporman fsck”, you have to inputfsck.ext4helporman fsck.ext4”. 🙂

Share
Sunday, August 04th, 2013 | Author:

History

Much had changed since I last mentioned my personal serverit has grown by leaps and bounds (it now has a 7TB md RAID6) and it had recently been rebuilt with Ubuntu Server.

Arch was never a mistake. Arch Linux had already taught me so much about Linux (and will continue to do so on my other desktop). But Arch definitely requires more time and attention than I would like to spend on a server. Ideally I’d prefer to be able to forget about the server for a while until a reminder email saysumthere’s a couple updates you should look at, buddy.

Space isn’t freeand neither is space

The opportunity to migrate to Ubuntu was the fact that I had run out of SATA ports, the ports required to connect hard drives to the rest of the computerthat 7TB RAID array uses a lot of ports! I had even given away my very old 200GB hard disk as it took up one of those ports. I also warned the recipient that the disk’s SMART monitoring indicated it was unreliable. As a temporary workaround to the lack of SATA ports, I had even migrated the server’s OS to a set of four USB sticks in an md RAID1. Crazy. I know. I wasn’t too happy about the speed. I decided to go out and buy a new reliable hard drive and a SATA expansion card to go with it.

The server’s primary Arch partition was using about 7GB of disk. A big chunk of that was a swap file, cached data and otherwise miscellaneous or unnecessary files. Overall the actual size of the OS, including the /home folder, was only about 2GB. This prompted me to look into a super-fast SSD drive, thinking perhaps a smaller one might not be so expensive. It turned out that the cheapest non-SSD drive I could find actually cost more than one of these relatively small SSDs. Yay for me. 🙂

Choice? Woah?!

In choosing the OS, I’d already decided it wouldn’t be Arch. Out of all the other popular distributions, I’m most familiar with Ubuntu and CentOS. Fedora was also a possibilitybut I hadn’t seriously yet considered it for a server. Ubuntu won the round.

The next decision I had to make didn’t occur to me until Ubiquity (Ubuntu’s installation wizard) asked it of me: How to set up the partitions.

I was new to using SSDs in LinuxI’m well aware of the pitfalls of not using them correctly, mostly due to their risk of poor longevity if misused.

I didn’t want to use a dedicated swap partition. I plan on upgrading the server’s motherboard/CPU/memory not too far in the future. Based on that I decided I will put swap into a swap file on the existing md RAID. The swap won’t be particularly fast but its only purpose will be for that rare occasion when something’s gone wrong and the memory isn’t available.

This then left me to give the root path the full 60GB out of an Intel 330 SSD. I considered separating /home but it just seemed a little pointless, given how little was used in the past. I first set up the partition with LVMsomething I’ve recently been doing whenever I set up a Linux box (gan, there’s no excuse not to use LVM). When it got to the part where I would configure the filesystem, I clicked the drop-down and instinctively selected ext4. Then I noticed btrfs in the same list. Hang on!!

But a what?

Btrfs (“butter-eff-ess”, “better-eff-ess”, “bee-tree-eff-ess”, or whatever you fancy on the day) is a relatively new filesystem developed in order to bring Linuxfilesystem capabilities back on track with current filesystem tech. The existing King-of-the-Hill filesystem, “ext” (the current version called ext4) is pretty goodbut it is limited, stuck in an old paradigm (think of a brand new F22 Raptor vs. an F4 Phantom with a half-jested attempt at an equivalency upgrade) and is unlikely to be able to compete for very long with newer Enterprise filesystems such as Oracle’s ZFS. Btrfs still has a long way to go and is still considered experimental (depending on who you ask and what features you need). Many consider it to be stable for basic usebut nobody is going to make any guarantees. And, dajudaju, everyone is saying to make and test backups!

Mooooooo

The most fundamental difference between ext and btrfs is that btrfs is aCoWorCopy on Writefilesystem. This means that data is never actually deliberately overwritten by the filesystem’s internals. If you write a change to a file, btrfs will write your changes to a new location on physical media and will update the internal pointers to refer to the new location. Btrfs goes a step further in that those internal pointers (referred to as metadata) are also CoW. Older versions of ext would have simply overwritten the data. Ext4 would use a Journal to ensure that corruption won’t occur should the AC plug be yanked out at the most inopportune moment. The journal results in a similar number of steps required to update data. With an SSD, the underlying hardware operates a similar CoW process no matter what filesystem you’re using. This is because SSD drives cannot actually overwrite datathey have to copy the data (with your changes) to a new location and then erase the old block entirely. An optimisation in this area is that an SSD might not even erase the old block but rather simply make a note to erase the block at a later time when things aren’t so busy. The end result is that SSD drives fit very well with a CoW filesystem and don’t perform as well with non-CoW filesystems.

To make matters interesting, CoW in the filesystem easily goes hand in hand with a feature called deduplication. This allows two (or more) identical blocks of data to be stored using only a single copy, saving space. With CoW, if a deduplicated file is modified, the separate twin won’t be affected as the modified file’s data will have been written to a different physical block.

CoW in turn makes snapshotting relatively easy to implement. When a snapshot is made the system merely records the new snapshot as being a duplication of all data and metadata within the volume. With CoW, when changes are made, the snapshot’s data stays intact, and a consistent view of the filesystem’s status at the time the snapshot was made can be maintained.

A new friend

With the above in mind, especially as Ubuntu has made btrfs available as an install-time option, I figured it would be a good time to dive into btrfs and explore a little. 🙂

Apá 2 coming soon

Share
Monday, October 29th, 2012 | Author:

It appears that, in infinite wisdom, Google have a security feature that can block an application from accessing or using your google account. I can see how this might be a problem for Google’s users, in particular their GTalk ati Gmail users. In my case it was Pidgin having an issue with the Jabber iṣẹ (which is technically part of GTalk). I found the solution after a little digging. I was surprised at how old the issue was and how long this feature has existed!

To unlock the account and get your application online, use Google’s Captcha page here.

Share