Xaero.org

Recently I was mucking around with some stuff on my FreeBSD laptop (7.2) and caused my system to lock up completely. Not thinking much of it, I rebooted the system and everything seemed normal. I went about my business and needed to install some software. I tried to ’su’ on the system (sudo wasn’t yet installed) and got the message “su: who are you?”. Ugh… I took a look at my ‘/etc/passwd’ database and found that it contained parts of ‘/etc/resolv.conf’ and a lot of gibberish. Looks like UFS’s lack of journaling struck again.

Just for grins, I tried to change my password using the ‘passwd’ command and got the same message. After a few Google searches, I ran across the pwd_mkdb command. The man page for this command points you towards ‘/etc/master.passwd’ but again, in my case, it was corrupted. Ugh.

Since I’m an avid user of FreeBSD, I have plenty of systems from which I can copy the password database. So, fingers crossed, I booted my laptop into single user mode and copied the master password database over on a USB flash drive. I then issued the ‘#pwd_mkdb /etc/master.passwd’ command (I copied over the corrupted master password database) and it didn’t return any errors. Fingers still crossed, I rebooted and was pleasantly surprised to no longer see all the “unknown user” messages. After successfully logging in as root, I was able to change my passwords back to what they were using the regular ‘passwd’ command. Whew!

Now that I’ve switched to Gentoo Linux, I had to learn a few tricks about getting my favorite software installed. One application I can’t live without is GNS3, or the Graphical Network Simulator. It allows you to easily simulate a network of Cisco routers in an easy to use, drag and drop interface. I’ve used it to study for a number of Cisco certification tests (and pass them too!) and it really helps. If you have access to a few IOS images that Dynamips supports, I encourage you to install GNS3 to simplify your studies.

Getting GNS3 installed under Gentoo Linux takes a little more work since Gentoo is a source distro (you have to compile the software yourself) but is well worth the effort.

Read on and find out how to get GNS3 working in Gentoo Linux!

Finishing out my Cisco studies (for now), I’ve finally passed the Cisco MPLS (642-611) exam. I have to say, this exam is probably the hardest Cisco exam I’ve taken to date. It even made the QOS exam seem easy. As usual, the easiest way to pass is to know the topics cold. In addition to the test topics, here’s what I recommend knowing:

• MPLS Fundamentals
• Intricacies of MPLS VPNs
• Differences between different types of Internet access
• Configuration of all MPLS topics

By fundamentals, I don’t mean just knowing that LDP runs on TCP port 646. You’ll want to know the nitty gritty details about cell mode and frame mode differences, exactly how labels work, and how labels are distributed throughout the network, among other things.

MPLS VPNs are pretty complicated topic, with such topics as VPN label stacks, route targets, and address families. Knowing those topics, as well as knowing redistribution and how the various routing protocols are configured will help you get past the finish line.

For some reason, Cisco documentation on MPLS Internet access is a bit sparse. I can’t really recommend anything other than picking up a good book on MPLS. Ignore the recommended Cisco Press books; they’re horribly out of date and are priced like they just came out. I recommend both the MPLS Fundamentals book and the MPLS Configuration on Cisco IOS books.

Lastly, you need to know the configuration topics like the back of your hand. To learn them, you’ll either want access to a rack of routers (and ATM switches if you’re lucky) or you can use something like GNS3 and dynamips. This is where the MPLS Configuration book really shines. Aside from teaching you all the basic topics, it also shows you how to configure all the advanced stuff. When you can configure advanced MPLS VPNs such as central service MPLS VPNs without referring to any material, you’re probably good to go. Don’t forget about managed MPLS VPN services like ODAP and NAT.

Overall, the test isn’t impossible but it’s no walk in the park. With plenty of book study and hands on time on some routers, test day should turn out successfully.

I have to admit, I’m a bit of a glutten for punishment. For some reason, I actually enjoy the challenge of lesser-known distributions. While I’ve been taking a good hard look at FreeBSD and how it might meet my needs, it is still lacking several key applications I rely on: VirtualBox (yes, it’s in ports, but have you actually gotten it to work? I haven’t) and the  Adobe Flash player (tried gnash, didn’t work. Adobe won’t cough up an amd64 FreeBSD player). Granted, these are minor hiccups but other things are also keeping me from using FreeBSD on my main desktop.

To that end, I’ve been happily using Debian Lenny. It’s nice because it generally works on anything you throw at it and the apt utility can’t be beat for software management. Apt can also be a royal pain in the ass. I tried for hours to get it to play nicely and install mplayer with the codecs I wanted but there seemed to be a “stuck” package on my system that wouldn’t upgrade. My other annoyance with apt is that applications aren’t always updated as fast as they should be. The main one that comes to mind is Pidgin, the IM client that connects to all the different messenging networks. Again, I wrestled with apt for weeks, trying to get the latest greatest version of Pidgin without having to move over to Sid. I even tried using the backports repository. Still no dice.

That’s when I started thinking about FreeBSD again. I’ve been using it successfully on a new laptop I’ve got (article on that to follow at some point) but there my requirements are much less. So then I thought about Gentoo. Gentoo has all the Linux goodness and a system called portage that isn’t unlike the FreeBSD ports tree. In fact, portage was inspired by FreeBSD’s ports system! So I set out to install Gentoo on my main desktop box.

I’ve got fairly vanilla hardware so I was sure that it was all supported. (specs: Intel Core2 Quad Q6600, 6 GB PC-8500 RAM, 2x 1 TB hard drives (one for backup), EVGA Geforce 9500 GT, Intel Pro/1000 NIC, Gigabyte EP45-3DSL motherboard, Logitech USB mouse and keyboard) I was happy to see that I was right. I simply burned a CD of the weekly minimal installer CD and booted up. Gentoo is interesting because unlike most other distributions of Linux, you aren’t confronted with a happy graphical installer. Nope, you get dropped to a root prompt and have to go from there. Fortunately, the documentation is impeccable and very easy to follow. To take full advantage of my hardware, I followed the AMD64 guide, located here. I was lazy when I installed and opted to use Gentoo’s “genkernel” package to build my kernel for me. I may trim down my kernel at a later point and remove all the junk that’s not needed. After about 45 minutes, I had a bare system up and running.

The fun part is deciding where to take it from there. Since I’m using this machine as a desktop box, I installed Xorg and my current favorite window manager, XFCE. Like FreeBSD, Gentoo compiles all software from source code so you can really take advantage of your hardware. Unlike FreeBSD, however, Gentoo’s portage system is a lot easier to use. Instead of drilling down the ports tree to find what you want, then issuing a “make install clean”, you simply use the ‘emerge’ utility. This is as simple as “emerge –search <someapp>” to search for something and then “emerge <someapp>” to install it. emerge is definitely more powerful than that (I’m using it to update my entire system as I’m writing) so it’s well worth either looking at the man page or the online documentation.

I did run into a few kinks along the way. After having a base system installed along with XFCE, I wanted sound so I can listen to some tunes while working. Since genkernel pretty much gives you a kitchen sink kernel, ALSA support was already in the kernel (which by the way, is how it’s supposed to be moving forward I’m told). The only thing I had to do was to emerge the alsa-utils port so I’d get the mixer app and startup scripts. Documentation for that is located here.

The other kink I ran into was the need to dual boot that other OS. Yes, I still play the occasional game here and there but by and large, my days are spent in Linux doing stuff. The grub section under the installation guide is helpful, but not in a case where you’ve got Windows installed on a different drive. The problem is that Windows wants to be on the first drive and can’t fathom why you’d want to boot into any other OS. To remedy this, I added the following information to my grub.conf file:

title Windows XP
        rootnoverify (hd2,0)
        map (hd0) (hd2)
        map (hd2) (hd0)
        chainloader +1

In my case, my Windows drive is the third physical hard disk installed (the first being the Linux installation and the second being the backup drive). Remember,  in Grub-land, hard disks start at zero. Since Windows doesn’t like not being the first drive, you have to trick its boot loader into thinking it is. This is where the map commands shown above come in handy. The last line just tells grub to seek 1 sector from the start of the partition (usually the boot sector).

So far I’m really impressed with Gentoo. I no longer have to worry about conflicts (emerge takes care of it for you) or outdated packages (emerge builds the latest/greatest depending on your system profile). My system is clean, has only what I actually use, and I have a far more thorough understanding of what’s going on. What’s not to like??

I SSH between my many computers several times in the course of a day. Today when I went to SSH to my web server I couldn’t quite figure out what was wrong. I could ping the IP address but SSH just didn’t want to work. I tried restarting the SSH daemon and when that didn’t work, I rebooted the entire box. After it still didn’t work, it finally hit me: I forgot to renew my domain name and it was set to expire on July 17th! To confirm, I did a simple dig lookup:

; <<>> DiG 9.4.2-P2 <<>> xaero.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46405
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 20 13:08:14 2009
;; MSG SIZE  rcvd: 124

Oops!! Needless to say, I very quickly renewed my domain name and within a few short hours my nameservers were happily serving up DNS again. Thankfully my registrar provides a grace period for renewing expired domains so they don’t immediately get thrown back into the available pot. Next time I’ll stamp a sticky note on my forehead.

I’ve been looking for ways to improve the performance of my web site. Now that the biggest hurdle (MySQL) has seen dramatic improvements on FreeBSD (see article here), the only other hurdle really is PHP.

With a few quick Google searches, I found this article. The author details several of the tools needed to improve Wordpress performance, but the one in general that helps seems to be eaccelerator, a PHP cacheing extension. I’ve noticed a dramatic improvement in performance so far. So what do you think? Is my site any faster?

No, I didn’t fall off a cliff. Been busy with lots of stuff:

• Passed the CCDP ARCH test and became a CCDP on April 25th!
• Lots of house remodeling projects
• Working on my final Cisco test (for now : ), the MPLS exam
• Various other sundries

On the FreeBSD front, I found an old 250GB SATA drive and installed it in my current rig as the only drive (just to be sure I don’t screw something up). Not surprisingly, rebuilding the kernel and world with the latest 7.2 Release is quite snappy as compared to the Thinkpad T40. I was pleased that the Nvidia driver in ports worked without a hitch though it has no 3D acceleration whatsoever. For that you need Nouveau. I went my usual install route: install the minimal FreeBSD distribution, build world and build kernel, build Xorg from ports (including mouse, keyboard, Nvidia driver, and vesa driver for backup) with HAL support, build some sort of window manager (Fluxbox is my current favorite), install a shell (I’m torn between bash and zsh), and install Firefox 3. The entire process took about an hour and a half.

All of my hardware either worked out of the box or worked after a few tweaks but I used the i386 version of FreeBSD, not the AMD64 version. Before I built HAL, I had to use a PS/2 keyboard in order to actually install. Either I missed something or USB hotplug support isn’t there out of the box and needs to be added to rc.conf. I was pleasantly surprised to see that my Blackberry was recognized when I plugged it in. It didn’t automount or anything but it was neat to see it get recognized. I’ve yet to get it to work, but there is a ports version of barry available. Barry is a little rough around the edges but I was able to back up my Blackberry Curve 8320 to my Linux box with it.

It seems like FreeBSD is maturing and quite rapidly. Now that VirtualBox is coming for FreeBSD, the only barrier left is either getting a native 64-bit Flash plugin/player or for Gnash to mature rapidly. I tried Gnash on i386 FreeBSD and it works, but only part of the time.

I still watch with a bit of wonder and amazement at the effort that goes into an Open Source operating system and applications. That the developers can get their projects working with little or no support from hardware vendors is nothing short of amazing.

Not too long ago I wrote a how-to article on how to get FreeBSD 7.0 working on my IBM Thinkpad T40. Among other things, I omitted a section on getting proper video drivers working. The graphics chip is an ATI RV250 (Mobility 9000). This means the driver you should use is the ‘radeon’ driver. Use ‘pciconf -lv |grep ATI‘ to see which chip you’ve got. After toiling a bit with it, I figured out how to get the Open Source ATI drivers working.

Because I want to generally keep my systems pretty current, I recently installed FreeBSD 7.1 on my T40. It’s important to know that the FreeBSD project generally breaks up development into three separate releases, namely CURRENT, STABLE, and RELEASE, in order of most bleeding edge to most stable. After building Xorg 1.6.0, I tried to start an X session just to see if I would get the ugly TWM desktop. To my surprise I got just a black screen but that was it. Even more surprising was that the usual “three finger salute” (ctrl + alt + backspace) didn’t kill my X session. I then hit ‘alt + F2′ to log into another vty and manually kill off X. Here’s where the fun began. It killed more than X; it locked my entire machine up. I continued futzing with my xorg.conf, kernel modules, and locking my system up for a good hour. I then threw in the towel and wound up asking a friend who’s a FreeBSD developer WTF was going on. I learned a few interesting facts:

• The DRM code in 7.1 was more than 2 years old
• It is not necessary to manually load or pre-load any kernel modules for video
• X.org should work well with ATI graphics cards (but the amd64 release may not work) since the ATI driver model has had substantial structural changes to it.

On the first point, there’s two ways around the old code: Either download/burn/install the FreeBSD 7.2 release candidate or rebuild world. Since I’m a glutton for punishment, I decided to rebuild world. It’s not actually that hard, just time consuming. Use the ‘csup’ utility to grab the entire CVS source tree from your nearest csup server and follow the directions listed here to rebuild your system using the RELENG_7 tree.

The second point is easy enough. There’s no need to add anything to your /boot/loader.conf file in order to get X working. X.org will load any necessary kernel modules when you type ‘startx‘. As an interesting aside, I actually locked my system up when attempting the unload the radeon.ko kernel module when I had learned that preloading isn’t necessary. Doh!

Once you’ve rebuilt your system and are running 7.2-STABLE, it probably wouldn’t be a bad idea to rebuild your installed ports. This isn’t necessary per se since X.org should work without even building a config file, but it is a good step, just to make sure everything is up to date. I use the portupgrade utility located in /usr/ports/ports-mgmt/ with the following: portupgrade -aRr. That should upgrade all outdated ports recursively as well as recursively rebuilding dependencies.

I’ll expand on the last point a bit. ATI has been much more generous with contributing documentation to the Open Source community than Nvidia. In fact, Nvidia hasn’t contributed anything other than a proprietary driver for Linux and FreeBSD, though there’s a project called Nouveau which aims to build an Open Source Nvidia driver. Because of this, FreeBSD has an Open Source ATI driver (/usr/ports/x11-drivers/xf86-video-radeonhd and usr/ports/x11-drivers/xf86-video-ati) and using the old proprietary fglrx driver is no longer necessary. There’s one hiccup to this though. The driver has to be re-worked every time a new ATI chip comes out. To solve this, ATI is moving towards the same unified driver model Nvidia has used for years and taking it a step further. They now have an Open Source BIOS abstraction layer called ATOMBios. The idea is to make it easier to more rapidly deploy drivers for new graphics cards. Read all about that in this article. Bravo ATI!

By the time you finish reading this, your ports should be up to date and you should be able to use hardware accelerated ATI drivers on your Thinkpad. I’m running XFCE4 on my Thinkpad and it’s causing me to reevaluate the old “FreeBSD vs. Linux” question. Maybe I’ll spend a little more time working on the other parts that I overlooked in my article.

Enjoy!

I know, I know… why am I using a proprietary Unix after singing the praises of Debian GNU/Linux and dumping Mac OS X? Why the heck not? I love tinkering and experimenting with stuff. Besides, it wasn’t terribly difficult to get Linux working on my Sun Ultra 1 Creator.

So why bother with proprietary Sun hardware at all? Because it’s CHEAP and loads of fun to tinker with. Since the dot com crash of 2000, there’s a plethora of Sun hardware to be found at very reasonable prices. My Ultra 1 Creator listed for $27,000 when it first came out in 1996 but I got it for FREE on Craigslist.

Since I got this machine free off Craigslist, and it did come with all the Solaris media (and then some), I have tinkered with it in several ways. When I first brought it home and booted it up, it had the 64-bit version of Solaris 9 on it. I’ve never really cared for Solaris (some call it Slowaris) so the first inclination was to install FreeBSD. I got that installed without any problems, including X.org, etc…  Yawn. Now on to Linux. My first inclination was to try Gentoo but I gave up on it since I couldn’t get the kernel to compile no matter what I tried.

Next I looked around to see which other Linux distros support UltraSPARC hardware. Since I’m particularly fond of Debian, I naturally jumped in that direction. Getting the current stable (Etch at that time) Debian CD to boot turned out to be a major drag since it would continually freeze when trying to load the SCSI driver, a known bug in the installer. For kicks, I decided to see if a network boot would get me where I wanted to be. Sure enough, after setting up a RARP and TFTP server, the installer went flawlessly when using the Debian “Testing” image.

But even that got boring. So now I decided to get Solaris installed again. Not only that, I want to get the 64-bit kernel booting. It turns out this is more of a challenge than I thought.

To begin, I put the Solaris 9 installation CD in the drive and boot up. If you’re wondering why I don’t use Solaris 10, that’s because it isn’t supported on such old hardware. The first hiccup I run into is the screen warning me that a 64-bit OS is installed but that the installer will boot into the 32-bit SunOS kernel. Not a big problem. When I see the “Initializing Memory” screen, I hit Stop + A to drop to an Open Boot PROM screen. At the “ok>” screen, I type “boot cdrom kernel/sparcv9/unix” and hit enter. Sure enough, it boots the 64-bit kernel.

Now for the next hiccup. When the installer starts, you eventually wind up in a small xterm-ish console and it asks you if it can repartition the hard drive so it can place some temporary installer files on the hard disk. Most users of modern operating systems have come to expect that the OS will just ask you if it can erase what’s already there and move on. Not so with Solaris. It will warn you that it can’t partition enough space from the available free space on the drive. So now what?

I wound up bailing out of the installer with a Control + C and got dropped to a root prompt. Remembering another time I had to use a new disk in Solaris, I entered the format command to start that utility. I formatted the drive, gave it a label and rebooted. This time it worked. However, when I got to the section of the installer where you actually install the Solaris software, my CD drive starting acting up so I couldn’t complete the install. I’ll come back to it later I suppose. I guess free hardware comes with a price?

Not bad for his first month in office. Hugo Chavez would be proud:

• The Dow at a 10-year low.
• A tax cheat running the IRS
• Another tax cheat as the Chief of Staff
• A trillion-dollar plus federal deficit
• Over one-half of voters relieved of any federal tax liability
• Government mandated limits on executive compensation
• Three failed attempts and still no Commerce Secretary
• Tom Daschle rides his free limo into the sunset – after paying taxes he evaded.
• The White House performance czar turns out to be a tax cheat also
• Lobbyists hired to work for the Obama Administration
• The census gets politicized
• Double government spending in one year
• The word “freedom” fades into obscurity
• Increasing home loan mortgage rates across the board
• Millions of Americans made dependent on government
• Moving unionization-by-intimidation forward
• Welfare checks become “tax cuts.”
• Illegal aliens free to work on taxpayer-funded “stimulus” projects
• Welfare reform reversed, states ordered to increase welfare roles
• Move to silence critical talk radio shows
• Selling Senate seats
• Obama books in religious sections of book stores
• More government workers, not private sector jobs
• A government bureaucracy to intrude on doctor/patient relationships
• Stage set for medical services rationing
• Annual welfare checks for middle income families

Hey, you voted for him and the media made him out to be a God even though the only thing he’s accomplished as an adult is writing two racist books. You get what you pay for. Thanks to Neal’s Nuze for the list.

Now that I have your attention, let’s compare the U.S. to Argentina…