As someone who has been in charge of not only managing equipment, but specifications, and design- it’s just good sense to not always go for the cheapest product. Sometimes it works well, and sometimes it doesn’t even make it to the point of depreciation to make it a worthwhile venture. This is pretty well known- the axiom “measure twice, cut once” by doing appropriate research before purchase works quite well, but when it comes time to replace that hardware- how many times have you considered a new purpose for a device after replacement? It may still have a function to fill.

This picture above is a small project I’ve been meaning to undertake – adding a portable Ethernet/wireless repeater for use downstairs. This router was replaced recently with a smaller, feature rich unit by GL.iNet, so other than keeping it as a backup, I didn’t really have much use for it.. or did I?

It was running Advanced Tomato firmware, which worked great, but just wasn’t what I needed as it’s repeating capabilities just aren’t quite there- it’ll bridge, and it’s a decent AP, but that’s where it ends.

Having read of people bricking units, I decided to open it ahead of time, connecting a JTAG (USB to Serial) adapter so I had console access should things go wrong.

I had the unit erase the NVRAM, resetting to defaults, then rebooted, stopped it before chaining to the OS, started it as a TFTP server, and uploaded the latest DD-WRT firmware.

Now, I have nearly 100% signal strength downstairs, and a handy place to plug in wired devices if necessary. Total cost: about an hour of time, while still learning how to reuse equipment that can (barely) still be depreciated.

If you read the title, you may say “no kidding” to yourself, but sometimes we lose sight that there can be more than one way to approach a problem.

For instance, I have a car with a dead battery, and no matter how I tried to mend it with distilled water, trickle charging, discarge, etc- it just wasn’t coming back. I could trickle it up to 13v, but it was down to maybe 10v and ~85A the next day.

We all know that car batteries are expensive- most of them start at at least 3 digits ($100). I stopped by the well known auto shops nearby, and they were $120 to $160 with the core! I went searching for refurbished batteries, but nobody had Group 34 batteries available- it’s still winter and everyone else has a dead battery, too.

I stopped by Wal-Mart to get 4 quarts of Rotella 15-40W for $10 (great price), and saw that all of their Group 34 batteries were out (the cheapest of which was still $104.99), but they had Group 78.

Wal-Mart has a new “Value Power” brand made by Johnson Controls (They’re that company that makes the incredibly expensive “Optima” series). I checked the specifications on the “Value Power” 78- 600CCA, 750 above freezing. The Interstate battery I am looking to replace is 700CCA, and 800 above freezing, accordingly. Their duty cycles are nearly the same.

If you cross reference The BCI group sizes, we’ll find that they’re roughly the same dimensions- and more importantly, the posts are the same (positive is on the left when facing forward):

34 	10.30 6.80 7.90  L/H-POS
78 	10.30 7.10 7.30  L/H-POS

The dimensions, as we saw above are fairly compatible, and it even has the same little retainer “lip” for holding the battery in place.

I had already mentally measured the length of the cable under the hood when I pulled the battery (and how they mounted), which prompted me to then grab that $49.88 Group 78 battery with a pack of $2.79 “side mount charging post adapters”. The total cost? $57.27.

I was not only able to find what I needed, but I saved nearly half the expense by approaching my problem from a different direction by looking at the other resources I had available (car runs perfectly, by the way).

I haven’t written things here for ages, mostly due to the proliferation of “Social Media”, and not really finding it necessary to keep my blog “up to date”. I probably should have- alas, I did not. Thanks to the volatile nature of internet services that others control, so many pictures and writings are lost- it makes me reflect on where we’re headed as a society- but that’s ANOTHER conversation altogether.

I’ve been working on many things since my last posts- I’m managing about 100 VPS and more than a handful of physical servers as I work back into my former career of System Administration.

I figured I’d reboot my blog with an interesting implementation I’ve come up with for a very specific hosting issue.

KimSufi is an OVH company, which tends to fulfill lower-end client needs. Someone posted about the KS-3C hosts being available after being out of stock for months. What they promise is an I3 grade machine with 8GB RAM, and 2TB of storage- which isn’t a bad system at all for about $10/mo.

Having a KS-1 (2GB Intel Atom based machine with 500GB HD), I’m aware of the network issues and limitations at Kimsufi (you’re not given console access, and you’re stuck with using their rescue network-boot to install your operating system of choice). This is a bit of an issue to work on initially, but you get used to checking your work twice. :)

A couple weeks ago I got tired of Debian on my KS-1, so I ended up virtualizing KVM on the system, and using the local hard disk as my “scratch space”. Long story short- I did an install of OpenBSD through the rescue media, giving this lower end machine a bit more security with less overhead.

When I received my notification that I got the KS-3 setup, I logged in to find I was actually given an I5 CPU, and 16GB of RAM! This is a very beefy system, and it would be a shame to waste it as a nameserver alone.

I decided that I wanted to virtualize this system, but I did not want to use the built-in mactun/libvirt hosting, as it does it’s own virtual DHCP with port translation- but without a lot of work, it’s intended to be temporary.

I setup the primary ethernet interface as a bridge, and that’d be all I needed to do if I wanted to run in public IP space. Kimsufi will not give you a second IP address- they tell you to upgrade to the SoYouStart network if you need more than one.

Not a problem! I created a secondary bridge tied to NO interfaces, and assigned my KVM to use that bridge interface, having given it it’s own MAC address (which is the simplest and most appropriate way to handle virtual machine interfaces):

iface br1 inet static
	address 192.168.x.Y
	network 192.168.x.0
	netmask 255.255.255.0
	broadcast 192.168.x.255
	bridge_fd 9
	bridge_hello 2
	bridge_maxage 12
	bridge_stp off

$virt-install --connect=qemu:///system --name=OpenBSD-DNS1 --ram=2048 \
 --vcpus=2 --cpu Nehalem,-invtsc --description "Virtual OpenBSD \
DNS server" --os-variant=openbsd4 --boot hd,network,menu=on \
--disk  /var/lib/libvirt/images/openbsdns1,size=20,sparse=false,\
cache=writeback  --network=bridge=br1,model=virtio, \
mac=xx:xx:xx:xx:xx:xx --video=vga --graphics \
vnc,listen=0.0.0.0,port=5959,password=x.x.x.x,passwordvalidto=Z \
--autostart --noautoconsole

Now, all I had to do was setup the host to forward the packets to itself and forward NAT from br1 through my primary interface/bridge, br0

$iptables -t nat -A POSTROUTING -s '192.168.x.0/24' -o br0 -j MAS
QUERADE

Opening VNC to my public interface on the given port dropped me right into my new KVM, so I was able to configure and install OpenBSD.

Finally, I setup forwarding for port on my external IP (gateway/host) machine to go to my virtual internal OpenBSD installation:

$iptables -A PREROUTING -t nat -i br0 -p tcp --dport 53 -j DNAT \
--to 192.168.x.y:53
$pptables -A PREROUTING -t nat -i br0 -p udp --dport 53 -j DNAT \
--to 192.168.x.y:53
$iptables -A FORWARD -p tcp -d 192.168.x.y --dport 53 -j ACCEPT
$iptables -A FORWARD -p udp -d 192.168.x.y --dport 53 -j ACCEPT

Note that the above isn’t taking full advantage of the system I have in place. What I’ve actually done is setup unbound as a caching authoritative-only DNS proxy on the external interface, which allows me to keep my actual zone data off of the machine which is open to the public for queries. I’ve now got my DNS service running on a virtual machine on the KS-3C, and am exposing no other part of the embedded system to the internet at large.

Now, what do I do with the other 3 vCPUs and 12GB of RAM?

Although I haven’t felt like sharing much over the last few years, I’ve recently rebuilt the site to redirect any URLs to the HTTPS (SSL) service, utilizing a “Let’s Encrypt” X3 key.

This ensures that anything you lookup is not being sniffed, or altered- between your computer and my server. It’s highly pointless in this case, but I support the idea of all HTTP traffic moving to a stronger, secured service (as well as SMTP, et al).

Yes- I’ll be the first to admit that it has been awhile.

I’ve all but abandoned my blog. Heck, that mushroom on top? That has been there since February, 2006 (happy almost anniversary), and only a few pages back take you to 5 years ago on my posts here- even though the software, and my development systems have changed since then, even if the format here has changed relatively little in ten years.

I have plenty of projects to work on, and various different venues of work- but nothing I really have to say regards any bit of that, or my life. Work doesn’t need to be discussed; private life shouldn’t be discussed- even if there is nothing to discuss (keep note of this, kids – I’m still finding some strange posts over NNTP that weren’t (all) mine two+ decades past).

I’ve tried social media beyond the blog a few years ago, but I’m just too old to bother- It was an amusing experience then, and it was amusing to play the part of a rude “disk jockey” as the format allowed- but I really just don’t care to be a party to that mindset.

I’ve got so many new ventures to work on, and protocols and standards to learn still! I’m still doing what I always do- only tenfold!

Since the last blog posts:

• I’ve learned different Trionic 5/7 codes and how to set/reset them.
• Bought a Tech II, and use it for my own needs (and to help others), and a D610 supplemental system for WIS/TIS.
• Completely rebuilt a junker 2006 9³ internally and externally. I thought I’d part it initially- but it only needed a bit of love (a few months, eBay, and Pick-n-Pull); It ended up going to the folks- and it has somewhat turned them into SAABophiles, too (Well, at least one of them).
• I’ve moved into various different hardware and software platforms- ARM the most recent – Atmega328 & BCM2835 (but not the most recent). I’ve done Node.js, dealt with Drupal, and fixed PHP4 (really PHP3) systems to work with semi-current libraries and PHP5/6 builds.
• Learned to repair and rebuild various different eBook systems (Proprietary- Nook, Kindle, Sony, Android), including hardware, bootstrapping over USB, and system mods to get different Linux based distributions to run with higher freedom.
• While working on and learning various Android systems, added the majority of Smartphones to the above list.
• Oh- I converted my H7 headlights to LEDs, but that was barely a task beyond keeping CANBUS happy.

Like I said, it’s been awhile. Time goes on as life goes on- You’ve got the means to contact me if you care to.