Server issues

shiningsilence.com suffered a disk failure early this morning.  I’ll take the opportunity to set up a new machine, given that my local backup drive hasn’t been mounted and my remote backup went offline, in a horrible coincidence.

The disk is up and limping, which is why you can read this, but I’m still rebuilding.  What motherboard/CPU/RAID/etc. parts do people recommend?

Switching to dports software

I changed shiningsilence.com over from pkgsrc to dports over the last 48 hours or so.  Here’s how it went, in a series of bullet points:

  • I had to download dports source and build the pkg tool by hand; since this system was upgraded from DragonFly 3.2 to DragonFly 3.4, pkg wasn’t automatically present as it would be for a new installation.
  • I took the output of ‘pkg_info’ and culled it down to the applications I knew I used, and that formed my ‘to-install’ list for dports.  That worked in a very straightforward way.
  • It took so long mostly because of two things: I was also dealing with an email problem at my workplace, which usually took precedence.  Also, I had several applications that I had previously installed by hand and needed to reconfigure to work as a dports item.
  • Installing from binaries is really fast!  Really, the dports part of this was possibly the most brief.
  • The only thing I needed to compile from source was php, in order to get the Apache plugin.  I’m sort of surprised the option isn’t on by default.
  • Using ‘pkg search packagename’ is a good idea, because ‘pkg install’ can pick up multiple versions of a package.  e.g. ‘pkg install mysql-server’ selects mysql-server51, mysql-server55, and mysql-server56.  You probably don’t want to install all three.  Or even one, depending on your opinions.
  • Overall, it went more easily than I had expected, given it only had half of my attention.

a pf question on VoIP

I have a pf question for anyone who is interested.  I have this setup in my /etc/pf.conf, to prioritize my VoIP link.  (this system also does NAT.)

extif="em0"
intif="nfe0"
ipphone = "192.168.0.101"
altq on $extif cbq bandwidth 768Kb queue { std, voip }
queue voip bandwidth 168Kb priority 7 cbq(borrow)
queue std bandwidth 600Kb priority 1 cbq(default)
nat on $extif from $intif:network to any -> ($extif)
pass in quick on $intif proto udp from $ipphone to any tag VOIP_OUT keep state
pass in on $intif from $intif:network to any keep state
pass out on $intif from any to $intif:network keep state

pass out on $extif tagged VOIP_OUT keep state queue(voip)
pass out on $extif inet proto tcp all modulate state flags S/SA queue(std)
pass out on $extif inet proto { udp, icmp, gre } all keep state

When I run this, ‘pfctl -s queue’ shows most of the data getting run through the ‘voip’ queue.  I unplug the ATA, I still see the number of packets going up.  It seems packets are getting tagged that shouldn’t be, but I’m not sure why.  Anyone else have a similar – but working – setup?

Update: it was the underscore character in the tag.  Everything matched it, it seems.  Removing that made it work as expected.

 

A favor with xorgs and DPorts

If you have a DragonFly 3.3 system with DPorts, can you install xorg, then ssh -Y from another machine to there, and see if you can remotely run an X program like xterm with local display?  I’ve done this twice on two different machines with DPorts and it won’t work.  xorg won’t write the security info to ~/.Xauthority, with ssh or xhost or whatever.   It’s driving me crazy.

(Yeah, slow news day.)

Outage fixed

The Digest was down over the last 12 hours or so – sorry!  Upgrading this system took a bit longer than planned.  I upgraded to Apache 2.4, and had to figure out all the config changes, and several packages didn’t like upgrading.

I’ve resisted upgrading for a long time, mostly because I think I could recreate the entire Apache 1.3 config file layout from memory.  For the benefit of anyone else, this checklist of Apache errors and corresponding modules helped tremendously.  Also, pkg_leaves is a great, if minimal, way to find packages you don’t need.

Whoops

I lost Internet access because of Hurricane Sandy, and couldn’t get my machine to recover until I power cycled.  I think it’s because my external IP changed, and pf doesn’t seem to handle that well for NAT or just in general.  The recommended fix, putting the interface name in parentheses, doesn’t seem to work.  Anyone have advice?

Down and up again

Whoops – shiningsilence.com may have been down for a while there; I was on the road for work and pf was confused by an IP change.  Sorry!  I’ll have more posts as soon as I get through the backlog.

Do you blog? Write? Post? Tell me!

If you’re involved in application development or BSD development in any way, and you write about it somewhere on a personal blog or page or publication, please let me know.  (justin@shiningsilence.com)

My goal is to point out as much interesting development as possible, and I find that getting notes right from the people that make them is the best way.  Trade publications and magazines will skip over that stuff and go to the press releases, but that doesn’t work for BSD.  I’ve found better, more interesting writing watching Peter Hansteen’s blog or Trivium.  If you have someplace you write about technology, and especially BSD-related development, please point me at your RSS feed.

Ads off the page

I removed the Google ad off the sidebar; it was making me enough cash to buy a sandwich on a yearly basis.

I’ve replaced it with a link to my Amazon wishlist.  If you’re feeling generous, you can buy me a book!  If you aren’t, you can just keep reading, and I’ll keep posting.

Proper credits

Samuel J. Greear has been posting news while I was off somewhere in Lake Huron.  I didn’t fix it to show proper credits, for which I apologize.  He’s done a wonderful job, however, and his name is now shown correctly on his posts.

I now get to actually read the past week’s Digest for recent news, for the first time ever.