League of Legends Friends List and Smoothwall

Recently I’ve have been playing the great game League of Legends but my friends list has not been working. After dealing with the problem for several weeks, I’ve finally found the issue.

I use Smoothwall for my router, and as Smoothwall users may know, it has a niffty IM proxy feature. Well, after playing with some settings, I discovered that the IM proxy blocks the League of Legends friends list and chat. So if using the Smoothwall IM proxy and wondering why the friends list in League of Legends in broken, try turning off the proxy.

Intel D945GCLF2 and Surround Sound on Gentoo

I while back I purchased an Intel D945GCLF2 motherboard to play with. This board features the dual core Atom 330 processor in a nice mini-ITX form factor. I’ve recently set this up as a media center PC, running Gentoo and XBMC. I’ve been quite happy with its performance in this role, but there was one thing that seemed missing… surround sound. The board only has the standard line in, line out, and mic jacks on the rear panel, but on Intel’s website, they claim it supports 5.1 surround sound. The snd-hda-intel kernel driver only provided 2 channel audio to my ALSA system. The user manual for the board was not much help either:

Intel Desktop Board D945GCLF2 has a 6-channel (5.1) onboard audio subsystem that includes a Realtek ALC662 audio codec.
The audio subsystem features:

  • Intel High Definition Audio interface
  • Advanced jack sense, for the back panel connectors, that enables the audio codec to recognize the device that is connected to an audio port and retask the connector via the audio driver.
  • Back panel audio connectors that are configurable through the audio device drivers:
    • Line in/retasking jack
    • Line out/retasking jack
    • Mic in/retasking jack

I’m not sure how this board behaves with the Windows driver, but needless to say, jack auto detection did not work in Linux. Some searching provided an answer: the kernel driver needs to be configured by ALSA to set the jacks to 6 channel mode. Adding this to the end of /etc/modprobe.d/alsa.conf did the trick:
options snd-hda-intel model=3stack-6ch-dig

With the driver now set, make sure that alsamixer is set to 6 channel audio. The last item in alsamixer for me switches between 2ch and 6ch, so be sure to set it accordingly.

This post on the Ubuntu forums led me to the solution: http://ubuntuforums.org/showthread.php?t=1072792

Network Bonding in Gentoo

I’ve been trying to find a good use for the second network adapter in my fileserver, and what better than to increase the throughput to the network. Using something called bonding, its possible to combine two physical network adapters into one logical bonded adapter. Using a bonded adapter provides several advantages such as fallover should one network fail, but more interesting for me, increased throughput.  There are several different methods that one can use to bond the adapters together.  The best way to double the throughput of the bonded adapters is to use the IEEE 802.3ad protocol, however this requires support on the switch.  802.3ad support is generally limited to managed switches and is not supported on my unmanaged Netgear JGS516. The next best thing is to use a special mode of the bonding driver in Linux, called balance-alb.  The other modes supported by the kernel bonding driver allow things such as fallover.  I’ve been told that the following method does not work with all network adapters. Specifically, the driver needs to be able to change the MAC address on-the-fly, which is not supported in all drivers. I can say that it works with the r8169 (Realtek) and the Intel drivers (e100, e1000, etc.). This post is written with Gentoo in mind but should apply to other distributions.

First thing you need to do is enable bonding in the kernel.  Be sure to compile it as a module since we will need to pass arguments to the module when it is loaded:

Device Drivers ---> Network Device Support
<M>   Bonding driver support

Now set the module to be loaded at boot:

# nano /etc/modules.autoload.d/kernel-2.6
bonding mode=balance-alb miimon=100

The two options above are important. The balance-alb (adaptive load balancing) specifies what bonding mode to use.  There are several different options available here, but balance-alb provides the functionality I want since my switch does not support 802.3ad bonding.  The second option, miimon=100, tells the module to use mii-tool to check if the network adapters are up every 100ms.  This provides the fallover should one adapter fail.

Now emerge ifenslave, a userland tool to bond the interfaces:

# emerge -av ifenslave

Next, we need to configure the network interfaces:

# nano /etc/conf.d/net
slaves_bond0="eth0 eth1"
config_bond0=( "dhcp" )
config_eth0=( "null" )
config_eth1=( "null" )

This bonds eth0 and eth1 to form the bond0 interface.  You can bond more than two adapters as necessary.  The bond0 interface is configured to use DHCP to automatically obtain an IP address.  The config_eth0=( “null” ) lines prevent the individual adapters from getting an IP address since we only want bond0 to get an IP.

Now lets create the startup script, have it start automatically on boot, and remove the individual adapters from starting at boot:

# ln -sf /etc/init.d/net.lo /etc/init.d/net.bond0
# rc-update add net.bond0 default
# rc-update del net.eth0
# rc-update del net.eth1

That should be it, reboot, and you’ll now have bonded adapters.  I used a program called netio to measure my network speeds.  Prior to bonding, I could read at about 60-80MB/sec from the fileserver over a gigabit network.  With bonded adapters, that increased to about 120-150MB/sec, quite an improvement!  Write speeds saw a significant improvement as well.  Note that many hard drives will not be able to read/write at the same speed as the network adapter.  So if your adapter can push out 150MB/sec, it doesn’t help you if your hard drive can only read at 60MB/sec.  Internally, the RAID 5 array in my fileserver can read at up to 250MB/sec using hdparm, so the array can more that keep up with the bonded adapters.  If you have an older computer with dual 10/100 adapters, bonding can give you a nice boost to throughput that most hard drives will still be able to keep up with.

References and additional information:

Boost Reliability with Ethernet Bonding and Linux

Tips and Tuning for Ethernet Bonding With Linux

Gentoo Linux Documentation — Modular Networking

Gentoo as VirtualBox Guest

For a while, I kept an old 733MHz computer in my rack to use as a test box, where I could play with various software without needing to worry that what I was doing could cause problems for my desktop.  I have not used it in a while, but I decided that having a physical test machine is unecessary for what I generally want to test.  So I decided to create a set of Gentoo virtual machines in VirtualBox (version 2.2.2) so that I could run software in an isolated environment and easily be able to start again from a clean state if necessary.  Following the article on the Gentoo Wiki was helpful, but was not complete.

The first issue is the naming of the hard disk block device.  The minimal live CD detects the drive as /dev/hda however, using the driver suggested in the wiki will detect the drive as /dev/sda.  This is not a big problem so long as you make sure to use sda in /etc/fstab and in the GRUB configuration.  I’m sure there is a reasonable explanation for why this happened, but this was the simplest solution that I could think of.

Now that I have a basic, clean Gentoo install, I make two copies.  The first is a backup of the virtual machine without any extra programs installed.  This will let me install any program from the state of a brand new Gentoo install.  The second, copy is the same as the first, but with the addition of X and XFCE, so I can play with graphical programs without compiling X every time.  Virtualbox supports creating snapshots of the virtual machine hard drive, so I can revert the machine to the last state before the software I’m testing was installed.

Now that everything is working, it’s time to start testing.  First up will be XFCE 4.6.

Deny Hosts and SSH Login Attempt Behavior

A few weeks ago I installed DenyHosts, a small deamon (can also be run as a cron job) that runs on my server to block IP’s that make brute force SSH login attempts.  The script has worked great, blocking over 500 hosts on the first day I used it (including myself a few times…).  One of the features of the script is the ability to send an email each time it blocks a host.  Although getting a few hundred emails at first was very annoying, setting up a few rules in gmail prevented me seeing them in my inbox (they go directly to a folder).  I did, however, start to look at the times when the various hosts get denyed.  They seem to come in large groups, so that there will be 50 or so hosts blocked in a rather short length of time, around 10 minutes or less.  The IP’s of the computers also come from all over the world, but most seem to come from Asia, South America, and Russia.  I think it would be interesting to do a more complete statistical analysis of the data in regards to the time and location of where the login attempts are coming from.  Maybe I’ll write something to do this later.

Expand JFS Filesystem

I recently bought 2 new 500GB hard drives and am in the process of migrating my RAID array to double its size to 2TB. The current 1TB over 3 drives was 100% full, so it was something that had to be done. The expansion took about 26 hours on my 3ware 9650SE-8LPML controller, which is quite good from what I see of other peoples experiences. Of course, all important data was backed up before the RAID expansion.

The primary issue I had after the expansion was the proper partitioning of the free space. When the RAID expansion was complete, I now had 1TB of used space using the JFS filesystem that was the original partition, and 1TB of unused, unpartitioned free space. Attempts to use Gparted to expand the partition failed due to a known bug that prevents partitions over 1TB. I tried to use Parted, the CLT tool that Gparted is based on, to expand the filesystem but was unable to do so. This seemingly left me with two options, either use multiple smaller partitions, or to reformat and restore the data from the backups. I decided that smaller partitions would be a lot of extra work in terms of keeping tabs on the free space on each partition (and may require more frequent partition modifications) which is something that should not be necessary. Restoring from backups was not welcome due to the time involved. Deciding that those options were not acceptable, I was determined to find the solution I wanted, having a 2TB partition without going through a backup restore process. If anything, it would be worth doing simply on the principle of the matter: that having large partitions on a modern filesystem that supports volumes up to 32000TB should not be a problem. Several Google marathons and man page studies allowed me to successfully perform the operation that I wanted.

My main problem was a lack of understanding of the way that fdisk actually works. With fdisk, you can delete and recreate a partition without actually destroying the filesystem that lives on the partition. I am not sure exactly what the limitations are, but it seems that as long as you do not change the starting point of the partition, the filesystem will remain there. In my case, the drive in question (/dev/sda) had a 1TB partition starting at the beginning of the disk (/dev/sda1) with 1TB of unpartitioned free space residing after the JFS partition (created by the RAID expansion). I deleted the JFS partition (/dev/sda1), and recreated the partition, but this time using the full 2TB of space. In the tests that I did, the free space MUST come after the partition. I wrote the partition table, and them mounted the drive. All the data was still there, but the JFS partition was only showing up as 1TB with the command dh -h. This was rather concerning until I realized the state that the drive was in. fdisk only edits the partition table, not the actual filesystem. When it writes out the partition table, it is just redefining where the partition begins and ends and does not touch the filesystem. Thus, although I had expanded the partition, I did not expand the filesystem. Doing some more searching, I found this article that gave me the last piece of information I needed. The command mount -o remount,resize /mount/point tells the JFS filesystem to expand to fill the entire space of the partition. The command is unique to JFS and will not work on other filesystems because the options passed are used by the JFS kernel driver. When you issue the mount command, note that the partition must be mounted.

Perhaps most frustrating is the lack of data on the JFS filesystem. It does not seem to be very popular in the Linux community, most of whom use ext2/ext3. Those that do use an alternative filesystem tend to use ReiserFS with a small number using XFS. In the limited, unscientific testing I have done, JFS performed very well performance wise and used far lower CPU than ext3 or ReiserFS. JFS has worked out well for me so far and, despite my initial difficulty in expanding the filesystem, is the filesystem I will use in the future.

Flying without ID Round 2

Yesterday was another opportunity to fly without presenting any ID at the airport. The man at the US Airways counter didn’t give me much trouble beyond the puzzled look and a few questions about how it’s possible to not travel with ID. Going through security was easier this time than last time as they did not frisk me, but they did give me a little bit of trouble while going through my bag.

The first item that got me a few questions was my all metal mechanical pencil (click here for a review). As you can see in the review, the pencil is quite heavy and solid, so I can understand their complaints. In the end, they did not take it away. What was more amusing, was the concern that the two security guys had over my laptop. I currently am missing 1 key off the keyboard from switching the layout to Dvorak (I still have the key, but need to modify it for it to go back on). The guard spent a minute looking at the missing key to see if there were any apparent modifications to the laptop, when he noticed that the keys were not in the right places. He had never heard of the Dvorak layout and, apparently, did not know that layouts other than qwerty existed. I guess my explanations of a more efficient layout were not good enough, and they asked me to turn the laptop on to verify that the “internals have not been modified”. I really wanted to tell them that I have modified the internals, but discretion got the better of me. So I turn the laptop on, and they get to see LILO in all its glory boot Gentoo. Although they were satisfied that the machine was operational, they were not happy that it was using software that they had never heard of. I explained what an operating system was to them and the difference between Windows and Linux, but I don’t think I cleared much in their minds. To see their reaction, I refused to login to the machine when they asked, which prompted them to bring aver their supervisor (an actual TSA agent rather than hired security). I explained the whole Dvorak and Linux thing to the supervisor, who seemed to be a little more understanding. She felt that turning the computer on was enough and let me go.

The trip through security was relatively painless despite the issues that they had with my computer. I think that this shows that there is a fundamental lack of understanding of how computers and electronics in general work. If I had told the security that I was an electrical engineering student, I’m sure that they would have given me more of a problem with the computer. If security really wants to deal with modern electronic threats, they need to start educating their guards in the matter. There are much more dangerous things than Linux that can be brought onto an airplane, not to mention things that are much less conspicuous than a laptop running totally unfamiliar software. Something that comes to mind would be a radio jamming device that could easily be concealed within an operational laptop, calculator, etc. I understand that I am in a much different position than many people who do not use such electronics everyday, but if people are going to spend billions of dollars on security, shouldn’t they actually be familiar with the kinds of threats that can occur? Or, perhaps, it is just the notion of “security” that is the aim. It is clear to me that actual security is trivial, a superficial glaze is all that is necessary to make people feel safe. Personally, I think the fear that people have in regards to air travel security is absurd, so maybe its a good thing that there still is no real security at the airports. Life is hazardous to your health. Deal.

Philips SPC900NC Camera On Linux Is A Go

In researching information about using a webcam as a low cost camera for astrophotography, many people recommended the Philips SPC900NC camera due to its use of a good quality 1.3 megapixel CCD sensor at a decent price. I bought mine from ebay, but its also available on Amazon and Newegg. My first attempt at playing with this camera was on my main desktop running Windows XP x64. This proved useless, however, as the drivers will not work. The Philips software will install fine but it cannot recognize the camera. Windows detects that a USB device is plugged in but can’t do anything with it because of the incompatible driver. I currently do not have a 32 bit version of Windows XP, so the next course of action was obviously Linux.

My laptop currently runs Ubuntu (was running Xubuntu until yesterday, just did a little swap of GUI’s) and was a prime choice. The camera did not work “out-of-the-box” as can be expected, but a little searching netted me a working driver for the camera, known as pwc. The pwc driver works for many Philips cameras, including the SPC900NC that I’m using. Installation is very straightforward for anyone who has compiled programs. Once the driver was installed, Camorama didn’t have a problem detecting the camera and capturing images from it. Next step is to work on capturing video from the camera, which mplayer may do for me.

Since the camera is working, I took a few pictures to test it out. Image quality is pretty good and should work perfectly for my astrophotography plans. Here is a picture of my Tele Vue Pronto refractor that I’ll be using for this project:

tele vue pronto hires

Battery Life

Now that I’m safely at my destination, I can continue where I left off.  Recently I’ve been trying to see how long I can extend my battery life on my Thinkpad T30 (aka darkstar, running xubuntu).  One of the methods I’ve been trying is not starting x (and thus not starting xfce).  Of course there are a lot of variables that determine battery life, but so far under normal use I seem to get about 30 more minutes.  Normal use would be internet (elinks vs firefox) and typing (nano vs open office).  I’m going to continue to track battery life over time to get a better estimate over longer periods of time and for different amounts of CPU usage.

elinks

In an airport just doing a test of elinks. Working better than I expected on wordpress, glad to see that they’ve included text only support. I’ve discovered that my battery life is extended when I don’t start X on my laptop. More on this later, they just called my flight.