Skip navigation

TrueCrypt is a wonderful piece of software which i recommend everyone to make use of to protect every mobile workstation. This freeware provides full or dynamic hard disk encryption. By dynamic i mean, that it can be used to encrypt flash drives, hard drives or partitions etc, depending on what you fancy. It makes use of the well known AES, 128 block size, 256 bit encryption cipher. Its is relatively easy to use since it also offers a rescue disk and software administration feels solid. I tested it on XP and Window 7 beta and there were no issues. I think I will give it a go at ubuntu too. I do suggest though that if you have a dual boot workstation you test it out prior to installation, since i have to say i managed to mess up my XP bootup after encrypting Windows 7.

truecrypt_thumb

http://www.truecrypt.com

Last week I installed Windows 7 beta on my 1.6GHz Acer One. These laptops are relatively slow when compared to today’s standards but once you experience the lightweight design and ease of travel, you forget about the lack of power. I love this laptop. It ran Windows Xp SP3 fairly well but what about the new Windows 7 ?

Did I already say I love this laptop?  –  I am no Windows guy – actually i hate Microsoft and all that comes in contact with it but.. and a really big BUT…Windows 7 runs even better than Windows XP. Ok, Ok, I admit I had to customize the theme a little, since once i had my applications up and running, shifting from one window to another was slightly slow (some would not mind it) so i left the effects which i personally enjoyed and there you go, a piece of art!

As you can see from the photo, one of my Penguins was not too pleased, he constantly complained in fact!

p1010073

Now we see how long it will take before the booting up process becomes slow –  Penguins still prevail over Mico$oft for stability and speed!

Update: I ran into an issue with the Wifi module – Atheros Chipset. Apparently if you switch off the wifi after a reboot, the driver is lost. The latest driver on the acer site did not solve the issue.The below driver however (which is more recent) sorted it out perfectly.

http://www.croftophile.fr/pilote/atheros_v7.6.1.194.exewrek

Last year i had purchased AVG Network edition but only recently i have set it up correctly. I find that AVG have improved very much over the years, although i have to admit that they are still not quite there when it comes to central management. I find the central management a little flaky since when the AV is pushed onto a Windows Server, the installation cannot be any easier but when i attempted to install it onto a XP machine, the nuisance of running the AVG agent before hand is not very professional in my opinion. Especially if you deploy this in a large environment.

Over all it is rather cheap, so i am pretty happy with this product.

avgnetwork

Finally… the long awaiting VMware server 2 has been released and i have upgraded in under 20mins (this time!) All works like a charm, apart from one weird issue… ctrl-alt-del will not work in the console, since as soon as you press clt-alt, the cursor is released! WTF !!! Anyway. thanks God, the del key of the numeric pad works . .  pheewww.. i was already panicing… ! 🙂

http://www.vmware.com/freedownload/login.php?product=server20

This weekend i decided to try Ubuntu 8.10. In one word –  WwwwooOOoohh ! Finally my dual display is working as it should and i must say that this version is the one which gave me least problems to configure. I ran into the same “Connect to a Server” (Samba) issue with this version but the workaround is easy:

(smb://<ipaddress of windows share>/<windows shared folder’s name>)

AllTray seems to be finally working as it should also, and the rest, movies, audio all worked out of the box –  or rather, out of the ubuntu installation disk!

There was an issue with Flash pluggin, (no sound was given once installed, but a fix has been issued already)

Since i required IE for a particular site and personally i prefer Office 2007 to OpenOffice, I thought this was the opportunity to try Crossover (http://www.codeweavers.com/products/cxlinux/). It worked perfectly. I will probably add this one to my “to purchase list”

Well done Ubuntu, you are heading in the right direction, world domination is getting closer! 😀

I decided to relocate my desk in another corner of my room, my older desk has become a test area now! 😛 So, on my desk you may find.


1) My Acer TravelMate 6291 / ubuntu laptop (with 17″ Screen attached)

2) My new Acer Aspire One (running XP –  i required a windows machine for some testing)

3) A network switch (beneath monitor) I really should replace this with a managed once since it is messing up my vlans)

4) My 3 Penguins  (guess what they are representing)

The rest is the obvious!

And this is how the tech area looks when i am labbing..

Finally RC 2 has been released and i can say it finally fixes one major bug ie VMware console in firefox 3.0.* and fully compatible with IE7. 🙂 Another bug which has cropped up, is renaming the bridged interfaces does not seem to be possible. The default name seems to remain even though i specify the interface name manually. Before my interfaces were called –  Management, Vlan 1 and DMZ, now they seem to remain Bridge, Bridge (2) and Bridge (3) . . neah… i can live with it… but in RC1 this issue was not present!

I wanted to mount my windows Shares onto my VMware Sever (linux ubuntu) so that i can use it as an NFS and boot by VMs from the Windows Sever (since my windows server has a Raid Array) I tried several samba combinations but none seemed to work. CIFS seemed to do the trick.

Install smbfs

sudo aptitude install smbfs

Use the below command

mount.cifs //<ip address> </win_share> /mount/in/linux -o username=<username>,password=<password>

example:

mount.cifs //192.168.1.1/c$ /media/sdc1/ -o username=xxxxxxx,password=xxxxxxxxxxxx

To unmount use:

umount.cifs

To mount it permanently:

vi /etc/fstab

add this entry:

//Server_ip>/share_name /path_to/mount_in_linux username=server_user,password=server_password,netdev 0 0

Still no good news! I have decided to setup 2 x86 Mikrotik test boxes with 2 Atheros antennae installed in each. I am then  going to configure the same Mangle (Nth) via packet marking and will see the results.

The only difference from my live setup is that the antennae are separate boxes (RB333) over a quad NIC in the Mikrotik Load Balancer / Mangle box.  I am still waiting for my fourth WiFi card to arrive since i seem to have taken all their available stock..

….. More weeks passed and i can officially say that Mikrotik Load Balancing DOES NOT WORK ! The issue is always the same. I have used Wireshark and confirmed the issue. It can be Bonding, Mangle or whatever but Mikrotik devices do not reorder packets at the destination, which results in a very high loss of bandwidth. Bonding is slower since there is packet encapsulation, Mangle will give a slightly higher bandwidth but will not give you redundancy once a link fails (you manually have to change the rules or else packet loss is experienced). Over all it is, was and will remain a disaster for load balancing. Whoever makes use of any form of load balancing, make sure you keep an eye on the end systems since there are taking on the load to reorder or re-request packets .

I have to point out that this issue is present when load balancing is performed on wireless links (since each wireless link’s is not as stable as a wired link –  which creates different delays on each wireless link –  which makes packets arrive faster on some link when compared to others) hence why when i tested this setup on wired links i had no problems. Also note, that with UDP packets are lighter and that UDP is connection-less so performance on UDP will look good. In reality, no connection is UDP only, so this means that you will never really use the bandwidth you see when you are testing under UDP. TCP bandwidth tests are a totally different story.

PS: A number of months passed and the issue still seems to be present. Another setup such as bonding over WDS was tested but the same results were obtained –  time to move away from Mikrotik for this setup.

Case Closed.

The past three weeks were no easy, I had a large setup of Mikrotik devices to setup for work, and i am going to briefly point out the issues /  glitches i had with these *damn* boxes.(RouterOS 3.13)

1) Bonding and Eoip –  Does not work. You can bond any number of antennae via EoIP but simply because one pair antennae achieved 17Mbps (TCP), bonding 4 pairs of Antennae and adding them to a bonding  /  Eoip will only give you the bandwidth of a crawling snail. The more antennae and bonding interfaces you add in the equation the worse the situation gets. I have tested it out with TTCP bandwidth tester and results were bad – oh my… so bad. The issue is, the bandwidth (of all four antennae) will be there, but to benefit from this bandwidth you will have to open several connections from a different source to a different destination all the time. (connection tracking and all other crap was disabled – these mikrotik boxes were properly configured)

So, what could  be used instead of bonding or Eoip?  OSPF you may ask? –  Nope!

2)  OSPF load balancing works properly when all interfaces are “wired” (wireless is another story)

I check the cost of the link along with the Administrative Distance settings. (load balancing depends on those), but once again –  no! load balancing over OSPF Mikrotik does not work. The boxes simply decided to pick a link from the four available and send all traffic on that one. Sometimes it even changes link to one of the available ones randomly.

So what is left? All that is required here is simply load balance over 4 wireless links, and yet it seems so difficult to achieve.

The last option is Mangle. There are different flavours of Mangle out here, It seems to be mostly utilised when once wishes to load balance over multiple ISP gateways  –  using NAT. I came across this blog which helped me…

http://mustnofee.com/story/load-balancing-mikrotik-3x

….but did not work since my situation is different. I do not need NAT since all my antennae are using static routing, and Mangle / connection / connection marking did not work since i am not using the above link . This is a LAN, and each end of the setup only sees one IP address. The source or destination.

The Mangle required here is via packet / routing marking:

ip/firewall/mangle > print detail

0   chain=prerouting action=mark-packet new-packet-mark=pktlink1
passthrough=yes in-interface=Eth-Local 1 nth=2,1

1   chain=prerouting action=mark-routing new-routing-mark=mk-link1
passthrough=no in-interface=Eth-Local packet-mark=pkttolink1

2   chain=prerouting action=mark-packet new-packet-mark=pktlink2
passthrough=yes in-interface=Eth-Local

3   chain=prerouting action=mark-routing new-routing-mark=mk-link1
passthrough=no in-interface=Eth-Local packet-mark=pktlink2

IP Route

1 A S  dst-address=192.168.10.1/28 gateway=192.168.1.1 interface=Eth2
gateway-state=reachable distance=1 scope=255 target-scope=10
routing-mark=mk-link2

2 A S  dst-address=192.168.10.1/28 gateway=192.168.2.1 interface=Eth1
gateway-state=reachable distance=1 scope=255 target-scope=10
routing-mark=mk-link1

Although the above worked, for some odd reason the antennas still seem to be giving me issues. The ptp antennae are running at 50db signals, with a registration of 54mbps/54mbps. So if the wireless peers are working correctly, why is it still necessary to open multiple connections to utilize the full capacity of my 4 links?

(The reason is that by opening multiple links, the bandwidth seems to increase for the simple reason that there are more packets bouncing around for retransmissions but the total bandwidth which can be actually utilised is minimal. Seeing large numbers does not mean that the packets are actually arriving without errors and that the total usable bandwidth is that “large figured number”.

Continued on next thead  ” Mikrotik –  Load Balancing Over Multiple Interfaces (Part 2) “