Networking

I recently started to notice following error messages on my openVPN server.

As I need to run OpenVPN using the TCP protocol (instead of the faster UDP protocol; as UDP is often blocked in networks I use my VPN in) I experimented by increasing the tcp-queue-limit. The default is 64, and I’ve set it to 256. So far, everything still seems to be working fine (but more packets will be queued before being dropped by OpenVPN, requiring less retransmissions).

• A total of 87 IPs have been handed out (so 87 different MAC addresses)
• A total of 70 users used the (transparent) Squid proxy, so a few never logged in
• There was a total of 1.3Gb of HTTP traffic (Saturday only)
• There was a total of 720.91Mb upload and 2.11Gb download traffic (including Friday evening)
• Total server uptime was 1 day, 1 hour and 31 minutes :)

For those visiting BarCamp Antwerp tomorrow, make sure to connect to the open Userplus.org “barcamp” WiFi SSID.

Any feedback or comments about it can be mailed (yeri @ rootspirit . com) or left below.

I’ve had an issue for a while, being unable to access certain websites such as https://fon.com, but also certain parts of the Apple, Fortis and Microsoft site, while other (https) websites worked fine.

Running Wireshark I found that only about 5ish packets got transferred, and all other data to that website abruptly stopped.

I’m using ADSL (EDPnet), which has an MTU of 1492, however, I was able to access all websites from the router (using lynx, for example), but not from any other PC within the network.

I have been running a public DNS server for private purpose (never liked my ISP’s DNS servers, and the root servers were usually located too far away (at least those with easy to remember IPs).

Anyway, been testing it since this summer, and so far it’s been working great.

the DNS server running on a Debian virtual machine, hosted by Rootspirit, near Amsterdam.

IP address: 85.12.6.171

Hostname: vm1.rootspirit.com

Might not be an easy to remember IP address (unlike 4.2.2.1), but as I use that IP pretty much every day, it’s okay for me. ;)

There’s a great GUI out for OpenVPN & Windows, located here.

However, this GUI includes an old OpenVPN, that is no longer compatible with Windows 7 and Windows Vista.

The TUN/TAP driver will be blocked due to compatibility issues, and when trying to connect to a VPN, you’ll get an error along the lines of:

All TAP-Win32 adapters on this system are currently in use

The simplest fix, is to install the GUI package (including the old OpenVPN binaries), and reinstall OpenVPN afterwards.

As I often have people asking for the files I use to make my pretty MRTG graphs; I’ll publish them here.

Here are some examples:

Zero - One - Four - vm1 - Sauron

The config files:

Sauron (including Squid stats),

Zero (including fan stats).

List of files included:

• indexmaker; simple script (included with MRTG) to generate a simple index file with all the graphs
• snmp-if.sh; will show you the IDs of the interfaces on the server/pc. These IDs have to be edited in the mrtg.cfg file; e.g.:

Target[eth0]: 2:public@localhost:

If Apple was so kind to give you tethering (and didn’t silently remove it after an update), or if you just happen to have enabled it using, let’s say, the alternative method. And you happen to be forced to use Windows, and you really are tired of XP, and Vista surely isn’t an option; you’re probably running Windows 7.

To enable tethering on the iPhone + Windows; just pair the bluetooth devices (I actually haven’t tried with USB yet, and don’t really plan on doing that), Windows will start to QQ about it being unable to find a suitable driver for the iPhone… I even installed iTunes to see if the message would go away, but apparently it won’t. I’ll have to do some more Googling later on.

Yesterday I’ve start using Prowl, as I heard good comments about it. And one of the things I want it to check, are my server statuses. I made a quick script using bash and crontab to check every 10 min if it replies on ping. Per server, I created “host.domain.tld.sh” (e.g. zero.rootspirit.com.sh), and added this in the file:

#!/bin/bash
KEY=YourApiKey
HOST=zero.rootspirit.com
ping -c 1 $HOST   &>/dev/null
if [ $? -ne 0 ] ; then
curl -k -s "https://prowl.weks.net/publicapi/add?apikey=$KEY&application=Server%20Connectivity%20Failure&event=&description=$HOST&priority=2"
fi

Of course, change KEY to your API key, HOST to the IP or DNS of the server it should ping. Also, make sure, that when pinging on your host where you’ll run the bash script on, a non-existing domain actually returns:

As I usually use my SIM card in my iPhone, I booted my PC, plugged in the Vodafone USB Mobile Connect modem (HAUWEI 220 or something). I then inserted, with the USB device plugged in, my SIM card, and booted up the Mac (and later on Windows) Vodafone application, to connect my PC to the Proximus 3G network.

This resulted in a constant error; “The pin code was not accepted by the mobile device”.