Categories
Hardware Linux Networking Software

Ideal travel router: GL-AR750S

Right. With the pandemic and all none of us are going to travel much but still…

About a year ago I purchased myself an OpenWRT router to use on the plane and in hotels.

And so far I really like both the device and the Hong Kong based brand (launching new and updated products, and releasing relatively regular updates for older products). Pick a device that fits your needs (USB powered? LTE? Small form factor?).

The GL-AR750S aka Slate is fully customizable but runs a few nice things out of the box: WireGuard (with a physical button to turn it on or off), OpenVPN, shell access, Tor (requires the latest firmware), IPv6, DoH (Cloudflare only for now), multiple SSIDs (i.e. Guest WiFi), and more.

Oh and I specifically picked this version (compared to other or cheaper ones) because it had both 2.4Ghz and 5Ghz, as well as 3 Gbit ports (1x WAN, 2x LAN).

Pick whatever works for you…

I use the device on flights, where I connect to the network once in the air, purchase WiFi or use iPass “for one device” and then connect to the interwebs behind my NAT-router from my iPad, phone(s), laptop(s), and even Shan‘s devices if she is travelling with me.

In hotels, I either connect it to the wired ethernet, if still available (tends to be more stable), or connect it to the guest WiFi and then connect my devices to the router: saves me from connecting to a new network and typing the room number and login/password/family name on every device. And once again hides the true number of connected devices; quite handy trick for those pesky hotels providing free access only to two devices.

Sure it takes a bit of setup every time: find a working USB port, sign in to the web interface, search for new networks if this is a new hotel or I haven’t travelled on this airline, connect to said network, sign in with iPass, and optionally enable VPN)…

And once in a while some fiddling with VPN or DNS that’s borking up or being blocked by overzealous firewalls.

Also, some in-flight entertainment USB ports don’t provide enough power (and/or are often broken — looking at you Lufthansa in economy) so be sure to carry a couple of these (US-plug works best) — I’ve already forgotten one on my last flight from MUC-SIN on LH, but luckily I have pretty easy access to these.

If you travel a lot it’s totally worth the money.

Categories
Networking Travel

EVA and WiFi

So I am flying EVA from SIN – TPE – JFK and back. For the first time I also went to the dark side (16hrs was too long to be locked up with just my mind) and got onboard WiFi.

This seems to come with unlimited data for ~20USD for 24hrs. I manage to stream Google Music just fine.

I totally went Matrix mode during the flight. While the flight is half empty I am wondering if they think I am haxoring it now.

EVA uses T-Mobile Germany as carrier.

Public IP routes to a German IP (and Google redirects to Google.de).

nazgul ~ $ curl canhazip.com
88.128.80.215

Whois info:

[…]

inetnum: 88.128.80.0 - 88.128.95.255
netname: ca-de
descr: Telekom Deutschland GmbH
country: DE
admin-c: TH12429-RIPE
tech-c: AS8728-RIPE
tech-c: MS47198-RIPE
remarks: ***************************************************************************
remarks: Please send any abuse complaints to: [email protected]
remarks: Behoerdenauskuenfte koennen nur ueber folgende Ruf- bzw. Faxnummern beantwortet werden:
remarks: Fax: 0180-18812-66 (0,039 Euro/Minute aus dem Festnetz der Deutschen Telekom AG.)
remarks: Tel.: 0180-18812-77 (0,039 Euro/Minute aus dem Festnetz der Deutschen Telekom AG.)
remarks: ***************************************************************************
status: ASSIGNED PA
mnt-by: MNT-TMD
created: 2008-05-06T07:54:12Z
last-modified: 2012-07-30T08:54:39Z
source: RIPE

Trace routes are quite odd:

nazgul ~ $ traceroute yeri.be
traceroute to yeri.be (83.149.69.152), 64 hops max, 52 byte packets
1 ns.evawifi.com (172.19.248.1) 3.429 ms 2.746 ms 2.921 ms
2 10.207.1.1 (10.207.1.1) 2.998 ms 2.535 ms 2.455 ms
3 172.18.15.41 (172.18.15.41) 553.837 ms 536.711 ms 541.207 ms
4 172.18.14.34 (172.18.14.34) 615.658 ms 534.722 ms 536.465 ms
5 * * *
6 yeri.be (83.149.69.152) 728.306 ms 749.172 ms 738.020 ms
7 yeri.be (83.149.69.152) 743.171 ms 735.898 ms 858.885 ms
8 yeri.be (83.149.69.152) 731.611 ms 764.056 ms 734.694 ms
9 yeri.be (83.149.69.152) 745.765 ms 745.182 ms 729.407 ms
10 yeri.be (83.149.69.152) 745.248 ms 1002.078 ms 750.183 ms
11 yeri.be (83.149.69.152) 901.702 ms 758.616 ms 898.359 ms
12 yeri.be (83.149.69.152) 750.162 ms 779.888 ms 863.083 ms
13 yeri.be (83.149.69.152) 777.654 ms 777.442 ms 750.133 ms
14 yeri.be (83.149.69.152) 745.435 ms 783.786 ms 942.607 ms
15 yeri.be (83.149.69.152) 926.653 ms 939.882 ms 830.519 ms
16 yeri.be (83.149.69.152) 1239.295 ms 754.112 ms 753.986 ms
nazgul ~ $ traceroute google.com
traceroute to google.com (172.217.17.46), 64 hops max, 52 byte packets
1 ns.evawifi.com (172.19.248.1) 1.716 ms 1.200 ms 2.627 ms
2 10.207.1.1 (10.207.1.1) 2.155 ms 1.932 ms 2.165 ms
3 172.18.15.41 (172.18.15.41) 583.366 ms 588.440 ms 730.303 ms
4 172.18.14.34 (172.18.14.34) 552.347 ms 963.682 ms 550.350 ms
5 172.30.1.34 (172.30.1.34) 841.324 ms * 637.136 ms
6 ams16s29-in-f46.1e100.net (172.217.17.46) 752.359 ms 744.614 ms 819.851 ms
7 ams16s29-in-f46.1e100.net (172.217.17.46) 735.554 ms 737.249 ms 785.678 ms
8 ams16s29-in-f46.1e100.net (172.217.17.46) 766.046 ms 738.774 ms 750.276 ms
9 ams16s29-in-f46.1e100.net (172.217.17.46) 817.491 ms 736.133 ms 765.344 ms
10 ams16s29-in-f46.1e100.net (172.217.17.46) 1047.754 ms 754.939 ms *
11 * ams16s29-in-f46.1e100.net (172.217.17.46) 761.013 ms 762.848 ms
12 * ams16s29-in-f46.1e100.net (172.217.17.46) 840.602 ms 750.186 ms
13 ams16s29-in-f46.1e100.net (172.217.17.46) 935.149 ms 808.133 ms 745.638 ms
14 ams16s29-in-f46.1e100.net (172.217.17.46) 736.075 ms 881.481 ms 788.661 ms
15 * * *
16 ams16s29-in-f46.1e100.net (172.217.17.46) 876.269 ms 1195.194 ms 754.661 ms
17 ams16s29-in-f46.1e100.net (172.217.17.46) 749.985 ms 850.065 ms 742.763 ms
18 ams16s29-in-f46.1e100.net (172.217.17.46) 737.418 ms 1079.194 ms 751.415 ms
19 ams16s29-in-f46.1e100.net (172.217.17.46) 765.339 ms 763.116 ms 754.928 ms
20 ams16s29-in-f46.1e100.net (172.217.17.46) 765.059 ms 767.733 ms 762.777 ms
21 ams16s29-in-f46.1e100.net (172.217.17.46) 860.458 ms 780.965 ms 757.507 ms
22 ams16s29-in-f46.1e100.net (172.217.17.46) 768.432 ms 747.930 ms 764.553 ms
23 ams16s29-in-f46.1e100.net (172.217.17.46) 758.869 ms 747.489 ms 751.329 ms
24 ams16s29-in-f46.1e100.net (172.217.17.46) 797.699 ms 818.899 ms *
nazgul ~ $ traceroute t-mobile.de
traceroute to t-mobile.de (46.29.100.15), 64 hops max, 52 byte packets
1 ns.evawifi.com (172.19.248.1) 1.978 ms 1.080 ms 1.071 ms
2 10.207.1.1 (10.207.1.1) 4.575 ms 1.885 ms 1.847 ms
3 172.18.15.41 (172.18.15.41) 540.670 ms 739.430 ms 787.836 ms
4 172.18.14.34 (172.18.14.34) 646.621 ms 775.771 ms 562.301 ms
5 * 172.30.1.34 (172.30.1.34) 630.660 ms *
6 46.29.100.15 (46.29.100.15) 1014.377 ms 813.739 ms 755.431 ms
7 46.29.100.15 (46.29.100.15) 766.290 ms 805.572 ms 735.697 ms
8 46.29.100.15 (46.29.100.15) 806.918 ms 792.377 ms 945.535 ms
9 46.29.100.15 (46.29.100.15) 783.751 ms 736.085 ms 781.832 ms
10 46.29.100.15 (46.29.100.15) 817.682 ms 738.980 ms 1031.463 ms
11 46.29.100.15 (46.29.100.15) 872.993 ms 767.682 ms 807.777 ms
12 46.29.100.15 (46.29.100.15) 986.659 ms 804.279 ms 806.750 ms
13 46.29.100.15 (46.29.100.15) 846.340 ms 767.556 ms 939.215 ms
14 46.29.100.15 (46.29.100.15) 737.330 ms 759.259 ms 786.724 ms
15 * * *
16 * * *

Not very sure what witchery is going on here.

arp shows AP isolation and two different servers running for the WiFi:

nazgul ~ $ arp -a
ns.evawifi.com (172.19.248.1) at 0:d:2e:0:40:1 on en0 ifscope [ethernet]
www.evawifi.com (172.19.248.2) at 0:d:2e:0:0:a8 on en0 ifscope [ethernet]
? (172.19.249.255) at (incomplete) on en0 ifscope [ethernet]
? (224.0.0.251) at 1:0:5e:0:0:fb on en0 ifscope permanent [ethernet]
? (239.192.0.0) at 1:0:5e:40:0:0 on en0 ifscope permanent [ethernet]
? (239.255.255.250) at 1:0:5e:7f:ff:fa on en0 ifscope permanent [ethernet]

There seems to be a transparant Squid/3.4.6 caching proxy running:

More random things can be found here.

Categories
Hardware Networking

WiFi by night

IMG_20150301_190145

Categories
Hardware

FlatTurtle in elevators: making of

First tests at Glaverbel (circle or “O” shaped building) in Watermael-Boisfort with 12 lifts (about a year ago). Internet wiring makes a whole circle from the internet connection at the technical room (near entrance hall). In this design from the 1960s the lift machine rooms had one shared/common room where we installed switches (to avoid having to pull too much cable and to overcome cable length issues). High quality shielded cable was used to avoid signal loss over the distances we did.

IMG_20140820_093857

We first opted for wired internet to the cabin (TurtleBox being on top of the cabin, with HDMI to the display in the cabin — the idea was to cover the TurtleBox inside the roof/under some protection in case something would fall, and for moist and dust — this was quickly abandoned due to space & time constraints).

IMG_20140821_095253

The TurtleBox in this case was again an Intel NUC (Celeron for the first two “tests”, Atom afterwards due to fanless design).

IMG_20140820_150726

After the first initial test, wired internet was not feasible after our first two cabins:

  • pricing of cable (~€450)
  • Kone provided wrong cable (some weird color codes, not the regular STP/UTP, coating was too big for STP plugs)
  • Test lift one tore the cable (probably got stuck somewhere between the cabin and the wall)
  • In test lift two, during a controlled shut down of the lift (due to other repairs by Kone Refurbishments), Kone Emergencies got called by the customer to start up the shut downed lift (customer not being aware of the shutdown reason). Kone Services didn’t recognise the new wiring as native or normal, and decided to cut down the cable.

=> So wiring is more (expensive) hassle than anything else.

We realized we didn’t want to go through this mess 10 more times.

IMG_20140820_150747 IMG_20140820_150755IMG_20140605_083820-nopm-

I can also tell you lifts are way less ‘clean’ than I would have expected.

The idea my technician (can greatly recommend him for doing an amazing, detailed & clean job) had was to try with WiFi. I was skeptic (10ish floors, lots of metal and other crap inside the shaft)… But it would definitely be cheaper and easier to maintain.

IMG_20140820_150734

NUCs are mounted on top of the cabin for a clear line of sight. However, after testing this was deemed unnecessary and they got lowered/mounted to the side to provide additional protection.

IMG_20140605_120631

In the end, I have to say due to all the metal and concrete, signal went WAY further than I’d imagine (we could do two entirely separated shafts with one AP, just the -1 and -2 floors had troubles to have a stable signal). Signal is strong enough to have working WiFi in the (metal) lift cabin, and people working not too far from the (metal) lift doors on the floors can still use WiFi as well (albeit not with the best signal).

IMG_20140821_095235

WiFi (Ubiquiti unifi, again) uses Power-over-Ethernet and remotely managed using Auki making it very easy to manage and install.

IMG_20140820_151318

The 12 lifts now have FlatTurtle displays in them, using WiFi as internet connection… And it’s working like a charm!

IMG_20140605_090517 IMG_20140605_092417

Oh, and on a plus side, Kone technicians (all of them) were a charm to work with, doing a great job!!

IMG_20140605_083833-nopm- IMG_20140605_084411 IMG_20140605_092429IMG_20140605_105201

More at FlatTurtle’s blog.

Categories
Hardware Networking

Turtle shaped WiFi

demolished a unifi from Auki and build a 3D printed Turtle around it.

Came out very nicely, and it’s quite solid.

3D renders:

WT-blk1 WT-blk2 WT-blk3

Actual printed design:

sfeer 1

schaduw 3 schaduw 4 schaduw 5 closeupIMG_20141014_124319

Opened up unifi:

IMG_20140923_224646 IMG_20140923_224706

Design by Seendesign.

More at FlatTurtle’s blog.