Sean's blog

Ethernet card problem – ‘eth2_rena’

July 18th, 2008

This is the sort of problem I expect that only happens to people who muck about with already working kit. Another evening spent regretting ever shutting down a running system ‘for just a few minutes while I add some hardware’.

I run a few websites on a Dell PowerEdge SC440 tower server. I must write in detail about it sometime: I love it – it’s dirt cheap, fast enough for almost anything I want to use it for, very quiet and when I put it on a power meter, I get a reading of 53W. It replaced a noisy, hot, bag of nails that would hardly run for a month without something going wrong. That previous POS was consuming 186W on the power meter, so the SC440 will probably pay for itself in a couple of years. We set up the SC440, switched it on, and then forgot it existed for 8 months – and it’s right here, between all our desks.

A new application I’m working on reminded me the SC440 existed – a rapidly growing database (adding Gigabytes a day), and several data-mining applications running concurrently on the same data. A few rough calcs tell me the cheapest way to cope with the extra load for a few months (until I know whether the project is worth investing heavily in) is to buy a couple more SC440s and connect them to the first via Gigabit ethernet.

I have terrible taste in network equipment, as I’ve mentioned before, so I decided to connect the two new SC440s direct to the original one with extra ethernet cards. So, I posted a ‘down for maintenance for a few minutes’ page on another server, mapped the HTTP port to that server, switched off the SC440 for the first time in 8 months, popped it open, admired the forethought that’s gone into adding cards, inserted the two ethernet cards, closed it all up, switched it on.

Disaster! Elation at seeing eth0, eth1 and eth2 in the startup messages soon turns to panic when the link lights won’t light on inserting the cable from the router. One of the sockets has lights, so that one gets hastily configured as the port incoming HTTP traffic is usually routed to, just to get the websites back online. A quick look at the output from ifconfig tells me that eth0, eth1 and eth2 are now eth2, eth1 and eth2_rena.

I searched for help on ‘eth2_rena’, and found the very handy ‘ip link‘ command – ifconfig was truncating the device name to 9 characters and the name of the device was ‘eth2_rename‘. I imagine the ports are enumerated first by the driver module as it loads – my cards (and the embedded adapter) are all Broadcom NetXtreme Gigabit Ethernet, so rely on the tg3 kernel module. Later in the boot sequence, udev works its magic on the adapters and renames them according to rules in (on my setup)

/etc/udev/rules.d/75-network-devices.rules

If I wasn’t still reeling from the unexpected problem, I’d have a go at removing the network card naming rules altogether (though leaving the file in place – there’s a comment that says it’ll be regenerated if the file is deleted). Since all my cards are the same, I could just put up with the order the module picks when it loads. For some reason, the naming rules attempted to rename some of the cards, based on MAC address, but I’m guessing the ‘eth2_rename’ is the result of naming eth0 to eth2 when the name eth2 is assigned to another card. My hastily concocted solution was to give them all new names:

KERNEL=="eth?", ATTR{address}=="00:1d:09:ff:ff:ff", NAME="eth_bc0"
KERNEL=="eth?", ATTR{address}=="00:10:18:ff:ff:fe", NAME="eth_bc1"
KERNEL=="eth?", ATTR{address}=="00:10:18:ff:ff:fd", NAME="eth_bc2"

I had to edit /etc/rc.d/rc.inet1.conf to update the network card names there, and /etc/rc.d/rc.inet1 for a regular expression for setting up the cards, but once this was done, it all worked like a charm. My preconceived (and ultimately silly, I realise) notion that my cards should be numbered 0, 1, 2 from the top is satisfied too!

I hope that’s useful to someone, if only to increase the number of results you get from a search when your ‘only take a second‘ job suddenly becomes indefinite!

Posted in Broken, Fixed, hardware | No Comments »

If-Modified-Since date formats in Firefox and IE7

June 21st, 2008

Everybody who has a webserver wants to use less bandwidth. A webserver sends out a lot of copies of the same information. Stylesheets, images, static HTML pages, javascript files. Many of these rarely, if ever,  change from one visit by a browser to the next. Fortunately, there are a few schemes implemented in HTTP that help save bandwidth.

I’ve been writing a webserver recently, so I’ve become more acquainted with HTTP features than I might ever have wanted to. Don’t ask me why I’m writing a webserver, I’m beginning to wonder myself. It seemed like a good idea at the time I started it.

When I first started watching Apache access logs (this is a kind of mental illness, I can’t recommend it), I noticed 304 responses for some popular files. HTTP 304 is ‘Not Modified‘. Most browsers cache files they download from webservers, and don’t download them again if they haven’t changed. The way they do this is by conditionally fetching content from the webserver.

Firefox had a super handy extension called ‘LiveHTTPHeaders‘ that allows you to see exactly what messages your browser exchanges with the web server. Even if you don’t have a direct use for it, the conversations between your browser and web servers can tell you a lot about how the Web works. Last time I looked, this extension wasn’t available in Firefox 3. Epiphany has something very similar, so I’ve been using that browser while I’m developing my webserver. You can read the HTTP conversations by using a tool like WireShark too, a very powerful and complex network analysis tool.

A browser makes a conditional request from a webserver when it has an earlier copy of the object in its cache. To avoid the possibility of presenting out-of-date content to the user, the browser sends an ‘If-Modified-Since‘ header field, with the date the browser last downloaded the content. The Webserver checks this date against the date the content was last changed on the server. If the server content has changed, the content is sent as normal. If the content has not changed since the browser last downloaded it, the server makes a ‘304 Not Modified’ response, and the browser uses the cached content.

I noticed in the log file of my webserver a number of

java.text.ParseException: Unparseable date

messages.  I use Java‘s SimpleDateFormat class on the server for all sorts of different date parsing, but ran into some extra difficulties on this occasion. The difficulties arose because just one of the machines here uses IE7 on Windows XP. This browser was sending a different format from all the other browsers:

• Linux-Firefox 3: “Fri May 30 10:14:52 MYT 2008”
• Windows-Firefox 2: “Fri May 30 16:34:38 MYT 2008”
• Linux-Epiphany 2: “Fri May 30 16:34:38 MYT 2008”
• Linux-Opera 9: “Fri May 30 16:34:38 MYT 2008”

• Windows-IE7: “Fri, 30 May 2008 08:34:38 GMT”

I’m not convinced this is a locale problem, since it was the same Windows PC that produced the consistent date from Firefox 2 and the inconsistent date from IE7. There doesn’t seem to be a standard for the date format in the If-Modified-Since header field, so it seems I have no choice but to code my webserver for differing date formats.

I’m currently using 2 different SimpleDateFormats to make the problem go away, but I wonder how many different formats will I get when I deploy this webserver? If-Modified-Since experts, your comments, please!

Posted in Broken, Fixed, software | 5 Comments »

What’s my IP address?

June 17th, 2008

While working on the ZoneEdit update script, I did a survey of IP address checking techniques, 4 of them described below, and a fifth prototype which I think is the fastest and simplest IP address check on the Internet. I host several sites on servers in my home. I have a residential 1Mbit/s ADSL connection to the Internet, and my ISP assigns me an IP address by DHCP. In common with most (I suspect) people using ADSL, I have a combined ADSL modem and ethernet switch – a ‘router’, conecting my home LAN with the Internet (WAN).

On signing up with ZoneEdit.com, I read their page about automatic update agents for UNIX clients, where they suggest ddclient, zoneclient Dynamic DNS update utilities and a couple of command lines for updating Dynamic IP addresses using lynx (a text-based web browser) and wget (a Web download utility).

There are two essential parts to a Dynamic DNS update client:

1. Detecting a change in your IP Address
2. Updating the Dynamic DNS service

The utility software and the two command lines above all update the Dynamic DNS service the same way: by requesting ZoneEdit’s cunning URL:

http://dynamic.zoneedit.com/auth/dynamic.html?host=www.mydomain.com

The IP change discovery is much more interesting. ZoneEdit mentions routers with Dynamic DNS update support built in. Your router knows when the IP changes, as it runs a DHCP client. If your router has Dynamic DNS support built in, the DHCP client daemon should be able to respond directly to a new IP address and inform your Dynamic DNS service.

If the DHCP client daemon could update your Dynamic DNS service, this would be the perfect solution. I’ve had a few routers, and only one of them claimed to have this facility built in. It didn’t work. There are other methods, as ZoneEdit.com suggests, but all rely on polling some network feature to get the up to date IP address and compare it with the one last reported to the Dynamic DNS service.

1. IP Checking Web pages

ZoneEdit offers an IP checking web page at http://dynamic.zoneedit.com/checkip.html. You can check your IP address using a web browser on these services using an ordinary web browser, so click on the links and see first hand what gets reported to the Dynamic DNS update utilities. There are plenty of other sites offering similar pages: http://www.whatismyip.com is a pretty, but heavyweight page, while http://whatismyip.org is minimal.

ZoneEdit’s page is neither man nor beast compared to these other two. The undecorated IP address returned by whatismyip.org (or for automated clients at http://www.whatismyip.com/automation/n09230945.asp) can be captured by programs without effort. ZoneEdit’s page has labels, an unwanted hostname that doesn’t seem to work, and HTML tags.

While simple, this technique does require your utility to make a request on the Internet for data that is held locally. In addition, the data is requested by HTTP, adding some weight to what ought to be one of the simplest exchanges that could be made on a network.

2. From your router’s status page

This is a popular technique. You can, with most routers, administer them from your web browser. They often have a minimalistic web server running on their LAN interface, so http://192.168.1.1 (your router may have a different IP address) will often bring up a web page with a username and password form. The Dynamic DNS utilities often use this technique, requesting an authenticated router status page, and extracting the IP address from the returned HTML.

While this is a heavyweight technique in terms of authentication and amount of data transferred, the network traffic is all confined to your private network.

3. Simple Network Management Protocol

SNMP seems at first glance to be a great solution – you can just send a message to your router asking it what its interface IP addresses are. In practice, the two routers I’ve used this technique on have both become unresponsive after a few hours, and have stopped routing some time after that. I could not recommend this technique to anyone. I’d love to hear of a router that can cope with repeated SNMP requests – I’d buy one in a shot! Here’s a command line that will return the WAN IP address from two routers here. Remember, this command line may cause your router to stop routing and require a power off-on!

snmpwalk -v 1 -c public 192.168.1.1 IP-MIB::ipAdEntAddr

The good thing about the SNMP approach is that you confine your IP address discovery traffic to your private network, and (in my opinion) you’re using (if it works!) the right tool for the job.

4. Ping route recording

Ping offers the option to record the route taken by the ping packet. If you can find a host that reliably responds to pings on a network near you (a ping packet can only hold 9 route records, according to ping’s man page), you can extract your router’s WAN IP address from the route it took. For example, www.exabytes.com.my is a Malaysian hosting company in TM’s Internet Data Centre. See the route:

The 4th line of the output holds the IP address of my router – the ‘n’ option instructs ping not to convert IP addresses into names, the ‘R’ is for route recording, the ‘c 1’ limits ping to just a single ping. This is a super lightweight method that can be confined to a very local part of the Internet, if you choose your host carefully.

We’re currently using this method for our ZoneEdit.com zones, and it seems to be working well. A little bit too well! We ping our chosen host at 1 minute intervals, and see a few times a day that either the ping packet is lost, or occasionally, that the host is ‘unknown’. That’s not enough data to diagnose a network fault, but a sign that all is not as well as it could be.

The well-known best-kept secret: netcat

As I went through this survey, I used cURL to examine the data that is exchanged when querying public IP checking sites and router status pages. Aside from the occasional decorated page, a HTTP request seems needlessly bloated for the task of requesting a site echo your IP address. Your IP address isn’t part of the HTTP request, it’s available to the server when you open a socket to transfer your HTTP request. That lead me to think there ought to be a command line tool for opening sockets.

Telnet sprung to mind, and I use it from time to time to check open sockets on computers, but it’s not trivial to embed an interactive program like telnet in a shell script. After a little searching I turned up netcat. I have no idea why I didn’t know about netcat before – it’s a beautiful thing! It’s cat for URLs, but with a whole lot more functionality.

The cat part is what I really wanted: a utility that opens a socket on some site that echoes my IP address at me. I don’t know of such a site. WhatIsMyIP.org and similar don’t count – you have to send an HTTP request first. You can use cURL for that, but I wanted something even simpler. I couldn’t get my manpage mojo working well enough to work out how to write a shell script to echo IP addresses, so I tested netcat against a Java program IPEcho.java that echoes the source IP address of a connecting socket.

5. Fastest IP check on the Internet

This could all go terribly wrong, considering I’m using an ADSL connection for several sites, but i (edited March 2013 – this service is available at shipping-quote.net) If you want to test the power of netcat, just try a little:

nc shipping-quote.net 4447

My Slackware and Ubuntu distros both name netcat ‘nc’. [no longer available] is a machine on my LAN (edited March 2013 – this service is on my project shipping-quote.net), and 4447 is an open port to the Java IP Address echo program running on it. 4447 is what I have to type on my phone to get ‘ip’. Irrelevant, I know. On my LAN the IPEcho program is good for about 3000 reports per second, for about 800KiB/s of data transfer and 3% server load. If you don’t have netcat, you can probably use any web browser to see the output – try http://shipping-quote.net:4447. It’s not HTTP, but most web browsers will attempt to show the echoed text.

Please don’t test my ADSL connection to the limit – I’ll publish some statistics at a later date if the IPEcho service is popular. I’ll close the port again by 22nd July. Nobody in their right mind would run a service like this on a Dynamic IP address – I’m doing it because that’s all I’ve got.

Posted in Breaktime, Broadband, Google, software | 4 Comments »

Denon ethernet cable: CAT5 goes to 11

June 16th, 2008

I saw this on slashdot, and just had to make sure you didn’t miss it. I would pay extra for good quality ethernet cables. Since I moved to Malaysia, I’ve been buying 3 ethernet cables for every 1 that has proven reliable. Broken wires, bad joints with pins in the plugs, plastic tabs that fall off when you open the bag you bought the cable in, and even plugs that don’t fit in the sockets properly!

I can’t give any good advice to other Malaysians about buying ethernet cables. If you’re near Port Dickson, the little computer shop upstairs in The Store has been making cables that have worked 100% for me so far. He makes them to order, and does a little demo with a cable tester for each one before taking your money. More expensive than a bagged one from any of the shops that sell cables in Malaysia, but much, much cheaper when you only have to buy them once. Make sure you go well into the afternoon though. I went at lunchtime once, and was surprised to see the shutters down on his shop. I went downstairs for a coffee and a cake at the cafe by the back door. Their coffee is the best I’ve had from a cafe or hotel around here – much better than Secret Recipe, cheaper too. When I asked the women in the cafe about the computer shop, they all laughed and said “too early for him!”.

If you really have to have the best, then maybe you would consider this Denon link cable. Whether it’s your kind of product or not, you must read the customer tags and reviews of this product at Amazon. Remember, there are only 192 shopping days until Christmas! Is there someone in your life who deserves this product?

A better question might be: is there a person in your life who can afford a 500 dollar ethernet cable? If there is, then introduce me, will you? I could use friends like that.

Posted in Breaktime, hardware, Life | 1 Comment »

Sendmail DSN – forwarding root’s mail

June 15th, 2008

Further to my earlier article “Streamyx SMTP server authentication problem“, the other part of my problem was the DSN – Delivery Status Notification emails were not coming to any of my interactive users. I thought at the time they might be going to the sender, since the mails were coming from a PHP web application. In fact, the notifications were going to root – the owner of the sendmail process.

I could see the notifications – all I needed to do was log in as root (I never do this – always su root!) and use the mail program. There I could see lots of emails that told me exactly why they hadn’t been delivered:

reason: 530 5.7.1 Authentication required Refer http://webmail.tm.net.my/smtpauth.html

At this point, I’d just like to repeat the point of the previous article. Our authentication had been just fine for more than a year. Recently TM quietly changed policy and started rejecting authentication attempts from users who hadn’t changed their password since signing up for Streamyx. That URL tells you nothing about the policy change, you have to work that one out for yourself! OK, maybe it’s a bit lame, never changing a default password that’s the same for all users, but a clear statement about the wheres and hows would have been only respectable.

Back to root mail forwarding. The Internet is your friend. There are all manner of complicated ways of doing it, but the one I opted for is so simple, I don’t know why I didn’t always know it. Just write a ‘.forward file‘ in root’s HOME directory. Mark Roth’s sendmail tutorial explains it best, see: The .forward File

In this example, I opt to receive root’s mail, and also forward it non-recursively (that’s what the backslash means) to root:

This seems to work a treat. I’m hoping this means I won’t be thrashing around completely in the dark the next time TM change the email rules!

Posted in Fixed | No Comments »