Jon’s Diary

For some reason, I was once silly enough to create an mdadm RAID array using physical disks rather than creating a primary partition on each disk and creating the array from those. Because of this, when one of my servers boots, LVM cannot find it’s partitions since the array hasn’t been assembled at that point in the boot process. Or something. I’m not entirely sure, since it was never important enough to spend too much time worrying about.

Anyway, when the machine eventually boots (I’ve removed the mounts from /etc/fstab for the logical volumes on this misbehaving array) I’m left with the issue of finding the missing logical volumes and mounting them.
(continue reading…)

Recently, the volume of spam I was receiving has massively increased. In the past almost all of my spam was detected correctly by SpamAssassin and filtered out. However, this recent increase of spam has had the added issue of being sent to me with a spoofed ‘from’ address being the same as the ‘to’ address. Since SpamAssassin assumes I’m not going to spam myself, it doesn’t detect these mails quite so effectively.

I also wasn’t alone. A number of other people with mail hosted on my server complained of the same issue. So, I set about finding a solution.

After a few googles, I stumbled upon the Sender Policy Framework, or SPF.
It’s very simple in the way it works, is quick to set up, and best of all it costs nothing!

First you need to add a new DNS entry to the domain you want to protect. The following TXT entry tells the world that the only host authorised to send email from the domain jonpascoe.co.uk is the A record that it resolves to. All other sending hosts should be ignored.

jonpascoe.co.uk. 86400 IN TXT "v=spf1 a mx -all"

Once you’ve added your DNS TXT entry, it’s just a simple matter of configuring your MTA to look for the Received-Spf email header and filter your mail accordingly.

In the last couple of days, I haven’t sent myself a single spam email!
As an added bonus, if spam is sent “from me” to somebody else on the internet, and their MTA is configured to use SPF, they should block the mail too.

The other day at work I had to set up a console connection between two linux servers via a null modem cable connected to their serial ports. We have some servers that are regularly rebooting themselves, and we have been unable to capture any data from the console until now.

First, connect your servers together using a null modem cable connected to the serial ports.

Next, on the source server you want to run the console from, modify the /boot/grub/grub.conf such that the kernel gets passed the following parameters at boot time: console=ttyS0,9600n8
This configures a console session on the first serial device, with a baud rate of 9600, one start bit, eight data bits, no parity, one stop bit, and no CTS/RTS flow control.

Here’s an example of a complete section of a working grub boot loader:
title Red Hat Enterprise Linux AS (2.6.9-42.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-42.ELsmp ro root=/dev/rootvg/rootvol rhgb quiet console=ttyS0,9600n8
initrd /initrd-2.6.9-42.ELsmp.img

Add the following line to the /etc/inittab file on the server the console session is running on, making sure the co identifier is not used anywhere else in the file:
# Console connection
co:2345:respawn:/sbin/mingetty ttyS0 CON9600 vt102

Finally reboot the source server.

Once the server is back up, on the second ‘display’ server, open a terminal session and run a piece of software called minicom.
When minicom is running press CTRL-A to open the menu. Press Z to display the help screen. Press O to cOnfigure minicom. Use the arrows to select ‘Serial port setup’ and press enter. Press A to configure the serial device and change it from ttyS1 to ttyS0. Press E to configure the baud rate, and press E again to select 9600. Press enter twice to exit, move down to ‘Save setup as dfl’ and press enter. Move down to ‘Exit’ and press enter.

If needs be, exit minicom (CTRL-A, x) and restart it. Your console connection should now work.

By default, you wont be able to log into this console directly as root. To enable you to do so, edit /etc/securetty and add the new console device to the list (ttyS0). Changes to this file take effect immediately. No need to reboot or restart anything.

It’s not something I do very often, and so I invariably find myself poking about in man pages every time I do it.

The other day I wanted to take a copy of a CD onto my laptop as I didn’t have a blank CD to hand to copy it to. Once again I had to make sure I was using dd correctly and so out came the man pages again. Purely for my own future reference, here’s the command to copy a CD to an ISO image on Mac OS X, Linux, or any *nix based OS with dd installed:

dd if=/dev/disk1s0 of=/Users/Jon/Desktop/cd_title.iso

In Linux your input device (if) will be something like /dev/cdrom

I have a Netgear DG834G v3 ADSL modem/router/firewall, which also has a built-in 802.11g wireless access point and 4-port 10/100 Ethernet switch.

Recently the 4-port switch has stopped functioning correctly. Everything else works, and my MacBook is able to access the internet without problems using the wireless network. However, devices connected to the router using the switch cannot access the internet or even the internal admin functions of the router. So, I raise a support query with Netgear since the device is only a few months old and still within warranty.

2/11/2007 8:58:00 AM

Hello,

The 4-port switch in the DG834Gv3 has stopped functioning.

The internal ADSL modem works correctly and connects to the internet.

Wireless users can receive network addresses via DHCP, and connect to the internet.

PC’’s connected via ethernet cable to the switch cannot connect and do not receive addresses from the DHCP server in the DG834Gv3. However, the port activity lights on the front of the unit do flash when a device is connected.

I have upgraded the unit to the most recent firmware in an effort to fix the problem, but to no avail.

I look forward to hearing from you regarding this matter.

Jon Pascoe

The following day I receive this reply:

2/12/2007 10:06:00 AM
Dear Jon,

Thank you for choosing Netgear. My name is Mohit & I will be handling your enquiry. I appreciate the opportunity to assist you.

Regarding your concern, please follow the steps below on the computer connected to the router with ethernet cable:

1. Click Start — Control Panel — Network and Internet Connections.
2. Click on Network Connections.
3. Right click on Local Area connection icon and click on properties.
4. Select Internet protocol TCP/IP from the list of components and click on properties.
5. Choose option for “Use the following IP addresses”.
6. Set IP = 192.168.1.50, Subnet mask = 255.255.255.0, Default Gateway = 192.168.1.1
7. Select option for “Use the following DNS server addresses”.
8. Set the Preferred DNS server = 192.168.1.1 and the Alternate DNS server = 4.2.2.2.
9. Click OK, close all windows and restart the computer.
10. Try to go online.

I hope the steps above will help resolve the issue. If you have any further concerns, please feel free to e-mail us back.

Regards,

Mohit Mathur
Netgear Support

Of course I’ve already tried all of the possible things I can change to try and get things working. I can’t be bothered to tell him that I’m not using windows as I fear it’ll just overcomplicate matters. So, I reply again:

2/12/2007 10:28:00 AM

Hello again,

I have tried the suggested actions in your message, and this has not resolved the issue.

I have some further updates from my investigations though.

Machines connected to the switch can talk to each other. Also, with a PC connected on port 1, another on port 2, and a third on port 3, with the machine on port 3 scanning for network traffic it can detect traffic between port 1 and 2. This leads me to assume that the internal switch in the DG834G is operating as a hub.

None of these machines are able to receive IPs via DHCP.

With their IPs statically set (as per your instructions) they are able to talk to each other, but none of them have internet access.

Throughout this testing I was able to access the internet from my laptop via the wireless network provided by the DG384G.

I believe there is a hardware fault, and the unit will need to be replaced.

Kind regards,

Jon Pascoe

They then reply:

2/13/2007 1:05:00 AM
Dear Jon,

Thank you for choosing Netgear. My name is Prashant. I understand your concern and appreciate the opportunity to assist you.

This issue can be best solved over voice so that we can try a few troubleshooting steps to resolve this issue. If Level 1 is unable to resolve the issue, the case can be escalated to Level 2 support.

Please contact our voice support at 0870-112-1206 and we are operational 24×7. Also, please mention the email reference number to the support engineer.

If you have any further concerns, please feel free to e-mail us back.

Regards,

Prashant Kaushish
Netgear Support

Progress! Or so I thought. Thinking that I might be able to talk to somebody technical about the problem, and possibly resolve the issue, or at least get my replacement ordered I happily punched the telephone number provided into my phone.

10 minutes later and I’d eventually got past all of the menus and sat through a lecture of Netgear product adverts and was finally greeted by a human being. Albeit a human being in Bangladesh with a very strong Indian accent. So strong in fact that I found it difficult to understand him. Here’s roughly how the conversation went..

Indian Support Guy: Hello, my name is XXX how can I help you? (I couldn’t understand his name when he said it, let alone be able to repeat it now, and I figured his name was a moot point so didn’t want to press the issue)

Me: Hi. I have an existing case number, will that help?

ISG: Yes please. Please be giving me the case number.

I give him the number, correct a mistake, and repeat the number again for good measure

ISG: Thank you very much. Please give me a few minutes to bring up your record.

…

ISG: OK, how may I help you?

Me: Erm, well I have a DG834G which isn’t working correctly. If you read the notes on my case you’ll see all the details about the malfunctioning switch.

ISG: Yes, and what can I do to help you?

Me: Well, I’d either like you to tell me how to fix it, or send me a replacement.

ISG: OK, plug your computer into the device.

Me: If I plug it in using a cable and turn the wireless off it wont work.

ISG: Please plug in to the device.

Me: OK. Just for the sake of it, I plugged the cable in

ISG: Click Start, All Programs, Int…

Me: I’m not using Windows, this is a Mac running OSX. I can’t click Start.

ISG: OK. Please click Start, All Pro…

Me: I’m sorry, this isn’t Windows. I’m not using windows I’m using OSX on a Mac. I can’t click Start.

ISG: OK. Please open Internet Explorer.

I open Safari

Me: I’m not using Windows, I haven’t got Internet Explorer, but I’ve opened Safari.

ISG: Please type in the address 192.168.0.1

Me: My router is configured on the IP 192.168.1.1, and anyway since I can’t get an IP via DHCP whilst connected via a cable into the switch I can’t connect to anything anyway.

ISG: The address you need to type in is 192.168.0.1

Me: The address of my router is 192.168.1.1, but I’ve typed 192.168.0.1 in anyway, and neither address works.

ISG: OK. Click Start, Control Pan…

Me: This machine isn’t running Windows.

ISG: Please click Start, Con…

Me: This isn’t Windows, I don’t have a start button. Maybe just say what you need me to do and I’ll do it.

ISG: OK. Set your IP to 192.168.0.2 with subnet mask 255.255.255.0

Me: As I said, my router is on the 192.168.1.0 network.

This carried on for a while as he got me to set my IP and fail to connect through the switch again. We tried a few different ports, tried doing a hard-reset on the router, all the things I’d already done before calling support, and which were already detailed in my emails. Then we have this little gem:

ISG: OK, now reset the router, set your computer to automatically get an IP via DHCP, and tell me what lights come up on the router.

Me: All the lights are on, they’re all green, including the port light for the connected cable.

ISG: The lights are on?

Me: Yes.

ISG: So everything is working now! (This wasn’t a question, and he sounded genuinely pleased with himself.)

Me: No. It’s still broken.

I really felt for the poor chap at this point. His technical knowledge wasn’t very high, and he was clearly struggling with the way things were going. The conversation carried on with him asking me to try more and more things, including lots of things which I’d already told them I’d tried in my emails. His final bid for success, which was sadly prompted by his manager, went as follows:

ISG: OK, we will upgrade the firmware

At this point I’d quite frankly had enough and just wanted to get my replacement ordered, I’d been on the phone for 20 minutes, none of which had been useful, and wanted to go to bed.

Me: Have you read my case notes? They quite clearly say that I’ve already tried upgrading to the most recent firmware. In fact, I’ve not only tried the most recent firmware, I’ve also tried the original factory firmware V4.01.04, the firmware released mid-summer last year which was V4.01.06, and also the most recent firmware, V4.01.20. None of them worked, they all had the same problem with the switch. The switch used to work and it now doesn’t, I’ve tried everything possible to make it work and none of it has. Can I please order a replacement?

This was the point that he broke. He went off and got permission from his manager to give me an RMA number (I have no idea what RMA means) which I can apparently use to order my replacement. By the time he got round to taking my address I was close to tears. If only I had recorded the conversation. The number of times he made errors taking down my address became quite comical by the end. Anyway, to cut a long story short, he took my details and gave me this RMA number and a phone number in London to call and order my replacement, which will apparently take 5 to 10 working days to arrive. I guess I’ll find out the full details when I ring them tomorrow. Fingers crossed for native English-speakers! Eventually, after 40 minutes on the phone, we said our goodbyes and he read his final scripted “I’m happy to have been able to help a customer of Netgear” rubbish.

So, what’s my point? Well, I guess it’s about customer satisfaction. The only real criticisms I have of the guy on the phone is that he didn’t read my case notes and just blundered through his script like a mindless support monkey. Also his inability to grasp the information I told him and to mould his scripted support around it was quite frustrating; how difficult could it be to understand that my router has an IP of 192.168.1.1 rather than the factory default of 192.168.0.1? Had I rung him last week the IP would have been 10.1.1.1 which would have really thrown him off balance! However I can forgive them for being robotic support monkeys since that’s what they’re paid to do. He tried his best, and was only doing his job the way he’d been told to do it.

What I hate is the fact that I was talking to somebody in India, who couldn’t speak English properly, and clearly didn’t have any real technical knowledge. Had I been talking to somebody in the UK the whole conversation would have been half as long just for not having to correct errors in translation. Had I also been talking to a technical person, as I had been led to believe I would be, the conversation would have been shorter still.

Whilst it may be cheap for Netgear to have their support outsourced to India, it really doesn’t make for happy customers when they have to ring for support. I hope I don’t have to go through all that again.