OpenSolaris iSCSI ZFS COMSTAR target, FreeBSD initiator

Storage is a pain.  I can spend lots of money to solve this problem, or I can find less expensive alternatives.  I’ve been using diskless servers lately, all served off of a big OpenSolaris machine.  (Why OpenSolaris?  It has a newer ZFS than FreeBSD.)  Performance is mediocre on NFSv2/3, and I want faster.  One obvious thing to try is iSCSI.

iSCSI requires targets (servers) and initiators (clients).  For this test I’m using OpenSolaris as the target and FreeBSD as the initiator.  For testing, both machines are running on ESXi, on older hardware that’s been removed from production.

Continue reading “OpenSolaris iSCSI ZFS COMSTAR target, FreeBSD initiator”

FreeBSD/amd64-current virtual kernel

Back when machines had 128MB RAM, kernel customization was important.  Today, most standalone machines have so much RAM that customizing the kernel is pointless — until you virtualize, that is.  If you can assign a virtual machine 128MB of RAM again, reducing kernel size again becomes useful. I have a lot of single-purpose virtual machines with puny memory allocations.

Continue reading “FreeBSD/amd64-current virtual kernel”

I will have books to give away

Network Flow Analysis is due from the printer on June 21, 2010, or two weeks from today.  I’ll get my copies later that week.

No Starch Press is contractually obliged to give me six copies of each book I write.  They’re generous folks, though, and I usually get a bunch.  The number varies with the book’s size, cost, and how many can be wedged into whatever spare box the printer has on hand, but can be usefully described as “more than I can realistically use.”

Some copies I give to good causes –e.g., the charity auction at BSDCan.  Others go to people who help me write the book, who provide valuable feedback or testing, or who feed me.  (Especially if they feed me gelato.)  That’ll still leave me with most of a box.

This time, I’d like to give away copies to people who will write thoughtful reviews on Amazon.  (Reviews on blogs would be OK as well, but Amazon reviews are the most effective.)  I’m sure I’ll have more volunteers than books, though.  I’d like to find some fair way to hand out these review copies; I’m thinking some sort of small contest.  Any suggestions, folks?

add LDAP logins to Ubuntu 10.04

So, I have a new Ubuntu 10.04 server, and need to get LDAP authentication working on it.  I have a cut-and-paste template for Ubuntu 9, but this is the first Ubuntu 10 box I have.  There’s a document at, but it’s obsolete.  The only useful hint is at the bottom.  So I run: Continue reading “add LDAP logins to Ubuntu 10.04”

Ubuntu is really annoying me

Installed a new Ubuntu 10.04 amd64 server yesterday.  (Before my BSD devotee readers scream in outrage, this is for a particular application.  When a software stack runs on a particular OS, you use that OS.)  On the first boot, the boot loader completed… and the screen went blank.  The hard drive light was on.

Single user mode?  Same thing.

Bad install?  But I could ping and SSH into the host. Continue reading “Ubuntu is really annoying me”

new RouterBOARD 750

A heap of RouterBoard 750s landed on my desk.  I want to use these to do daft things like VPN termination, MPLS, and so on, but they arrive configured as home NAT boxes.  Step one is to do basic setup on the box.  The MAC address is printed on the unit, so I can get the IP from the DHCP server.  Then I’ll use MicroTik’s WinBox management client.  A MicroTik’s default username is “admin” with no password.

Hmmm… I can’t get in from outside.  Sensible enough for a home NAT, I suppose, if annoying for me right now.  My laptop is running over wireless, so I have a free Ethernet port.  Plugging in a cable to the “inside” port gives me an address in 192.168.88/24, and I can browse to  Good enough — but this bloody Windows box now has two default routes, and my Internet connectivity is hosed.

First, go to the firewall tab and disable the firewall and NAT.  I don’t want a “public” interface on this box, if possible. Then go to the DHCP tab to disable the default gateway on this lease.  The Web interface is clearly minimal, designed for the home user.  I need a better interface, so fire up Winbox.

Winbox can connect to the inside interface.  First off, go to the IP->DHCP Server, the Network tab, and remove the default gateway with the “up” arrow.  I “ipconfig /release && ipconfig /renew” on my laptop, and I once again have Internet connectivity over my wireless.

I want a static IP on the “outside” interface.  Go to IP->DHCP Client, and hit the red X to disable.  Now go to IP->Addresses and add a new address.  There’s no “netmask” in the IP setup screen; you have to use slash notation after the IP address (e.g.,

Then go to System->Users, select the Admin user, and set a password.  The box is up and on the network.

Next stop: Radius auth for admin logins.