Internet – SYSMGR in the attic

4-Feb-2017

04-Feb-2017

Maintenance
It’s been a quiet month:
PMAS statistics for January Total messages : 1910 = 100.0 o/o DNS Blacklisted : 0 = .0 o/o (Files: 0) Relay attempts : 94 = 4.9 o/o (Files: 31) Accepted by PMAS : 1816 = 95.0 o/o (Files: 31) Handled by explicit rule Rejected : 971 = 53.4 o/o (processed), 50.8 o/o (all) Accepted : 150 = 8.2 o/o (processed), 7.8 o/o (all) Handled by content Discarded : 342 = 18.8 o/o (processed), 17.9 o/o (all) Quarantained : 329 = 18.1 o/o (processed), 17.2 o/o (all) Delivered : 24 = 1.3 o/o (processed), 1.2 o/o (all)

Most days there has been some attempts to abuse the server for relay each day, but far less than is usual. Most files are well below the rated limit (4 blocks, or 2Kb in size), jus on 09-Jan-2017 and 29-Jan-2017 were larger: 8 blocks (4KB), and 4 blocks (2KB – more than on the others days).

If would be nice if it stays that low, but I guess I’ll see higher levels later this year.

Network outage
Yesterday, when trying to read mail from the server at work, I noted there was no access AT ALL to the site – even VPN into the router failed. Turned out to be a problem with the Internet provider, that lasted until approximately 16:00 – after which all mail that was blocked for that reason, got in again. Not juts Internet. Because TV and telephone use the same connection, these were down too.
Well, it all worked again even since.

New hardware, new software
This year. I intend to add an Itanium server to the data center, so I can get somewhat acquainted to that hardware. Apart from the usual WordPress updates (one coming this weekend) I plan to upgrade the database (from MySQL 5.1 to MariaDb 5.5) and PHP (a big leap to 7.0). This involves all blogs to I need to take care that I don’t break anything, severely (It may required some PHP code changes as I already found out when trying to run 5.4….)
And, if I can get hold of it, newer versions of OpenVMS.

Apart from that, there will be new content in Trips, Tracks and Travels.

18-Jul-2013

Internet Lights Out
Two days ago, when trying to acces webmail at 16:00, the connection that was fine 15 minutes earlier, was gone completely. None of the sites was accessable, even the router could not be accessed, something that is normally no problem. Seconds later I got a message on my cellphone that TV was gone as well. Tried to phone: gone as well.
Because the TV worked, except it didn’t get a signal, en the phone looked fine, it was obvious it wasn’t a power outage. So either the router broke down, or something was wrong with the external (Fiber) connection.
When at home, two hours later, I checked the router by checking the wifi-signal, but that looked Ok. I could connect both phone and laptop op Wifi, and access any machine on the local network. But any attempt to get out onto the Internet, failed.
So it was definitively a matter of the external conenction. So I looked at the box that connects the router to the fibre. And indeed, one of the LEDs that should blink, was off. For my ISP that was proof that the lights of the Internet were turned off….
Service disruption, indeed. So a ticket to handle the repair was created, and I would be informed – over SMS – of any change.
But yesterday at 16:00, no message had arrived, so I decided to call the ISP on the progress: since ALL services were off, I would expect them to hurry…But no, I was to be handled today; they couldn’t locate the problem remotely so the problem might be in the PointOfPresence. Worst case, if not, an appointment would have to be made to have a look from my side. No idea how long THAT would take.
Given the reuptation of the big company behind the ISP, it could take days, if not weeks….

Luckily, the disruption was solved when I tried to access the webmail site at 16:00 this afternoon.

But not any status update over SMS…..

Well, it all works again. But if you promise your customer to inform him on the progress of the work on the ticket, it would be nice if that promise was kept. EVen if it turns out the disruption is caused by a mistake – or even something stupid.

28-Jan-2013

27-Jan-2013

New router installed
For a few years, I used a Draytek Vigor 2910 router, that includes Wifi and VoIP, and the ability to connect over ISDN (which I never used). That worked fine until the new ISP connection has been delivered. The new ISP has higher demands: IPv6 and multi-VLAN, to begin with. For all easy, they offer a router that is pre-configured for their connections: a AVM Fritz!Box 3790. It makes installation very easy, but the system has a few disadvantages compared to the Draytek: No logging to a syslog daemon; no facilities to block specific systems, ranges or networks. And, appearently, it cuases delays on internal traffic.
So I bought its successor: VG2920 Vn, it supports IPv6 and multiple VLANs.
Since this is the same line as its predecesssor, you could expect that configuration would be just a matter of loading the last saved configuration and adjust what’s added (and changed). But that is too simple. You have to do it all by hand, but that is not as bad as it sounds: access both of the routers and copy setiings from one side to the other. In most aspects, the UI is the same, in others, you really need to look further…But at some point, the basic configuration was such that I could connect to the ISP, and all Internet traffic – both outgoing and incoming – passes the router properly. Blocking works as well.
But accessing the FritzBox as an internal router – for VoIP – was a different matter, so I moved the phones to the Vigor as well. Both numbers now call out – calling them isn’t yet possible since the numbers were deactived by the errorenous deactivation of the connectrion in the beginning of December and not yet installed at the new ISP. But I followed the instructions and it should work.
Another thing to test is IPTV, which has been set up in it’s own VLAN and bridged to a specific port(though it is yet another protocol) so the Fritz!Box will have its use as a normal device – I hope that will work. It seems there is specific software in that box so I’ll need it for IPTV – but if it works without it, even better. That will become clear when IPTV is enabled. Three more weeks….
There is still a minor issue, though it seems to have no real implications – for now, at least: the Vigor doesn’t get an IP6 address. The ISP expects a DHCPv6-client that supports prefix delegation, but this router does not have a choice for “DHCPV6_IA_PD” as is mentioned in the manuals of the ISP. The configuration does show “DCCPV6_client” and a button for “prefix delegation” – and it requires an ID, but as the client, I can define my own. So I did, but still I don’t get an IP6 address….
It might help to take down the connection for some time, in order to run into a timeout so it must be re-initiated from the ground up. It won’t pose a problem in IP4 since it is assured the address won;t change, and it will actually re-initiate the IP6 DHCP again.
Asking the ISP – and the supplier of the router – may also help.
Spam comments arrived
I got a few “comments” – actually: spam messages – though you need to login to comment, and these comments do not come from a logged-in user. The other source of these messages might be a trackback. So I disabled pings alltogether

22-Jan-201328-Jan-2013

22-Jan-2013

VPN cannot be established
Following the description of AVM – the manufacturer of the Fritz!Box – to create a VPN tunnel, I found out it requires additional software on any PC that wants to set up such a connection: first in order to create a file (the connection is IPSec based), import that file into the router and into a PC-based program. The first is no problem, but the second one fails. Probably because the router cannot be located? Because though I should be able to connect over the designed port, eventually via a server at AVM, but that fails as well. I know I have remote management enabled, and all other access succeeeds (this post is proof of that…).
Merely a nuissance, I have already ordered the new Vigor router, and that will arrive any day of this week. Setting it up is easy aside the old one, just side by side: Although the 2920 is said to be the successor of the 2910, the configuration of the latter cannot be read in by the new version….Draytek could have done a better job.
Though it works now, the Fritz!Box lacks the facility to block access by address – be it a single address of a complete network. That already showed in the FTP and mail logs…..

4-Dec-2012

04-Dec-2012

Disconnected…
Given the problems my ISP has with keeping the same address on the Internet connection, I have decided – on 14-Nov-2012 – to switch to another ISP, as far as Internet connectivity concerns. That also meant I have to switch the HD supplier as well, but that’s not a big deal.
Analogue and Digital broadcast, over Coax, will stay where they are, as well as telephony.
We have a one-month notice, so it means that my new ISP will enable the internet connection on 14-Dec-2012.

Yesterday, about 13:40 UTC, my ISP dropped the Internet connection, HD TV and telephone. WITHOUT WARNING. Getting into contact was impossible, so I retried this morning. It turned out that there has been a severe error in procedures: this should not have done before Dec 14th, and only Internet and HDTV should have been involved…
Telephone could be restored but it would take a few days. Internet, however, would need reactivation which would – as was said – two weeks: well after the contract was officially ended.
So I called my new ISP if they could pull instalation forward, but that was impossible.

As a result, I would be left without Internet for about two weeks. The major concern would be mail that would be undeliverable, but there is little I can do about it….Just complain how things had gone wrong.
…or not?
But when I took a look at the router tonight, I found the connection was restored, and on the previous address as well. So the connection is indeed available! As is the HD-TV connectivity. Just phone doesn’t work, yet
Looking back in the logfiles, it must have been about 9:30 that the connection was restored – around the time I had finished my phone call to the service desk. It hadn’t gone that bad, apparently.
Still, I will make a complaint because this shouldn’t have happened in the first place….

Just wondering how long this connection will last, and at what time the switch will take place – and what time it will take.

However: If I would be off line for a few days, it would give me an opportunity to do some needed updates and reorganization, without inteference with normal access. Of course I can still do the updates, but there is now more stress on timing.

Well, you can’t have everything 🙂

April 2024
M	T	W	T	F	S	S
« Nov
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30