Doing battle with a Dell R620 and Ubuntu
We recently got sent a Dell R620 to evaluate and while its technical specification is amazing there are a few things that need to be handled first.
As far as Ubuntu and the Dell R620 go, Precise (12.04) is the only way to go here. Every release before Precise has issues with this hardware in one way or another. This is new hardware of after all.
For our “use case” we downgraded the PERC H710P controller to a H310 controller so we can have direct access to the drives via pass-through. The H310 allows TRIM support for SSDs and SMART data via smartctl to be used without any problems. If you are interested in SMART information and PERC H700 series RAID controller, I posted about possible workarounds at Dell’s customer support site.
Ubuntu 12.04 (Precise) and AMD Catalyst 12.4
Precise Pangola has been released and a day later comes a new fglrx driver. While there isn’t a changelog, this build apparently gives us:
early-look support for Ubuntu 12.04, Linux PowerXpress support for the Intel Ivy Bridge platform, packaging script updates, and various bug-fixes.
Among the bug-fixes for Catalyst 12.4 on Linux are: fixing some multi-head issues, a system hang in certain PowerXpress configurations, fixing a system hang when using OpenGL overlays, correcting an OpenGL performance drop, a soft-hang when killing the X Server, and severe corruption for OpenGL games using the AMD “Redwood” graphics processors.
If you want to build these for yourself then you can follow these instructions:
A poor man’s https, using ssh to secure web traffic
Sometimes you get a web-hosting environment that only serves non-ssl (http) content. If you need to do any type of management through tools like phpMyAdmin, then you can see the problem with this. All it would take is someone on your network or on the Internet to sniff the traffic and retrieve your username and password, then they too can do a bit of “management” on your site.
If you also have secure shell (SSH) access, then there is a way to manage your site securely by using SSH’s venerable port forwarding (SOCKS). The trick is to tell your management tools to only listen or respond to connections coming in over SSH instead of normal traffic.
SSH as a socks proxy
Recently there was a need to visit a US based website to verify some personal information. Apparently there are ‘rules’ about who is geographical allowed to get access to the site which means that a citizen of said country cannot access the site from outside of the US.
I will not get into the absurdity of such security mandates, instead we will go around the problem and get our information that bureaucracy tried to prevent.
The general idea is to use a proxy inside the US that will allow us to hop over the geographical firewall. I do not trust open proxies by default because of their ability to sniff traffic. I do however have access to a secure shell (SSH) in the US that I can use.
Asymmetric networking using Linux
The idea is simple, two subnets (separate networks) and then route packets from one to the other. The environment, however, is not symmetric. We wanted to contact a node on the other subnet and we could see the packets travelling over the switch to the router back through another switch to the node, but the node itself refused to reply.
Each node has two NICs and each NIC is connected to a separate network. If you try to connect or ping one node from another, Linux is smart enough to go directly over the NIC with the right network. If a NIC should ever fail, the failover is that the packets are then routed up one network to the router then over to the other network.