Keith Smith - Think Ahead. Learn More. Solve Now!


Keith Smith - Think Ahead. Learn More. Solve Now! > Network

Screw Verizon and there stupid STB's and constant rate hikes with the

Thursday, May 28, 2015 - Posted by Keith A. Smith, in Network

In February of 2014 i finally decided to cut the cord! I returned all the Set top boxes (STB) that were in my house to the provider and cancelled my tv subscription. The customer service guy tried really hard to prevent me from canceling but i was persistent enough to see it through, during the same process I negotiated a speed tier increase which was going to be utilized by all the Internet connected things. I like most people have more shows on hulu, Netflix and amazon prime than on anything else, the challenge was going to be with sports! How would I be able to watch football and basketball? And what would would be the device of choice for streaming? Since i don't have any smart tv's or any of that I started to do some research, i already knew of the apple tv's, roku's and chromecast's of the world but i wanted something different, on Mar 27, 2014 i heard a rumor that amazon was working on some sort of set-top box which was intriguing to me. Apr 2, 2014 Amazon unveiled a new streaming video product during a press conference it dubbed Fire TV, after looking at the specs it seemed like it do fit the bill for what i wanted.
On Apr 2, 2014 i pulled the trigger and purchased my first amazon fire tv, the setup was pretty straight forward and there are a few popular music apps included like Pandora, but the company says its Amazon Music Cloud player will be available soon. Currently you can't access your local video or music collection from an external drive, even though there's a USB 2.0 port. Company execs say the port is meant for accessories as well as developer support. But once the Amazon Cloud Player is ready, you can upload your songs to it and play them.

FreeTime for kids is another feature that works with parental controls and limits the amount of time your kid can watch videos and play games. It also lets you create personalized profiles for each of your children. The FreeTime service is a subscription that will cost US$2.99 per month, and is said to be arriving in the coming weeks. A month later i planned to other another Fire TV, but i needed to make a few changes first.

As i noted here i chose to go the Amazon Fire TV route for media streaming in 2014, by the time September rolled around i had not found a solution for watching football and basketball with out a tv subscription. I stumbled upon a article that reminded me that i could use a vpn solution to access certain content, I already knew of a pretty reasonable vpn provider that might be able to do this but in order to test it out i would need to and i did purchase NFL Game Pass which would allow me to stream the NFL games. To sum it all up my answer was a vpn provider and a NFL Game Pass subscription for the streaming of NFL games.
In February of 2015 i figured now would be the time to see if i would be able to find a solution for the streaming of NBA games. I discovered something called NBA League pass which was suppose to allow you to stream NBA games just like the NFL Game Pass did for me, after installing the app and creating a login i attempted to watch a few games but two things seemed to be vary consistent which were the following streaming quality, a lack of HD broadcasts. The streaming quality was just dreadful, so much so that after about 4 weeks i cancelled it because of that and the customer support wasn't really helpful. My last option was to wait for the Sling TV to become available, at least then i could gain access to ESPN and TNT which are stations that sometimes carry NBA games. On February 13, 2015 i installed the Sling TV app and it filled the all gaps that were existing (e.g. HGTV, ESPN,TNT and some NBA games) in early goings I had some issues with the streaming quality but i believe quite a few people had the same sort of issues. Over the past few months the streaming quality has improved and all is well for now.
View Comments 0 Comments
Share Post   

Initial NAS Setup headache

Sunday, May 10, 2015 - Posted by Keith A. Smith, in Network

This Post is private, you need to be a active susbcriber to vew this Post. Click here to Subscribe
View Comments 0 Comments
Share Post   

Packet filters converted to proxy policy types

Monday, March 09, 2015 - Posted by Keith A. Smith, in Network

I decided to clean up and consolidate my firewall rule base last week. I originally had multiple rules for the same policy type for each subnet that need access, it ended up that way because I needed to get things up and running ASAP because the change took place late in the evening. Anyway I created some http-proxy, https-proxy and dns proxy policy types to lump all the vlans into, once that was done I tested most of the services and things seemed ok.

I found out on 3/7/15 that Netflix had not working in a few days; I took a look online twitter and etc and found others had issues also so I figured our problem with the amazon fire tv's could be related to that issue. I called Netflix and they were no help basically, so I had a thought...which was to split out the vlan that contains the amazon fire tv’s from the proxy policies and to place it in to a non proxy http, https and dns packet filter. Once that change was committed I proceeded to test it out on one of the fire tv's and bam it worked! I didn't see a whole lot of traffic being blocked before the change.

The one entry on the traffic monitor that tipped me off was

2015-03-09 16:52:26 Deny x.x.x.x https/tcp 47763 443 3-vlan 0-External ProxyDrop: HTTPS timeout (HTTPS-proxy-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0008"

The belongs to one of amazon's cdn's

I also discovered that the amazon fire tv's don't like non u.s. dns servers.

All is well now. Note to self never use proxy policy types for things like media.

View Comments 0 Comments
Share Post   

Wi-Fi woes...

Saturday, September 06, 2014 - Posted by Keith A. Smith, in Network

I’ve had many issues with the DHCP on one of the cisco 350n AP’s, I figured I should place this part of the Wi-Fi network on its own vlan. After about 10mins of fighting with subnet masks, it seems like ddwrt doesn't like any smaller than a /27 for its WAN allocation. I figured this out after trying a /30 and etc. /WiFi is such a pain!/aaarrrgg.

A win is a win and you have to take them when you get them. 

View Comments 0 Comments
Share Post   

The start of the madness

Friday, August 29, 2014 - Posted by Keith A. Smith, in Network, Xen, Journal of thoughts

After deciding to cut the cord in February of 2014 I thought I should build a network to support our entertainment needs. I cancelled our FIOS tv service because of the annual rate hikes and went internet only in order to save more $$$, besides we didn't watch a whole lot of tv and when we did it was only certain channels.  After killing the tv service i was to negotiate a bump in the bandwidth from 25/25 to 75/75 which was much needed. I started by purchasing a box of CAT6 and since i already had the other items (e.g. connectors, crimper, etc.) I made a weekend project out it. I put in drops in every room and in a few other areas which was a pain to get to, those areas were costly because i put holes in the ceiling while in the attic. Next i purchased the 1513+ synology nas for about $842 from amazon in july of 2014, I got it diskless because i didn't know what drives i wanted to put in it at the time. I settled on 5 of the Western Digital Caviar Green 3 TB SATA III drives which ran about $674 from tigerdirect.

At this point i had to make a call on what switch and new firewall i was going to use, i thought to go cisco and grab a 3750x along with an ASA 5510. That never happen because IOS requires you to have SMARTnet to download the bits now, so with that i moved on to HP (which used to be 3com) and i used those switches before and they worked great. I managed to fined a 1810g procurve managed switch from amazon for $169, i then started doing some research on firewalls again. It now was down to juniper,fortinet and sonicwall, i always liked sonicwall along with juniper but sonicwall was still more than what i wanted to pay and juniper seemed limited on throughput in the price range i was looking in. I checked out fortinet but i still wanted to find something else to compare it to, i somehow stumbled upon the watchguard line.

I did some deeper internet research on the watchguard products and i liked what i saw on them. I managed to find a demo of what the web interface was like from a management stand point and i was sold on it, at that point i started looking for models and prices for watchguard. The T10 ended up being the one i was willing to start out with, i purchased it from Newegg for $200 and the license from cdw for $60. All the network gear arrived on a Friday which was perfect because i would have time to get it all setup over the weekend, i started with the firewall thinking it would be the fastest to setup. I was wrong on that thought....i setup the rules that was needed along with the vlans on the 1810g, the main issue was that nothing had outbound access to the internet. I tinkered with the rule base for hours, i then came to point where i knew i had setup everything correctly and the cause had to be something else. It was late (around 2am) i went to sleep because i was out of ideas at the time and kids were driving me nuts because they couldn't watch tv thanks to me.

I woke up around 7ish to get back at it, i finished the config on the switch and i was sure that i setup the firewall correctly but still no outbound traffic was allowed. I did a lot of internet research but didn't find anything that really helped, i proceeded to review all the docs that came with the T10 again to see if it was something that i missed. At this point it was around 7pm Saturday and i was able to find everything i needed to call support because i had a thought that perhaps this device needed to be activated before use. After speaking to support i was right, they have a live subscription that needs to be activated so we took care of that and bam outbound internet access. It's always the small things that cause the bigger issues, once that was resolved i was able to bring all the amazon fire tv's up along with the wi-fi.

Now that the internet was up i could move to the NAS. I setup the 1513+ synology with the 3TB drives i bought and setup the lacp along with the bond, that was pain mostly because of the way i setup the interfaces on the switch. For some reason the 14, 16, 18, and 20 were apart of trunk4 but the trunk it self was untagged and the ports were still tagged. I removed the ports from the trunk then made sure they were on vlan4 and untagged, then i put them back into trunk4 as members with LACP and it works like a champ 4GBPS on the throughput. After that i migrated all my data from all the "cloud" services, once that was done i enabled some of the sync features so i could get the things i needed while on the go.

The next thing i figured i would work on would be the wifi service improvements, my old cisco/linksys router wrt350n was due to be relocate to light duty since it was the edge gateway/router/wifi ap. I started looking around for the newest wifi routers out on the market, for me it came down to the Asus's RT-AC68U and the netgear nighthawk triband router. The features were about the same so it came down to price, i went with the Asus's RT-AC68U from amazon for $199 and i haven't looked back since. I used the default merlin firmware that came with the Asus's RT-AC68U but it couldn't achieve all that i wanted so i ended up flashing it with dd-wrt which i had used before on previous devices, i was able to setup my hp printer on it so we could print wirelessly but i could get the guest network setup work as i needed it to.

The guest network was not stable and it was really because of a bug in the dhcpd, after doing much testing and research i found that it was some sort of issue with the dhcpd on the version of dd-wrt i was running. Enter the wrt350n once again...this time i set it up on its own vlan to for guest wifi devices that needed internet only, this way i could have a proper "guest network".

A few months went by then i started working on things again, i purchased a tv/wall mount kit for my mancave and setup my xbox along with a mac mini for entertainment. I also got a few dell optiplex 780's that had been retired from work, i setup xenserver on those and connected them to the 1513+. I started looking at the core of the network and thought well i should buy a rack now so i can organize everything because everything worked but it was an eye sore. I didn't want a 42U rack because i knew i would never have that much gear, i found a neat little Tripp Lite SRW12US 12U Wall Mount Rack Enclosure Server Cabinet on ebay. The specs were perfect on it

Height    25"
Width    23.6"
Depth    21.6"
Rack Width    19"
Rack Height    12U

They seemed to sell in the $400 range on ebay and amazon, which to me seemed to be a bit much for a 12U rack. I spotted one on ebay which was in bidding state, i snipped from everyone at the last minute for $132. At that price it was a total steal and it came with the case nuts along keys for the doors. I bought a universal rack tray to sit the nas on, i also bought another 2gig module for $50 for the 1513+, wire organizer panel $18 and a rackmount PDU for $40 all from amazon. I re-wired all the cables for everything that was close and connected to the 1810g, then i installed everything into the rack. It was sort painful at the time of doing some of the work but end the end it was all worth it and looking back i would even say that it was fun, the next and thing i have on my list is to obtain more powerful servers that will be my next set of hypervisors, i thought to build my own but it looks like it cost around $2000 or so to do that. I have moved on from that idea and looking at used servers that will have enough resources (CPU & RAM) to support the vm's that i want to run, the tough part is finding enterprise type servers that will fit in my small rack.

I started looking at older sun and apple servers on ebay because they were cheap, i had a thought to check the HCL for xenserver to make sure this was going to work. I found out that other people had managed to get some versions of xen on to sun and apple servers but i didn't want to chance it, i did decide to use the HCL as a guide that could help me find me next set of servers. I started looking at the dell models and checking out the chassis specs to make sure that the server would fit in the rack, i found a poweredge r210 which looked like it would fit the bill. I ended up buying a 2 of the poweredge r210's and more ram to max them out at 32GB each, after receiving them i went ahead and unpacked them. Anytime i order a used server i check to make sure everything is seated properly (e.g. ram, processor, etc) so far so good, so i rack them and proceed to power them on so i can get an idea of just how noise these servers are going to be together. I let them run for a few hours and i determine that they aren't as loud as a normal 1U server would be, but still a bit too noisy for my liking, so i power them off and un-rack them so i can inspect the fans because they are always the culprit for noisy servers. I did notice that one of the servers was slightly noise-yer than the other, upon my 2nd inspection i notice that they have miss matching fans in them so i decided to order more and remove 1 fan from each. The servers run very quitely now, which is exactly what i wanted.
View Comments 0 Comments
Share Post   

Page  <123>