iPad

So I got an Apple iPad Tablet (32GB, Wi-Fi) from work and have been playing with it. Its a pretty neat toy. I have been looking around for apps and have found a few that I like so far.

Kindle
iBooks
ABC Player
Epicurious
Wikipanion
Pandora
Dungeon Hunter HD
Marvel
Netfilx
SSH Terminal
Nightstand
RDesktop
Calculator XL

I loaded the sample of Understanding the Linux Kernel, Third Edition and tried reading a few chapters. It was actually pretty easy on the eyes after lowering the brightness and tilting the screen a little so the lcd was not shining directly into my eyes. It’s still not even close to as easy to read as a kindle but makes a great alternative multiuse device.

Droid X

We recently got new phones for work and most of us got Android based phones either the Droid 2 or the Droid X. I opted for a Droid X due to the larger screen size and HD camera. The slide out keyboard was tempting but I had a Blackberry Storm so am accustomed to the on screen keyboard already.

Overall I am very happy with the phone. I have found a few quirky issues that bug me a little. Like when you search your corporate directory and click on the contacts phone number to place the call it does nothing until you use the "back" button to exit the corporate search at that point the phone makes the call. Not a huge problem just annoying.

I was extremely worried about dropping or scratching the phone so went ahead and got some accessories to protect the phone. First was the Carbon fiber case from Verizon. While I was waiting for that to arrive I was also looking for screen protectors. I ended up getting the ZAGG invisibleSHIELD for Motorola Droid X (Screen). Its not the easiest screen protector to put on but it does a great job once you finally get it on.

OpenNOP Open Source Network Accelerator

So I have been sporadically working on my pet project OpenNOP which stands for (Open source Network Optimization Platform). Several months ago I re-branded it from its former name of PacketSqueezer as it was to very similar to another open source project that I had been testing called TrafficSqueezer.

Originally I was using PacketSqueezer as an example on how similar results could be achieved without having to write an entire custom kernel. Something I really didn't like was having to compile a custom kernel to use TrafficSqueezer. Some of us just want to install and go.

I am really not a programmer so its mostly just me fumbling around. So if you are a programmer with some networking skills please spare a few cycles and check out the code. Its all uploaded at http://www.sourceforge.net/projects/opennop. I could use the code review and if you want to work on this just let me know. I would love to see it mature and become the open source alternative to "insert expensive commercial WAN acceleration solution here".

CCNP Routing & Switching Certification Library

I received my CCNP Routing & Switching Certification Library today and have to say that I am very excited about getting into it. CCNP has been something of a dream goal of mine for the last several years so actually starting to study for the exams is invigorating.

Passed IINS Exam 640-533 today!

Well I took the CCNA Security exam today and past. It was down to the wire as my CCNA cert would have expire Aug 2nd.

I scored a 955 on the exam after studying hard the last three weeks. I studied mostly using the CCNA Security Exam Cram by Eric Stewart. He said I should get his book in the forums over at www.dslreports.com so I did. The last week I used Boson ExSim-Max to get use to the test taking process again.

Have to say pretty happy I passed. Was not looking forward to taking the CCNA exam again if I failed.

Open Source WAN Acceleration

I have been doing research on WAN acceleration for a while now. Unfortunately due to the cost I have been unable to get it installed in the network that I manage. So several months ago I started working on my own WAN accelerator as an open source project.

I recently finished a pre-alpha, and am moving forward with its development. I have setup a portal for it at http://www.opennop.org. The pre-alpha is entirely contained in a kernel module, and is limited to compression. The next release I am working on is a combination kernel module and user space service that does the optimizations. It also currently capable of compression of the application data within the TCP segment, but is also multi-threaded to increase performance.

The next feature I will be adding is block based data reduction. This will be a difficult feature to implement, but is one of the most beneficial in terms of increasing WAN performance.

Fun with a Smart-UPS 1400RMNET.

I got an old UPS its a Smart-UPS 1400RMNET. Its the type without a battery tray just an array of batteries that must be slid into the unit, and then connected.

This unit uses 4 batteries, but I didn't happen to have the wiring diagram so I was just connecting them how I thought they might have been connected. I thought they were wired in two parallel series giving the battery array a total of 24v, but longer run time. The unit made all kinds of horrid noise when I turned it on. So I tried a few different ways trying to get it to work.



I eventually found a picture of what the battery array should look like, and was able to make a wiring diagram for myself. I also found that the battery array should be 48v not 24v.

Intercepting IP packets using Netfilter hooks

Netfilter hooks are very useful when you wish to intercept, and modify IP packets inside a kernel module.

One great thing about using Netfilter hooks over say dev_add_pack() is that the bad L2 frames, and bad IP packets get filtered out earlier in the network stack so you only deal with good packets.

Now the whole point of the Netfilter hook is to customize what the kernel does with the packets received by the system so here is an example hook function. It simply does some checks to make sure the packet is a TCP packet, and then prints the IP, and port info if it is. You may also want to check for other traffic types such as UDP, or ICMP you should be able to figure that out.

Somewhere in your function you must tell the system what to do with the packet that is being processed. You have several options with what you do with the packet. They are.

• NF_DROP Discard the packet.
• NF_ACCEPT Keep the packet.
• NF_STOLEN Forget about the packet.
• NF_QUEUE Queue packet for userspace.
• NF_REPEAT Call this hook function again.

My example hook function.

static unsigned int
myhook_func(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *)){
struct iphdr *iph = NULL;
struct tcphdr *tcph = NULL;

if ((skb != NULL) &&
((*skb)->pkt_type == PACKET_HOST) &&
((*skb)->protocol == htons(ETH_P_IP))){
iph = ip_hdr((*skb)); // access ip header.

/*
* yaple: Process only TCP segments.
*/

if ((iph->protocol == IPPROTO_TCP) ){
tcph = (struct tcphdr *)(skb_network_header((*skb)) + ip_hdrlen((*skb))); // access tcp header.
printk(KERN_ALERT "INFO: Source IP Address: %u.\n",iph->saddr);
printk(KERN_ALERT "INFO: Destination IP Address: %u.\n",iph->daddr);
printk(KERN_ALERT "INFO: Source Port: %u.\n",tcph->source);
printk(KERN_ALERT "INFO: Destination Port: %u.\n",tcph->dest);

}
}
return NF_ACCEPT; // Tells the system to accept the packet, and process the next one.
}



One thing to note about accessing the IP header, and TCP header fields. The data within most of them will be in a in a reversed order than the system is use to working with. To swap the "endianness" between host format, and network format use these function ntohs(), htons(), ntohs(), and ntohl().

So now that you have your hook function lets setup the hook. Its actually quite simple here is an example.

static struct nf_hook_ops my_hook = { // This is a Netfilter hook.
.hook = myhook_func, // Function that executes when a packet hits this hook.
.hooknum = NF_IP_FORWARD, // For routed traffic only.
.pf = PF_INET, // Only for IP packets.
.priority = NF_IP_PRI_FIRST, // My hook executes first.
};



You can hook into five different points as the packets pass through the system. Good documentation can be found here about each of them. http://www.iptables.org/documentation/HOWTO/netfilter-hacking-HOWTO-3.html

• NF_IP_PRE_ROUTING
• NF_IP_LOCAL_IN
• NF_IP_FORWARD
• NF_IP_POST_ROUTING
• NF_IP_LOCAL_OUT

Now in your module initialization function you need to register your hook.

nf_register_hook(&my_hook);



You also need to unregister your hook in your module exit function.

nf_unregister_hook(&my_hook);


Network Access Protection Unseen Issues

Anyone that has implemented NAP knows its not that difficult. Its much easier than it used to be to get IAS setup to support 802.1x network authentication, and it does health checks on the systems to make sure they are configured correctly. Now that sounds great, but its not so great when those health checks cause 50% of your desktops to spike 100% CPU usage for 3-7 minuets. That makes your users very unhappy.

Our users have never been happy with how slow the WAN is. Things got more vocal after we implemented NAP, and according to the network monitoring software the bandwidth was fine. Also every time we checked the PCs they would be running fine.

Well after a while someone finally noticed that the slowdown was happening right when the Offline Health Checks were running, and they always ran around the same time on these effected systems. So we watched one, and sure enough svchost.exe spiked to 100% for around 5 minuets.

Ok thats not helpful at all because tons of stuff runs under svchost.exe. So I download process explorer and launched it. We left it running on one of the effected PCs until it happened again about 60 minuets later.

So now we know what svchost.exe process was causing the issue, but sure enough this particular svchost.exe had all kinds of stuff running in it so we opened the "Threads" tab of this particular svchost.exe process, and waited for it again.

Finally identified the particular thread, and its associated file as wuaueng.dll. Well thats just the Windows Update service. So we checked its version 7.1.x.x, and compared it to a system that works fine, and it was 7.2.x.x oh look at that.

So I found this update http://support.microsoft.com/kb/949104, and after installing it on all the "slow" PCs they work fine.

Windows 7 x64 XP Mode

Well I finally had the need to try out Windows 7 feature called "XP Mode". I upgraded my laptop to Windows 7 x64 that I had been running Windows XP on for developing with Visual Studio 2005. Well VS2005 does not like Windows 7 so I installed XP Mode that allows you to run software in a Windows XP virtual machine. The cool part is that its totally seamless so it looks just like a normal app running on your system.