Tag Archives: tip

Let other devices use my own NTP server

I have these fine set-top boxes here, that try to synchronize their time with some external NTP servers.

The names of the NTP servers are coded into the firmware and can not be changed in the network settings menu. They are called ntp1.technibutler.de, ntp2.technibutler.de and ntp3.technibutler.de. Though they are already Stratum 2 servers, I would rather use my own, local DCF77 radio clock. Obviously it makes no sense to contact some server in the wide internet to get information that is already available locally.

Luckily those servers are just used for time synchronization and nobody wants to get web pages from them or wants to send emails to them. So all that needs to be done is to redefine their address resolution in DNS.

In a first step, I configure my own DNS server. The example below are config files for bind9. Any other DNS server should work as well, just pretend that you are authorized to answer queries for the technibutler NTP servers. As long as there is no DNSSEC or secure NTP involved, everything is fine.

First I need to define the different zones. As there might be other services within the technibutler.de zone, that I still want to use, I will define an extra zone for each hostname of the NTP servers.

;
$TTL    86400
@       IN      SOA     ntp1.technibutler.de. redefined-dns.alteholz.de. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      NS      localhost.
@       IN      A       10.10.10.1
;
$TTL    86400
@       IN      SOA     ntp2.technibutler.de. redefined-dns.alteholz.de. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      NS      localhost.
@       IN      A       10.10.10.1
;
$TTL    86400
@       IN      SOA     ntp3.technibutler.de. redefined-dns.alteholz.de. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;
@       IN      NS      localhost.
@       IN      A       10.10.10.1

I store those configs in /etc/bind/redefined/db.ntp1.technibutler.de, /etc/bind/redefined/db.ntp3.technibutler.de and /etc/bind/redefined/db.ntp3.technibutler.de. The only IP address that is needed in these files are the actual IP address of my local NTP server. As I just have only one, all NTP servers from technibutler.de need to point to this address.

Now I have to tell bind that my zones are the master zone. This is done in /etc/bind/redefined/redefined-zones.conf:

zone "ntp1.technibutler.de" {
   type master;
   file "/etc/bind/redefined/db.ntp1.technibutler.de";
};

zone "ntp2.technibutler.de" {
   type master;
   file "/etc/bind/redefined/db.ntp2.technibutler.de";
};

zone "ntp3.technibutler.de" {
   type master;
   file "/etc/bind/redefined/db.ntp3.technibutler.de";
};

And last but not least I have to tell bind9 to load this config during startup. So I add a line:

include "/etc/bind/redefined/redefined-zones.conf";

at the beginning of /etc/bind/named.conf.local

And voila, before that configuration:

$ nslookup ntp1.technibutler.de
Server:         10.10.10.254
Address:        10.10.10.254#53

Non-authoritative answer:
Name:   ntp1.technibutler.de
Address: 62.138.2.9

and after that configuration:

$ nslookup ntp1.technibutler.de
Server:         10.10.10.254
Address:        10.10.10.254#53

Non-authoritative answer:
Name:   ntp1.technibutler.de
Address: 10.10.10.1

After the configuration of your DNS server is done, you just need to point the set-top boxes or any other device in your home network to your own DNS server. You can either deliver this information via “option domain-name-servers” with DHCP, or manually put your DNS server in the network settings of your device.

Build software on Mac OS X

When trying to use XCode to compile an open source project on Mac OS X Mountain Lion, you might have realized that build tools like GNU Autoconf, Automake or Libtool are no longer available. I think these tools have been removed with XCode 4.3.

One way to make them available again, is to download the source and build them with this script:

#!/bin/bash

# type of compression
#COMPRESSION=gz
#COMPRESSIONFLAGS=-zxf
COMPRESSION=xz
COMPRESSIONFLAGS=-Jxf
#
# path to curl
CURL=/usr/bin/curl
# set to empty if working as root or if you are able to write to /usr/local/
SUDO=""
#SUDO=/usr/bin/sudo
#
# version of autoconf
VAUTOCONF=2.69
#
# version of automake
VAUTOMAKE=1.15
#
# version of libtool
VLIBTOOL=2.4.6

CURRENTDIR=`pwd`

cd $CURRENTDIR
$CURL -OL http://ftpmirror.gnu.org/autoconf/autoconf-$VAUTOCONF.tar.$COMPRESSION
tar $COMPRESSIONFLAGS autoconf-$VAUTOCONF.tar.$COMPRESSION
cd autoconf-$VAUTOCONF
./configure && make && $SUDO make install

cd $CURRENTDIR
$CURL -OL http://ftpmirror.gnu.org/automake/automake-$VAUTOMAKE.tar.$COMPRESSION
tar $COMPRESSIONFLAGS automake-$VAUTOMAKE.tar.$COMPRESSION
cd automake-$VAUTOMAKE
./configure && make && $SUDO make install

cd $CURRENTDIR
$CURL -OL http://ftpmirror.gnu.org/libtool/libtool-$VLIBTOOL.tar.$COMPRESSION
tar $COMPRESSIONFLAGS libtool-$VLIBTOOL.tar.$COMPRESSION
cd libtool-$VLIBTOOL
./configure && make && $SUDO make install

After it ran without errors, the tools are available in /usr/local.

Further you might also need pkg-config. This can be build with this script:

#!/bin/bash

# type of compression
COMPRESSION=gz
COMPRESSIONFLAGS=-zxf
#
# path to curl
CURL=/usr/bin/curl
# set to empty if working as root or if you are able to write to /usr/local/
SUDO=""
#SUDO=/usr/bin/sudo
#
# version of pkg-config
VPKGCONFIG=0.29.1

CURRENTDIR=`pwd`

cd $CURRENTDIR
$CURL -OL https://pkg-config.freedesktop.org/releases/pkg-config-$VPKGCONFIG.tar.$COMPRESSION
tar $COMPRESSIONFLAGS pkg-config-$VPKGCONFIG.tar.$COMPRESSION
cd pkg-config-$VPKGCONFIG
./configure --with-internal-glib && make && $SUDO make install

For Mac OS X it is important that you use at least version 0.29.1 of pkg-config. Otherwise you would get linking errors. Afterwards pkg-config is also available in /usr/local.

APU and Debian

I just got an APU1D4 made by PC Engines. I bought it from a German retailer called VARIA System GmbH. They are also located in Chemnitz, so at least I could support the local economy. I purchased a bundle consisting of mainboard, case, power supply and 16GB SSD. The board has 4GB RAM and three network adapters and shall replace my old PC that I use as router to the internet.

As there is no VGA/HDMI output, the first hurdle was organizing a null-modem cable. Of course I could have prepared the SSD on another PC, but I wanted to try PXE. After finding the cable on the ground of a box, deeply buried under other boxes, I could start.

The DHCP server got an entry

host apu1d4 {
  hardware ethernet 00:0d:b9:42:a0:e8;
  fixed-address apu1d4;
  option broadcast-address 10.42.255.255;
  option routers 10.42.10.1;
  next-server 10.42.10.1;
  filename "pxelinux.0";
}

and the TFTP server got a file …/tftp/pxelinux.cfg/01-00-0d-b9-42-a0-e8

default install
label install
        menu label ^Install
        menu default
        kernel debian-installer/amd64/linux
        append initrd=debian-installer/amd64/initrd.gz --- vga=off console=ttyS0,115200n8

The files debian-installer/amd64/linux and debian-installer/amd64/initrd.gz are the normal debian installer files obtained from the official Debian servers.

That’s it, the installer starts, spits its output over the serial line and I can install the system. Great! Thanks DebianInstaller team. Why couldn’t everything be always so easy?

book: Building Microservices from Sam Newman

Recently I read the book Building Microservices from Sam Newman, published by O’Reilly. Up to now I didn’t have to deal with microservices and this book gave a very good summary of this topic.

Unfortunately there are lots of links inside that book, but I could not find a page where all of them are listed online. So here are most of them in the bit.ly-form and the direct one:

http://bit.ly/1GZuFW9 http://alistair.cockburn.us/Hexagonal+architecture Alistair Cockburn’s concept of hexagonal architecture
http://bit.ly/1zOFMxl http://programmer.97things.oreilly.com/wiki/index.php/The_Single_Responsibility_Principle Robert C. Martin’s definition of the Single Responsibility Principle
http://12factor.net/ Heroku’s 12 Factors
http://dropwizard.io Dropwizard = Open source, JVM-based microcontainer
http://bit.ly/1JtA6KX https://github.com/Netflix/karyon Karyon = Open source, JVM-based microcontainer
http://bit.ly/1wxQtw https://github.com/Netflix/Hystrix ciruit breaker library Hystrix
http://bit.ly/1fh2AGt http://martinfowler.com/articles/richardsonMaturityModel.html Richardson Maturity Model
http://bit.ly/1EmZMss http://martinfowler.com/bliki/CatastrophicFailover.html Martin Fowler: catastrophic failover
http://bit.ly/1yISOdQ http://martinfowler.com/bliki/TolerantReader.html Postel’s law
http://semver.org Semantic versioning
http://bit.ly/1v71DOH http://martinfowler.com/bliki/StranglerApplication.html Strangler Application Pattern
http://bit.ly/1EmC3zf https://github.com/Netflix/aegisthus Aegisthus project
http://www.packer.io Packer
http://bit.ly/1Daos3Q http://martinfowler.com/articles/nonDeterminism.html Eradicating Non-Determinism in Tests
http://bit.ly/15BPCVE http://martinfowler.com/articles/enterpriseREST.html “Now you have 2.1.0 problems”
http://bit.ly/1GZwceN https://github.com/realestate-com-au/pact Pact
http://logstash.net Logstash – log file parser
http://bit.ly/1BrIp6a https://www.elastic.co/products/kibana Kibana – ElasticSearch-backed system for viewing logs
https://www.owasp.org Open Web Application Security Project
http://bit.ly/1e9i40t http://queue.acm.org/detail.cfm?id=2499552 The antifragil organization
http://bit.ly/15Co2I7 https://github.com/Netflix/eureka Eureka from Netflix

Further several books are recommended.

  • Domain-Driven Design, Eric Evan at Amazon.de
  • Implementing Domain-Driven Design by Vaughn Vernon at Amazon.de
  • Working Effectively with Legacy Code by Michael Feathers at Amazon.de
  • Refactrogin Databases by Scott J. Amber and Pramod J. Sadalage at Amazon.de
  • Continuous delivery by Jez Humble and Dave Farley at Amazon.de
  • Agile Testing by Lisa Crispin and Janet Gregory at Amazon.de
  • Succeeding with Agile by Mike Cohn at Amazon.de
  • Information Dashboard Design: Displaying Data for At-a-Glance Monitoring by Stephen Few at Amazon.de
  • Lightweight Systems for Realtime Monitoring by Sam Newman
  • Cryptography Engineering by Niels Ferguson, Bruce Schneier and Tadayoshi Kohno at Amazon.de
  • Release It! by Michael Nygard at Amazon.de

dcmd: what is in the dsc file

Notice to my future self: If you want to see a list of files that are referenced by a Debian dsc-file, you need to use:

dcmd dsc-file

The output is the list of files in its ‘Files’ section, plus the dsc-file itself. You can also apply dcmd to changes-files. You can also use a command as the second parameter and do funny stuff with all those files within the dsc-file.

Litecoin and IPv6

Notice to my future self: If you start the litecoin client (v0.10.2.2) all peers in peers.dat seem to be IPv4 only. At least, I got no connection to the Litecoin network. After looking at the list of supernodes, I could filter two supernodes with IPv6 addresses:

  • ltc.block-explorer.com
  • ltc.lfcvps.com

Putting them as

addnode=ltc.block-explorer.com
addnode=ltc.lfcvps.com

into litecoin.conf, I got my connection and could do some transactions.

openvpn: ping only works between server and client

Notice to my future self:

  • an openvpn connection can be stablished between client and server
  • you can ping the server from the client
  • you can ping the client from the server
  • you added the route in your server config
  • route -n shows everything is in place
  • but you can not ping any host on an attached network

… then you forgot to add a file in the ccd-directory for the correct common name of your client containing all iroute statements.

Package of the Day: ansiweather

While looking at NEW I sometimes see a package and think “wow this is great, you have to try this”.

One of these packages is ansiweather. It looks at the data at openweathermap and presents them on the console. So with

ansiweather -l chemnitz -u metric

I get something like:

Current weather in Chemnitz => 12 °C ☔ – Wind => 2.52 m/s WNW – Humidity => 80 % – Pressure => 1014 hPa

Now I see that I need a coat and an umbrella for my walk. Or better I don’t go outside and continue looking at other stuff in NEW :-)

alpine and UTF-8 and Debian lists

This is a note for my future self: When writing an email with only “charset=US-ASCII”, alpine creates an email with:

Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII

and everything is fine.

In case of UTF-8 characters inside the text, alpine creates something like:

Content-Type: MULTIPART/MIXED; BOUNDARY="705298698-1667814148-1432049085=:28313"

and the only available part contains:

Content-Type: TEXT/PLAIN; format=flowed; charset=UTF-8
Content-Transfer-Encoding: 8BIT

Google tells me that the reason for this is:

Alpine uses a single part MULTIPART/MIXED to apply a protection wrapper around QUOTED-PRINTABLE and BASE64 content to prevent it from being corrupted by various mail delivery systems that append little (typically advertising) things at the end of the message.

Ok, this behavior might come from bad experiences and it seems to work most of the time. Unfortunately if one sends a signed email to a Debian list that checks whether the signature is valid (like for example debian-lts-announce), such an email will be rejected with:

Failed to understand the email or find a signature: UDFormatError:
Cannot handle multipart messages not of type multipart/signed

*sigh*

ntpd is rather good in ignoring

Notice to my future self: Recently I wondered why one of the computers doesn’t show the correct time. Among others, there are the following lines in /etc/ntp.conf:

interface ignore eth2
interface ignore eth3

As this computer doesn’t have eth2 and eth3 but only eth0, ntpd assumes that I want to ignore all network devices and just listens on lo. After removing those lines, everything is working fine. The version of the Debian ntp package is 1:4.2.6.p5+dfsg-2+deb7u1 and you can find the bugreport here.