Throwing a plug out there for a gifted Author

http://mystikmerchant.com/ROBES&CLOAKS.htm

I’m throwing this plug on my wp site specifically so the google machines can read it and bump up her rating a bit.  This site is run by PN Elrod, and she literally makes THE best Jedi robes. Like “compliments from people who worked in costume design for the movies” quality.

Ahh, the joys of North Platte

So one thing that has always pissed me off about this town is the mindset.

WAAAY back in the day (first quarter of the 20th century) this town got a reputation as a corrupt union town (little Chicago.) Basically the whole us-vs-them business-vs-the-workers way of thinking. It still persists to this day.

A good example of this is the way some of the business leaders around here operate. There are many “pillars of the community” who go out and spew all the right words about community service and being kind and white picket fences apple pie garbage. In private, however, these people are vipers.  They like to “button up” business deals, treat their employees like indentured servants, and strut around town doing things like screaming “Don’t You Know Who I Am!!!!” when they don’t receive preferential treatment.

One person in particular really had some markers on him.  This guys exemplifies all the things that the left wing political groups here in the United States find wrong with modern society.
– He is the CEO of a bank. (No crime there. That takes a lot of hard work.)
– He is the source of the “don’t you know who I am” example. (I presently work with the woman he screamed at in the middle of a crowded store at rush hour)
– He has a lot invested in local real estate. (Again, no crime there and good on him for thinking ahead)
– He, and one of his employees, are on the board of the local Chamber of Commerce and Development Corporation, so he has a lot of pull on where city project contracts go and such (kinda shady, but a private organization) .
– One of his employees was one of the prime movers and shakers in the commercial lending department at his bank, which provides multi-million dollar financing for those contracts.  (It’s just a job. Someone has to do it. No problems)
– The same employee was on the county zoning board at the time, so he had influence on which projects were approved by the local government. (If you compete against Mr. CEO’s interests, I can GUARANTEE you are gonna have government inspectors at your property every day looking for ways to put a stop order on your development. It has happened before.)
– During that time period where all these Bank and Auto CEO’s were getting crucified for flying uber expensive private jets, he decided that the bank needed a jet. Which was a good idea on the face of it. The bank didn’t take any government bailout money.
– During a period of record profits at the bank, some employees expressed private dissatisfaction to each other about the fact that the bank didn’t give any of the lower status workers raises that year. Unfortunately, it is unofficial bank policy to monitor communications between employees for dissent.

His solution? He called an employee meeting where he and his personal ax-woman from HR reminded all the employees that in this state he can fire them at any time for any reason and they should shut their mouths if they want to keep their jobs. Raises are for IMPORTANT people who make money, like loan officers. Everyone else is just a red line on the balance sheet. The officers of the bank (who are mostly related or close personal friends of the CEO) all got massive 5 and 6 digit bonuses.

The reality of the situation from working with certain of these people is that stereotypes exist for a reason.  And it isn’t just the banking/commerce sector that has been infested.  One of the two other major players, the medical industry, is just as bad.

Nationwide, the cost for a molar root canal (which is, by the way, more expensive that a front root canal) sits between $250 and $1200, average without insurance.  At Phelps Family Dentistry my wife got an estimate for an unnecessary root canal that was almost $3000 AFTER insurance.  I say unnecessary because it was one, count them ONE non abcessed/infected cavity on the lingual side of one molar. Easily fillable.

The cost of living in North Platte has almost doubled the last 10 years, where the average wage has gone up roughly 10%.  But this small town of 23,000 people now has over 25 banks and credit unions.  The hospital reps claim the ACA has been making their business unprofitable, but they just did a $100,000,000 upgrade to the local hospital so wealthy patients could rent private luxury suites.

Bah, all this ranting has made me cranky. I might continue this later when I have more time.

Server Consolidation and Running an A.R.K. Server

Not sure if any of you people play much games (then again, 99% of my hits are from spammers, so I may as well be talking to myself)

I did some server consolidation.  I took the ARK instance off my wife’s XPS 7100 and transferred it to the PowerEdge 2850.  I also upgraded the 2850 to Ubuntu 15.10 Wily Werewolf and added another 8GB of RAM. I lost the ability to perform server management using Dell’s OMSA (Open Manage Server Administrator) utility, but at least now I can run some other more modern services on it. OMSA would probably work except libsmbios2 was deprecated and replaced with libsmbios2v5 which OMSA was not programmed to work with.

On politics and confusion

I consider myself a libertarian in the broadest sense of the term.

As a note, I have never read Ayn Rand. From what I have heard, her books are unrealistic and preachy, but I suppose I will give them a shot eventually just to find out what all the hullabaloo is about.

I didn’t know there was a term for my beliefs until a few years ago, when I was reading a science fiction book that I loved and the reviews were full of comments calling the setting a libertarian anarchist utopia blah blah. I had to look up the term libertarian.

I used to be a Republican, but I got sick of them using theology to make political decisions, attempting to control what consenting adults were allowed to do in the privacy of their home, and the “war on drugs” as well as other annoyances.

I don’t smoke pot. I don’t like potheads in general.  (Sorry Mr. Tie-dyed-shirt-that-reeks-of-patchouli-and-B.O., marijuana is not going to make us all immortal and invent cold fusion for us)

That being said I also believe a person should be allowed to shove whatever substance they want in their body, even if it kills them. As long as no one else has to pay for it or be placed in harms way. That means you can do all the drugs you want, but don’t get pissed if your health insurance cuts you off and your life insurance refuses to pay.

I am for private gun ownership. During the time period the Constitution was written, a “militia” was not an “army.” Army was government sponsored. Militias were private. Hence why it lists a requirement to “maintain” a navy, but an army had to be “raised” as needed from the populace.

Don’t really know what to add to this one, other than I am not gonna vote for “Mr. Showmanship” Trump nor is my vote going to “Economics is for weenies and capitalists” Sanders.  Probably gonna throw down with the Unicorn Calvary.

The experiment was both a failure and a success…

So I previously mentioned that I was experimenting with running a TOR bridge relay.  As I was beginning to get the bandwidth consumption I was looking for, I encountered a… problem.

It turns out that if you run a bridge relay, certain organizations track that information.  Those same organizations, for security and business reasons, have a policy of blacklisting any IP address that is associated with the TOR network.

I have a laptop that connects via VPN to the one of these organizations for work and I discovered that I can no longer connect using my home internet connection.

Since being able to connect is necessary to getting paid, and I like money, I had to kill my relay and ask one of the CSR’s at my ISP to give me a new IP address.

Experimenting with TOR Bridge Relays

So I remember reading an article back in the day about some numbnuts in California whining that Verizon made him switch to a business account.  The gist of the story, if I recall correctly, is that this guy went through something like 70+ TERABYTES of data usage in a month because he was running a TOR (The Onion Router) relay in his basement.

While Verizon did not have a usage cap stated in their contract with the guy, this DEFINITELY qualified as abuse of the service.  I didn’t have much in the way of sympathy for him, especially since this dude posted a picture of the server rack he was running his relay on.  He was bitching about having to pay for business service when the equipment in his basement was worth more than MY HOUSE.  He can afford it. Whine-tit.

This led to me becoming curious about what it would take to burn that much data, and that led to me wondering how much data a TOR relay actually consumes.  Only one way to find out…

I set up a bridge relay on my home network, put the ExitPolicy at reject *:*, throttled it at 800Mbps limit / 1000Mbps burst and it has been running for about 2 weeks now.  Traffic has just started to pick up in the last few days and I am burning around 2-5 GB of data per day.

For those of you who want to know why I am not running an exit relay, my answer is I cannot afford a lawyer to deal with all the DMCA notices. Besides that, I do not feel my admin-fu is up to the task of handling stuff like the ACL’s and such to prevent connections to distasteful services.

I have certain ethical standards. One of them is that if I allow people to use my network connection to anonymously browse the web, I am ethically bound to do my due diligence to ensure they are not accessing reprehensible material like pedo-filth.

Drugs? Don’t care.
Weapons? Don’t care.
Stuff your Government doesn’t like? Don’t care.

Stuff that harms kids?  I care.  I will actively assist law enforcement if I ever see it happen on my watch. Hence why I won’t run an exit relay.

Update to 844G Capabilities and notes on lost data

To do a quick update on the Calix 844G-1 and the various capabilities, I have never encountered another problem with 844’s getting full speed (866.7 Mbps) via wireless. I am gonna chalk that one up to configuration error on my part.

On the upside, the NOC at my ISP rolled out a new firmware update that makes the Cisco VEN501 VAP obsolete. Instead of having to plug the VAP into the 844G-1 and then link my Cisco ISB7105 wireless STB that way, I can connect the STB to my 844 directly via WPS. Reduces equipment costs and complexity. Also reduces latency by a microscopic amount.

I originally posted this update months ago, unfortunately I was hosting this on a BananaPi microcomputer running Raspbian OS. The Pi ended up getting repurposed to an oversized android tablet because I got tired of my kids stealing my kindle.

On the new boomstick front, I got my 20 round drum in the mail along with my spare 5 round mag. The drum appears to be an Alliance Armament Wraithmaker drum with a modified receiver end to allow compatibility with the Origin’s “straight in” mag loading system. Looking forward to wasting many a round with this.

Quit smoking and bought a new toy

So I decided to finally quit smoking because it was killing me fast.  I originally was going to stop in the morning on 26 September, but unfortunately I cheated that night and snuck a couple smokes out of my wife’s pack.

So, that means my official quit time was 9:00 pm on 26 September 2015.  My quest to override the nicotine addiction is failing horribly, so I have been using skoal packets to keep from clogging up my lungs.  Evil tradeoff, I know.  But at least I can run.

I’m gonna go to the VA when I get back to North Platte and request some stop smoking aids. Preferably NON psychoactive.  Wellbutrin turns me into a homicidal maniac, and according to my father, Chantix does that to him.

So the question comes around… how to motivate myself.  I found something.  I bought a FosTech Origin 12 Semi-Automatic Shotgun.  A beautiful and amazing piece of work.  I heard about it from an article written by Oleg Volk.  Oleg is so knowledgeable about firearms, I know rabid gun nuts who defer to his expertise.

Quick Update: I think I found a workable solution…

So in my previous post I mentioned all the issues I was having taking advantage of my bitchin’ 1 gig internet connection.  My ISP (Allo Communications) provided me with the new Calix 844G residential gateway combo device.  Nice little piece of equipment, if I do say so myself. Here is my speedtest result while logged into my computer remotely and with all my devices connected:

Speedtest Image

The only problems I have encountered are on the wireless end of things.  When I first set the network up, some wireless devices would not connect on the 5Ghz band .  For the life of me I couldn’t figure out why. I tried 20,40, and 80 MHz channel widths, I tried playing with encryption. Nothing.

Then, on a whim, I turned off DFS (Dynamic Frequency Selection), a feature that is required as part of the specification in order to prevent interference with civil and military radar systems.

Poof! All of the sudden my kindles and my phone can see the 5Ghz signal. Unfortunately they still connect at a sad 54Mbps.

I turned DFS back on. My devices can still see the signal. Methinks I found a bug. After that, I manually selected channel 149. Speed jumped to 400Mbps. And stayed there.  Not quite the 866Mbps that my wireless AC devices normally connect at, but not bad.

My best guess is that Calix needs to roll out some firmware fixes to address this issue, but we shall see.

In other news, the Heartland Hellcats roller derby team had a bout in North Platte on the 28th. A win!  Not too shabby for a team that just went official last month.  Great job, ladies!

Network Hardware Conundrum

As the site name implies, I am a tech geek.  Geeks can be broken down into various muddy definitions, one of which is what I proudly call the “Tim Taylor Geek.”  This type of geek doesn’t care whether he actually needs MORE POWER from all of his tech toys, but by bog he is gonna tinker until he gets every last bit of performance he can eke out of it. Because, MORE POWER.

I am in this category.  Since North Platte is one of the small percentage of communities in the nation that has access to gigabit fiber optic internet, I decided to give our local fiber optic ISP’s $99/mo 1Gbps symmetrical service a try.  They already offer a $50 100Mbps symmetrical package, but if I can get 10x as much bandwidth for $49 more… again, MORE POWER!

To maximize the potential of 1 Gbps internet, there are a couple things you need to have.
1) A router with a gigabit WAN/Internet port that complies with the 802.11ac “Wireless AC” standard. 802.11ac permits wireless speeds that are actually faster than a hard line connection (up to 1300Mbps.) This router must say 3×3 or 4×4 on the box.  Otherwise you won’t get gig wireless. Trust me.
2) If the router does not have built-in wireless, you will need an Access Point with similar specs as the aforementioned wireless router.
3) 802.11ac compatible WiFi adapters/cards in your computers and other devices. Again, must be at least 3 band or they won’t be able to connect at full speed.

On to the setup. Normally,  I have various pieces of network hardware laying around the house to make my interwebs function better.  Some I actually use, some are spares, and some I just like to play with.  For this 1 gig experiment, I started off using my Netgear R6300v2 wireless AC router running the most up to date firmware from the manufacturer.
R6300-Product-Image18-51162_tcm122-55290
I bought this bad boy on Amazon while I was deployed to Africa last year so I would have WiFi access in the smoke pit 50 feet away from the shipping container I called home.  Good power output on the antennas. Punched right through the steel walls of my abode and propagated nicely to the pile of rocks and concrete berms we used for chairs.

Anyways, got it all set up and plugged in. I hopped on my desktop (which is hardwired to the router) fired up speedtest.net and gave it a whirl.  Speeds to my ISP’s test server were only around 380 Mbps. I was sad and confused. Time to troubleshoot.
4198565133
First thing, I went into my closet and plugged my 7 year old Dell desktop directly into the modem/ONT.  Speedtest again.  Whaddya know, 868 Mbps down, 825 Mbps up.

4196457280That’s more like it!  Unfortunately, that means that my nice and shiny router I paid $140 for was not performing to spec.

I consulted the universal tech support reference database (a.k.a. Google) and saw murmurings of NAT choking out high performance internet connections.  Here is a quick, dirty, and imprecise explanation of NAT:
Network Address Translation is kind of like the phone system at a business.  With a private phone system (or PBX as they are called in the industry,) each device inside the business has its own private number or extension that is used to communicate with other devices at the business. The devices can talk to each other with no problems, but to call out they all share one connection to the outside world.  From the outside world, it looks like there is only one phone number/device at that location. The router serves as the switchboard, handling all the intercommunication and intracommunication.

This brings us to the problem with NAT.  Everyone has to share.  The router has to expend resources processing to make sure all the devices can share and be happy. The more devices on your network, the more slowdown.  I have around 16-18 devices on my home network.  3 Kindles, 3 smartphones, 3 laptops, a chromecast, a smart TV, an Xbox, a desktop, my server, a wireless printer,  and our (now destroyed thanks to our cat) blu-ray player. I don’t count our IPTV DVR set top box because it runs off a different port of the ONT, and is not part of our internal network.

I started to dig around inside the configuration page of my router, searching for a place to disable NAT, but other than switching between Secured or Open NAT, I came up dry. I did, however, test a few other things.
– Disabled my firewall
– Disabled QoS (Quality of Service)
– Disabled port scan protection
– Disabled SIP Application Layer Gateway

I even configured the router to put the test computer in what is known as a DMZ (this is where the router exposes the computer to the harsh nastiness of the internet like a spartan baby with a birth defect).

No joy.

The next day, I asked one of the customer service representatives at my ISP for a better router.  They gave me one of their extra special Pace 5268AC routers.  This thing is a monster the size of an XBox 360. 6 antennas. All sorts of ports and connections on the back. Lots of mojo.

IMG_20150306_114842325
I scurried home and preconfigured the Pace so all my devices would connect right away, then plugged it into my network.  I run to my computer and test.  690 Mbps!  A little slower than spec, but much better.  Then I let all my other devices connect.  After each additional device connected the speedtests slowed down more and more. They finally leveled off around 420 Mbps.  I called the gurus at my ISP and they went through a few procedures with me to try and improve the speed, but it wasn’t successful.  I still have hope though.  One of the Level 3 tech support guys was gonna send me a throughput tester, normally used for troubleshooting connections on MEF circuits, but that could take a week or two.

In two weeks the ISP is getting a shipment of Calix 844 802.11ac ONT/Router combos.  From talking to the guys at the Network Operations Center, this particular machine has no problems reaching peak gigabit speeds, even with a large number of devices NATed on the network.

I was also perusing the possibility of turning my PE2850 CentOS server into a router/firewall, but I have no guarantees on throughput for the labor required.

In the meantime, anyone else have any ideas?  Here is a list of the current network and enterprise hardware I have stashed around the house.

Linksys e1200 (dd-wrt firmware)
Linksys e2000 (dd-wrt firmware)
Linksys WRT160N (factory firmware)
Netgear WNDR3800 (dd-wrt firmware)
Cisco WS-C2950T-24 Switch (IOS12.1(14)EA1a)
Cisco 2621XM Router w/ 2 WIC-1DSU-T1 cards
Dell PowerEdge 2850 Server (CentOS 6.5)

50ft 1 strand single mode fiber optic patch cable
250ft Cat5e spool and RJ-45 termination tips