Ubuntu 18.04 Netplan!

This was unexpected, but I think I’m coping well. These are my notes on configuring netplan networking on my Ubuntu 18.04 server.

  1. systemctl disable NetworkManager.service NetworkManager-wait-online.service
  2. systemctl mask NetworkManager-wait-online.service
  3. systemctl daemon-reload
  4. apt install bridge-utils -y
  5. edit /etc/udev/rules.d/70-net.rules
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", ATTR{address}=="c8:70:00:9f:d7:72", NAME="eth0"
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", ATTR{address}=="00:e2:ed:17:09:60", NAME="eth1"
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", ATTR{address}=="00:e2:ed:17:09:61", NAME="eth2"
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", ATTR{address}=="00:e2:ed:17:09:62", NAME="eth3"
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", ATTR{address}=="00:e2:ed:17:09:63", NAME="eth4"
  6. edit /etc/netplan/01-netcfg.yaml
      version: 2
      renderer: networkd
      ethernets:
        eth0:
          dhcp4: no
          dhcp6: no
        eth1:
          dhcp4: no
          dhcp6: no
        eth2:
          dhcp4: no
          dhcp6: no
        eth3:
          dhcp4: no
          dhcp6: no
        eth4:
          dhcp4: no
          dhcp6: no
      bridges:
        br0:
          dhcp4: yes
          dhcp6: no
          interfaces:
             - eth0
          routes:
             -  to: 192.168.100.0/24
                via: 192.168.45.3
                on-link: true
        br1:
          dhcp4: no
          dhcp6: no
          addresses: [10.45.0.1/24]
          interfaces:
             - eth1
        br2:
          dhcp4: no
          dhcp6: no
          addresses: [10.45.1.1/24]
          interfaces:
             - eth2
        br3:
          dhcp4: no
          dhcp6: no
          addresses: [10.45.2.1/24]
          interfaces:
             - eth3
        br4:
          dhcp4: no
          dhcp6: no
          addresses: [10.45.3.1/24]
          interfaces:
             - eth4
    
  7. sudo netplan generate
  8. sudo netplan apply
  9. reboot

Without my eth1-eth4 devices plugged into a switch, rebooting takes forever.

Advertisements

Standing Workstation

This has been the most intricate thing I’ve built. I learned quite a bit about carpentry in the process.

Made it Fit

This is a Digium card, clearly intended for a 1U or ATX case. One of my goals is to reduce the number of high speed fans in the lab, so I repurposed my Lanner chassis. Using a typical twist drill bit is a poor choice for the job of an end mill, but it came out ok when I put a rotary steel brush to the aluminum plate.

20180216_152343-asterisk1

Soldered new cabling

20180216_152355-asterisk2

Heat shrinked cable ends fit nicely

Robocopy Notes

Install cmder: It’s the nicest shell I’ve seen for windows. Run your console as Administrator. Otherwise you can’t use the /B backup switch. Also rember you need to do a net use command as administrator.

Before you robocopy stuff, setup a dedicated drive letter. The drive letter is only available to the logged in session. So if you have drive p: for Bob, and then you boost your console to Administrator–no more drive p: ! So dont use the users drive mappings: create admin drive mappings.

net use p: \\nas02\backup\ "secret" /user:bob /persistent:yes

Remember to type the password with “double quotes” and not ‘single quotes’. If you type single quotes you may as well be typing capital Xes: they become part of your password.

The net use command to see if you already have a drive share. Close any File Explorer windows open to that server becuase that’s equivalent of have a net use $d /user:anonymous open at the same time, and windows wont cooperate. Mount the directory

There are a lot of switches. We’ll assume a C:\Users directory.

C:\Users\bob> mkdir c:\temp
C:\Users\bob> cd C:\Users
C:\Users> robocopy bob P:\bu-bob\ /mir /ZB /FFT /XA:SH /W:5 /R:2 /dcopy:T ^
 /XJ /XD "Temp*" "cache2" "temporary internet files" "*cache*" /NFL

First try the command without the /LOG switch. The command goes faster with the LOG turned on, do that later. /XF is a pattern to exclude files. Example log option: /LOG:C:\temp\bu.txt. The /NFL will show directories. not files.

The /MT flag is useful, but it prohibits logging, not available on Vista. The /XJ flag should be default, but sadly–no. Juntion points create these really frustrating backup path loops. Use /XJ!

Recent Samba Tips

I’ve been having some difficulty with old systems brought up to recent patch levels sharing directories. Some of these settings in smb.cnf have helped me out:

security = user
ntlm auth = yes
debug level = 8
min protocol = SMB2

FreeNAS: Installing Dovecot

Various notes on installing dovecot on FreeNAS 11. I understand this has no dovecot security applied. This is a tutorial for a LAN lab environment.

    1. If the FreeNAS is a VM, make sure the virtual network adapter permits permiscuous mode. This allows jails to network.
    2. Create dataset.
    3. Adjust Jails Setting, disable DHCP fn-jails
    4. Create a jail with an IP address and allow.raw_sockets=true. This allows ping. Make sure that VIMAGE is unselected.fn-jail1fn-jail2
    5. Add storage to jail. Both /usr/ports and /mnt/pool/jails/foo.
    6. Install vim:
      1. jls
      2. sudo jexec foo sh
      3. # cd /usr/ports/editors/vim
      4. make install
    7. Update pkg metadata for jail
      1. # pkg update
    8. Install screen, dovecot from package
      1. # pkg install dovecot
      2. # pkg install screen
    9. Edit dovecot stuff
    10. Message from dovecot-2.2.33.2_2:
      ---------------------------------------------------------------------
      You must create the configuration files yourself. Copy them over
      to /usr/local/etc/dovecot and edit them as desired:
      
      cp -R /usr/local/etc/dovecot/example-config/* \
      /usr/local/etc/dovecot
      
      The default configuration includes IMAP and POP3 services, will
      authenticate users agains the system's passwd file, and will use
      the default /var/mail/$USER mbox files.
      
      Next, enable dovecot in /etc/rc.conf:
      dovecot_enable="YES"
      ---------------------------------------------------------------------
      To avoid a risk of mailbox corruption, do not enable the
      security.bsd.see_other_uids or .see_other_guids sysctls if Dovecot
      is storing mail for multiple concurrent users (PR 218392).
      ---------------------------------------------------------------------
      If you want to be able to search within attachments using the
      decode2text plugin, you'll need to install textproc/catdoc, and
      one of graphics/xpdf or graphics/poppler-utils.
      ---------------------------------------------------------------------
    11. We’ll skip the imap search features for now
    12. Let’s create a user inside this jail
      1. adduser, nologin, use a password
    13. Verify /var/mail/kathy exists
    14. Check in on QuickConfiguration
    15. in /usr/local/etc/dovecot…
      1. should be using conf.d/auth-system
      2. conf.d/10-auth: disable_plaintext = no
    16. /etc/pam.d
      1. create dovecot:
      2. auth    required        pam_unix.so
        account required        pam_unix.so
    17. conf.d/10-mail.conf : mail_location = maildir:~/Maildir
    18. 10-master.conf: comment out pop3
    19. 10-ssl.conf : ssl=no
    20. in ../dovecot.conf: remove ‘::’ as interface to listen on
    21. # service dovecot restart
    22. Now attempt to hit it with thunderbird, use configs like this:fn-tbird-imap

Next is Outlook

Follow these directions on adding a IMAP account to Outlook.

If it’s really old, microsoft suggests this article.

 

File System Thots

A brief experiment in calculating a histogram of file sizes:

$ find -type f -size -128000c -printf "%k\n" \
| sort -n \
| perl -ne 'BEGIN{ %h=(); } 
{chomp $_; $h{$_}++;} 
END { foreach my $k (sort {$h{$a} <=> $h{$b}} keys(%h)) { 
      print "$k $h{$k}\n"; }}'
137 3
145 3
121 3
129 5
113 7
25 10
105 14
97 21
89 29
81 35
73 38
65 60
57 92
49 165
1 221
41 317
33 781
9 4220

Ubuntu 14.04 Bonding is Bonkers

It took reading through this launchpad bug to find ideas on how to get a bonding interface working on Ubuntu. This is dumb and why people hate computers: could they at least have provided a more useful syntax or better warning messages?

auto eth7
allow-bond0 eth7
iface eth7 inet manual
   bond-master    bond0
   mtu            9000

auto eth8
allow-bond0 eth8
iface eth8 inet manual
   bond-master    bond0
   mtu            9000

auto bond0
iface bond0 inet static
   address        10.52.0.1
   netmask        255.255.255.0
   network        10.52.0.0
   gateway        10.52.0.2
   bond-slaves    eth7 eth8
   bond-mode      balance-rr
   bond-miimon    100
   bond-downdelay 200
   bond-updelay   200
   mtu            9000
   use-carrier    1
   pre-up (sleep 2 && ifup eth7) &
   pre-up (sleep 2 && ifup eth8) &

And you want to make sure all interfaces are down. Then rmmod bonding. At this point, ifup bond0 should complain a bit but it should work.