Well, that was fun.

e89eb2739d317a3add03de4d2230566c_viewI’m still here! Just been very, very busy with a massive relocation project at work that started in April (although the planning began in 2013) and finally finished in early September.

We moved around 500 users, their associated desktop systems, multiple computer labs, and most of an entire-floor datacenter/server room from one facility (in multiple buildings) to a newly-remodeled/built-out area in another building about four miles down the road.

This all had to be done with a minimum of disruption to production systems, and at the same time I had to move our DNS and LDAP infrastructure from systems housed in that datacenter to VMs running at our corporate datacenters – so that it wouldn’t be affected by the move.

Lots of long hours, and then the final move phases itself – the first weekend I spent 32 hours at the office, and the weekend after that I was here for 22 hours. Then three days later my mother had surprise emergency heart bypass surgery and I had to spend a week in a hotel in Oklahoma City while she pulled through and started recovery.

However, all that’s done, and my insane stress level is slowly, slowly coming back down to normal now that the holiday season is here.

Building the Perfect Router/Firewall for $45

I recently replaced my Linksys WRT54GL routers (running DD-WRT of course) with an ALIX 2c3 running pfSense. Not only is it faster, better-built, and has more features, it looks cool. Unfortunately, the cost for a refurbished 2c3, enclosure, and power supply was around $150.

For those of you wanting to build your own tiny pfSense system, I’ve found an alternative. It’s not as small, or as completely quiet, but can provide just about equivalent functionality.

First, buy a used MaxTerm MaxSpeed 8300 thin client off ebay. That seller has them for $45 shipped, buy-it-now. These were sold as XP Embedded thin clients, but are actually complete PC systems with 512M memory, a VIA C3 “Ezra” 800Mhz CPU, and a 512M Compact Flash card and reader standing in for the main hard drive.

Take off the stand and top cover, and they look like this:

System Front

System Back

System Side

In these pictures, I’ve already installed an Intel Pro/100 Server-S PCI 10/100 network card in the PCI slot. The CompactFlash card reader is below the PCI slot; you’ll have to remove the small cover concealing it.

As received, these systems (I bought two) have Windows XP Embedded installed on them.

Booting Windows XP Embedded

XP Embedded

You’ll want to take the 512M CF card installed in the system, and use your USB card reader and another system (you DO have another system and a CF card reader, right?) to write the pfSense image to the card.

CF Card Slot

If you boot the system without a CF card installed, the screen will look similar to this:

BIOS Boot Screen

Once the pfSense install image is written to the card, put it back in the system and boot.

pfSense Booting

At this point all console I/O switches to the serial port. You’ll need to connect another system (or a dumb terminal, etc) to the serial port on the back of the system and continue initial configuration there. The cable should be a null modem, the speed 9600 N81.

Once initial configuration (network port and IP assignments) is done via the serial port, you can continue final configuration and setup via the web interface, and do all further management through SSH or the web.

I’ve been running a pfSense box for about two weeks now, and am really happy with it. With these thin clients, I can now build a firewall for a friend, and have a spare in case of problems with my ALIX board.

Dell Mini 9 Hackintosh

Thanks to a kind soul, I’ve been fiddling around with this since earlier this week:

Mini 9 - About This Mac

A Dell Mini 9, refurb from the Dell Outlet. 1024×600 screen, 16G solid-state disk, and an Atom N270 CPU. I’ve upgraded it to 2G of RAM, and just today installed the “US-International” keyboard to have a more “standard” layout.

I used this method to install Mac OS X on the system. It runs great – for the sort of things that I use it for, the performance is just as good (not as fast, but “just as good”) as my circa-2006 Core Duo 13″ MacBook.

Apple does not condone “hackintoshing”, but I would buy an Apple portable in this form factor if they would release one. I’ve owned thirteen different Apple systems in the past ten years.

The Mini 9 was discontinued a few weeks ago, but Dell replaced it with the Mini 10v. Three guys from my Masonic lodge have now ordered Mini 10v systems after seeing my Mini 9 earlier this week.

New toy: Asus EEE 4G

Picked up an Asus EEE 4G tonight at MicroCenter. The Houston store had four in stock, clearance-priced at $202 each (down from $349).

So far, I’m impressed. This will serve as an excellent mobile terminal for SSH and web browsing, and possibly as a serial terminal using a Keyspan USB-to-serial adapter.

The factory Xandros Linux install was quickly replaced with Ubuntu EEE. The only problem I ran into was needing to upgrade the Atheros wireless drivers.

A 2G DDR2-667 SO-DIMM to upgrade the memory from the default 512M was only $18 with free shipping from NewEgg. I should have it by the middle of next week.

Can’t complain about equipment uptime..

Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU,
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 17-Jul-00 17:35 by ayounes
Image text-base: 0x00003000, data-base: 0x00301F3C

ROM: Bootstrap program is C2900XL boot loader
switchname uptime is 4 years, 42 weeks, 4 days, 20 hours, 
46 minutes

System returned to ROM by power-on
System image file is "flash:c2900XL-c3h2s-mz-120.5.2-XU.bin"

cisco WS-C2912-XL (PowerPC403GA) processor (revision 0x11) with 
8192K/1024K bytes of memory.
Processor board ID FAB0519Y004, with hardware revision 0x01
Last reset from power-on

Processor is running Enterprise Edition Software
Cluster command switch capable
Cluster member switch capable
12 FastEthernet/IEEE 802.3 interface(s)

I should probably upgrade the IOS image on this switch (this is what it shipped with), but I don’t have a Cisco CCO account with access to download the latest version.

That was NOT FUN

Early Sunday afternoon, there was apparently a power and/or UPS failure in the datacenter at my office. By 5pm, most of the systems were back up except for one that I’m responsible for.

Fire up the VPN, hit the ILO remote console (one of the few things that makes using x86 systems as servers bearable) and see “Cannot find boot.bin” Uh-oh. I head to the office at 6pm.

It seems that a certain Sun patch turns non-GRUB systems into non-bootable systems after application. There’s a specific set of steps to follow when this patch is installed and a system is “upgraded” to the GRUB bootloader, but apparently Sun’s “smpatch” utility does not follow these steps. The patch had been applied months ago, but the system didn’t get rebooted until the power outage.

I figured “Okay, the system was running Solaris 10 FCS, so its time to do an upgrade install of S10u4 anyway”. After some other problems and workarounds, four hours later, I watch in resignation as the install hangs and locks up (not accepting keyboard input at a Y/N prompt) while trying to install the CPQary package. This package is the drivers that Solaris x86 needs in order to use the hardware RAID built into the Compaq DL360.

I bite the bullet and do a “nuke from orbit” fresh install of S10u4, planning to restore from backups. I ended up having to rebuild most of the services on the box by hand (which was better in the long run, as things needed cleaning up) as our backup system had also been affected by the power outage and it wasn’t available until Monday morning.

To make a long story short, I went to the office at 6pm Sunday, and finally walked out of my office to go home and get some sleep at 10:30am Monday. 16 hours is the longest single shift I’ve ever pulled anywhere, and certainly the longest after-hours session.

I’ve got one more service to restore onto the box on Tuesday, but it’s non-critical and could wait until I got some rest.

I can’t complain – I might have incidents like these once or twice a year, and it’s a lot better than getting called or paged every other day like I was used to at my last job. I really like my job and my managers and coworkers.

It’s Just Not My Day

Went to CompUSA tonight and bought another gig of RAM for the MacBook, intending to upgrade it to a max of 2G (I currently have 1.5G in it).

Got home, installed the RAM, powered up the system – OSX sees all 2G. Great! Then I powered down, put the memory slot cover back on, put the battery back in, and fired everything back up.



The 60G drive crashed, hard. I needed to take the system in for AppleCare service to get the discolored top plastics replaced, but I wanted to be able to do it on MY schedule and not because other parts of the system had failed as well.

The MacBook has worked fine as my main system for the past week, I wish it hadn’t chosen tonight to kill itself.

update: Instead of dealing with the Galleria Apple Store again, I just called AppleCare and they’re going to send me a postage-paid box to send the system in to them via DHL for repairs. I should have the box tomorrow, and the system will hopefully be back within a week with new top plastics and a new hard drive.