Fnord.

I have a friend in Illinois who likes Sun hardware, preferably running OpenBSD. We used to hack a lot together, but since I moved he’s gone rather hog-wild on Sun gear. Thanks to Midwestern house sizes, he has a large-ish closet full of gear that I am very impressed to see. I had to share; the following are his pictures and text.

Main stack, first picture

Main stack, second picture

Other tower 1

Other tower 2

The photography leaves a lot to be desired, but I think you get the
idea. The pics labelled tower1a and tower1b are the “main stack,” if
you will. Starting from the top down: little black box is cable modem
from Comcast. Under that is a sparcstation 5 which is the firewall/router.
Under that are two sparcstation LXs. Next, two sparcstation 4s (one of
which is my home ftp server), two sparcstation 5s, two sparcstation 10s,
two sparcstation 20s, two ultra 5s (of of which is the main fileserver
connected to the 711 6 disc external array in the foreground of the
second pic), two ultra 1s, and a beastly ultra 2 complete with
two 400Mhz processors and a whopping 2G of RAM. Considering when
this thing was first on the market, it’s a true godbox! On the floor
are two APC smart ups, monitored by the two ultra 5s (and whence by all
the others). To the right you’ll see a couple 16 port network switches
which may be replaced shortly by one 24 port switch. Under them are two
Lightwave ServerSwitches, cascaded together with 8 ports each. Using these,
all 16 of the sparcstations/ultras are connected to a single keyboard, mouse
and monitor up in the library. And ’cause they’re Suns (the cool older kind),
they can be remotely powered on and off via the keyboard. Cool, eh?

Of less interest are the HP laserprinter and a couple generic boxen
running Windows 2k pro (for Jodie) and Ubuntu (pour moi). These are
connected via kvm extenders to our keyboards, mice and monitors in the
library.

The second pair of pics (tower2a and 2b) are of the other tower located
in the closet with
the furnace, water heater and water softener. From the top down are:
sparcstation IPX and IPC, sparcstation 1, sparcstation 2, an LX and
a Classic, sparcstation 4, two ultra 5s, a 24 port network switch,
another pair of Lightwave ServerSwitches, an Ultra 1, another fully
loaded ultra 2, a sparcstation 10, a sparcstation 5, and a sparcstation 20.
One of the ultra 5s is a backup for the main fileserver. The sparcstation
5 is connected to the 711 box on the floor and also monitors the APC smartups
1500 you see (it’s the black box on the floor). The IPC and sparcstation 2
netboot via the sparcstation 5. All of these are operated via a keyboard,
mouse and monitor in the next room (this is in the basement). The older
suns (anything before the classic) can’t be powered on/off via the
keyboard. One project is to wire some remote power switches for those.

Waiting in the wings, so to speak are three more IPCs, three more IPXs
(one of which is new – never used), a couple classics and LXs,
a sparcstation 2, 5, 10, 20 and
an ultra 5. Several of them are fully operational and updated with the
latest version of OpenBSD. The ultra 5 actually has Solaris 8 loaded.
Oh, and guess who just scored a sparcstation 1+ and another ss2 off
ebay? If you were counting, you’ll have noticed two empty ports on
the Lightwaves in the second “tower.” I’ll put the ss1+ there and
maybe one of the extra IPXs.

All of the boxes in the towers are fully operational running OpenBSD 4.7.
Dmesgs available upon request. Many of them are fully loaded with RAM.

I’ve had some stacks in my time, but damn! Mad props and extreme jealousy, even though my current server probably is faster than all of those combined.

My trusty Linksys/Cisco RV042 has decided to crap out. Monit has been sending alerts for the past few days, but tracking it down was proving difficult since it mostly happened during the day. Yesterday I was home in the afternoon to sign for a package and managed to catch the failure in person.

First hint – server and access point lose ethernet link:

That should never happen. Ever. Indicates hardware failure…

Wander over and the router is just showing the yellow failure LED:

I did some research and the RV042 is still the best model for what I want: months of uptime, good firewalling, PPTP VPN, 55Mbit WAN->LAN, done. I really considered the RVL200, but in the end it was too late to cancel the Amazon order.

Anyway, replacement arrives tomorrow, please bear with us until then, as we’ll have continuing intermittent outages.

PS The failing unit is on a UPS, and has an Ethernet surge suppressor on it, though it could be the power supply itself. Very odd.

Update 3/20/10: Router replaced last night. Should be smooth running from here out! Replacement was quite easy due to the ability of the RV042 to save and load a settings file via the browser. The only glitch was the U-verse modem must have the router in its ‘DMZ Plus’ mode, and that’s keyed to MAC address, so I had to cable into the u-verse and configure that. Ten minutes start to finish.

I woke this morning to a slew (here defined as ‘62′) of ssh dictionary attacks:

There were already 20 or so last night. Looks like a new botnet/attack wave or similar. I’m using DenyHosts and quite frankly, you should be too.

If you’re running Debian, there’s a nice package for it that I use and recommend. I’ve set mine to trigger on 3 attempts, but I’ve few users and most use ssh keys and not keyboard auth.

Might be a good time to run chkrootkit and change some passwords!

I was taking a few pictures of the new server, and hit on the idea of trolling the photo library for a nerd photo essay on “phfactor: this is your life!”

Here’s circa 1998, Albuquerue: SparcStations dominate, with an LX for circuit design and running Office (DX2 486 PC on an Sbus card, quite cool for the time.) Fileserver and DNS on a sparc2 (using a DecStation box for the full-height hard drives!), sparcprinters and HPLJ3p, via Ghostscript. If you look closely, you’ll see a couple of SGI IRIX boxes, a 486 running FreeBSD 2.2.6 (dialup/NAT bridge), oscilloscopes, 10-base2/T hubs and other such arcana. The shelf with the monitors on the left is double-layer, as it sagged under the 100lb+ weight of the monster CRTs of the day. Man, I don’t miss those at all. Three seven-foot racks, custom made by my wonderful father-in-law-to-be:

Then there was my actual desk:

(Full album of pictures is here, FYI.)

Dual-Pentium-MMX, baby! One of my better projects underneath the monitor – car stereo amplifier/EQ, in a HP GBIB floppy enclosure I repurposed to house it and provide 12VDC. Still works! Clicky M-series keyboard and my ‘behind the 8-ball’ Kensington trackball. Looking close, I see my old 6-CD changer, whose primary use in life was running Riven without changing CDs for Chris.

In Dec of 99, we moved to Dekalb, IL and I rebuilt the racks using smaller hardware, sold and gave away a few thousand pounds of obsolete stuff and restocked the racks for our shiny new DSL connection. Now running a Debian-based firewall on a Pentium 90:

The gap on the left is the just-sold Sparc 10. Good box, beautifully made and built. I also swapped my SGI Indigo2 for a Garmin Etrex GPS for flying. Good trade, that. Somewhere in here, phfactor started being a server and hosting a website. OpenBSD on Sparc is still one of my favorite platforms, super slim and damned near impossible to hack. I’m pretty sure the sparc LX there in the picture is serving up www.phfactor.net, very early on.

(That laserjet4M+ lasted close to a decade. Best printer from HP ever.)

The teeny-tiny monitor was surplus from the LANL/SNL auctions; former bank display. 7″ monochrome VGA, and perfect for a server rack in the pre-LCD days.

In the lower right, there’s a 1920s-vintage voltage monitor that I scavenged from a physics trash can. Simple, easy to read, nice way to monitor your wall voltage. I still have it, actually. It shows up in a few pictures on this page.

After a 20-month lease, we bought a house in St Charles, with a big walkout basement, and I got to stacking:

MaxStack 'o' Sparc

That’s pure nerd beauty. SparcStations everywhere! Tape backup! DNS, web and mail, split across machines. Slow, loud, hot and hard to manage. Note the high-nerd-value Kalpana, the first ethernet switch if memory serves. Early-stage WiFi, too, D-Link hardware that worked pretty well.

Later, I collapsed to a server running Debian (lower left tower):

Compute Corner

Still have the laserjet4, though. And mixer. And Geiger counter. FibreChannel off to the left.

Across the room was the electronics bench:

Man, I miss having the space for the bench. It also worked great for building machines: (Here, I was shoehorning OSX 10.0/1 onto maxed-out PPCG3. Didn’t work very well.)

In 2005, we moved to Lincoln Ave in San Diego, and I gave away a lot more stuff. No more sparc, now trying for quiet gear. Debian moved to a Pentium-D box in an Antec Sonata II case with hardware RAID:

Now up to a color laserjet, heavier and not as good. On the plus side, no more heavy and power-hungry CRTs, either.

Now at last we get to the present. pHFactor is now completely run from a nearly-silent machine the size of a Harry Potter hardback:

The old and the new

(Zotac Ion mini-itx, Intel Atom 330 dual-core with 4GB of DDR3 and a 250GB laptop drive, external 90W PS. NV9400M, so 16-core nvidia GPU as a Cuda bonus. $189 for the motherboard, $65 for memory, $35 for the case. See below for links.)

That’s the Antec in the background for scale. The mini-itx hardware is freakin’ tiny:

Nice heatsink on the CPU, shows why it can run fanless:

I had initially planned on zero noise via no moving parts – the Zotac has an optional fan, and the case and PS have none. I had to compromise, though. SSDs are still too expensive (I need the 256GB) and in the end I had to use the Zotac chip fan due to the CPU hitting 89C. Thermal shutdown alerts, ahoy!

That’s with hard drive installed, pre cable cleanup.

And here’s the final shot, sitting very unobtrusively in the living room, dwarfed by the modem from AT&T U-verse:

If the room is quiet, you can hear the 40mm chip fan; other than that a huge win. The server now has fast ethernet to the modem, which solves all sorts of speed and reliability issues I was having with the previous WDS backbone to the upstairs. Yeesh, was that a lose.

Smaller, faster, cheaper, less noise, almost no heat, 4GB of memory and 4 CPUs when you log in. Damn but the times are amazing, and I’m a lucky nerd indeed. I am really coming to appreciate silence and low power, and now I’m basically down to finding a better mini-itx case that will have decent airflow. I think if I do that I can lose the chip fan.

The Atom is an amazing CPU, and these perform pretty well. See this and this and this for more info on it and the Zotac. It feels a bit slower when logged in, due to the slower laptop hard drive, but that’s a tradeoff I’m happy to make.

Update 9/24 – links to where I got hardware:

• Zotac IonITX-A-U, 190$.
• Xeot X1 Mini-ITX case, $40 or so.
• Corsair XMS2, 4GB in two sticks, $65.

From your point of view, phfactor.net should be faster and more reliable. And hey, anyone need a pentium-d system, well-equipped?

Last but not least, check this out. It’s a large box, full of screws, for various computers. All from surplus, none purchased. I was looking at this and wondering how many machines I’d worked on to accumulate it. Dozens, maybe over a hundred? Wow.

Updated 9/26/09 – added bench pictures, hardware links, more edits and a bit of commentary.

Just a quick note – I replaced the WDS remote node on the wireless bridge, upgrading it from an 802.11b/g Airport Express to the 11n version. I think I’ve got everything back up, so the only thing you should notice is perhaps a bit more speed. Fingers crossed, need to go add it to SNMP/Cacti…

I was talking to a co-worker about DNS registrars today, and ran whois on yahoo:

whois yahoo.com
‘
Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

YAHOO.COM.ZZZZZZ.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
YAHOO.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
YAHOO.COM.ZZZZZ.DOWNLOAD.MOVIE.ONLINE.ZML2.COM
YAHOO.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
YAHOO.COM.VN
YAHOO.COM.VIRGINCHASSIS.COM
YAHOO.COM.TWIXTEARS.COM
YAHOO.COM.TW
YAHOO.COM.SG
YAHOO.COM.MX
YAHOO.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
YAHOO.COM.JTNELECTRIC.COM
YAHOO.COM.JENNINGSASSOCIATES.NET
YAHOO.COM.IS.N0T.AS.1337.AS.SEARCH.GULLI.COM
YAHOO.COM.HK
YAHOO.COM.ELPOV.COM
YAHOO.COM.EATINGFORJOY.NET
YAHOO.COM.DALLARIVA.COM
YAHOO.COM.COLLEGELEARNER.COM
YAHOO.COM.CHRISIMAMURAPHOTOWORKS.COM
YAHOO.COM.BR
YAHOO.COM.BGPETERSON.COM
YAHOO.COM.AU
YAHOO.COM

Apparently, this has been going on for a while. I know that I get spam addressed to the email addresses in my whois records. The usual collection of bastards (Hi, Network Solutions!) that sell the whois access also sell another service to remove your email address from the record. Nice to work it both ways, eh?
Anyway, spam gets everywhere these days. Sad to see an old tool compromised.

I run Smokeping as part of my suite of network monitoring tools and quite like it. Today it’s telling me things I don’t want to hear:

Odd how the delay and variance went though the roof there on the right, eh? If you look closely, the changes in the baseline delay before that were due to router changes on Speakeasy – we moved to AT&T in mid-March.

Let’s zoom in:

Now here’s my problem – if I call AT&T and explain what I’m seeing, it’ll probably take hours just to get to a tech who doesn’t assume I’m an idiot. I’m fully expecting front line techs that believe that, if the net is up then the call is over.

Ahh, my kingdom for a geek-friendly ISP sometimes.

One does wonder – router change? More people on the subnet? Porn-addicted suburbanites?

Update 5/26:

We had a voice outage and rebooting router & wifi fixed it – actually, they reset the router, which was a pain. So now its fine and I don’t know what the fix is. Yaaarrrrgggg.

When we moved here, I switched us from Speakeasy DSL + Telasip VOIP to AT&T U-verse combined service. It’s worked well, but tonight we have no dialtone and the router shows this:

Hopefully of short duration. Network’s working OK, slower than usual though – getting .5MB/sec from Apple, odd.

OK, had to call AT&T, but TCP port 25 is now unblocked, as per this thread, and so inbound email is working again. I have to figure out outbound via SSL/TLS and such, but at least mail should be getting delivered here OK.

The tech put the modem/router in our living room, which is cool but problematic: The server, usul, that runs phfactor is noisy, and poorly suited to the room.

Today I managed, over the course of a couple hours, to setup WDS using two Airport Expresses, with the net result (pun intended) that usul now lives upstairs, and its ethernet goes to an airport express. That connects to the one in the living room, and the result is that of a ‘virtual ethernet cable’ between the two. Sounds simple but took a while and several factory resets to get working. We’ll see how reliable it is; I also had to lose the faster speeds of 11n since one of the Airports was B/G only.

I’m a bit nervous, in that I’ve never entrusted my only server to a wireless-only link before, but running cat5 here is basically impossible. Fingers crossed. If this dies I might have to go HomePNA or something.

As of last night, you should be seeing a big speedup on all phfactor sites, from 40k/sec to 200. We’re now hosted on AT&T u-verse service instead of Speakeasy.net. I love Speakeasy, but the economics are hard to argue with: Speakeasy was $90/month for 3.0/.768 (megabits/sec) and AT&T is 18/1 for $65! What’s more, the DSL modem is showing that we’re actually provisioned for 25/2 and speed tests confirm that’s what I’m getting.

(Since that screenshot it got faster. When’s the last time you saw that, eh?)

Anyway, we’re also trying their bundled voice service, will post with results. So far, I’m pretty happy with U-verse and I’m really happy to finally get an increase from offsite as well. Hopefully it’ll be as reliable as Speakeasy.