I recently bought new wifi access points to upgrade the wifi at home. The
main reason was the fact that the TP-Link TL-WDR4300 bought 9 years ago
was sometimes 'hanging' which was solved by rebooting it. This was starting to
get annoying, and the family wants stable wifi which doesn't need instructions
which button to press for reboot.
The upgrade path was going somewhat 'prosumer': support for multiple wireless
SSIDs with a main and a guest network, and I wanted an extra access point
in the shed for working in the back garden, as tested in april
Using the network switch in the shed as remote powerswitch.
The choice was to go with the Mikrotik access points. For the shed and garden I
bought the wAP.ac and for the main access point in the house the hAP.ax3. The
latter has support for the latest and greatest wifi standards, including wifi 6
and WPA3.
It took me a while to configure them, the Mikrotik routerOS userinterface
exposes all the options networking in Linux has, but it takes knowledge
of bridging, routing and firewalling to get it all correct and doing what
I want.
Quick reminder that there is a public RSS aggegator that combines all the ham
radio blog feeds into one web site:
blogs.radio
And I wanted to add the latest from my site PE4KH Amateur Radio
but there was no RSS feed available.
I've been wanting to add such a feed for a while but didn't get around to it.
This was the trigger I needed. The perl script that generates the feed for
idefix.net has now been updated to allow for 'filtered' feeds for
pe4kh.idefix.net and other sites that have a specific part of the
main feed.
And I moved the script to version control so I can work on it on the
development server and deploy to production when it's working fine.
Ik ben oud genoeg om berichten over waterstanden gehoord te hebben op de radio
's ochtends met "Grave beneden de sluis" en ik heb wel eens bij Grave gekeken
op de constructies die daar allemaal zijn in de Maas.
Toen er vrijdag een bericht was Stuw bij Grave stuk: scheepvaart stilgelegd vanwege dalende Maas - NOS
was ik wel benieuwd naar meer informatie. Naast de berichtgeving bij de NOS
dat het herstel redelijk vlot gaat was ik eigenlijk ook wel op zoek naar wat
extra details.
Die ontdekte ik bij Rijkswaterstaat zelf: Nieuwsfeed: Stuw Grave | Rijkswaterstaat
waar ook meer technische details staan.
I had a heavy case of 'Oh Shiny!' this weekend. Recently I've been viewing
and listening some DJ mixes on YouTube, most of them with music from the 1980s
which I appreciate a lot.
Seeing those DJs mix live in those videos made me wonder 'how do they do it'.
In one or more of these mixes I really noticed that a transition seemed to have
happened between one well-known song and another, but I wasn't aware of how and
when the transition happened. The DJ was so good in mixing the two records
together I couldn't hear the point where it happened. In seeking the video I
saw that other people viewing the video had been wondering the same, there was
clearly a peak in viewing time on the transitions. It was also clear from the
look on the face of the DJ he was happy with what he accomplished with that
transition!
In the 1980s the DJ had an audio mixer and two turntables, almost always the
Technics SL1200 with pitch control and fast start/stop. Nowadays this can
be done in software. From a music collection on harddisk with controls to
mix 2 or 4 tracks, with effects, equalizer and speed control. The modern
DJ has a laptop!
I soon found out there is open source DJ mixing software that supports Linux!
Mixxx - Free DJ Mixing Software App
is open source and multiplatform. And it is available as an Ubuntu package so I
gave it a spin (pun intended). Only having one audio device is 'supported' but
it took me some trying to find a setup where I could work 'split' with a master
mix in one ear and a headphone mix in the other. So I loaded some music and
tried to make it into a bit of a DJ mix. I'm not very good at it, but I
enjoyed trying.
Mixxx really prefers Jack audio since it likes having a lot of audio channels.
I tried installing Jack audio in linux but couldn't get it to do what I want
fast. Mixxx also supports the Alsa drivers and I managed to also set it up to
route the main audio to a USB audio device and the headphone audio to the
internal headphone jack. But I had nothing connected to the USB audio device
and I didn't want to annoy my family with the noises of trying to make a good
cutover from one song to the next. Mixxx has an option 'Split' to play the
master output to one ear of the headphones and the headphone output to
another, this is good for practicing.
Control of all the mixing functions in Mixxx can be done with mouse and
keyboard, but the good part is it also supports all kinds of hardware DJ
controllers. And some of them aren't too expensive... and available on the
second hand market for an even better price.
My earlier failure with an RFID T5577 tag that came with the proxmark3
made me order a bunch of new ones via 10 Pcs T5577 writable RFID tag and while I was
browsing that store I found 100 pcs ntag213 NFC sticker and I had some ideas for Mifare
Ultralight tags, starting with
failing to convert used public transport tickets to NDEF tags.
Today the package came in and the first thing I wanted to do was set up an
Mifare Ultralight as NDEF tag. The fun part is the tag was already set up
that way, so with NXP tagwriter for Android it was really easy to put a
data set with an URL on a tag. Full log below.
The downside is that the tag can't be reset to use for other things than NDEF
tag, since the NDEF identifier is in the one-time-programmable bits. An attempt
to zero out these bits on a tag indeed failed. Reading the NT2H1311G0DU
datasheet makes me realize this is as intended and matches the 'ntag213' in
the description.
The fun part is that scanning the tag with my samsung phone opens the url,
no questions asked. This behavior inspired me to set up a tag to link to the
2023 version of the Rickroll. I see security implications from just opening
a URL without letting the user decide whether this is a good idea.
Somewhere on irc the term "don't host your website on a wet newspaper" is
sometimes used when an url getting a bit of serious traffic makes it really
respond slow or give errors.
So I looked at my own webservers at home and what would happen if one of the
sites got hit with the Slashdot Effect.
As I don't like guessing I played with ab - Apache HTTP server benchmarking tool
to get some idea of what happens under load and/or highly concurrent access.
Especially highly concurrent access turns out to be an issue because there
are only so much database connections available for the webservers. The load
average does go up, but the main problem is clients getting a database
connection error.
I started looking at caching options to allow the dynamic pages to be cached
for short periods. This would make high amounts of traffic have the advantages
of having a cached version without losing the advantages of dynamic pages.
By now this has cost me more time and energy than the advantage of ever
surviving a high amount of valid traffic. And to be honest the chances of a
DDoS attack on my site because someone didn't like something I wrote is higher
than the chances of a lot of people suddenly liking something I wrote.
This was all tested with the test and development servers, so actual
production traffic was never affected by the tests.
Apache built-in memory cache with memcached
I first tried the Apache module socache_module with
socache_memcache_module as backend. This did not cache the dynamic
pages, just .css and other static files which originate from diskcache or
ssd storage anyway. All kinds of fiddling with the caching headers did not
make this work. With debugging enabled all I could see was that the dynamic
pages coming from cgid or modperl were not a candidate for caching.
I could have used memcached from the web applications directly, but that
would mean I would have to rewrite every script to handle caching. I was
hoping to add the caching in a layer between the outside world and the
web applications, so I can just detour the traffic via a caching proxy
when needed.
Haproxy cache
Between the outside world and the webservers is a haproxy installation anyway,
so I looked at that option. But the haproxy cache will not cache pages that
have a Vary: header, but even after removing that header in Apache the
next problem is that the Content-Length: http header has to be set in
the answer from the webserver. With my current setup that header is missing in
dynamic pages.
Varnish cache
Using varnish cache means I really have to 'detour' web traffic through another
application before it goes on to the final webserver. This turned out to be the
working combination. But this caused confusion as Varnish adds to the
X-Forwarded-For header and I had an entire setup based on this header
being added by haproxy listing the correct external IP address from the view of
haproxy. It took a few tries and some reading to find the right incantation
to specifically mangle back the X-Forwarded-For header to the right state
in the outgoing request to the backend server. The varnish cache runs on the
same virtual machine as the test haproxy, so the rule was to delete
, ::1 from the header.
Tuning haproxy to avoid overloading a backend
In looking at things and testing I also found out haproxy has a
maxconn parameter for backend servers, listing the maximum number of
open connections to the backend. By changing this number to something lower
than the maximum amount of database connections the site starts to respond slow
under a high number of concurrent requests, but it keeps working and doesn't
give database errors.
I sometimes think YouTube is quite good at suggesting new videos to me with
interesting subjects. For a while I've been seeing Tom Scott videos and
Connections Museum videos. But only today YouTube suggested to me this video,
Tom Scott at the Connections Museum! So maybe YouTube isn't
completely on to me.
Of course with Sarah from the Connections Museum explaining things.
One of the wishes we have for the home network is good wifi coverage in the
back garden so we can sit outside on nice days to work without running UTP
cables. The access-point in the central place in the house doesn't cover the
back garden. Ideally I would also like a separate 'guest' wireless network at
home.
These wishes was taken into consideration when upgrading the fiber to the shed network
with a Netgear GS310TP switch. This switch has Power over Ethernet (PoE)
support so it can power an acccess-point. The next step was to find an
access-point supporting VLANs and multiple SSIDs.
Recently I borrowed a Mikrotik Wap.AC to test the options. It took me a bit to
get used to the RouterOS userinterface but I managed to get it all working in an
ideal configuration: Management via one VLAN, a 2.4 GHz wireless network
bridged to the trusted wireless network, a 2.4 GHz wireless network bridged to
the guest wireless, a 5 GHz wireless network bridged to the trusted wireless
network and a 5 GHz wireless network bridged to the guest wireless.
The final test was with the Mikrotik Wap.AC in the shed with power over the
network cable. This worked!
Ideally the wireless network in the backyard is 'on demand' because we only use
it when working from home or sitting in the backyard and we can save the power
at other times. So the idea of a button 'wifi in backyard' and an automatic
shutdown in the evening is nice. I searched and it is indeed possible to
control the Power over Ethernet in the Netgear GS310TP switch with snmp.
Based on GS110TP deactivate PoE over SNMP for specific Ports
I soon had working snmpset commands to disable/enable power to a
specific port, and the Mikrotik followed nicely. Value '1' is PoE on and
value '2' is PoE off:
$ # switch PoE on for port 8
$ snmpset -v2c -c ******** ******* 1.3.6.1.2.1.105.1.1.1.3.1.8 integer 1
iso.3.6.1.2.1.105.1.1.1.3.1.8 = INTEGER: 1
$ # switch PoE off for port 8
$ snmpset -v2c -c ******** ******* 1.3.6.1.2.1.105.1.1.1.3.1.8 integer 2
iso.3.6.1.2.1.105.1.1.1.3.1.8 = INTEGER: 2
Ideally there would be a button (zigbee?) near the backdoor to request "On"
and a scheduled task every day to switch it off in the evening.
Weird Al Yankovic, Palladium London 16 Februari 2023, The Unfortunate Return of The Ridiculously Self-Indulgent Ill-Advised Vanity Tour
Somewhere in November last year I saw that Weird Al Yankovic on
The Unfortunate Return of The Ridiculously Self-Indulgent Ill-Advised Vanity Tour
was also coming to Utrecht! So getting tickets was a good idea, especially
when it turned out the tickets were going really fast.
So I went on 20 february 2023 and I had a great evening. The concert was at
Tivoli Vredenburg in Utrecht, which is cycling distance from my house. A friend
came along and he found it a great idea to park at our house and cycle to a
bicycle parking really close to the concert.
I looked up the setlist: “Weird Al” Yankovic Concert Setlist at TivoliVredenburg Grote Zaal, Utrecht on February 20, 2023 | setlist.fm
and comparing that to earlier Weird Al Yankovic concerts it's clear he took a
different route in this tour. Mostly own work, some of the 'in the style of'
songs. He did the extended extended version of Albuquerque with lots of types
of Donuts and he 'restarted' the song to make the sauerkraut joke again.
The previous Weird Al Yankovic concert I saw was in Amsterdam was more the
style with the parodies and the costumes.
Setlist of that concert: “Weird Al” Yankovic Concert Setlist at Melkweg The Max, Amsterdam on September 30, 2015 | setlist.fm.
This was a concert with standing room and I turned out to be in the splash zone
for the end of 'smells like nirvana'. A group of fans had their own aluminium
foil hats for 'Foil' so Al was really enthusiastic about their response and the
whole audience had lots of fun.
To give space for the costume change there was also use of video. And when
there was a bit of video with Al reacting to Eminem with 'Say what??' a number
of times I expected Word Crimes and indeed that happened.
Anyway I enjoy the music of Weird Al Yankovic. I started with the parodies and
I sometimes remark 'this is a strange version of a Weird Al Yankovic song' when
I hear for example Gangsta Paradise or Like a virgin. The
polka versions are always fun to me. I didn't really like the personal songs
the first time but after hearing them a few times and discovering the layers
including the jokes I start to appreciate them too.
And recently Rob o'Hara did an episode
of his podcast You Don't Know Flack about Weird Al. Rob is also a big fan of Weird Al
Yankovic and has seen him perform in the US multiple times. And listening to
this podcast episode made me write down 'my' Weird Al story.
Rob also went on a pilgrimage of the sites in Tulsa, Oklahoma where the
outside shots of the UHF movie were filmed: UHF - My 15 Year Pilgrimage. Now that is a Weird Al Yankovic fan!
The picture in this newsitem is from the same tour, just a few days earlier.
I tried taking some phone pictures but there was nothing good and I found
this picture with a nice license which captures the tour really great.
Ages ago I added a way to get access to my google contacts as a thunderbird
address book. But on installation of thunderbird on a new laptop I couldn't
find a simple answer to "how did I do that again?!?".
With access to the old laptop I was able to reconstruct my steps, so I'll
note them here:
Install cardbook as add-on in Thunderbird
Go to this add-in in the Thunderbird userinterface
From the top left 'hamburger' menu, select 'Address book', 'New address book'
A window pops up asking 'Address book location', select 'Remote'
The next window asks 'type of your address book' and gives google as
default selection
As username enter the standard address used for your google account. This
doesn't have to end in @gmail.com.
After entering the address, click 'Validate' and a window pops up with a
minimal browser to log into your google account. Do this.
After logging in the browser window will ask for permission for Cardbook to access your google contacts.
After selecting a colour for this new address book you can use it.
In the process google will probably send you alerts about this new
login and permission.
And now my contacts are synchronized between android phone, google contacts web
interface and thunderbird!