Disable Fritzbox Provider Services

This weekend went my Internet (VDLS) down. The DSL part was still up, but the IPv4 connectivity (over PPPoE) was down. When I checked the Fritzbox (7340) I saw that the DLS had 'trained' on ~100Mbps down and ~30Mbps up. Connection speeds I could only dream of......

Trying to re-establish the IPv4 connection I restarted the DSL modem. Upon reboot, it trained on about 70Mbps download and 30Mbps upload, and the PPPoE tunnel for IPv4 established nicely..... for about 5 minutes.

It turned out that the DSL connection tried to get a better connection, and got it. So starting off at 70Mbps, it could establish a 74Mbps a couple of seconds later, and 75Mbps a bit later after that, and so on, and so on. During this time the PPPoE connection worked like a charm. Until the DSL reached the magical 100Mbps rate. That's when the PPPoE (and the actual IPv4 connection to the Internet) failed.

Posted on May 17, 2016 by Willem and filed under Annoying, Hardware, Internet, Tips'n Tricks and tagged vdsl vvdsl vectored Fritzbox provider services upgrade.

Kodi Media Playback Stops Frequently

Ever since the good-old Popcorn Hour died last year, we've been consuming our media through a Minix media player with XBMC, or Kodi as it's called since version 15. And even though this was a complete package (everything configured and pre-installed), it had a learning curve and required more maintenance than the Popcorn Hour.

A couple of weeks back, we started to experience cut-offs in the media we were consuming. TV shows, and movies stopped for no reason. The image froze, audio cut-out, and the subtitles would go on like nothing was wrong. After a few seconds display goes black, and after 5 to 10 seconds the Kodi-menu would present itself.
At this point we would select play, and the TV show, or movie would continue were it had stopped.

The stopping (or crashing) of the media could occur 1-10 times in a movie and a couple of times in a TV show. One or two times is already annoying, so you can imaging what 10 or 15 'crashes' might invoke....

Posted on December 1, 2015 by Willem and filed under Tips'n Tricks, Software, Hardware, Annoying and tagged Kodi XBMC Minix SMB media crash.

Apple iOS Personal Hotspot Annoyances

This week, I ran into an annoying feature regarding the Apple iOS Personal Hotspot function of my iPhone 5s. I had to do some software testing with various WiFi clients. This worked fine, up to the moment that new devices ran into connectivity problems.

The new devices could connect, but got a message that there was no/limited Internet connectivity. Checking the IP address of the devices showed that they had an 169 address assigned.
So the iPhone wouldn't give new IP addresses to the new devices. Earlier devices that connected correctly could reconnect without a problem though.

It turned out to be a 'normal' DHCP problem. The IP address scope on the iPhone was depleted.

The iPhone has a small DHCP address pool that can give out 16 addresses (172.20.10.0-172.20.10.15). Of these 16 addresses are 3 taken by the network, broadcast (172.20.10.0 and 172.20.10.15) and iPhone itself (172.20.10.1). Leaving 13 addresses for other devices.

In normal situations, this shouldn't be a problem, but when your testing stuff, you can run into a shortage of IP addresses. Besides the shortage of addresses there is another challenge; no way of altering the DHCP lease time, or even clearing the issued IP addresses.

The lease time for the DHCP address is approximately 1 day (85536 seconds), as shown by a little network traffic capturing below.

20:53:29.544291 56:e4:3a:38:4d:64 > 00:23:6c:8d:7f:8e, ethertype IPv4 (0x0800), length 342: (tos 0x0, ttl 255, id 45806, offset 0, flags [none], proto UDP (17), length 328)
    172.20.10.1.67 > 172.20.10.2.68: BOOTP/DHCP, Reply, length 300, xid 0xfd7e0982, Flags [none]
      Your-IP 172.20.10.2
      Server-IP 172.20.10.1
      Client-Ethernet-Address 00:23:6c:8d:7f:8e
      sname "Free-Public-WiFi"
      Vendor-rfc1048 Extensions
        Magic Cookie 0x63825363
        DHCP-Message Option 53, length 1: ACK
        Server-ID Option 54, length 4: 172.20.10.1
        Lease-Time Option 51, length 4: 85536
        Subnet-Mask Option 1, length 4: 255.255.255.240
        Default-Gateway Option 3, length 4: 172.20.10.1
        Domain-Name-Server Option 6, length 4: 172.20.10.1

There is a function to reset the network settings on the iPhone, but that just clears everything regarding (wireless) network settings, but it doesn't touch the DHCP service in the iPhone. A reboot of the iPhone doesn't do the trick either. So you just have to wait till it clears automagically.

So there is room for improvement......

Posted on July 30, 2015 by Willem and filed under Annoying, Apple, iPhone, Tips'n Tricks and tagged iOS Personal Hotspot dhcp.

Remove Online Services From iTunes In iOS8

The new iTunes iOS app that goes with the Apple Radio launch annoys the heck out of me. For some reason the GUI designers (and marketing peoples) think that the Apple online services are the only thing you'll ever need. This results in an iTunes menu bar where 80% is useless to me.

Posted on July 18, 2015 by Willem and filed under Annoying, Apple, Tips'n Tricks, iPhone and tagged iOS iTunes.

OS X Yosemite DHCP Server

This week I re-installed my Mac Mini server at home. It still ran Snow Leopard, and it was time to start with a clean slate. So after a couple of hours of pondering if I had forgotten to backup something, I started with a clean install of OS X Yosemite (10.10).

Everything went smooth, until I started using the DHCP service that comes with the Server App add-on.

My server uses 802.1q (VLAN-tagging) to connect several different VLAN's which I feed into several Virtual Machines. So I also use several DHCP Scopes for those segments.
The IP addresses for these scopes are all in the 192.168-range (class C subnets), so when I created the scopes I had to go through a simple wizard in the Server App. I just had to fill-in the blanks (very user friendly), and OS X did the rest.

Upon testing I ran into the weirdest behaviour on my network. Getting connectivity with a device took a very long time, and when the device got an IP address, it was from a different network (???)> So it couldn't communicate across the network.

At first I began to wonder if I had mixed up the VLAN names and tags, but those were correct. After an hour of troubleshooting (more and more DHCP clients were failing in the network), I found the problem;

When you create a scope Apple will assign a default subnet mask (255.255.0.0). I guess I should have seen it, but I didn't.

After I changed the subnet mask in the DHCP scopes everything went back to normal.

Lesson learned: Don't rely on wizards and other user-friendly stuff.

Posted on December 31, 2014 by Willem and filed under Apple, Annoying, Tips'n Tricks and tagged DHCP OS X Yosemity Server Scopes Class C.

PlayStation Network Down and How To Get It Working Again

This Christmas (2014), several gaming networks were attacked by a DDoS. One of those networks being the Playstation Network (PSN). This resulted in severe downtime during the holiday season. Sony is/was working hard to resolve this and service is being restored all around the world. Except for me (and probably several thousand other gamers). As of this morning (December 29th, 2014) I was unable to log on to PSN. All I got was one of the much telling error codes:

NW-31456-9

CE-33987-0

Someone on the Interwebs mentioned that a change in the MTU size might help. The MTU size is the maximum transfer unit on a network, which is normally at 1500 (bytes) for regular network clients. In some case it's preferable to adjust this size (I won't get into details).

In the case of PSN being down, an adjustment from 1500 (the default) to 1473 seems to do the trick at the moment. Not sure if it wil hold up in the (near) future, but at least you can get online to play on your new Playstation 4 or with the new game you got for Christmas.

Go to the “Settings” menu.
Go to “Network” sub-menu.
Go to "Set Up Internet Connection".
Choose your media (WiFi or LAN).
Choose “Custom.”
Leave everything as default except MTU (Manual).
Change MTU settings to “1473”.
Save your changes.
Test the Internet connection.

And if you are more of a visual kinda person:

Everything should work now. If not, you may try a reboot.

Lowering the MTU size means that smaller packets are being send over the network (max. 1473 bytes instead of 1500 byte packets) , this is not a bad thing, but might lead to some performance problems in some cases. Just remember that you changed this setting. You want to (or have to) change this back to the default (1500) in the future.

I do not know if this works for other gaming devices. You may try at your own risk (and leave the results in the comments if you'd like).

UPDATE: As of this morning I was able to sign in to PSN with an MTU of 1500 (access the Playstation Store etc.), but I was unable to play online games (Battlefield 4). Changing the MTU back to 1473 fixed that (again).

UPDATE 2: As of this morning (31 december) I can also connect to PSN with an MTU of 1500, so everything is back to normal.

Posted on December 29, 2014 by Willem and filed under Annoying, Tips'n Tricks, Gaming and tagged PSN Playstation Network NW-31456-9 Offline MTU 1473 PS4 CE-33987-0.

OSX 10.10 (Yosemite) and Audio Out Changes

Yesterday I ran into a new Yosemite feature that annoyed me a bit. After changing the input on my Dell 27" display from DisplayPort to HDMI, the screen turned black on my 27" iMac, and audio stopped. Forcing a reboot (holding the power button for >4 seconds) was needed to get the iMac's display back.

But from that point on, the audio was greyed-out in the menu bar. Changing the volume on the (Apple) keyboard gave a disabled icon on screen. Also, no audio was playing over my external speakers.

My first thoughts were that the earlier crash had corrupted something on my system, so I did an additional reboot. Nothing. After that a PRAM reset (power off, power-on and hold command-option-P-R until you have heard two start-up 'boings'). The start-up sounds were there, so the actual audio hardware was just fine.

When the desktop loaded still no audio control, until I unplugged my DisplayPort connector on the Dell 27" monitor. Audio (controls) came back instantaneous.

So, with DisplayPort connected to the external monitor: no audio (controls), and without the DisplayPort: audio (controls).

Turns out that with Yosemite, the audio is channelled BY DEFAULT over a DisplayPort connection (to a external monitor). In my case, the Dell also has an audio out connector, and I guess that is 'advertised' over the DisplayPort.

Changing the default behaviour is done in the System Preferences -> Sound

The first image shows the default (at least in my case). Changing the settings to the second image gave me back the audio and volume control.

I have no idea if this was also possible with Mavericks (or even earlier versions of OSX), but it's definitely a (default) feature that annoyes the hell out of me.

Even though I tackeled the audio problem, the issue with loosing the display when I change the video input on the external monitor still remains. But only if the desktop is extended to the second screen. It doesn't occur when the screen is mirrored.

Posted on November 18, 2014 by Willem and filed under Annoying, Apple, Operating Systems, Tips'n Tricks and tagged audio DisplayPort Yosemite.

Apple OSX Server Firewall

My Apple OSX server (Mountain Lion) at home is the centre of my network and entertainment system. It provides provides the following services:

DNS
DHCP
VMWare Server platform (VMWare fusion)
Air Video HD Server (for streaming video over the network)
General Internet download station

Since several (soft-, and hardware) upgrades and redesigns of my internal network (from a single VLAN to a multi-VLAN with firewall services and traffic inspection) several services failed under certain circumstances. E.g. Air-Video would work internally where the client was in the same network as the OSX server network interface. But trying to connect through the SSL VPN stopped working for some reason. Also, the VNC Viewer did work in the old days, but stopped working over time. Same for several static NAT entries; worked before, and stopped working without 'no reason'. Other services like ssh did work in the old and new network design....

Posted on September 3, 2014 by Willem and filed under Annoying, Apple, Security and tagged ipfw firewall OSX server Air Video.

Apple OSX DHCP Server Challenges

The last week, I've been experimenting with the Juniper Mobility System Software (MSS) in conjunction with two Juniper/Trapeze Access Points (type WLA522E). The MSS software is a Wireless LAN Controller (WLC) with manages the Access Points, and like so many Juniper Product; it can run in a virtual machine.

For the AP's to boot / connect to the network they need some basic information about where to find the WLC from which they receive their wireless settings. This can be done through DNS, or through DHCP. The first uses specific DNS records, and the latter uses DHCP Options (option 43 to be precise). I wanted to use the latter (which is a bit more challenging).

Posted on August 25, 2014 by Willem and filed under Annoying, Apple, Tips'n Tricks and tagged DHCP Option 43 multi-homed OSX server.

Juniper SRX210 Sudden Back-To-Factory Defaults

Earlier this week I configured an Juniper SRX210 for testing. The configuration consisted of several security zones, IDP, UAC (layer3 enforcement) and Application Firewall and Identification. The Junos version I used was JUNOS 12.1X46-D15.3.

This setup worked until today. Today, the SRX was unresponsive. No ICMP reply, no SSH access, nothing. Accessing the SRX via the serial console showed me the Amnesiac login. This means that the configuration is gone. At least the configuration I created was reset to the factory defaults config. A typical WTF!!! moment.

Fortunately, I had configured logging to an external source (Splunk). So I went to investigate. Turned out that the SRX stopped sending syslog messages around 01:30PM. Further investigation showed that the config was actually reset (UI_FACTORY_OPERATION event), and checking the event-codes, it was (probably) done by pressing the reset button on the device.

(the following logging should be read bottom-top)

May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.808+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="finished copying juniper.db to juniper.data+"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.369+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="copying juniper.db to juniper.data+"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.369+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="finished loading commit script changes"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.368+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="no transient commit script changes"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.368+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="no commit script changes"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.367+02:00 srx210 mgd 6211 UI_COMMIT_PROGRESS [junos@2636.1.1.1.2.36 message="start loading commit script changes"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.133+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]
May 28 13:28:30 10.0.0.1 1 2014-05-28T13:28:30.355+02:00 srx210 mgd 6211 - - auto-snapshot is not configured
May 28 13:28:28 10.0.0.1 1 2014-05-28T13:28:28.814+02:00 srx210 mgd 6211 UI_LOAD_JUNOS_DEFAULT_FILE_EVENT [junos@2636.1.1.1.2.36 pathname="/etc/config//srx210h-defaults.conf"]
May 28 13:28:27 10.0.0.1 1 2014-05-28T13:28:27.823+02:00 srx210 mgd 6211 UI_LOAD_JUNOS_DEFAULT_FILE_EVENT [junos@2636.1.1.1.2.36 pathname="/etc/config//jsrxsme-series-defaults.conf"]  
May 28 13:28:27 10.0.0.1 1 2014-05-28T13:28:27.217+02:00 srx210 mgd 6211 UI_LOAD_JUNOS_DEFAULT_FILE_EVENT [junos@2636.1.1.1.2.36 pathname="/etc/config//junos-defaults.conf"]   
May 28 13:28:26 10.0.0.1 1 2014-05-28T13:28:26.808+02:00 srx210 mgd 6211 - - WARNING: activating factory configuration
May 28 13:28:25 10.0.0.1 1 2014-05-28T13:28:25.378+02:00 srx210 mgd 6211 - - WARNING: removing all configurations
May 28 13:28:25 10.0.0.1 1 2014-05-28T13:28:25.232+02:00 srx210 mgd 6211 UI_FACTORY_OPERATION -
May 28 13:28:25 10.0.0.1 1 2014-05-28T13:27:35.000+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]
May 28 13:27:19 10.0.0.1 1 2014-05-28T13:26:39.941+02:00 srx210 - - - - last message repeated 11 times
May 28 13:17:19 10.0.0.1 1 2014-05-28T13:16:34.309+02:00 srx210 - - - - last message repeated 11 times
May 28 13:07:19 10.0.0.1 1 2014-05-28T13:06:28.346+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]
May 28 13:05:33 10.0.0.1 1 2014-05-28T13:05:33.297+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]
May 28 13:04:38 10.0.0.1 1 2014-05-28T13:04:38.248+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]
May 28 13:04:19 10.0.0.1 1 2014-05-28T13:04:19.548+02:00 srx210 utmd 1380 AV_PATTERN_UPDATED [junos@2636.1.1.1.2.36 version="05/28/2014 12:36 GMT, virus records: 522178" file-size="18635751"]
May 28 13:03:42 10.0.0.1 1 2014-05-28T13:03:42.934+02:00 srx210 rmopd 1350 PING_TEST_COMPLETED [junos@2636.1.1.1.2.36 test-owner="XS4ALL" test-name="testsvr"]

This is strange, since there was no one around at the time. So it must have been some sort of bug that caused this.

Thankfully I had a backup of the config, so the device was up and running again within 10 minutes. So now I have to keep an out out for this. Especially the next couple of days.

UPDATE: There's is definitely something wrong with the hardware. I tried different Junos versions (also stable recommended versions), and different configs, but for some reason the device detect a 'Config button pressed' event and goes back to the default factory config. This happens within 12 hours.

The device keeps going back to the factory default config. Today I changed the behavior of the reset button. The reset button doesn't react to physical interactions when adding the following line to the config:

root@srx210# set chassis config-button no-clear no-rescue

Let's see if that helps. If it does, it means that the hardware reset button (mechanism) is malfunctioning.

UPDATE 2: looks like the config button config did the trick (so far). The device is still up-and-running for nearly 24 hours. -keepingfingerscrossed-

UPDATE 3: and we have a winner. The SRX210 is still operational. Just need to remember to add the command when I reconfigure it. Perhaps a sticker on top as a visual reminder :-)

Posted on May 28, 2014 by Willem and filed under Annoying, Junos, Security and tagged srx Junos Juniper.