[IOML] Life in the Isle of Man LUG?

Daniel Ankers dan at weirdo.org.uk
Wed Jan 28 07:53:21 GMT 2004

I've switched back to *mumbles the name of an OS* to feed a new found
addiction to Medal of Honor.  I'll switch back to a proper OS soon though.

I did try putting GoboLinux on this box to have a play - it looks kind of
different, changing the traditional Unix directory names for something kind
of logical, but MS have innovated a new way for their OSen to not play nice
with anything else so I managed to hose my Win2k install AND couldn't get to
Linux either.  For attempt #2 I'll use a completely separate hard drive, I

My MoH adddiction, combined with sharing my ADSL with housemates who use
bandwidth-intensive programs, led to me fiddling with Linux traffic shaping.
I tried the cbqinit script, which simply didn't work, and then tried
manually setting up HBQ and SFQ, which still needs some fine tuning but
overall works pretty well.

I also got my first bit of coding committed to a major OSS project!  (I'm
dead proud of this.)  Anyone who uses a DMX 6Fire soundcard should notice
the change

I tried OpenBSD on my home webserver for a while, but couldn't really get my
head round it, so I switched back to Debian.  The security updates on Debian
apply a bit quicker ("apt-get update && apt-get upgrade" sure as hell beats
"cvsup && make world" on a slow machine) and I know how to admin it!

Meeting again for beer sometime in the near future really does sound like a
good plan!


----- Original Message -----
From: "Dylan Smith" <dyls at alioth.net>
To: "IOM LUG" <iom at mailman.lug.org.uk>
Sent: Tuesday, January 27, 2004 9:38 PM
Subject: [IOML] Life in the Isle of Man LUG?

> Hi all,
> Long time since there's been any messages...I do note there's quite a bit
> of recent Linux interest on the manx.net forums though, so I guess I'm not
> the only Linux user left here :-)
> So for the first message of 2004, some fun things I've done with Linux in
> 2003...
> 1. User Mode Linux - i.e. virtualization. I changed the organization of my
> server a bit, mainly to help in terms of security. I've turned one
> physical box into a virtual network. A bit like IBM does with LPARs on VM
> mainframes, just on a small scale.
> I split the box into five separate User Mode Linux instances. The host
> system does nothing but run these and route network traffic to/from them
> (each UML has a public IP address) and act as a firewall. Four of the
> virtual machines are 'production' (one is a web server, the other does
> shell and SMTP, another is a DNS server, and the fourth is a
> differently-configured webserver to allow FrontPage extensions (which I
> wanted to keep separate from everyone else). The fifth is for testing and
> trying to break).
> The challenge is that two of the virtual machines need to share a file
> system. The only way to do this seems to be using NFS at the moment
> unfortunately. I'd prefer something a little lighter weight, especially
> since the two machines share the same piece of hardware.
> Unexpected benefits was that when the web server VM got Slashdotted (not
> by Slashdot, but by a pilot's union members all simultaneously hitting a
> dynamic site at the smae time), the shell and DNS VMs remained responsive.
> In the old, all-on-one setup, when there were 200 Apache instances, your
> shell would be completely starved of resources (indeed, you couldn't log
> in to see whether the machine had crashed!)
> There are some overheads to splitting the physical box this way, but they
> seem worth it. (I've since persuaded the pilot's union to go for a
> dedicated server rather than a shared system so they get all the CPU time
> to themselves, and they need it! Also, the site's developer has done a lot
> of work making the scripts less CPU-heavy).
> 2. IPv6. My sites are now all IPv6 enabled. The servers run Debian, and it
> required adding the IPv6 Debian project to apt.sources, then an apt-get
> update/upgrade to get the IPv6 enabled versions of Apache, ssh etc.
> I had some weirdness at home when setting up IPv6. My server network works
> perfectly, but my home network doesn't. My machines all have unique IPv6
> addresses, and access to the IPv6 internet via the BTexact tunnel borker,
> my current ADSL system running as the IPv6 router (as well as IPv4 NAT
> box). The weirdness comes that from my workstation, although I can ssh or
> browse across IPv6 fine, ping6 fails with 'Destination host unreachable'
> if I try to ping the router or an external machine. Traceroute6 fails in
> the same way. However, from the router, I can ping6 my workstation! I'm
> wondering if my cheap-o Netgear switch might have anything to do with
> this.
> 3. Games. I'm far too addicted to RTCW:ET which runs great under Linux. I
> had a dream about disarming landmines the other night.
> 4. Living with OpenBSD. I've also tried the BSD world. I've found that
> OpenBSD makes a fine border security system. OpenBSD's documentation is
> something that Linux should try and live up to - I could understand pf and
> pf.conf by reading the manpage and I didn't have to dive for HOWTOs or
> Google Groups to try and figure out what to do.
> With that said, I think we really are due another IOMLUG beerfest^W meet
> soon.
> --
> Dylan Smith, Port St Mary, Isle of Man    | Code fast, crash young and
> Flying: http://www.dylansmith.net         | leave a beautiful core.
> FFE/Elite Universe: http://www.alioth.net |             -- JK (#afe)
> _______________________________________________
> IOM mailing list
> IOM at mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/iom

More information about the IOM mailing list