PieterB's blog

I’m not sure what’s wrong with LinkedIn but once I see more then 300 people working for a small (“KMO”) bookkeeping company, an alarm bell triggers….

Followers for this company

• Non
• xxx
• firemam
• hostess
• machinebediener
• Private

And a lot of new hires who have nothing to do with this company.

I’ve contacted LinkedIn customer support and the owner of this company…

Started reading the newest book from Michael W. Lucas.
One sentence immediately catched my eye:

Network adminstrators all share an abiding and passionate desire for just one thing: We want our users to shut up.

I really like Lucas no-nonsense style

As I want to do some testing with vSphere @ home, I installed 2 ESX and 1 ESXi host on VMWare Workstation 7 running on Linux. 2 layers of virtualization…. ==> a lot of memory required!

Found this interesting solution: you can lower the memory requirements of ESX(i) (I lowered them to 1.5GB as I only run 2 lightweight debian vm’s on each ‘host’)

Edit /etc/vmware/init/init.d/00.vmnix
Change RequiredMemory=2064384 to 1376256 for more or less 1,5GB

Although I like Puppet for its user-friendly config files, It’s not always the best option.
The Cfengine system has proven itself since 15 years and is still a lot faster…

The USENIX magazine did a review in one of their latest issues comparing CPU time and resource usage.
The results: Cfengine was around 15 faster in execution time and user 40 times less CPU than Puppet .

Of course you should always be careful with benchmarks: the review is based on somewhat older versions… and maybe there is a lot of optimization that can be done

I start working for a subsidiary (ICTRA) of the NMBS this month. A fast and effective recruitment!

Recently I bought a new smartphone/GSM, a Nokia E52.

The most important requirements/features:

• good connection possibilities (3.5G/HSDPA support, Wifi/WLAN and Bluetooth) (I’ll use the phone for tethering).
• exceptional battery life (> 2 weeks standby time
• not too expensive (I’m not really that interested in mobile phones…)

I really don’t care about:

• A camera: I prefer a real analog or digital camera for that
• fancy colors
• the operating system: it just has to be a good phone… (stable, well-proven)
• multi-tasking: I can only do one thing at a time

Because of some positive reviews about the Nokia E52, I did not hesitate…

… and was very suprised by some nice features.

GPS

The E52 has built-in Assisted-GPS. But what makes the Symbian platform so special, is the supported software.
Recently, the use of Ovi Maps became free. You can preload maps to your phone, so you don’t need to download all maps with an expensive GPRS/3G connection. (I bought an 8GB microSD memory card and uploaded all available maps with ‘Map Loader’ – 3GB)

Altough I like Ovi Maps more then Google Maps, you can also use Google Maps… The first offers better navigation, the latter sometimes offers better search results.

Off-road/backtracker use? ViewRanger. Especially useful for Great-Britain, Norway, ….
For my country Belgium, you have to buy an over-the-air download token pack. Scale: 1/100.000 to 1/10.000: this are very detailed maps. ViewRanger is also starting a beta program for Android users.

There is still another solution: the discontinued Garmin Mobile XT. With some tricks, you can even use TOPOgraphic maps which you’ll normaly only find on Garmin devices… .

Other

• Python: there’s a special edition of Python for Symbian.
• Open Source: the symbian platform is made available as open source code

Digitaal leren is al langer een feit, maar Moodle wil ik ook persoonlijk sterk aanraden. Sinds kort zet ik het in voor mijn lessen aan Syntra.

Dit openbron ‘Learning Management System’ heeft miljoenen gebruikers (dus ook de nodige ondersteuning!). In Belgie zijn ongeveer 180 sites geregistreerd. De installatie is vrij eenvoudig en ook met het beheer (configuratie, gebruikers, cursussen…) ben je op korte tijd vertrouwd. Alle functionaliteiten die je mag verwachtten van een digitaal leerplatform zijn aanwezig. Forums, opdrachten, toetsen/testen met verschillende vraagvormen, wiki’s.

Voor de CVO’s of scholen die ondanks de hoge kosten (en bugs) toch nog Blackboard zouden gebruiken: veel van de data vallen erg eenvoudig te importeren.

Persoonlijk vind ik het systeem ook iets beter dan Dokeos….
Sakai heb ik nog niet getest, maar is ook iets veeleisender voor een kleine omgeving (Java)

Meer dan 900 kilometer file op de wegen. De filebarometer op de standaard kan het zelf niet aan. Overflow.

Waar zijn we mee bezig?

Ook de ‘gewone’ structurele files zijn rampzalig. Hoe verlieslatend!
Vlaanderen, Belgie, Europa: het is tijd om te investeren in VPN verbindingen en projectmanagement applicaties toegespitst op thuiswerk. Er zijn meer dan genoeg bedrijfjes die dit op een kostenvriendelijke manier kunnen realiseren voor u

En dan schrijf ik nog niet over de 20 stenen die ik al naar mijn ruit gekregen heb de voorbije weken (en nog geen putjes, voelt zoals de Lotto winnen!), de problemen met de verlichting, het SMOG probleem, zout dat aan auto’s vreet…. en Janssens nv (DS)

Sometimes (for smaller offices or companies), an Alix or Soekris can be used instead of a more expensive product from Cisco.

VPN
On an Alix 2D3 with glxsb crypto accelerator enabled you get +- 20 Mbps IPSec VPN throughput (with AES-128 CBC)
3DES speed is slower, but this can be enhanced with a miniPCI hi/fn card (more then 30Mbps)

Cisco mentions 100Mbps (max!) for its ASA5505 appliance. This device also uses a Geode LX processor, but it comes with
other accelerators to enhance aes/3des speed.

High-Availability
PfSense is clearly a winner if you need HA for a low price. The Cisco ASA5505 (Basic) has no HA support.
HA shouldn’t be expensive. For example you can use Multi-WAN features with an ADSL and Cable subscription.
2 ALIX PfSense boxes and you’re done.

Price

Cisco ASA5505 SSL25-K8: Firewall. DMZ. VPN (25 SSL users). max 20 VLAN’s : more then 2200 euro

Alix 2D with PfSense: Firewall, DMZ, VPN, VLAN, CARP Redundancy : max 150 euro

Off coure, I’ve you invested a lot in Cisco hardware and training, you can better use Cisco devices.

I’ve had no big issues so far with the new pfSense version, although it’s still a beta. I especially like the OpenVPN and Dashboard improvements, and the LDAP auth support. I still have to experiment with the Layer 7 QOS / Traffic Shape features.

Recently I also bought the official book “pfSense: The Definitive guide to the Open Source Firewall and Router Distribution“. I can recommend it if you don’t want to spend too much time searching the web for some common deployments/features.
I you want to dig a bit deeper into the inner workings of the pf firewall, the “Book of PF” is another one I can recommend (No Starch Press).