Press "Enter" to skip to content

Category: computers

Xbox Live Open NAT Using pf on OpenBSD

Published January 6, 2009

Detailed photo of the word 'Strict.' from the Xbox 360 Network Test which insists that my network setup is restrictive.

It’s done. My Xbox 360 is now working properly via NAT talking through the Trashwall and using WOW! service.

After getting my previously mentioned pf problem on Trashwall sorted out I tested out the Xbox 360 to see if the network test for Xbox Live would pass. Guess what? It didn’t, continuing to insist that my NAT type is strict.

A bit more research (and information which seems to come from this post at Russ’s Blog) indicates that the Xbox Live uses the following classifications for NAT:

Strict: Symmetric NAT.
Moderate: Cone shaped NAT with port filtering or with UPnP turned off.
Open: Cone shaped NAT with no port filtering or with UPnP turned on.

Cone and symmetric NAT descriptions are formalized in RFC3489, and a bit more digging brought up this general how-to for using OpenBSD’s pf, indicating that the static-port directive on a NAT rule (described here in the POOL OPTIONS section of the pf.conf(5) man page) makes OpenBSD do cone-shaped NAT.

So, overall, what did it take to fix it? Well, it was actually three things:

· I switched to Wide Open West for data service, which gave me three IPs.
· While the whole house was NATted through one of the IPs, the Xbox 360 alone has been bidirectionally NATted through another.
·The magic static-port option on the NAT line for the Xbox 360.

Without a second IP I wouldn’t have been able to forward all ports inbound, which without a UPnP daemon (which didn’t go well before) would have resulted only a NAT setting of Moderate.

All of this has been documented in the updated version of the article on the Trashwall, my home’s a firewall / NAT device / switch / whatever built out of an unwanted PowerMac G4.

(In case you didn’t notice, this photo does a good job illustrating the wire in a aperture grill, such as the one here on an Sony KD-34XBR970 CRT HDTV. If you’d like to see the original without the no sign, here’s the small version and here it is at full res.)

4 Comments

binat on OpenBSD’s pf Confuses Me

Published January 6, 2009

UPDATED: This is fixed. See the bottom of the post.

With the move to Wide Open West for data service at home I now have up to three IPs available, all assigned via DHCP. In order to best use them and work around the Xbox Live problems I was having I wanted to do the following:

– Assign one IP to one interface, and NAT everything through it, like normal.
– Assign a second IP to a second interface, and use binat to have my Xbox 360 to basically have its own public connection. (Sort of like being in the DMZ on a Linksys box.)
– Leave the third IP alone for times when I want a non-firewalled connection.

While I have this set up, it doesn’t seem to be working. Here’s my current configuration. If anyone can tell me what I’m doing wrong or offer suggestions, please do so:

Continue readingbinat on OpenBSD’s pf Confuses Me
Leave a Comment

Wide Open West Physical Installation

Published January 4, 2009

New junction box installed on the outside of my condo when Wide Open West service was installed. I think the installer did a good job.

Last Monday I had Wide Open West CATV and internet service installed. The installer was a nice guy, did just what I wanted, and did a good job putting the new junction box on the outside of the house. As requested he left the Comcast line going into the house, replaced the old splitter, and let me take care of the data side of things (very basic to set up; no Comcastic walled garden crap), and had an MCard for the TiVo.

The only problem I had is that he wasn’t familiar with setting up TiVos and forgot to check for reception of HD channels. A phone call to WOW! service after he left got those turned on and everything was set.

Thus far I’ve been mostly happy with the data service. Tests at DSLReports.com have shown that I can achieve the claimed 15Mbps downstream and 2Mbps upstream quite regularly. Everything has been much faster in real use as well, and uploads to my photo gallery are far, far faster now.

I intend to write up a more technical description of how I like the service, including how I intend to use the three IPs (DHCP assigned) that I’m allocated as part of the service, but that will have to come later. For now I’ve got some other projects to wrap up.

Leave a Comment

Considering Wide Open West

Published December 27, 2008

For years I’ve had Comcast for data services here at my house. I’ve had few problems with them, my IP rarely changes, and the service seems decent. However, I’m trying to figure out a few things about it and searching at Google isn’t providing many results, so I’m hoping that some of you can help me.

I currently pay $62.95 for just data from Comcast. In researching getting a better deal I came across a package from WOW! with 2Mb/sec uploads with digital cable for $99/mo. This package is WOW!’s Xtreme Turbo 15Mbps (2Mbps Upload) Internet and Digital Value Cable Bundle:

WOW! Xtreme 15Mbps Internet is ideal for online gaming, video streaming, downloading large photos and accessing video-rich website content, and includes 5 e-mail accounts, 3 IP addresses and 10 MB of web space. WOW! Digital Value Cable delivers your local broadcast networks and Basic Cable, with an on-screen Interactive Program Guide, 45 channels of commercial-free CD-quality digital music, multiple channels of your primary premium services, expanded pay-per-view selections and access to WOW! OnDemand, our Video OnDemand service with a continually updated library of over a thousand titles including movies, kids’ shows, sports, music, and events.

· How do you like the service overall? What sort of problems have you had? Is the HD content decent or degraded ala Comcast?

· In this it says that I’d get three IPs, but do any of you know how those are allocated? Does the modem (or upstream stuff) just hand out that many, or are they statically set?

· If addressing is done via DHCP, what’s the lease time from WOW!?

· WOW!’s Additional Services & Equipment page lists CableCARDs as costing $3.50/mo. Do you know if this is an M-type? I’m needing to put this in a S3 TiVo, so it’ll have to be either an M-type or I’ll have to get two S-type.

UPDATE: I just signed up for WOW! with an install date of Monday. I was told the first CableCARD is free, and is an M-type. Installation is free, and the referral program should get $25 for both my aunt and I after a couple months. All three IPs appear to be allocated via DHCP, so it’ll take some fancy stuff to have multiple IPs on Trashwall, but I’ll see if I can do it. Ideally everything will be natted via main IP except the Xbox 360 which will be binatted to a second IP to get around Xbox Live / NAT issues.

2 Comments

ODD SATA for Time Machine

Published December 26, 2008

Two SATA cables connected to the ODD SATA port in my Mac Pro, leading to external connectors fitted in a slot on the back of the case.

I’ve been having problems getting Time Machine to reliably back up to a 750 GB disk attached to my AirPort Extreme. Things will work great for a while, but then the backups will just start failing as if the .sparsebundle has become corrupt. This seems to happen if I sleep my machine while Time Machine is backing things up, wake it briefly, then sleep it again before TM completes. On the next backup things will simply fail and never work again.

This wouldn’t be so bad, except that since 10.5.5 or so this speedup for the initial Time Machine backup doesn’t seem to work any more. It’s almost as if Apple removed (or broke?) .sparsebundle TM support locally.

I decided that the best fix would be to sidestep the problem and just start doing Time Machine backups locally, but I’m out of disk slots in my Mac Pro. Wanting this done quickly (and as cheaply as possible) I ran over to Micro Center, picked up a plate for the back of the computer which adapts two internal SATA to eSATA ($7.99) and a cheap eSATA disk enclosure ($26.99). The adapter cables were fit to the ODD SATA ports in the Mac Pro, which are two unused SATA ports on the board apparently reserved for optical drive use.

Not having right angle connectors made this a tight fit, but everything set nicely in place once the connectors were seated. The plate was mounted in the unused second video card slot, 750GB disk (from the AirPort) fitted in the enclosure, and everything setup on a shiny new partition. Time Machine is now doing its thing, about 10% done in one hour, and hopefully it’ll all continue working.

I do not like this store, but it’s the only reasonably priced local computer parts shop. The whole building, customers, and staff all feel as sleezey as what one would find at Gibralter Trade Center. Sales staff that can regularly be overheard selling products based on the wrong information, commission sales, and returned / defective products sold as ‘refurbished’. Think Fry’s with a layer of skin oil on it, like an old keyboard.

Leave a Comment

Microsoft: Dump Switch Support for Windows

Published December 18, 2008

Schematic from Microsoft's article Dump Switch Support for Windows.

Known mostly as a software company, it surprised me a bit when I came across the article Dump Switch Support for Windows at Microsoft’s site a few years ago. This site has a schematic (which appears to have been done in Paint, detailing a PCI device for generating an NMI to force a machine to bugcheck and dump.

Many servers have NMI switches built in, but it’s quite nice to be able to add one to a PCI slot bearing device of your choice. I think it’d be nice to know how to do this on PCI Express, but it’d take me a little time to figure out how. It’s probably not as easy as this implementation.

Leave a Comment

NGROUPS_MAX to 64 under FreeBSD 7.0-RELEASE on banstyle.nuxx.net

Published December 8, 2008

Just so everyone knows, I’m changing NGROUPS_MAX on banstyle.nuxx.net to 64 shortly, which will require rebooting the box. Everything should come back up okay after this.

This change is being made so that a user can be a member of more than 15 groups, which will allow me to add far more local web hosting users under the lighttpd / PHP privilege separation model which I prefer. Due to some incoming sites this is needed in order to best host them. As far as I can currently tell this will only break NFS, which I don’t use.

I’ll update this post once the reboot is complete.

UPDATE: Well, that seemed to have gone as expected. Per usual, please let me know about any problems you are having with the server.

Leave a Comment

Bad Mood

Published December 7, 2008

After failing to get my grandparents iMac G5 working again and with an overwhelming feeling like I haven’t been accomplishing anything, I started to get in a bad mood this afternoon. Fast forward to this evening and I’m feeling downright awful. I think I’m just acting cold, not very talkative, and extremely pessimistic all while feeling like little matters and I can’t fix the problems I’ve created. I wish I knew how I could make myself be in a better mood, but absolutely nothing sounds like it’ll help.

Maybe I just need some better food and a good night sleep. The bowl of potato chips in front of me do not qualify as good food, so I’ll have to eat something else soon.

On a related note, I think the only realistic solution to my screwing up my Grandparents’ computer is to build them a PC out of spare parts, locate a (working) monitor, and get that to them. It’s not as elegant as an iMac and likely won’t be as easy to use, but at least it should work. I’ll then part out the iMac and sell the pieces on eBay. I know the display, RAM and various small cables work properly.

This means more work for me. Hopefully I won’t screw this up somehow too.

(No, I didn’t get it working, even after attempting to reflow some of the connections, checking for any solder droplets or wire pieces on the board, ensuring all cables are right, etc.)

Leave a Comment

iMac G5: Worse Than Before

Published December 6, 2008

Image of the machine in Open Firmware showing video glitches present after recapping. I suspect that there are cold solder joints and the video card isn't getting proper power.

Well, I managed to get all the capacitors I previously complained about desoldered and the new parts fitted. However, the iMac G5 now displays video glitches while POSTing, and it never boots past a plain blue screen with an artifacted cursor. As can be seen above, video glitches are also present in Open Firmware.

Looking at this photo (large size here) and seeing what may be some cold solder joints I suspect that some of the caps — specifically those for the video controller / memory — aren’t doing what they are supposed to. This means that I’m going to be taking the machine back apart tonight or tomorrow and attempting to reflow those joints.

I’m disappointed. It really frustrates me when I screw something up.

UPDATE: I think I should probably take a look at the display cable and its connector as well.

2 Comments

I Fail At Desoldering

Published December 6, 2008

Another view of the domed caps, after some of the dried electrolite had fallen off.

My grandparents computer is an older iMac G5. When installing an Airport card in it last weekend I noticed that a number of the capacitors were domed, and some were leaking electrolyte, a sure sign of failing capacitors, possibly because of the capacitor plague. After digging around through Digi-Key, Mouser, et al I found that the cheapest way to get a set of replacement caps is to order them from The Cap King. He sells a set of the 25 needed caps for $16 shipped, and the set arrived earlier this week.

After sorting the caps, tearing down the iMac, and removing the logic board I identified which caps needed to be replaced, marked them by type, then set about desoldering two of the most accessible ones. This is where I began to have problems.

Normally I’m pretty decent at soldering, but getting these first two caps out was difficult. The first one left a lead sitting in the board, and the other three holes still contain solder. I presume its because of the number of layers in the board and the giant planes of copper near them, but I cannot seem to get enough heat on the board to melt the solder all the way through and wick it out.

Here are two photos of where things currently stand: 1 · 2. I think the next thing I’ll try is pre-heating the board with a hair dryer, then leaving the hot air flowing over it while attempting the desoldering. Hopefully that’ll help.

Leave a Comment