Friday 20 December 2013

Headless Ubuntu 12.04 Server

13:48 Posted by Jurgens Krause , No comments
I deploy headless Ubuntu 12.04 server configurations on a regular basis. One of the things that I often forget to do is modifying Grub to try to boot every time regardless of whether or not previous boots were successful.
If you forget to do this, the server might get stuck at the Grub boot screen, forcing you to connect a keyboard and screen to get it going again.

Thankfully Grub 2 has made this a bit easier:

Log in to your server as root or use sudo,

$vim /etc/default/grub

Add the line:
GRUB_RECORDFAIL_TIMEOUT=10

Update the grub configuration:

$update-grub2

The timeout value is in seconds, I use 10 seconds since that gives me ample time to enter recovery mode should it be necessary.


Thursday 19 December 2013

Raspberry PI based FreeRadius Server with GUI

09:49 Posted by Jurgens Krause , , 41 comments
I run a small wireless network for a non-profit organization in my home town, it consists of a single high site with internet connectivity, with nine client sites connecting via wireless. The network is built with Ubiquiti hardware, with a Mikrotik 750 handling the routing. I also use this network for experimentation and learning. One of the things that I have been keen on doing is managing it as though it is a commercial network in terms of the network architecture. To this end I have decided to deploy a Raspberrry Pi based Radius server for PPPoE Authentication. The Mikrotik will serve as the PPPoE server, and the Raspberry Pi Radius server will be managed with DaloRADIUS. The instructions below should be easy to use on any Debian based distro.

Tuesday 17 December 2013

Routing Steam Traffic with Mikrotik

09:56 Posted by Jurgens Krause , , 2 comments
For people living in third world economies, where uncapped high speed broadband internet is only a myth, we are forced to come up with creative means of managing our bandwidth.

The scenario is this:
You have two internet connections, one, a high speed capped internet connection, the other a low speed uncapped option. You would want all game and Steam client traffic to run over the high speed connection, but all Steam downloads have to be routed through the slow uncapped connection. We assume that the default route is through the uncapped connection, and only specific traffic gets routed over the high speed link.

From the Steam website you can find the following port information:


Steam Client:
  • UDP 27000 to 27015 inclusive (Game client traffic)
  • UDP 27015 to 27030 inclusive (Typically Matchmaking and HLTV)
  • TCP 27014 to 27050 inclusive (Steam downloads)
  • UDP 4380

Dedicated or Listen Servers

  • TCP 27015 (SRCDS Rcon port)
Steamworks P2P Networking and Steam Voice Chat
  • UDP 3478 (Outbound)
  • UDP 4379 (Outbound)
  • UDP 4380 (Outbound)
Additional Ports for Call of Duty: Modern Warfare 2 Multiplayer
  • UDP 1500 (outbound)
  • UDP 3005 (outbound)
  • UDP 3101 (outbound)
  • UDP 28960
Now, based on this we want to route all steam traffic apart from Steam Downloads (TCP 27015-27050) via the high speed link, so we start by marking the packets that we want to route to our high speed link:

Having marked the packets appropriately, we want to tell the Mikrotik firewall to route it through a specific gateway:
That's it, you will now be able to use Steam voice chat and the Steam Client through your high speed link with downloads running over you uncapped connection.