user

On This Day: January 16

Below are entries written on today's date (currently defining "today" based on the Eastern timezone in the USA).

Pete's Log: aber ich habe den morgen noch nicht gesehen!

Entry #780, Tue, January 16, 2001, 01:16 EST (Life in General)
(posted when I was 22 years old.)
So I ran into Tony talking to Dr Freeh in the hall. Among the things they were discussing, apparently Tony extolled my skiing, which amuses me. Worked on compilers a bit, but the net in the SSR was sucking so that became painful, so I left. Picked the wrong time to leave campus. The women's basketball game against UConn (which we won, 92-76, woohoo!) had ended 30 minutes before then, so I had to sit in traffic for a while. That was cool, tho, since I'd decided to play a ska compilation cd (first wave, yo!) that I've not listened to much, so I was having fun. Returned to campus after dinner for some more compiler work, followed by Real Genius at movie night. Very funny movie. Enjoyed it. I skipped Eraserhead and went running instead. Good workout, did more leg weights and such. Legs felt very much like jelly by the end of it. Weight also dropped another pound to 164. Brian and I bought a coffee maker on our way home from campus. Yay.
Nobody has rated this entry.

Pete's Log: comp arch

Entry #781, Tue, January 16, 2001, 13:04 EST (School)
(posted when I was 22 years old.)
Dr Uhran cracks me up. He showed up late, I'm sure, to comp arch today. He then proceeded in silence to rearrange things to his liking before addressing us. His main concerns: no auditors and no food or drink. It's looking like this class is gonna be easy, there's several students who've not any comp arch background, so the class is gonna start pretty much from scratch. On the other hand, I think I will get something out of it, it looks like I'll need to give several presentations, which will be good for me, and I think we write a simulator at some point, which should be fun... Dr Uhran and I have a fun history. He's basically the reason I'm still in computer science. I was toying with the idea of switching to government until my sophomore year when he told me I was more suited to be an A&L major than an engineering major. To prove him wrong I stuck with CSE. And now, as my final act of defiance, I shall ace his class. Buahahahaha. Scott Hampton, having returned to ND, is gonna be the TA. So that's cool. I've also decided that other than his habit of pronouncing RISC as risik, I like Uhran's voice for lecturing. I should be able to pay attention when (or if) I need to. Finally, an amusing anecdote: he was trying to figure out people's backgrounds and so was asking if people had programmed in assembly. One kid he was talking to somehow managed to state that he'd programmed in Visual Basic instead. I found that mighty amusing.
Nobody has rated this entry.

Pete's Log: computer graphics

Entry #782, Tue, January 16, 2001, 22:15 EST (School)
(posted when I was 22 years old.)
So I darted into computer graphics and went to it today. I'm still not 100% sure, But I'm thinking I'm pretty likely to stick with it as my third class. So long as I keep the right attitude, I think I'll have fun with it. My only problem I had with the lecture today is that I got the impression Surma was dissing "Pong" which I just can't put up with...
Nobody has rated this entry.

Pete's Log: wings and beyond

Entry #783, Tue, January 16, 2001, 22:38 EST (Life in General)
(posted when I was 22 years old.)
woo. First wings night of the new semester, and a good showing, too. I'm so proud of us. I was the only grad student present, tho, which was oddish. Oh well. Onwards goes the struggle.

Spent a good hour helping bmoore with sshd woes. The solution eventually became: replace openssh with good ol' regular ssh. Cuz openssh sucks. Yeah. Rock on.

Motivation... hard... to ... find...
Nobody has rated this entry.

Pete's Log: longer than a short stick, thinner than a rail

Entry #1195, Wed, January 16, 2002, 04:05 EST (Life in General)
(posted when I was 23 years old.)
My tummy hurts. I've come to realize that at this moment, I really kinda miss having Mom around to make things better. Instead, I'm drinking ginger ale, which is helping some.

Today has been strange. I can't quite describe how. I apologize to use a term some readers may be unfamiliar with, but it's been a major plate of shrimp kinda day. There have been at least four incidents I can recall. But it's gotten to the point where the day just has that feel to it. It's become surreal, even.

I've been horrible about responding to email of recent. In fact, Rebecca sent me an email today which remarked on how I seemed MIA. I apologize. I'll try to catch up soon.

One of my fun new words I learned today was Antipode. I don't recall ever seeing it before. But now I'm reading some quotes at positiveatheism.org and I saw it used. I was very excited.

Emily asked me why I found my online journal to be inhibiting. One big reason is simplistic: I can't carry it around. My memory's not so good, and while I can generally remember my actions, I find it ever so hard to remember thoughts in order to record them later. It's delightful to jot them down as I think them. In addition, I try, to some degree, to keep my online journal inoffensive. I don't afford myself that luxury in my paper journal.

Anybody talking about lust and erections as much as Saint Augustine appears to have been has got to be hiding something. (So much for being inoffensive ...)

Arun has prepared a D&D campaign. So far Branden, Andy, Shelece, and I look to be the players. We created characters a few nights ago. It's all very exciting. I created two characters: a female elven fighter named Aghanashini (which means destroyer of sins) and a female half-elven magic user named Rohini (which means a star). Both these characters have chaotic good alignment.

Yesterday was interesting. Many hours were spent at the ND bookstore, though nothing was purchased. I wrote a bunch in my book (as my paper journal is called) and was able to talk to, for varying lengths of time, Andy, Pat, Doc, and Rosemary Gibney. But the best of it all was just watching girls. There were lots of them.

After the bookstore, Andy and I went to eat lunch at subways. On our way there, we saw an older biker type of guy standing on the side of the road with a sign that said "Need work or help. God Bless." We pulled over and asked him if he was hungry. He was. We offered to take him to Subways with us, but he declined, because he had forgotten the combo to his bike lock. He pointed to his bike in order to further elucidate his point. Whatever.

In contrast, after bw3's tonight, Andy and I were approached by a black guy. Andy asked if he needed a ride. Among other things, he did. So he got in the back seat and we talked with him. We were searching for the gas station at which he had left his family. He had just moved to town with them, as he was starting a new job. But they had to stay in a motel tonight, and needed $13 more in order to afford a room. So I ended up giving him $20. I like to trust strangers. I believe his story. He explained to us how he understood why people were uncomfortable when he approached them. After all, he explained, he was a black guy and it was dark out. He explained this as though that's just the way it was, there was no sense of anger or sadness in his explanation. I knew not how to respond. So I didn't. I suck.

Ack. I just now (3:53 in the morning) finally realized the greatest problem inherent in the argument by design. How on earth did it evade me for so long?

Today was the first day of classes. I had one class at 14:00. I did not go. I woke up to late to make it on time, and instead of showing up late, I played air hockey at Lafortune with Meagan. She beat me 7-6, 7-3, 7-5, if memory serves. It was fun. By missing class today, I've missed class for the entire week. I'm a slacker.
This entry is rated 3.0000/5 based on 2 ratings. You have not rated this entry.

Pete's Log: Home automation and home networking

Entry #1876, Sat, January 16, 2021, 22:30 CST (Coding, Hacking, & CS stuff)
(posted when I was 42 years old.)

This was originally going to be titled Laundry Room Data Center Part 2, but I've since gone off the deep end.

In part all this is motivated because a couple months ago somebody threw a tire over our back fence. And we wish we could've seen who it was, because seriously, who throws tires over fences? But really, I think I've been doing this as my personal quarantine therapy.

Why does the title Laundry Room Data Center no longer apply? Well, here is how things have extended to the garage:

No alt text found for this picture. Please email prijks@esgeroth.org to complain.

So here's what I'm going to cover:

  • Where we're at now
  • How we got here
  • Future plans
  • More tedious details

Where we're at now

In addition to the NAS and raspberry pi cluster from before, I've added:

  • A pfSense-based firewall from Netgate (thanks Brian for the recommendation)
  • A 16-port managed switch in the laundry room with 8 PoE ports
  • An 8-port managed switch on my desk (no PoE)
  • An 8-port managed switch in the garage (all PoE)
  • A Wireless Access Point in the laundry room with multi-SSID support
  • A Wireless Access Point in the garage (no multi-SSID)
  • A Gigabit ethernet link between the laundry room and the garage (thanks Branden and Brian)
  • Another raspberry pi (I know)
  • An outdoor PoE camera attached to the garage pointing at the tire throwing location
  • A bunch of ZWave devices

I've set up four VLANs across my network: management, IoT, datacenter, and clients. IoT is only allowed to talk to datacenter. Not much else in the way of firewall rules between subnets yet.

Our ISP-provided router is still active (see "more tedious details"), so we have:
Incoming fiber -> ONT (optical network terminator) -> ISP router -> pfSense -> laundry room switch -> everything else

The only exception to "everything else" above is that I'm currently using the WIFI on the ISP router as our guest network, so it's completely outside the local network, which is kinda nice.

Everything seems to be working great.

How we got here

So as mentioned in my previous entry, I got two raspberry pis and installed Home Assistant on one of them and Nagios Enterprise Monitoring Server on the other. Well, I batted .500 on how much I liked those things. HA has become my obsession and NEMS got ditched. While our ISP-provided router has for the most part been decent and allowed me to do everything I had wanted until this point (such as forward ports internally), the one thing that it very much refused to do was to allow any configuration of DNS. And I wanted to configure DNS. In particular, I wanted to have a DNS entry for Home Assistant that resolved to my external IP outside my network, but resolved to the rpi running HA from withing my network. And there just didn't seem to be any good way to do so with the ISP-router without manually configuring DNS on every client.

So after a chat with Brian, I decided it was time for my own network equipment. So I bought a pfSense firewall, an 8-port switch, and a wireless access point. And I set those things up, and everything was pretty OK. But just OK.

The first thing to get upgraded was the wireless access point. While I had configured my IoT and Datacenter and Clients VLANs on the switch, the access point had both clients and IoT devices on them, with no easy way to separate them without per-device rules.

So I continued down the rabbit hole of network equipment retail therapy. I bought an Access Point that supports multiple SSIDs and where each SSID can be assigned a different VLAN. So now I have an IoT-SSID which correlates to the IoT VLAN and a regular client SSID which correlates to the client VLAN. And this pleased me.

And yet...

We haven't addressed the tire-throwing yet. Since our garage is detached and about 50 feet from the house, I wasn't really getting great WIFI out to where I'd want to mount a camera to monitor tire-tossers. So my next obsession began.

There are two conduits running from the house to the garage. One carries power to a sub-panel out there. The other has two telephone cables. The one cable had been cut on both sides. The other cable was being used to connect the garage door button in the kitchen to the garage door opener in the garage. Both cables consisted of three twisted pairs. My original idea was to try to use these old cables to pull new cat6 cable through the conduit. I ran the idea past Branden and Brian. Branden suggested I try reusing one of the cables and Brian pointed me to existence of cat6 junction boxes. While reusing just the one unused cable may have worked for 100Mbit speed, my twisted brain decided obviously the answer was to use one of the free pairs on the cable carrying the garage door wire and combine it with the other cable to get to four pairs.

Since the cables had been previously cut quite close to the wall on either side, and since the cables were also old and brittle, it was fiddly business. I'm surprised it worked at all, but it did so on my first try. Here's the house-side junction box without the cover:

No alt text found for this picture. Please email prijks@esgeroth.org to complain.

The garage side looks similar. With that working, I found myself in need of more networking equipment retail therapy. I decided I wanted a PoE camera for the garage, so I needed a PoE switch for out there.

Also I was already running out of ports on the 8-port switch I bought for the laundry room (firewall + garage + esgerbeastie + Philips Hue + NAS + Access Point + Pis). And the new Access Point in the laundry room supported PoE, plus the Pis could all be outfitted with PoE, so I could save a lot of power cords with PoE. So I convinced myself my desk could use the 8-port switch and went and bought two more switches. I also repurposed the original laundry room access point in the garage, although I'm still debating how exactly I want to configure it.

And if nothing else, it did work, both technically and from a retail therapy point of view. I am pleased and entertained by the setup, and I like to think that 20-something year old Pete would be excited by all this gear.

The NAS has been configured with the following:

  • A Wiki I'm using to document all this
  • Git for versioning configuration files
  • My IP cameras (two so far) save recordings to the NAS when they detect motion (no tire tossers so far though)

I spent a little time trying to get some variant of Kubernetes running on the pi cluster, but in the interest of keeping my Home Assistant up and running, have opted to just use the HA image on one pi. Another pi is running an nginx reverse proxy that currently just redirects incoming Let's Encrypt verification requests to the correct device (the pfSense, the NAS, and HA all support Let's Encrypt certs, which is nice).

Anyway, here's the tire as viewed from the outdoor IP camera attached to our garage:

No alt text found for this picture. Please email prijks@esgeroth.org to complain.

Future plans

There's always more to do... and this entry is already way longer than I thought it would be... but here are a few things

  • More cameras
  • More home automation
  • More separation of my subnets
  • Get IPv6 working (although I think I need to ditch the ISP router for that)

More tedious details

Ideally, I'd love to remove the ISP router from the picture. Bandwidth and latency have all been absolutely fine, so it's nothing urgent, but I don't think I can make IPv6 work as intended with the current configuration. Plus it's the principle of having an extra unnecessary hop that would just be nice to remove.

The problem from everything I've read is that the authentication certificate is baked into the firmware of the router. So the ONT is looking for this router when it comes online. There appear to be two ways people are getting around this:

  1. Anytime the ONT boots up, connect it to the ISP router for auth, then connect it to your own router once its authenticated. Repeat anytime the link goes down. Not something I feel like doing.
  2. Connect the ISP-router to your own router and your own router to the ONT. Configure rules on your own router that redirect the ONT's auth traffic to the ISP router, and handle any other traffic normally. I've found potential rules for how to make this work with pfSense, but it sounds tedious and also potentially time-consuming. The current setup works and while I'd like to at least give this a try some day, it'll have to be a day where I have lots of time, nothing I'd rather work on, and no issue with the network being down for a while.

Nobody has rated this entry.