About Guido Maria Serra aka Zeph

Sviluppatore, sistemista, analista di sicurezza, freesoftware evangelist.

volevo telelavorare in Presolana

ma… i miei test con 3 diverse simcard sono stati miserabili

qui sotto con PosteMobile al Colle Vareno

questa invece Iliad, sempre a Colle Vareno

(da notare l’uplink… il che mi fa pensare male, se non malissimo)

simcard tedesca SimplyTel in roaming invece non si agganciava manco alla cella
…sia questa che PosteMobile erano nel mio Xiaomi Mi9, mentre Iliad era in un Punkt

+++ stesso giro di test da un altra locazione +++

Iliad al Passo della Presolana….

e PosteMobile… sempra al Passo, sempre con un uplink da “parolacce, tante”

measuring a connection MTU

I did end up on this link https://www.sonicwall.com/support/knowledge-base/set-mtu-in-vpn-environment-in-case-of-throughput-issues/170705131319789/ but the command which is suggested do not seem to be valid on a Devuan GNU Linux system.

Instead… ping -s 996 http://www.yahoo.com

Ping itself gives the total count +28 bytes of IP and ICMP headers.

Why all of this? well, for instance 996(1024) is the maximum MTU on a roaming simcard over the WINDTRE network in Italy… 1436(1464) over PosteMobile (non-roaming). Since I do have an OpenVPN on port 443/TCP which accepts only connections from known IPs… well, I had to go over my german symcard’s network to reach home.

Now fiddling with link-mtu and tun-mtu… stay tuned

debugging slow logon

I love solving tough problem, or at least cast some light. One of my customers (I’m back consulting as whitehat.berlin since 2018) was having some serious issues on the AD logon. It took above a minute, with sessions timing out, for users to logon to their workstation. Beautiful, overprovisioned setup, we didn’t really spot the error, aside of going down to update fileserver’s fiberchannel card drivers and starting moving around data between shares. I still believe it is suboptimal to either partition the load manually creating new shares, not leveraging, if it does the job, the DFS(R?) solution from Microsoft.

The fun though came for someone like me to the challenge of collecting data in a proprietary enviroment, especially when you do have a vendor on storage, one on the appliance involved, and another and another, and none of them is responsible for the whole solution… a bit like the BER airport, everyone involved, noone responsible for the overall solution. So, how to isolate the problem at least? We had data from the storage itself, all green, all performant, not much from the client OSs… that in this case are the Microsoft fileservers. So? Well, seems that Microsoft itself has a metrics interface called WMI… Windows Metrics Interface… good ah? Out of which it delivers all the info you see in the Task Manager and similar tools. Well, a bunch of skilled hackers came up with 2 nice tools, one built above the other.

On one hand leoluk/perflib_exporter which looks up in memory, actually bypassing the standard WMI interface (more details on its github page) and delivers a full data dump of ALL available metrics that are in the OS. I was having a SysOps orgasm going through it. On the other hand martinlindhe/wmi_exporter that simply reads that dataset and converts to a format understandable by prometheus. Leading to this beautiful chart…

debugging_logon

This way we could spot which server was serving, how many filedescriptors were open on a certain share… and so on and so on… and yes, I had to come up with the SMB Samba Share data class… as that was missing, but it was just a couple of hours of cut&paste work. I now need to find the time to clean it up to get it merged back in the main project.

p.s. I didn’t know… golang compiles, with no complain, from linux, a .exe windows binary

13pive co-working

ovviamente il nome puo’ anche variare… ma pensavo a quanti di noi giovani (io, ahemm… coff coff) siamo dovuti finire a partita iva… da cui p.iva … p.ive (plurale?!)

che cavolo e’? beh, un co-working, servono 65,000 EUR per comprare un immobile in centro alla splendida cittadina di Predore, raggiungibile con corriera da Bergamo, praticamente Orio, praticamente Europa

perche’ 13? pensavo a quote di 6k EUR a cranio, per arrivare ai 65(66)
…11 quote dei 66mila euri, piu’ altre 2 quote per spese notarili e riparazioni

se ci pensate 6000EUR sono 500eur/mese di affitto per un anno
… o 250eur/mese per due anni… poi e’ tuo il posto… o cmq un voto

quote da 3000? mezzo voto… servono 13 quote per partire, sicuramente non bastano per far diventare lo spazio come un WeWork… ma bastano per pagare le bollette per i primi 2 anni… una Onlus? Una srl a 1euro? qualcuno puo’ mettere le competenze… io so solo che posso cablarla, mettere sicurezza fisica con badge e altre cacate hi-tech

perche’ li? beh, intanto perche’ il posto e’ una figata, sta con accanto un bar, un ristorante/pizzeria (con anche piccoli appartamentini) e 2/3 negozi di generi alimentari

la butto li… e’ ‘na strunzata? (allego foto) …farei stare 13(?) scrivanie compatte nel primo e secondo piano… lascerei come stanza comune il piano terra

p.s. sono 75mq (pare) su 3 piani… cucinotto al piano terra, bagno al primo, doccia al terzo
[non ci vivrei, ma un co-working verrebbe parecchio figo…]

 

multi-language contracts (and instruments) for private services

I started a petition at the European Union Parliament… let’s see if this gets anywhere

https://petiport.secure.europarl.europa.eu/petitions/en/petition/view/10917

We are currently living in a union where a private citizen can move across the member states but services are provided only in the local language of each member state, despite the fact that most of the big services organization are present in each, or most, of the member states. Despite my right to have an italian bank account, I cannot use it in germany as primary bank account (most of the utilities providers will reject that as a reference bank account to withdraw automatically from). Therefore I have to choose a local bank organization, in the local language. I choosed a bank, that has branches in 4 different countries of the union, and I see no point in having not to be able to use a web interface, and contracts, in my native language, applied on a german IBAN. For this, but also for many other topics like mobile phone contracts, or insurances, I want to have, especially for companies that already have their legal documents in the language of multiple member states, that they get forced (or incentivised) to provide me the choice of signing for their local branch in two or more languages. I also want, that if they already provide their service in another member state, on a website in my language for example, that I can use it to interact with them. In the specific example, I stumbled on Cortal Consor, german brand, with equivalent italian brand Hello Bank, part of the french group PNB Paribas. But can easy be applied for Vodafone or any other big financial or telco institution. They do probably get fiscal advantages to be a registered as an SE (societe’ europeen), I’d like that they have to become really an european service providing institution.

petizione.png

UPDATE 2017/10/30

I just received a letter from the Committee on Petitions:
My petition has been accepted and got assigned the number 0338/2017

device unbind

I don’t like writing about things I didn’t do. But in this case my colleagues at OLX are mentioning I shall document it, for others. We were in trouble with an EBS volume on AWS as we had 2 of them attached to a box, one supposedly released but not completely.

From AWS Web UI we saw that the device was released, but in the box we could still do the listing of the content of the mounted device. It was RO though… but still, unclean situation.

We first cleared the filesystem in memory cache, and at least that removed the data from within the filesystem tree structure… but we could still fdisk list the device… at this stage I went for the latest escalation solution in this domain… call Alessandro Rubini, co-author of Linux Device Drivers.

Solution suggested… go into /proc/sys device folder “xen”, then folder related to the device module “blkblock” or something similar… then in there, there were 2 symlinks, with the name/alias of the devices… this is basically the reference in memory of the mapping between the module and the device… it is kept in the MODULE_DEVICE_TABLE data structure. Echoing such string (unique to the device) into the “unbind” special file which is in the above followed folder, releases the datastructure and therefore the device without having to unload the module. There was another healthy device held by such module, therefore we couldn’t unload/load it to flush its state.

$ ls /sys/bus/xen/drivers/vbd/
bind module uevent unbind vbd-12345 vbd-98765
$ echo  vbd-98765 >/sys/bus/xen/drivers/vbd/unbind

Third Async Cats Meetup

incontro berlinese sulla gestione di team remoti

Async Cat Herding

Our third meetup will be slightly unusual in that instead of being a brief lunch session we’ll try and bring enough speakers together for an afternoon session. The idea was born at Europace: After our last meetup Stefan Rudnitzki approached me the idea of hosting a “complete afternoon meetup all around innovative management techniques over at Europace”. We quickly picked a date, reached out to interesting speakers and booked the meetup space.

Please make sure to register online.

As at least some talks will be German only, as such the announcement will be kept in German below.

Innovative team management techniques Meetup @ Europace

Hallo zusammen,

die Europace AG plant gemeinsam mit Async Cat Herding am 28. Februar 2017 einen Nachmittag rund um das Thema innovativer Team Management Methoden. Das Ganze findet bei der Europace AG (eine Tochter der Hypoport AG) in der Klosterstraße 71 in Mitte statt. Euch…

View original post 398 more words

e’ notte fonda in Europa

Sala delle colazioni, albergo fortezza al confine urbano di New Delhi. Una maledetta compilation di musica “rilassante” mandata a ripetizione ogni 24 ore suona in sottofondo. I camerieri indiani, vestiti con divise turchese mi guardano mentre pesto i tasti di questa tastiera. Fuori un cielo plumbeo, con nebbia, forse inquinamento. Degli addetti stanno passando con delle aste dei panni per pulire le grandi vetrate dell’albergo. Il resto del mio mondo in questo momento dorme. Un paio di amici che seguo su instagram stanno postando i loro aggiornamenti dalle Filippine e da Singapore. Per il resto, facebook tace.

E’ notte fonda in Europa. Questo mi da tempo di pensare, di non interagire. E’ quasi peggio che essere in volo sopra l’atlantico senza connessione a internet, per 12 ininterrotte dannatissime ore. In quel caso al modico prezzo di un euro al megabyte potevo tentare una boccata di ossigeno, a sto giro invece so che sorvolando i cieli del medio oriente e dell’europa orientale non avro’ questo lusso. Stanotte mi aspettano 7 ore filate verso Zurigo in cui dovro’ cercare di dormire per sfuggire a me stesso, ai miei pensieri.

Qual’e’ il mio posto nel mondo?

Ho fatto delle scelte, tutti ne facciamo. A volte si cerca di farle per cambiare in meglio, per darsi anche solo una speranza che cambino. Difficile tornare indietro, anzi, se anche si potesse, non bisogna farlo. Lo dico quasi non credendoci, io che fino a ieri, ma anche ora, vorrei poter far sedere intorno a un tavolo e avere una bella cena con le persone che ho perso per strada. Mai, o quasi mai (e’ capitato, anche di recente), che persone che hanno chiuso tutto tornassero, anche solo per un breve momento, poi di nuovo la porta e’ stata chiusa, sempre a tripla mandata.

Di nuovo, chi sono? Cosa faccio? La societa’, o cmq la fetta di societa’ che mi conosce, mi vuole come professionista nell’ambito delle tecnologie, dei siti internet, di grossi portali con notevoli sfide riguardando la capienza e la capacita’ di assorbire traffico. Mi piace? Credo di si. Posso viaggiare.

Di fronte a me, una sedia vuota, giusto con lo zaino del mio portatile.

Lascio a questo blog la malinconia e i pensieri del giorno, vado a provare di nuovo ad attraversare a piedi quello che assomiglia molto al GRA di Roma, e come li, qua, si attraversa facendo il gesto a mano aperta come a tentare di bloccare un auto che cerca di investirti. Sperom