I’m fried.

I spent the day trying to make an old PC get on the network, and I failed valiently. The machine connects to the network just fine in DOS. Load NT4 or 2000 though, and it shuts up fast. I didn’t try Linux, though I was threatening. I tried another 3Com 3c905. Nothing. I tried it in every possible PCI slot. Nothing. I swapped in an Intel EEPro/100. Nothing. I found an old ISA 3Com 3c509 card in a rehabbed Gateway2K box. Nope. All it did was sing to me. “I have no need for friendship, friendship causes pain. It’s laughter and loving I disdain. I am a rock. I am an island.”
Actually it didn’t even do that. It just stared back at me defiantly. Even when I told it I’d throw it in the pond. That just made me madder.

Stupid Intel motherboards. Too bad when you order a brand-name PC you can’t tell them you want an Asus or a Gigabyte. I swear by Asus. Lately I’ve been swearing at Intel. Wait, who am I kidding? I’ve always trusted Intel as much as I trust Microsoft. Which is about the same as I’d trust Slick Willie Clinton with my 17-year-old daughter, if I had a 17-year-old daughter.

And the system’s not even a month out of warranty either.

I’m frustrated because I’m the third guy to take a stab at this, and I’m the guy they turn to to take the impossible situation and manage to work it out. This one beat me, and I can’t stand losing.

Good thing I get a long weekend. I’m gonna go hang out with some of my Bible-thumpin’ buddies.

Katelyn update. Katelyn didn’t have surgery today. She’s in good enough shape to not need immediate surgery, but not in good enough shape to go home. They’re going to give her as much time as they can to build up strength, then it looks like they’ll go back in, unless something really changes quickly and she’s able to go home for a month.

Why I run Debian, and some Debian tricks

After Dan Bowman pointed out another blogger’s recent difficulties installing Evolution on Mandrake 8.1, I had little comment other than, “That wouldn’t be an issue if you’re running Debian.” Well, I think I said a few other things because I tend to be wordy, but that was the only important thing I had to say.Debian is one of the more difficult Linux distributions to install (you have to know what hardware is in your machine–it doesn’t nicely autodetect everything like Mandrake), but it’s far and away the easiest distribution to maintain. We’ll get back to that in a minute.

Released versions of Debian tend to be ultra-conservative. The current version, Debian 2.2r5, still uses the 2.2.19 kernel, for one thing (and that’s a fairly recent change). The current 2.2 kernel is either 2.2.39 or 2.2.40. All packages (at least all the ones anyone uses anymore) are constantly checked and maintained and patched. In theory, the current stable Debian release ought to be the most bullet-proof Linux available.

Besides Debian Stable, there’s also Debian Testing and Debian Unstable. Debian Unstable is pretty cutting-edge, but I’ve had no problems running it. I just keep up with the current patches and the system runs fine. I know people who run production servers on Testing and Unstable and get away with it.

If you want the latest and greatest stuff, after you install Debian, edit the file /etc/apt/sources.list and uncomment the ftp and http lines. Next, copy and paste those lines, then edit the “stable” to read “unstable.” (Or if you’re more conservative, edit it to read “testing.”) Be aware that occasionally you’ll run into problems running packages from unstable under stable. I ran Evolution, Galeon, Dillo, Sylpheed, and a multitude of other packages from unstable just fine, but when I installed AbiWord (a really nice, lean, mean, superfast word processor, by the way) it failed to run right. I upgraded to unstable, and then it worked perfectly.

OK, let’s talk some tricks.

Want to upgrade your distribution after a new version comes out, or upgrade from stable to testing or unstable? Easy. Type this:

apt-get update ; apt-get dist-upgrade

Then Debian will go download the pieces it needs to upgrade itself.

Want to keep your system up to date with any little changes (security patches, whatever) that may have happened recently? Type this:

apt-get update ; apt-get upgrade

So Debian lets you keep a current and presumably secure installation very easily. If you run that line regularly, you can rest assured that if your system is insecure, it’s not Debian’s fault but rather a misconfiguration on your part.

Want to try out some new piece of software? Forget having to hunt down RPMs or keep track of your distribution CD. Check availability with this command sequence:

apt-get update ; apt-cache pkgnames [name of program]

Found it? Excellent. Install it with this command:

apt-get install [name of program]

And if it wasn’t as great as you heard, you can uninstall it with this command:

apt-get remove [name of program]

System acting goofy? This’ll cure much that ails you:

apt-get clean ; apt-get update ; apt-get check

So from a system administration standpoint, Debian is great. Debian developers often try to justify the difficulty of installation by saying you only have to run it once, and to a degree, they’re right.

Compiling a kernel under Debian

I found a nice document detailing customizing your kernel under Debian. The standard method works under Debian, of course, but it’s cleaner to do it within the confines of your package manager–then it doesn’t go stomping on files you modified. Plus it’s actually a little easier to let Debian handle some of the details.

Here are the notes I took while using the document.

With additions:
Use kernel-source-2.4.17

export CFLAGS=”-O3 -mcpu=i686 -march=i386 -fforce-addr -fomit-frame-pointer -funroll-loops -frerun-cse-after-loop -frerun-loop-opt -malign-functions=4″
export CXXFLAGS=”-O3 -mcpu=i686 -march=i386 -fforce-addr -fomit-frame-pointer -funroll-loops -frerun-cse-after-loop -frerun-loop-opt -malign-functions=4″

Using -march=i686 is known to cause instability and not improve performance by any noticeable amount. The kernel mostly ignores these settings but I set them anyway. You can alternatively set them in the file /etc/profile. If you ever find yourself compiling apps from source, you want these options set so they’ll perform optimally.

A correction:
Debian tar doesn’t seem to support the -I switch for bzip2. So I extracted the archive with the following:
bunzip2 -k -c kernel-source-2.4.17.tar.bz2 | tar -xf –

the -k switch tells bzip2 to keep the original file intact, while -c tells it to extract to stdout. The | redirects stdout to the specified program, in this case, tar. -xf tells it to extract the file.

I got an error on make xconfig:

make: wish: command not found.

So I headed off to www.debian.org/distrib/packages. At the bottom of the page, there’s a form where you can type a filename and it’ll tell you what package it comes from. Type in “wish,” hit enter, and I get a long list, including /usr/bin/wish8.3 in a package named libs/tk8.3. Sounds promising. So I do an apt-get install tk8.3 and I’m in business. Type make xconfig again, and we’re set. This page is also a really good way to hunt down packages if you don’t know exactly how Debian named it.

Options I chose for kernel compilation:

Code maturity level options: prompt for development and/or incomplete code/drivers. I answered Yes, so I’d get modern filesystem support.
Loadable module support: I answered yes to all. I’ve read that disabling modules and compiling everything directly into the kernel can improve performance but I’m wary of that. If the kernel’s too big, the system won’t boot. And the idea of modules is to keep only what you need in memory. So I suppose there are instances where a no-modules kernel could increase performance, but there are certainly instances where it would hurt. I chose to be conservative.
Processor type and features: I changed a couple of the defaults. Double-check the processor family option; in my experience it’s usually but not always correct. Enable MTRR support unless you’re using a 486, Pentium, or AMD K5 CPU. All other reasonably modern CPUs, including AMD, Cyrix, Intel, and WinChip, support MTRRs for increased GUI performance. Since the PC I’m using only has one CPU, I disable SMP support. Then I enable local APIC and IO-APIC support on uniprocessors.
General setup: I accepted the defaults, because aggressive use of APM makes me really nervous. Under Windows, APM always does me more harm than good.
MTD: Since I don’t use any flash memory devices, I accepted the defaults of No.
Parallel port support: Curiously, this was disabled by default. This PC has a parallel port but I only use network printers, so I left it disabled to save a little memory.
Plug and play configuration: I said no to ISA plug and play support, since this machine is a laptop and won’t have any ISA PnP cards. On modern PCs that have no ISA slots, say N.
Block devices: The defaults are usually sufficient, but some configurations need RAM disk support and initrd support turned on. If you’re going to mess around with ISO images, you’ll probably want to turn on loopback device support.
Multi-device support: I’ve never seen a laptop with RAID, so the default of disabling it all works great for me.
Networking options: The defaults are fine for most uses. If you’re going to make a router or firewall out of your PC, enable Netfilter.
Telephony support: I disabled it.
ATA/IDE/MFM/RLL support: Disable it if you have an all-SCSI system. I don’t. Turn on SCSI emulation support if you use a CD-R or CD-RW. Under IDE chipset support/bugfixes, disable the chipsets your PC doesn’t have. This laptop has an Intel chipset, so all I had enabled were Generic PCI IDE chipset support, Sharing PCI IDE Interrupts support, Generic PCI bus-master support, Use PCI DMA by default when available, Intel PIIXn chipset support, PIIXn tuning support.
SCSI support: I have an all-IDE system (unfortunately), so I disabled it. Note that SCSI emulation for a CD-R counts as a SCSI device, as does a parallel port Zip drive. Since I have neither, I’m safe disabling it to save some memory and speed up boot time slightly.
IEEE 1394 (Firewire support): I disabled it since I have no Firewire ports.
I2O device support: I disabled it.
Network device support: This can be tricky. I turned off SLIP and PPP since I don’t use them. You may need PPP. I turned off ARCnet support, which you’ll probably do as well since ARCnet is very rare. I have a 100-megabit 3Com 3c556 NIC in this laptop, so I went into Ethernet 10 or 100 Mbit, drilled down to 3COM cards, and said yes to 3c590/3c900 series, since that’s the driver the 3c556 uses. I turned off the others. I like to compile support for the machine’s NIC straight into the kernel when I can, since it speeds up network configuration at boot time. On servers, I’ve been known to compile support for every type of NIC I own into the kernel, so that if I ever have to change NICs, it’ll come back up automatically without any configuration from me. I turned off wireless, token-ring, PCMCIA, ATM, amateur radio, infrared, and ISDN support.
Old CD-ROM drivers: You can probably turn this off, unless you know you have an old proprietary 1X or 2X CD-ROM drive. These were the drives that generally plugged straight into an ISA sound card, and they were very common on 486s. I sold tons of these things in 1994; I’m pretty sure that by the time I was selling PCs again in the summer of 1995, everything I was selling had an IDE drive in it.
Input core support: I don’t use USB input devices, so I turned it off.
Character devices: Near the bottom, after Ftape support, there are options for specific chipsets. You can find out what chipset you have by typing the command lspci in a shell. (You have to be root to do this–use the su command if you’re logged in as yourself, as you should be.) This laptop has an Intel 440BX chipset, so I turned off the VIA, AMD, SiS and ALI support.
Multimedia devices: Disable video for Linux unless you have a capture card. Most will disable Radio adapters as well.
File systems: I enable Ext3 and ReiserFS, along with DOS FAT and VFAT (as modules), ISO 9660 and Joliet, NTFS read-only (as module). Under network file systems, I enable SMB since I (unfortunately) work in Windows environments. I disable NFS since we have no NFS servers.
Console drivers: The defaults work for me.
Sound: Since I have onboard sound, I enable sound support and pick my chipset, in this case, ESS Maestro3. I disable all others.
USB support: I have USB ports but don’t use them. I left it enabled just in case, but I’m not sure why.
Bluetooth: I don’t use it, so I disabled it.
Kernel Hacking: I disabled Kernel debugging, the default.
Whew! Hit Save and Exit. Exit X to save some system resources while compiling and installing.

The end result was an up-to-date kernel (2.4.17) that was about 200K smaller than the stock 2.2.19 kernel and boots to a login prompt in 18 seconds flat, as opposed to 45 seconds before. Much of the improvement is due to the 3c590 driver loading faster as part of the kernel rather than as a module, and the kernel no longer searching for phantom SCSI devices. But Charlie Sebold told me it’s his experience that recent 2.4.x kernels boot a lot faster than earlier kernels.

It’s not perfect–I don’t have sound completely working yet–but I found some clues. I’m not overly concerned about sound support though. The system beeps at me when I have mail, and for work purposes, that’s all the sound I need. I don’t see any point in turning my PC into a multimedia tribute to Billy Joel or Star Wars or Quake III.

Desktop Linux and the truth about forking

Desktop Linux! I wanna talk a little more about how Linux runs on a Micron Transport LT. I chose Debian 2.2r3, the “Potato” release, because Debian installs almost no extras. I like that. What you need to know to run Linux on a Micron LT: the 3Com miniPCI NIC uses the 3C59x kernel module. The video chipset uses the ATI Mach64 X server (in XFree86 3.36; if you upgrade to 4.1 you’ll use plain old ATI). Older Debian releases gave this laptop trouble, but 2.2r3 runs fine.
I immediately updated parts of it to Debian Unstable, because I wanted to run Galeon and Nautilus and Evolution. I haven’t played with any GNOME apps in a long time. A couple of years ago when I did it, I wasn’t impressed. KDE was much more polished. I didn’t see any point in GNOME; I wished they’d just pour their efforts into making KDE better. I still wish that, and today KDE is still more polished as a whole, but GNOME has lots of cool apps. Nautilus has the most polish of any non-Mac app I’ve ever seen, and if other Linux apps rip off some of its code, Microsoft’s going to have problems. It’s not gaudy and overboard like Mac OS X is; it’s just plain elegant.

Galeon is the best Web browser I’ve ever seen. Use its tabs feature (go to File, New Tab) and see for yourself. It’s small and fast like Opera, compatible like Netscape, and has features I haven’t seen anywhere else. It also puts features like freezing GIF animation and disabling Java/JavaScript out where they belong: In a menu, easily accessible. And you can turn them off permanently, not just at that moment.

Evolution is a lot like Outlook. Its icons look a little nicer–not as nice as Nautilus, but nice–and its equivalent of Outlook Today displays news headlines and weather. Nice touch. And you can tell it what cities interest you and what publications’ headlines you want. As a mail reader, it’s very much like Outlook. I can’t tell you much about its PIM features, because I don’t use those heavily in Outlook either.

The first time I showed it to an Outlook user at work, her reaction was, “And when are we switching to that?”

If you need a newsreader, Pan does virtually everything Forte Agent or Microplanet Gravity will do, plus a few tricks they won’t. It’s slick, small, and free too.

In short, if I wanted to build–as those hip young whippersnappers say–a pimp-ass Internet computer, this would be it. Those apps, plus the Pan newsreader, give you better functionality than you’ll get for free on Windows or a Mac. For that matter, you could buy $400 worth of software on another platform and not get as much functionality.

Linux development explained. There seems to be some confusion over Linux, and the kernel forking, and all this other stuff. Here’s the real dope.

First off, the kernel has always had forks. Linus Torvalds has his branch, which at certain points in history is the official one. When Torvalds has a branch, Alan Cox almost always has his own branch. Even when Cox’s branch isn’t the official one, many Linux distributions derive their kernels from Cox’s branch. (They generally don’t use the official one either.) Now, Cox and Torvalds had a widely publicized spat over the virtual memory subsystem recently. For a while, the official branch and the -ac branch had different VMs. Words were exchanged, and misinterpreted. Both agreed the original 2.4 VM was broken. Cox tried to fix it. Torvalds replaced it with something else. Cox called Torvalds’ approach the unofficial kernel 2.5. But Torvalds won out in the end–the new VM worked well.

Now you can expect to see some other sub-branches. Noted kernel hackers like Andrea Archangeli occasionally do a release. Now that Marcelo Tosatti is maintaining the official 2.4 tree, you might even see a -ac release again occasionally. More likely, Cox and Torvalds will pour their efforts into 2.5, which should be considered alpha-quality code. Some people believe there will be no Linux 2.6; that 2.5 will eventually become Linux 3.0. It’s hard to know. But 2.5 is where the new and wonderful and experimental bits will go.

There’s more forking than just that going on though. The 2.0 and 2.2 kernels are still being maintained, largely for security reasons. But not long ago, someone even released a bugfix for an ancient 0.-something kernel. That way you can still keep your copy of Red Hat 5.2 secure and not risk breaking any low-level kernel module device drivers you might be loading (to support proprietary, closed hardware, for example). Kernels are generally upward compatible, but you don’t want to risk anything on a production server, and the kernel maintainers recognize and respect that.

As far as the end user is concerned, the kernel doesn’t do much. What 2.4 gave end users was better firewalling code and more filesystems and hopefully slightly better performance. As far as compatibility goes, the difference between an official kernel and an -ac kernel and an -aa kernel is minor. There’s more difference between Windows NT 4.0 SP2 and SP3 than there is between anyone’s Linux 2.4 kernel, and, for that matter, between 2.4 and any (as of Nov. 2001) 2.5 kernel. No one worries about Windows fragmenting, and when something Microsoft does breaks a some application, no one notices.

So recent events are much ado about nothing. The kernel will fragment, refragment, and reunite, just as it has always done, and eventually the best code will win. Maybe at some point a permanent fracture will happen, as happened in the BSD world. That won’t be an armageddon, even though Jesse Berst wants you to think it will be (he doesn’t have anything else to write about, after all, and he can’t be bothered with researching something non-Microsoft). OpenBSD and NetBSD are specialized distributions, and they know it. OpenBSD tries to be the most secure OS on the planet, period. Everything else is secondary. NetBSD tries to be the most portable OS on the planet, and everything else is secondary. If for some reason you need a Unix to run on an old router that’s no longer useful as a router and you’d like to turn it into a more general-purpose computer, NetBSD will probably run on it.

Linux will fragment if and when there is a need for a specialized fragment. And we’ll all be the better for it. Until someone comes up with a compelling reason to do so, history will just continue to repeat itself.

Software stuff I forgot about

I’m hoping someone can help me here. I read a couple of stories this week and can’t find them anymore. They’re fairly significant.
Evil Adobe software. The first involved an Adobe lawsuit. Some outfit was buying Adobe suites, breaking them up, and reselling the components. Adobe sued, saying this violated the click-through license. The court ruled that the reseller never agreed to the click-through license, this constituted a sale even though Adobe defined it as a license, and the vendor wasn’t violating any copyright laws by selling the software CDs and books just like stores that sell used books and music don’t violate the copyrights. The court also questioned whether a click-through license was legally binding anyway.

This story should be very significant. The way around it, of course, is to rent software, which is more profitable anyway. Expect Adobe to make tracks down that path very quickly. Adobe’s software licenses are generally slightly more generous than Microsoft’s (they allow you to install their products on your home PC if your business buys them, something Microsoft no longer allows) but then again Adobe’s the company responsible for jailing Dmitry Sklyarov, so they’re still evil. Maybe not quite as evil as Microsoft, but still evil.

So if you must buy Adobe software, do it smart. Buy the suites–which generally combine three or more Adobe products and generally sell for what two products would sell for seperately–and split them up. Find a friend or coworker to go halvesies with you.

Evil viruses. I’ve been fearing for a couple of months the virus that takes the methods used by Nimda and combines them with oldschool exploits like infecting file shares and e-mailing people in your address book. Such a beast appeared last week, but the stories faded very quickly. Presumably the virus was discovered but never really made it into the wild. The stories I read suggested the virus code was very buggy.

Still, if you’re still reeling from Nimda like I am, take steps to secure your network. Put an antivirus package on your mailserver. Consider blocking access at the DNS level to your local ISPs’ mailservers and free mail providers such as Hotmail to keep users from bringing unchecked mail into your network. Deploy IE 5.5SP2 with all of the current patches. Put Outlook in the Restricted Sites zone and very seriously consider replacing Outlook with something that works right and is secure, such as the Lotus Notes and Domino tag-team. (Exchange always was a Domino wannabe anyway, and not a very good one.) And since keeping your Microsoft software up to date is a royal pain, tell your boss to start thinking about remote deployment software such as Tivoli. Yes, it’s expensive, but it’s cheaper and easier than hiring another one of you and it frees you up to do real work. (My company’s been looking for another one of me for about three years, first so they could afford to get rid of me because I’m not a Microsoft lackey, and now so they can promote me. They’ve never succeeded. Presumably your company would have an equally difficult time finding another one of you.)

Linux in the enterprise. The ultimate solution to this virus crap (and other Windows-related crap) is to get rid of Windows and replace it with Linux, since Linux viruses are extremely rare and almost never damaging. While Linux has security vulnerabilities too, they’re generally more rare than Windows vulnerabilities and a desktop PC often won’t be running the programs that can be exploited. Besides, you are firewalled, aren’t you? If you are, you’re pretty reasonably secure, since in the Unix world, operating systems are operating systems–they don’t try to be operating systems and web browsers and mail clients and everything else.

But what about usability and maintainability? Linux plus KDE is no harder for an end-user to use than a PC or a Mac. Corel WordPerfect Office gives you everything you need to run your business, and secretaries like WordPerfect better than Microsloth Word anyway. Oh, you need Outlook, you say? Fine. Wait a month then. Ximian Evolution is approaching version 1.0, which will bring Outlook functionality to the Linux desktop. And if you don’t want to pay for WordPerfect Office, there’s always StarOffice. (But you can easily afford WP Office with the money you save by not buying Windows licenses anymore.)

So you don’t know anything about fixing Linux if it goes bad? So what? No sane person fixes a Windows installation either. Fixing a troublesome Windows box can easily take half a day, so the best practice is to keep an image of a working configuration, then when the user breaks it, back up user data (usually scattered all over the drive), re-image, then restore the data and be back up and running in an hour. Linux restricts user data to the /home hierarchy, so maintaining an army of Linux boxes is actually considerably easier than maintaining an army of NT boxes. Back up /home and re-image. Or if you’re really smart, you already redirected /home to a server somewhere, in which case all your desktops are now interchangeable. And Linux imaging is much easier than in NT. Linux generally doesn’t care about the motherboard, so if your video, sound, and network cards are identical, your disk images are interchangeable. Often you can get away with changing sound cards too. And if you’re limited to two or three types of NICs (probably Intel EtherExpress Pro and 3Com 90x; most cheapie 10/100 cards are covered by the Realtek 8139, DEC Tulip or NatSemi drivers), you can just statically compile those into the kernel and you’re set–then the video card is all you have to worry about. Running XConfigurator can take care of that in a matter of minutes. So a dead Linux box can be wiped and restored in 30 minutes, easy, during which your user can still be working, either on a vacationing neighbor’s PC or on your PC.

Remember too that a good percentage of NT problems are caused by toy programs users download off the ‘Net, or games or other programs people bring in from home and install. Those toys generally aren’t available for Linux, and since Linux has a low penetration in the home, people aren’t going to be bringing in their Barbie CDs and installing them. So you’re a fool not to think about Linux on the desktop in the enterprise.

Outta here. I’ve got more but I’m pretty much out of time. We’re doing a prayer vigil this weekend, and no fool signed up to lead from 1:00-2:00. When I stay up that late, my mind tends to be at its best, though my emotions tend to be at their worst (I get depressed easily). But since I can be plenty lucid at that hour, this fool signed up to lead. I’ll be back with more tomorrow.

Let the revolution begin…

I was called in to an emergency meeting yesterday morning. I was up to my eyebrows in alligators, but my boss was insistent. I had to be there. So I went. When we sat down, the tone was somber and slightly meandering. The guy who called the meeting just didn’t want to get to the point. Finally it hit me: Layoffs. That’s what this has to be about. So… Who’s gone? I’m not the highest-paid guy in my group, I’m probably the most versatile, and I’m not the most recent hire, so I’m probably safe. I was right about layoffs, or, more accurately, one layoff, followed by a restructuring. And the layoff wasn’t me.
I think we’re a better fit in our new structure (under our old organization we were married to a group that really didn’t like my group, or at least they didn’t like me, and now we’re married to a group that does, for the most part, like my group), and my boss’ new boss is so busy we shouldn’t have to worry about him messing with much. But I don’t like change, and my Scottish clan’s motto, “Fide et Fortitudine” loosely translates into “loyalty and guts” today. The loyalty side of me has some problems with what happened yesterday, but looking at it strictly from a business standpoint, I sure can’t argue with it.

Meanwhile, I needed about three minutes’ worth of quality time with that indignant hard drive to get the data I so desperately wanted. I got it. Next struggle: Getting Windows NT to work properly with eighth-rate hardware. This PC has a generic RealTek 8139-based card (so we’re talking a generic clone of a Linksys or D-Link card here… A clone of a clone), Trident Blade 3D video, ESS 1868 sound, and an AOpen 56K modem (at least it wasn’t a Winmodem). The AOpen modem is, by a longshot, the best component in the machine outside of the Gigabyte motherboard and Pentium II-450 CPU. I’ll say one thing for brand-name hardware. Drivers are easy to come by and they generally install correctly the first time, every time. It took me an hour to track down Blade 3D drivers that work, then it took me a good 30-45 minutes to get those working. The Realtek drivers at least worked the first time. I never did get the ESS drivers working. The AOpen modem driver went off without a hitch, mostly because it’s actually a controller-based modem. I stand by my assertion that you can buy $10 components and spend $100 worth of time trying to get each of them working right, or you can buy $50-$75 components from a reputable maker and make them work the first time. Seeing as the more expensive components will probably work well together too and give better performance, it’s a no-brainer for me. Gimme Creative or Guillemot video and sound cards and pair that up with a 3Com or Intel NIC and I’ll be a happy camper.

Tomorrow I’ll talk about my bookstore adventures. I want to go read for a while.

OK, I’m back for a second. I can’t resist. Not quite four years ago, I had a conversation with another Journalism major/history minor (one who, unlike me, actually finished his history minor, if I recall correctly). Over dinner with my then-significant other, he told me all about his theory of generations, as she looked on, entranced. The nasty breakup that soon followed that conversation overshadowed it, and I didn’t think of it again until last night, when I spotted the book Generations, by William Strauss and Neil Howe, on the shelf of a used bookstore. Curious, I looked at it, and sure enough, this was where that guy got his ideas. It was marked six bucks. I bought it, started reading, and gained some insight on myself. Why do I go ga-ga over the writings of F. Scott Fitzgerald, and get chills whenever I read about his personal life because it all feels so familiar? He and I are from parallel generational cycles. His generation thought like mine does, so we grew up in similar peer environments. Why do I understand people 10 years older than me so much better than people 10 years younger than me? I was born 7 years before the end of my generational cycle.

Setting up Freesco for port forwarding

It’s a little late, but here’s how Gatermann and I got a Web server running behind a Freesco-based router. Freesco, despite the name, is a micro-distribution of Linux (based on the 2.0.x kernel) that offers firewalling, NAT, caching DNS, port forwarding, a lightweight Web server, and print services on a single floppy. Requirements are minimal; it’d run on a 386 with 8 megs of RAM, a floppy drive, and a pair of NE2000 NICs. For performance and ease of setup, I recommend a P75 (or faster, but a P75’s overkill; the main reason to use it is to get PCI) with a pair of PCI NICs and 8 megs.
What NICs do I recommend? Avoid the new Netgear FA311. The older FA310 worked fabulously, but Freesco doesn’t provide a module for the FA311’s NatSemi chipset, at least not yet. (The source code for a module is available at scyld.com and it’s compatible with the 2.0.x kernel, but compiling a kernel module isn’t a trivial operation for most of Freesco’s audience.) I’d probably go with a Realtek 8139-based card like a D-Link DFE-530TX+, a recent 3Com PCI card, or a PCI NE2000 clone. There’s a modules archive you can download that supports most other common NICs. A pair of D-Links, a P75 board, a floppy and this disk ought to give you nearly plug-and-play operation.

Enough of that. Here are the answers to the questions Freesco asked, in order.

Boot off the floppy. When it asks what you want to make with it, select ethernet router. Hostname doesn’t matter. Accept default for domain name, unless you’ve registered a domain for your LAN.

Don’t detect modems. Select two network cards. If you are using PCI cards, answer 0 to next four questions (IRQ, I/O). If you’re using ISA cards, enter the addresses and IRQs the cards use. DHCP? Depends on your ISP.

The first card’s name is eth0. (This is the card for your cable/dsl modem). Don’t use dhcp logging. Don’t update DNS by DHCP. Second card is eth1. Give it an IP address (10.x.x.x is fine, which is Freesco’s default; normally I use 192.168.1.x network and put my router on 192.168.1.1). Network mask will almost always be 255.255.255.0. I don’t configure for DHCP, so I don’t give it an IP range. if you want one, tell it the range of addresses you want to reserve. The fewer the better, for memory purposes, especially if you’ve only got 8 MB of RAM in the box.

Caching DNS? Answer S (secure). Don’t log.

Enable DHCP? Depends. If you don’t want to configure your LAN manually, DHCP is nice. If your LAN is already configured, DHCP is probably more trouble than it’s worth.

Public HTTP server. Answer Y. Default is S. Port 80. (You might be able to get away with answering N here, and you’ll save a little memory. DO NOT answer S–you’ll never forward port 80 if you do.)

Time server via HTTP? No.

Print server. No.

Telnet server. no.

Screensaver/spindown? 5 min is fine.

Swap file–0 if you have 8 mb or more. I suppose you could run Freesco on some tiny machines if you put in a small hard drive and enabled the swap file, but as cheap as a P75 with a pair of 4-meg SIMMs is these days, I wouldn’t bother.

Extra modules/programs? No.

Log: take defaults.

Host gateway–depends on ISP. Check one of your other PCs and use it.

Primary/secondary DNS. Use your ISP’s. Proxy, probably none. Check your ISP.

Export services? YES. This is the magic forwarding formula.

Now, assuming your web server is on 10.42.42.3, you’d use this line in config:

t,80,10.42.42.3/80

If you want to export other services, like, say, IMAP on port 143, add additional lines, subbing in the appropriate port and IP address. (HTTP is port 80.)

Pick a root password and web admin password, save configuration and reboot. You’re up and going.

Now, to configure your Windows boxes to get their Internet connection through your lovely what-was-old-is-new-again Freesco router, just open your TCP/IP settings, give it an IP address on the same subnet as your Freesco router if it doesn’t already have one, and set your gateway and DNS to the address you gave your Freesco router.

Voila. Configure your system’s BIOS for keyboardless operation if it has such an option, then take the keyboard and monitor away, write-protect the floppy and make a backup of it just in case (or burn it to a bootable CD if the machine is capable of booting off CD and you have an old drive to put in it) stick the box in a corner somewhere, and forget about it. If you have a power failure, it’ll reboot and happily start itself up again. As for stability, I find Freesco, in combination with decent hardware, is more stable than the hardware routers that are popular these days. Since it has a caching DNS, it’ll usually give you better performance too. And since you can probably build one with parts you have laying around, it’s cheaper.

Two chipsets from the AMD front

Yesterday AMD formally unveiled and shipped the AMD-760MP chipset. Right now there is one and only one motherboard using it, the ritzy Tyan Thunder K7, which runs about $550 minimum. (Wholesale cost on it is rumored to be $500.) Considering its 64-bit PCI slots, two built-in 3Com NICs, onboard ATI video, onboard Adaptec SCSI, and four available DIMMs, that’s not a half-bad price. It’s obviously not a hobbyist board. This dude’s intended to go in servers.
At any rate, reviews are all over the place and the quality varies. Far and away the best I found was at Ace’s Hardware, where he tested the things people actually likely to buy this board would do with it: workstation-type stuff.

Anand does his usual 10 pages’ worth of butt-kissing and he’s living under the delusion that people will buy this board to play Quake. However, he does test the board with plain old Thunderbird and Duron CPUs (they work, but AMD won’t support that configuration). Skip ahead to page 11 after reading the story at Ace’s. His tests suggest that for some purposes, a dual Duron-850 can be competitive with a dual P3-933. That information is more interesting than it is useful at this point in time, but we’ve all been curious about dual Duron performance, so if and when an inexpensive AMD SMP board becomes available, we have some idea what we’ll be able to do with it.

All the usual hardware sites put in their two cents’ worth; by the time I read Ace’s and Anand’s and Tom’s reviews I stopped learning anything new.

Some of it bordered on ridiculous. One site (I forget which) observed that the AMD 766 northbridge looks just like a K6-2 and said they must have made it look that way just to remind us where the Athlon came from. Whatever. The AMD 766 northbridge and the K6-2 use the same heat spreader. The intention is to keep the chip cool. It’s not there just for looks–the chip runs hot. But that’s the kind of quality information we get from most hardware sites these days, sadly.

More immediately useful and interesting, but not yet available, is the nVidia nForce chipset. You can read about it at Tom’s and elsewhere. This is technically nVidia’s second chipset, their first being the chipset in Microsoft’s X-Box. This chipset is a traditional two-chip solution, linked by AMD’s high-speed HyperTransport. It includes integrated sound better than anything Creative Labs or Cirrus Logic currently offer (now we know what nVidia was doing with those engineers they were hiring from Aureal) and integrated GeForce 2MX video connected via a high-speed port that would be equivalent to AGP 6X, if such a thing existed. And nVidia pairs up DDR controllers to give dual-channel, 128-bit memory with a bandwidth of 4.256 GB/sec. Suddenly DDR provides greater bandwidth than Rambus in addition to lower latency.

Just for good measure, the chipset includes Ethernet too.

What’s all this mean? High-speed motherboards with everything integrated (and with integrated peripherals definitely worth using) for around 200 bucks. By the end of the summer, last summer’s monster PC will be integrated onto two chips and priced for building PCs at the $600-$800 price point.

This summer’s computer revolution won’t be Windows XP.

And, in something not really related, here’s something you probably missed, unfortunately. Start rubbing your hands together if you enjoy the Mac-PC or Intel-AMD wars. This is a hard benchmark comparing AMD Athlon, Intel P3, and Motorola PowerPC architectures and their relative speed. The methodology: under Linux, cross-compile a Linux kernel for the SPARC architecture (compiling native isn’t a fair comparison; this way they’re all creating identical code and therefore doing the same work, or as close to it as you’re gonna get). You know those claims that a Mac is twice as fast as an equivalent-speed Pentium III running Photoshop? I always countered that with Microsoft Office benchmarks, where a Mac is about 1/4 the speed of a PC, at best, when doing a mail merge. Neither is a fair test. This benchmark resembles one.

Anyway… Yes, a G4 is faster than the equivalently clocked Pentium III. How much faster? Roughly 10 percent. And an Athlon turns out to be about 20 percent slower than the equivalent P3. Of course, the Athlon reaches clock speeds the P3 never will, and the Athlon is also much more than 20 percent cheaper than the equivalently-clocked P3, so who really cares?

This still isn’t a totally fair comparison of CPU architecture, since chipsets vary (and it’s entirely possible that the difference between the P3 and the Athlon in speed is due to chipset quality), but if indeed the G4 was twice as fast as the P3, it would surely outperform it by better than 10 percent in this test. But it’s a decent comparison of real-world performance, because it doesn’t matter how much better your CPU is if it’s burdened by a chipset that doesn’t show up to play on game day.

Most telling is the end, where he gives the cost per speed unit. AMD wins that chart handily.

Enough of my babble. Read all about it here.

More Like This: AMD Hardware

04/22/2001

The times they are a-changin’. I made the pilgrimage to north St. Louis, to visit my church’s sister congregation, to see their new PCs. I spotted some Compaq Deskpro EXs at Insight for an insanely low price, and I wanted a respectable name brand, so that was what I had them order. I set one up and let it run, and was surprised to see it came up with a standard AMI BIOS. No more Compaq disk partition-based BIOS? Nope. Not even a Compaq logo. Just an AMI logo, like a clone. The case was a standard microATX case with a Compaq case badge on it. I popped open the case. I couldn’t tell for certain if it was an Intel-made board or not (the AMI BIOS suggests yes) but it’s a standard microATX board. No weird Compaq drive rails either. Seagate hard drive. The CD-ROM firmware says Compaq. But it’s a standard ATAPI CD-ROM. It looks like a Hitachi, but I could be mistaken.

This is good. While the quality may or may not be up to the standards of an oldschool Compaq, in the event of a failure after the warranty period, off-the-shelf parts will work to keep these things running. I can get microATX power supplies and motherboards.

Oh, how do they run? Well, after I cleaned up the root and Windows directories, put in my usual msdos.sys parameters, and replaced emm386.exe with umbpci.sys–they paid for that shadow RAM, so they might as well use it as RAM–the system boots in 20 seconds. That’ll slow down after adding the network card and installing more software, of course, but at least we’re starting out really strong.

I thought I read in the system specs that they’d have built-in Ethernet, but I may be mistaken. That’s fairly easy to remedy. I can pick up a 5-pack of Netgear FA-311s at Mwave for about $70. Two of those will put us in business. I’m disappointed that the FA-310TX, an old favorite of mine, seems to be discontinued; hopefully the 311 uses the same or a similar chipset. In a lab situation I’d prefer Intel or 3Com cards, but the Netgears sell for much less, and I have lots of experience with Netgears in Linux. I’ve occasionally had problems with Intels and 3Coms in Linux, and since there’ll be one or possibly two Linux servers in the lab, and I’d rather start out with standardized parts all around, I’ll give Netgear the nod.

Bloatbusters. I believe I mentioned this site before on my old site, but maybe not. These guys look at utilities, tell you what’s wrong with them, and sometimes provide a tightly-coded alternative. For instance, here’s a Windows CD player. It’s 3K in size. Personally, I prefer the play button on the front of my CD-ROM drives, but not every CD-ROM drive has one.

I can’t stand their site navigation and layout, but their essays are often entertaining to read.

Along the same lines, there’s Radsoft , who plays host to Bloatbusters. Radsoft’s product is Extreme Power Tools, a $47 collection of over 100 tightly written utilities, including a 25K file manager that claims to pack in more features than any of Microsoft’s file managers. Evidently they used to provide a demo download, but the only demo I can find now contains just their task management tools, which are interesting but certainly not the most generally useful.

Early experiments in building gateways

Gateways. I worked with Gatermann last night after I got back from church (three Macs and an NT server died yesterday–I needed it last night) on trying to get his Linux gateway running under FloppyFW . We were finally able to get it working with dual NICs, able to ping both inside and outside his LAN (I finally found an old Pentium-75 board that didn’t have compatibility issues). But we weren’t able to actually get his Web browsers working.

I suspect something about the IP masquerading configuration just isn’t right, but it’s been so long since I wrote one of those by hand (and it was really just copycating an existing configuration), so since I have working Linux boxes at home I finally just gave up and downloaded the shell script version of Coyote Linux and ran it. It’s not foolproof because you have to know what kernel module your Ethernet cards use, but assuming you know that (make it easy on yourself–get a pair of Netgear 10/100 cards, which use the Tulip module), but it’s definitely a two-edged sword. It makes it a little harder to configure, but it means it’ll work with a much wider variety of cards. If Linux supports it, so does Coyote, whereas a lot of the other single-floppy distributions just support the three most common types (NE2000, 3Com 3c509, and DEC Tulip). So an old DEC Etherworks3 card will work just fine with Coyote, while getting it to work with some of the others can be a challenge.

I’m disappointed that Coyote doesn’t include the option to act as a caching DNS, because you can fit caching DNS on the disk, and it’s based on the Linux Router Project, for which a BIND tarball is certainly available. I’ll have to figure out how to add BIND in and document that, because there’s nothing cooler than a caching nameserver.

I was messing around briefly with PicoBSD , a microdistribution of FreeBSD, but the configuration is just different enough that I wasn’t comfortable with it. FreeBSD would be ideal for applications like this though, because its networking is slightly faster than Linux. But either Linux or FreeBSD will outperform Windows ICS by a wide margin, and the system requirements are far lower–a 386, 8 megs of RAM, floppy drive, and two NICs. Can’t beat that.

Rarely used trivia department: Using Linux to create disk images. To create an image of a floppy under Unix, use this command: dd if=/dev/fd0 of=filename.img bs=10k . There’s no reason why this command couldn’t also be used to clone other disks, making a single-floppy Linux or FreeBSD distribution an alternative to DriveImage or Ghost, so long as the disks you’re cloning have the same geometry.

Test this before you rely on it, but the command to clone disk-to-disk should be dd if=/dev/hda of=/dev/hdb while the command to clone disk-to-image should be dd if=/dev/hda of=filename.img and image-to-disk should be dd if=filename.img of=/dev/hda .

And yesterday. While the computers (and I’ll use that phrase loosely when referring to those Macs) were going down all around me at work, the mail was pouring in. Needless to say, some people agree and others don’t. We’ll revisit it tomorrow. I’ve gotta go to work.

WordPress Appliance - Powered by TurnKey Linux