Cisco Linksys E3000 – strange internet connection issues? Hidden admin system page??

I’ve had the Cisco Linksys E3000 for quite awhile now and it has been a reliable router, internet connection wise, weak in the wireless department but decent enough to live with.

So first off, the power adaptor blew, quickly resolved it by switching it out with an older power adaptor which came with the Linksys WAG354G (yes, I actually did like Linksys routers.. till now – eyeing the Asus RT-AC3200). Sometime after, I started noticing strange behaviours with the Facebook app on my Nexus 5 – the news feed would load, but certain images would just end up with an endless loading spinner, and soon after the app would no longer refresh. Switching from WiFi to 4G/LTE got it working fine which was baffling considering everything else works fine on Wifi. Coincidentally, Netflix launched in Australia then and I jumped on the free trial to test it out – however, I got a black screen on the Chromecast and a cryptic error message before I got booted back out to the main Chromecast screen.

Started googling around and initial results were on potentially IPv6 issues. However, looking around my router admin pages had nothing on disabling IPv6 which was baffling as testipv6 says I had an IPv6 IP! More digging then led me to more sites on 6to4 being enabled by default on the router: reddit, chromecast help forum, forum, blog

you go to http://your_router’s_ip/System.asp. Set Vista Premium to disabled and the router will stop broadcast 6to4.

That’s pretty much the fix to get everything working as it should. I suppose this doesn’t help with IPv6 adoption, but I would probably stick with just IPv4 and move to IPv6 when I’m able to get a native IPv6 IP from my ISP.

Seems bizarre to have a hidden admin system page for this..

Simple Amazon DynamoDB backup and restore

Wrote dynamodump which is a simple backup and restore script for Amazon DynamoDB using boto to work similarly to mysqldump. It is suitable for DynamoDB usages of smaller data volume which do not warrant the usage of AWS Data Pipeline for backup/restores.

It includes features to help with managing backup/restores between various environments (e.g. production, staging, dev). Comments/suggestions to further improve on it are welcomed.

Perhaps a start to more open sourced stuff this year! :)

Redirect HTTP to HTTPS on nginx behind an AWS ELB

Much like my previous post on redirect HTTP to HTTPS for IIS behind AWS’s Elastic Load Balancer, I started googling around for a solution for nginx. What I’ve put in place works when placed in the server directive for HTTP traffic:


if ($http_x_forwarded_proto != 'https') {
rewrite ^(.*) https://$host$1 permanent;
}

However, am wondering if there’s a better/cleaner way to do this? Acknowledging this nginx wiki entry..

Slides from Software Deployment and Evolution talk

Had the opportunity to give a talk for a final year subject (Software Deployment and Evolution – HIT3311) at Swinburne last Monday, thought I’ll share the slides here as well (revolves around my experience with software over the past 6 years in industry after finishing uni).

Thanks again Rajesh for this!

SlideShare link: here.

Adding HTTPS listener to an AWS ELB after creation

Was searching for a way to get it done via the AWS web console, but that didn’t end up fruitful so had to resort to their CLI tools. In addition the ELB was already in production use which meant discarding and recreating it wasn’t really an option..

Prerequisites for the subsequent steps are the ELB API Tools and IAM Command Line Toolkit (which has to be configured with your AWS keys).

  1. Run ‘iam-servercertlistbypath’ in the bin dir for IAMCLI (e.g. IAMCli-1.2.0\bin). This should give you a list of your SSL certs which are already in your AWS account.
  2. Run ‘elb-create-lb-listeners <lb-name> –headers –listener “lb-port=443,instance-port=<port>,protocol=https,cert-id=<cert-name>” –region=<aws-region>’. in the bin dir for ELB API Tools (e.g. ElasticLoadBalancing-1.0.15.1\bin). Replace:
    • <lb-name> – your ELB name
    • <port> – your EC2 instance port
    • <cert-name> – your SSL cert in your AWS account
    • <aws-region> – the region your ELB resides in (this seems to be missing from a lot of docs and was a major pain – I was retrieving empty result lists without this specified)

Something related to ELB which I had to look at sometime back which used these CLI tools was updating of expiring SSL certs. It’s been documented here now so I won’t be repeating it again! :)

Ubuntu fsck/MOTD bug/issue

Recently this message popped up on the MOTD of the Ubuntu servers on EC2:

*** /dev/xvda1 will be checked for errors at next reboot ***

After proceeding to do a fsck and restarting, the message still kept appearing. After some debugging with wk, it apparently was due to a stale fsck-at-reboot file left around causing the message to keep popping up.

Here are the steps I used to make sure they stopped popping up again:

sudo touch /forcefsck
sudo shutdown -r now
sudo rm /var/lib/update-notifier/fsck-at-reboot
cd /usr/lib/update-notifier/
sudo ./update-motd-fsck-at-reboot
sudo rm /forcefsck

Thanks wk!

Installing MySQL 5.5 on Ubuntu 11.04 (Natty)

Steps I used to get MySQL 5.5 working on Ubuntu 11.04 AMD64 (behind Aptitude’s back sadly since it’s still not packaged up due to copyright statuses..):

  • Download the following from here.

mysql-common_5.5.13-2_all.deb
libmysqlclient18_5.5.13-2_amd64.deb
libmysqlclient-dev_5.5.13-2_amd64.deb
mysql-client-5.5_5.5.13-2_amd64.deb
libmysqld-dev_5.5.13-2_amd64.deb
libmysqld-pic_5.5.13-2_amd64.deb
mysql-server-core-5.5_5.5.13-2_amd64.deb
mysql-server-5.5_5.5.13-2_amd64.deb

  • Run the following to remove older versions of MySQL client/server:
sudo aptitude remove mysql-client mysql-client-5.1 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1
  • From the directory you downloaded the files above to:
sudo aptitude install libmysqld-dev
sudo dpkg -i mysql-common_5.5.13-2_all.deb
sudo dpkg -i libmysqlclient18_5.5.13-2_amd64.deb
sudo aptitude install zlib1g-dev
sudo dpkg -i libmysqlclient-dev_5.5.13-2_amd64.deb
sudo aptitude install libdbi-perl libdbd-mysql-perl
sudo dpkg -i mysql-client-5.5_5.5.13-2_amd64.deb
sudo dpkg -i libmysqld-dev_5.5.13-2_amd64.deb
sudo dpkg -i libmysqld-pic_5.5.13-2_amd64.deb
sudo dpkg -i mysql-server-core-5.5_5.5.13-2_amd64.deb
sudo dpkg -i mysql-server-5.5_5.5.13-2_amd64.deb

Took me awhile of messing around to get the sequence right, hope this helps!

Reference/links from blog post/comments here.

Redirect HTTP to HTTPS on IIS behind an AWS ELB

In recent times I’ve had to handle the Microsoft stack (.NET) among other things. One of the things I’ve faced recently was redirecting traffic hitting the application running on IIS behind an AWS Elastic Load Balancer (ELB) from HTTP to HTTPS. Fairly easy on the Linux stacks which had nginx in front as a reverse proxy (just add a rewrite rule on your HTTP host to HTTPS), but after tinkering around a bit, finally got the correct rewrite rule working (with the help of IIS7’s .htaccess conversion utility).

The transform code you would want to stick into your Web.<transform>.config (was for a ASP.NET MVC project):

    <rewrite xdt:Transform="Insert">
      <rules>
        <rule name="HTTPS rewrite behind ELB rule" stopProcessing="true">
          <match url="^(.*)$" ignoreCase="false" />
          <conditions>
            <add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
          </conditions>
          <action type="Redirect" redirectType="Found" url="https://{SERVER_NAME}{URL}" />
        </rule>
      </rules>
    </rewrite>

This assumes you have the IIS URL Rewrite module installed on your IIS server.

References:

http://www.iis-aid.com/articles/how_to_guides/redirect_http_to_https_iis_7?page=1
http://serverfault.com/questions/304621/endless-redirect-loop-with-aws-elb-and-wordpress-site-using-wordpress-https-plugi
http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/index.html?SvcIntro.html