Short takes: SSH, custom ports, root and Synology NASs

This blog has been much maligned of late… I’d like to get more time to write and I have literally hundreds of part-written posts, some of which are now just a collection of links for me to unpick…

In the meantime, a couple of snippets that may be useless, or may help someone one day…

Using SSH with a custom port number

My Synology NAS complains about poor security if I leave SSH enabled on port 22. It’s fine if I change it to another port though (security by obscurity!). Connecting then needs a bit more work as it’s ssh user@ipaddress -p portnumber (found via the askubuntu forums)

Logging on to a Synology NAS from SSH as root

On a related topic, I recently needed to SSH to my NAS as root (not admin). ssh root@ipaddress -p portnumber wasn’t authenticating correctly and then I found Synology’s advice on how to login to DSM with root permission via SSH/Telnet. It seems I have to first log on as admin, then sudo -i to elevate to root.

Synology Hyper Backup and DSM update failures

I have a Synology DS916+ NAS and, for the 9 months or so, I’ve been using it to back up my photos to Microsoft Azure. I’ve realised that they are being backed up in a format that’s unique to Synology’s Hyper Backup program, so I should probably see if there is an alternative that backs up the files in their native format but, more worryingly, this afternoon I noticed that backups had been failing for a few days. The logs weren’t much help (no detailed information) and a search on the ‘net didn’t turn much up either. For reference, this was the (very high level) information in the logs when viewed in the Hyper Backup GUI:

Information 2017/07/08 03:00:02 SYSTEM [Azure Blob] [Backup Photos to Microsoft Azure] Backup task started.
Error 2017/07/08 03:00:33 SYSTEM [Azure Blob] [Backup Photos to Microsoft Azure] Exception occured while backing up data.
Error 2017/07/08 03:00:36 SYSTEM [Azure Blob] [Backup Photos to Microsoft Azure] Failed to backup data.
Error 2017/07/08 03:00:36 SYSTEM [Azure Blob] [Backup Photos to Microsoft Azure] Failed to run backup task.

(Since then, I’ve found how to view detailed backup logs on a Synology NAS, thanks to a blog post by Jonathan Mumm, though in this case, the logs didn’t shine much of a light on the problem for me.)

I wondered if there were any DSM updates available that might fix things but, when I checked for updates, I got a message to say “Insufficient capacity for update. The system partition requires at least 400MB”. Googling suggested lots of manual file deletion and I was sure this was just a buildup of temp files (maybe to do with the failed backup), so I decided to reboot. After all, what do you do when a computer isn’t working as expected? Turn it off and on again!

After rebooting, attempts to update no longer produced an error (simply confirming that I’m up-to-date with DSM 6.1.2-15132) and the backup is now running nicely (it will take a few hours to complete as I added a few months’ worth of iPhone photos to the NAS earlier in the week, around about the time the backups started failing…)

My first few weeks with a Synology Diskstation NAS

Earlier this summer, I bought myself a new NAS. I’d lost faith in my old Netgear ReadyNAS devices a while ago, after a failure took out both halves of a RAID 1 mirror and I lost all the data on one of them. That actually taught me two important lessons:

  1. Data doesn’t exist unless it’s backed up in at least two places.
  2. RAID 1 is not suitable for fault-tolerant backups.

As I wrote a few weeks ago, my new model is to get all of the data into one place, then sync/archive as appropriate to the cloud. Anything on any other PCs, external disks, etc. should be considered transient.

For the device itself, it seems that there are only really two vendors to consider – QNAP or Synology (maybe a Drobo). I chose Synology – and elected to go with a 4-bay model, picking up a Synology Diskstation DS916+ (8GB) and kitting it out with 4 Hitachi (HGST) Deskstar NAS drives.

Unfortunately, I had a little hiccup in that I’d ordered the device pre-configured. The weight of the disks was clearly too much for the plastic drive carriers to cope with but, once again, sorted things out for me and I soon had a replacement in my possession.

Over the last few weeks, I’ve been building up what I’m doing with the Diskstation: providing home drives for the family; syncing all of my cloud storageacting as a VPN endpoint; providing DHCP and DNS services; running anti-virus checks; and backing up key files to Microsoft Azure.

This last workload is worthy of discussion, as it took me a couple of weeks to push my data to the cloud. Setup was fairly straightforward, following Paris Polyzos (@ppolyzos)’s advice to backup Synology NAS data in Microsoft Azure Cool Storage but the volume of data and the network it had to traverse was more problematic.

Initially I had issues with timeouts due to a TP-Link HomeplugAV (powerline Ethernet) device between the ISP router and the DNS server that kept failing. I worked around that by moving DNS onto the NAS, and physically locating the NAS next to the router (bypassing the problematic section of network). Then it was just a case of waiting for my abysmal home Internet connection to cope with multi-GB upstream transfers…

I have no doubts that this NAS, albeit over-specified for a family (because I wanted an Intel-based model), is a great device but I did need to work around some issues with vibration noise. It’s also slightly frustrating that there is no integration between the DHCP and DNS services (I’ve been spoiled working with Windows Server…), the Security Advisor reports are a bit dramatic, and some of the Linux commands are missing – but I really haven’t found anything yet that’s a show-stopper.

Now I need to get back to consolidating data onto the device, and moving more of it into the cloud…

Preventing vibration noise on a Synology NAS

My Synology Diskstation NAS (DS916+) has been a great purchase but I have had some issues with noise from vibration. Over a course of a few weeks, complaints from family members meant that I had to move the NAS from my desk, onto the floor, then into the garage (before I brought it into the kitchen to be next to the Internet connection – but that’s another story). You should be able to hear the noise in the video below (though it seems much louder in real life!):

As can be heard, the vibration noise reduces when I put pressure on the chassis. It seems that it’s actually caused by the screw-less drive carriers that Synology use on their NASs.

Thanks to advice from Chipware on Reddit, I was able to add some sticky-backed Velcro (just the fluffy side) between the disk carrier and the disk, and on the outside of the disk carriers. They now better fit the NAS and, crucially, the Velcro serves as a shock absorber, preventing any more vibrations…

And, at just £2 for a metre of sticky-backed Velcro (which I only used a few centimetres of), it was a pretty inexpensive fix.

Chipware says in his post that:

“I definitely think the 4 Velcro pieces connecting the sled to the cage solved the problem. The pieces between drive and sled connection provides negligible dampening.”

I initially only put 4 pieces on the outside of the carrier (2 of them can be seen in the picture) but my experience was that adding 2 more pieces on the disk itself (underneath the carrier) also helped. Of course, your mileage my vary (and any changes you make are at your own risk – I’m not responsible for any problems it may cause).

After making these modifications there’s no more noise, just a relatively quiet fan noise (as to be expected) and the NAS is back on my desk!

Journey through the Amazon Web Services cloud

Working for a large system integrator, I tend to find myself focused on our own offerings and somewhat isolated from what’s going on in the outside world. It’s always good to understand the competitive landscape though and I’ve spent some time recently brushing up my knowledge of Amazon Web Services (AWS), which may come in useful as I’m thinking of moving some of my computing workloads to AWS.  Amazon’s EMEA team are running a series of “Journey to the Cloud” webcasts at the moment and the first two sessions covered:

The next webcast in the series is focused on Storage and Archiving and it takes place next week (23 October). Based on the content of the first two, it should be worth an hour of my time, and maybe yours too?


Microsoft finally releases an iSCSI software target as a free download

For years, if you wanted to get hold of the Microsoft iSCSI software target (e.g. for testing Windows clusters without access to “proper” storage), you had to rely on “finding” a copy that a Microsoft employee had left lying around (it was officially only available for internal use). Then came advice on extracting it from Windows Storage Server. Now it’s finally been made available as a free download for Windows Server. Fantastic news!

Hardware lineup for 2011

This is a bit of a copycat post really but I saw Mike Taulty and Phil Winstanley‘s hardware lineups and thought it was a good idea. So, here it is, a summary of the technology I use pretty much every day and how I see that changing this year.

Car: Audi A4 Avant 2.0 TDI 170 S-Line

Audi A4 Avant 20 TDI 170 S-LineMy wife and I have been Volkswagen fans for a few years now (we find them to be good, solid, reliable cars that hold their value well) so, a couple of years ago, when I heard that Volkswagen and Audi were being added to our company car scheme, I held back on replacing my previous vehicle in order to take advantage. I did consider getting a Passat but the A4 (although smaller) had a newer generation of engine and lower emissions, so it didn’t actually cost much more in tax/monthly lease costs.

After a year or so, I’m normally bored/infuriated with my company cars but I still really enjoy my A4 – so much so that I will consider purchasing this one at the end of its lease next year. My only reservations are that I would really like something larger, sometimes a little more power would be nice (although this has 170PS, which is pretty good for a 2 litre diesel) and I do sometimes think that the money I contribute to the car might be better spent on reducing the mortgage (I add some of my salary to lease a better car than my grade entitles me to).

Either way, it’s on lease until I hit 3 years or 60,000 miles, so it’s a keeper for 2011.

Verdict 9/10. Hold.

Phone: Apple iPhone 3GS 16GB

Apple iPhone 3GSI actually have two phones (personal and work SIMs) but my personal needs are pretty basic (a feature phone with Bluetooth connectivity for hands free operation in the car) and I recycled my iPhone 3G when I was given a 3GS to use for work.

After having owned iPhones for a few years now (this is my third one), I don’t feel that the platform, which was once revolutionary, has kept pace and it now feels dated. As a result, I’m tempted by an Android or Windows Phone 7 device but neither of these platforms is currently supported for connection my corporate e-mail service.

The main advantages of this device for me are the apps and the Bluetooth connectivity to the car (although I needed to buy a cable for media access). I use Spotify and Runkeeper when I’m running but there are a whole host of apps to help me when I’m out and about with work (National Rail Enquiries, etc.) and, of course, it lets me triage my bulging mailbox and manage my calendar when I’m on the move. Unfortunately, the camera is awful and it’s not much use as a phone either, but it does the job.

I could get an iPhone 4 (or 5 this summer?) but I’d say it’s pretty unlikely, unless something happened to this one and I was forced to replace it.

Verdict 3/10. Not mine to sell!

Tablet: Apple iPad 3G 64GB

Apple iPadAfter several weeks (maybe months) of thinking “do I? don’t I?”, I bought an iPad last year and I use it extensively. Perhaps it’s a bit worrying that I take it to bed with me at night (I often catch up on Twitter before going to sleep, or use it as an e-book reader) but the “instant on” and long battery life make this device stand out from the competition when I’m out and about.

2011 will be an interesting year for tablets – at CES they were all over the place but I’ve been pretty vocal (both on this blog, and on Twitter) about my views on Windows as a tablet operating system and many of the Android devices are lacking something – Android 3 (Gingerbread [correction] Honeycomb) should change that. One possible alternative is Lenovo’s convertible notebook/tablet which runs Windows but features a slide out screen that functions as an Android tablet (very innovative).

I may upgrade to an iPad 2, if I can get a good resale price for my first generation iPad, but even Apple’s puritanical anti-Adobe Flash stand (which means many websites are unavailable to me) is not enough to make me move away from this device in 2011.

Verdict 8/10. Hold.

Everyday PC: Fujitsu Lifebook S7220 (Intel Core 2 Duo P8400 2.2GHz, 4GB RAM, 250GB hard disk)

Fujitsu Lifebook S7220My personal preference for notebook PCs is a ThinkPad – I liked them when they were manufactured by IBM and Lenovo seem to have retained the overall quality associated with the brand – but, given who pays my salary, it’s no surprise that I use a Fujitsu notebook PC. Mine’s a couple of years old now and so it’s branded Fujitsu-Siemens but it’s the same model that was sold under the Fujitsu name outside Europe. It’s a solid, well-built notebook PC and I have enough CPU, memory and disk to run Windows 7 (x64) well.

Unfortunately it’s crippled with some awful full disk encryption software (I won’t name the vendor but I’d rather be using the built-in BitLocker capabilities which I feel are better integrated and less obtrusive) and, even though the chipset supports Intel vPro/AMT (to install the Citrix XenClient hypervisor), the BIOS won’t allow me to activate the VT-d features. As a result, I have to run separate machines for some of my technical testing (I’m doing far less of that at work anyway these days) and to meet my personal (i.e. non-work) computing requirements.

My hope is that we’ll introduce a bring your own computer (BYOC) scheme at work and I can rationalise things but, if not, it’ll be another two years before I can order a replacement and this will soldier on for a while yet.

Verdict 6/10. Holding out for a BYOC scheme at work.

Netbook: Lenovo S10e (Intel Atom N270 1.6GHz, 2GB RAM, 160GB hard disk)

Lenovo IdeaPad S10In its day, my netbook was great. It’s small, light, can be used on the train when the seatback tables are too small for a normal laptop and I used mine extensively for personal computing whilst working away from home. It was a bit slow (on file transfers) but it does the job – and the small keyboard is ideal for my young children (although even they could do with a larger screen resolution).

Nowadays my netbook it sits on the shelf, unloved, replaced by my iPad. It was inexpensive and, ultimately, consumable.

Verdict 2/10. Sell, or more likely use it to geek out and play with Linux.

Digital Camera: Nikon D700

Nikon D700After a series of Minoltas in the 1980s and 1990s, I’ve had Nikon cameras for several years now, having owned an F90x, a D70 and now a D700. I also use my wife’s D40 from time to time and we have a Canon Ixus 70 too (my son has adopted that). With a sizeable investment in Nikon lenses, etc., I can’t see myself changing brands again – although some of my glass could do with an upgrade, and I’d like an external flash unit.

The D700 gives me a lot of flexibility and has a high enough pixel count, with minimal noise and good low-light performance. It’s a professional-grade DSLR and a bit heavy for some people (I like the weight). It’s also too valuable for some trips (which is when I use the D40) but I always miss the flexibility and functionality that the D700 body provides. Maybe sometimes I think some video capabilities would be nice but I won’t be changing it yet.

Verdict 9/10. Hold.

Photography PC: Apple MacBook MB062LL/B (Intel Core 2 Duo T7500 2.2GHz, 4GB RAM, 320GB hard disk)

Apple Macbook White (late 2007)It’s been three years since I bought my MacBook and, much as I’d like one of the current range of MacBook Pros it’ll be a while before I replace it because they are so expensive! In fairness, it’s doing it’s job well – as soon as I bought it I ungraded the hard disk and memory, and whilst the the CPU is nt as fast as a modern Core i5 or i7, it’s not that slow either.

For a machine that was not exactly inexpensive, I’ve been disappointed with the build quality (it’s had two new keyboard top covers and a replacement battery) but Apple’s customer service meant that all were replaced under warranty (I wouldn’t fancy my chances at getting a new battery from many other PC OEMs).

I use this machine exclusively for photography and the Mac OS suits me well for this. It’s not “better” than Windows, just “different” and, whilst some people would consider me to be a Microsoft fanboi and an iHater, the list of kit on this page might say otherwise. I like to consider myself to have objective views that cut through the Redmond or Cupertino rhetoric!

So, back to the Mac – I may dive into Photoshop from time to time but Adobe Lightroom, Flickr Uploadr, VueScan and a few specialist utilities like Sofortbild are my main tools. I need to sweat this asset for a while longer before I can replace it.

Verdict 5/10. Hold.

Media: Apple Mac Mini MA206LL/A (Intel Core Duo 1.66GHz, 2GB RAM, 120GB hard disk)

(+ iPad, iPhone 3GS, various iPods, Altec Lansing iM7 iPod speakers)

Apple Mac MiniMy Mac Mini was the first Intel Mac I bought (I had one of the original iMacs but that’s long gone) and it’s proved to be a great little machine. It was replaced by the MacBook but has variously been used in Windows and Mac OS X forms as a home media PC. These days it’s just used for iTunes and Spotify, but I plan to buy a keyboard to have a play with Garage Band too.

It may not be the most powerful of my PCs, but it’s more than up to this kind of work and it takes up almost no space at all.

Verdict 6/10. Hold.

Gaming: Microsoft Xbox 360 S 250GB with Kinect Sensor

Microsoft Xbox 360sI’m not a gamer – I sold my Playstation a few years ago because the driving games that I enjoyed made me feel ill! Even so, I was blown away by the Xbox with Kinect when I saw it last month. I bought myself a 250GB model and now Kinect Adventures and Kinect Sports have become family favourites (with a bit of Dance Central thrown in!). I can’t see myself getting into first person shooters, but I can see us doing more and more with the Xbox, particularly if I can use the Connect 360 application to hook into my media library. The final piece of the jigsaw would be BBC iPlayer on Xbox – but that looks unlikely to come to fruition.

Verdict 9/10. Hold.

Servers and Storage: Atom-based PC, Dell PowerEdge 840, 2x Netgear ReadyNAS Duo

As my work becomes less technical, I no longer run a full network infrastructure at home (I don’t find myself building quite so many virtual machines either) so I moved the main infrastructure roles (Active Directory, DHCP, DNS, TFTP, etc.) to a low-power server based on an Intel Atom CPU. I still have my PowerEdge 840 for the occasions when I do need to run up a test environment but it’s really just gathering dust. Storage is provided by a couple of Netgear ReadyNAS devices and it’s likely that I’ll upgrade the disks and then move one to a family member’s house, remote syncing to provide an off-site backup solution (instead of a variety of external USB drives).

Verdict 6/10. Hold (perhaps sell the server, but more likely to leave it under the desk…).

Connecting multiple ReadyNAS devices to a single UPS

It seems to be ReadyNAS week at because that’s what I’ve spent the last couple of days working with but the ReadyNAS really is a stonking piece of hardware (think of it as a £150 Linux box with built-in X-RAID) and mine will soon be providing the storage for a Windows Home Server VM (yes, I know the ReadyNAS can do loads of the things that WHS can, but I work with Microsoft products and it’s about time I had a serious look at WHS).

Anyway, my ReadyNASes are running off an APC Smart-UPS 1500 but only one of them has the USB connection to monitor the UPS status. It turns out that’s not a problem as the latest versions of the ReadyNAS software (RAIDiator) allow one ReadyNAS to act as a UPS status server for the others.

I think this needs at least v4.1.5 of RAIDiator (my ReadyNAS “UPS client” shipped with v4.1.4 and I updated it to v4.1.6, meanwhile the “UPS server” is running v4.1.5) but there is an option on the Power page in FrontView (the ReadyNAS web administration console) to define hosts that are allowed to monitor the attached UPS (where a physical connection to the UPS exists).

ReadyNAS UPS server

Similarly, on a ReadyNAS that is not physically connected to a UPS, it is possible to specify the IP address of a ReadyNAS that is connected to the UPS.

ReadyNAS UPS client

With these settings enabled, both ReadyNAS devices can cleanly shutdown in the event of a power failure.

I wonder if my Windows Server 2008 host can also monitor the ReadyNAS and shut itself down in the event of power loss too…

Physical disks can only be added to Hyper-V VMs when the disk is offline

I don’t often work with passthrough disks in Hyper-V but, after configuring my Netgear ReadyNAS as an iSCSI target earlier this evening, I wanted to use it as storage for a new virtual machine. Try as I might, I could not get Hyper-V Manager to accept a physical disk as a target, despite having tried both SCSI and IDE disk controllers. Then I read the information text next to the Physical hard disk dropdown in the VM settings:

“If the physical hard disk you want to use is not listed, make sure that the disk is offline. Use Disk Management on the physical computer to manage physical hard disks.”

Doh! a classic case of RTFM… (my excuse is that it’s getting late here). After taking the disk offline I could select it and attach it to the virtual machine.

Creating an iSCSI target on a Netgear ReadyNAS

A few months ago, I wrote that I was looking for an iSCSI target add-on for my Netgear ReadyNAS Duo. I asked if such an add-on was available on Netgear’s ReadyNAS community forums; however it seems that these are not really a true indication of what is available and the moderators are heavily biased by what Netgear supports, rather than what can be done. Thanks to Garry Martin, who pointed me in the direction of Stefan Rubner’s ReadyNAS port of the iSCSI Enterprise Target Project, I now have a ReadyNAS acting as an iSCSI target.

I have a lot of data on my first ReadyNAS and, even though I backed it all up to a new 1.5TB drive in my server (which will eventually be swapped into the the ReadyNAS as part of the next X-RAID upgrade), I wasn’t prepared to risk losing it so I bought a second ReadyNAS to act as an iSCSI target for serving virtual machine images. In short, don’t run this on your ReadyNAS unless you are reasonably confident at a Linux command prompt and you have a backup of your data. This worked for me but your mileage may vary – and, if it all goes wrong and takes your data with it, please don’t blame me.

First up, I updated my ReadyNAS to the latest software release (at the time of writing, that’s RAIDiator version 4.1.6). Next, I enabled SSH access using the Updates page in FrontView with the EnableRootSSH and ToggleSSH addons (note that these do not actually install any user interface elements: EnableRootSSH does exactly what it says, and when it’s complete the root password will be set to match the admin password; ToggleSSH will enable/disable SSH each time the update is run).

The next step was to install the latest stable version (v0.4.17-1.0.1) of Stefan Rubner’s iSCSI target add-on for ReadyNAS (as for EnableRootSSH and ToggleSSH, it is simply applied as an update in FrontView).

With SSH enabled on the ReadyNAS, I switched to using a Mac (as it has a Unix command prompt which includes an SSH client) but any Unix/Linux PC, or a Windows PC running something like PuTTY will work too:

ssh root@ipaddress

After changing directory to /etc (cd /etc), I checked for an existing ietd.conf file and found that there was an empty one there as ls-al ie* returned:

-rw-r–r–    1 admin    admin           0 Dec  3  2008 ietd.conf

I renamed this (mv ietd.conf ietd.conf.original) and downloaded a pre-configured version with wget before editing the first line (vi ietd.conf) to change the IQN for the iSCSI target (a vi cheat sheet might come in useful here).

As noted in the installation instructions, the most important part of this file is the Lun 0 Path=/c/iscsi_0,Type=fileio entry. I was happy with this filename, but it can be edited if required. Next, I created a 250GB file to act as this iSCSI LUN using dd if=/dev/zero of=/c/iscsi_0 bs=10485760 count=25600. Beware, this takes a long time (I went to the pub, came back, wrote a good chunk of this blog post and it was still chugging away for just over 4 hours; however it’s possible to get some idea of progress by watching the amount of free space reported in FrontView).

At this point, I began to deviate from the installation notes – attempting to run /etc/init.d/rfw-iscsi-target start failed so I rebooted the ReadyNAS but when I checked the Installed Add-ons page in FrontView I saw that the iSCSI target was already running although the target was listed as NOT_FOUND and clicking the Configure Targets button seemed to have no effect (I later found that was an IE8 issue – the button produced a pop-up when I ran it from Safari over on my Mac and presumably would have worked in another browser on Windows too).

I changed the target name to /c/iscsi_0, saved the changes, and restarted the ReadyNAS again (just to be sure, although I could have restarted the service from the command line), checking that there was a green light next to the iSCSI target service in FrontView (also running /etc/init.d/rfw-iscsi-target status on the command line).

ReadyNAS iSCSI Target add-on configuration

With the target running, I switched to my client (a Windows Server 2008 computer) and ran the iSCSI initiator, adding a portal on the Discovery tab (using the IP address of the ReadyNAS box and the default port of 3260), then switching to the Targets tab and clicking the Refresh button. I selected my target and clicked Log On… waiting with baited breath.

Windows iSCSI initiator Discovery tabWindows iSCSI initiator Discovery tab

iSCSI target exposed in Disk Management

No error messages indicated that everything was working so I switched to Server Manager and saw a new 250GB unallocated disk in Disk Management, which I then brought online and initialised.

Finally, I updated /etc/rc6.d/S99reboot to include /etc/init.d/rfw-iscsi-target stop just before the line that says # Save the last 5 ecounters by date.