Tuesday 31 July 2012

PXE Boot a Dban image from an Ubuntu Server




 Dhcp Offers from Ubuntu Server to Compute Nodes
****Note**** exercise extreme care with these notes I have made as you can boot and wipe any computer capable of net booting without any keyboard input on the private network if the machine in question is set to net-boot. 
I ACCEPT NO RESPONSIBILITY FOR ANY ERRORS OR OMISSIONS , YOU HAVE BEEN WARNED!


The object of this blog entry was to remind me how to securely erase a cluster of headless compute nodes connected to a head node using a Dban image pxe booted from the head node.

I installed Ubuntu 12.04 Server on the head node. The Head Node's eth0 was connected via Ethernet switches to the compute nodes on a private network in the range 192.168.1.0 and eth1 was connected to the public network and it was set to receive an IP address via dhcp.

Installation Requirements for the Head Node:-
Install an internet super server, tftp server, dhcp server and syslinux a boot loader.
 The command to do this is :-
sudo apt-get -y install inetutils-inetd tftpd-hpa dhcp3-server syslinux

 You have to extract some files from a Darik's Boot 'n' Nuke image:-
sudo mkdir /media/iso
sudo mount -o loop /the/path/to/dBanfile.iso /media/iso

In the directory /var/lib/tftpboot place the following files dban.bzi from the /media/iso directory and the file pxelinux.0 from the /usr/lib/syslinux/ directory. Also place the remaining files from the iso image in /var/lib/tftpboot/pxelinux.cfg

 Set the entries in the file named default in the directory /var/lib/tftpboot/pxelinux.cfg

PROMPT 0
DEFAULT quick

With prompt set to 0 there is no pause and the default setting is quick it can be autonuke dban dod dod3pass dodshort gutman ops2 paranoid prng or zero.
This means when it is run it goes straight to quick wipe so exercise extreme care when doing this as you can boot and wipe anything on the private network if the machine in question is set to netboot. I set it to 0 as all the compute nodes were headless and keyboardless so I could not have a pause for keyboard input.

The settings in the file /etc/dhcp/dhcpd.conf  I required for the dhcp server are as follows :-
ddns-update-style none;
option domain-name "home.local";
option domain-name-servers 192.168.1.1;
default-lease-time 86400;
max-lease-time 604880;
option time-offset -18000;
authoritative;
log-facility local7;
allow booting;
allow bootp;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
filename "pxelinux.0";
option root-path "/var/lib/tftpboot";
next-server 192.168.1.1;
}



In the tftp config file /etc/default/tftpd-hpa I required the following :-


RUN_DAEMON="yes"
TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS=""


The other dhcp config file /etc/default/isc-dhcp-server
should contain :-
INTERFACES="eth0"

 The ethernet settings file /etc/network/interfaces
should contain :-
 auto lo
iface lo inet loopback

# This is the private network
# Its static ip address
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
auto eth0
# The public network interface

# It uses dhcp
auto eth1
iface eth1 inet dhcp


Note you will have to ensure that the compute nodes' bios is set to pxe boot on eth0 if that is the interface you are using. Once the Ubuntu Head Node is booted use tail -f /var/log/syslog to track the progress of the compute nodes dhcp ip addresses being served as they are booted.

This really saved me time when I had to securely erase a large number of machines before they were decommissioned and sent for recycling :).

Friday 27 July 2012

Repair a Faulty D-Link DGS-1024D Gigabit Switch


Always take extreme care when servicing electrical equipment eg HOT Solder,  Soldering Irons, MAINS Voltage and High DC Voltage can all be dangerous or worse. I am NOT responsible for any errors or omissions or for your errors or inability to understand and operate safely in this environment YMMV.
 

This Switch had flickering Link and Act LED's and no LED self test when first switched on. I took the case apart by removing 4 screws from the top of the case and 3 screws from the bottom front of the case. I found one bulging 1000uF 6.3V capacitor C67. I removed C67 and C68 and tested them with the ESR meter see photos below, both had problems one was open circuit and the other was low in value and high ESR. I replaced them with High Temperature Low ESR Capacitors. After replacement the switch went through a proper self-test with the LED's switching sequentially etc when powered up.
Low Value Capacitor
Open Circuit Capacitor
Replaced Capacitors

It was working fine after this, however the fans also needed replacement as well because one was seized and the other very noisy. I gave it an extended test for a time and it showed no signs of failure so not bad for a quick look inside the case and some soldering.
The bulging capacitor is a common fault in electronic equipment so it pays to examine all electrolytic capacitors on faulty equipment.

Defender 300tdi Lucas 10AS Alarm Immobiliser (Spider) Problems

We have a 1997 Landrover Defender 300tdi that has given immobiliser problems intermittently. I had initially fixed the fuel solenoid as we w...