ISC merges LDAP configuration patch for DHCP

What? OK, first the acronyms:

• ISC is the Internet Systems Consortium. They are responsible for core Internet software, the F-root name server, and many RFC documents.
• LDAP is the Lightweight Directory Access Protocol. Read about it here.
• DHCP is the Dynamic Host Configuration Protocol. It's the technology that runs in the background when you set up your computer to "obtain address automatically".

ISC maintains DHCP software that pretty much every operating system vendor on the planet (except Microsoft) uses. It is core networking software. Until 2007, I was maintaining this software in Fedora Linux and Red Hat Enterprise Linux (by maintain, that means I made sure we were using the latest stable version and applied any patches to the code to make the ISC work correctly on our operating system).

Enter the LDAP patch. DHCP software has two components: the server and the client. The client is what runs on your computer when you connect to the network. It speaks to a DHCP server, which is run by your ISP or a wifi router or your company's IT department. The server is configured using a configuration file usually called /etc/dhcpd.conf. It can get rather large and difficult to maintain, so large DHCP sites wanted the ability to store their configuration in some sort of database. This is what the LDAP patch allows. Your DHCP server configuration can be stored in an LDAP database and managed by any number of separate tools. In fact, the DHCP servers themselves do not necessarily need configuration data as they can just request that from the LDAP server.

Support for LDAP in the DHCP server was started by some enterprising people at Ntelos and Novell. The original authors moved on to other projects and since I was maintaining this patch in Fedora Linux, I was asked to take over ownership of the patch for upstream purposes. I said sure and moved it over to github.com. I received many bug reports, patches, and requests for this patch to make it in to various releases of Fedora Linux and RHEL. Not all could be fulfilled, but it was clear that a lot of people want LDAP configuration support in the DHCP server.

ISC was asked on numerous occassions to merge this patch in to the upstream DHCP code. I am pleased to say that as of version 4.2.0 of ISC dhcp, the LDAP configuration has been merged. This is great news because I no longer have to maintain the patch out of tree. If you are finding bugs with LDAP support in dhcp and you are using 4.2.0 or higher, send your bug reports and patches to ISC. See the README file in the source code for how to report bugs.

From the RELNOTES file in the DHCP source code:

"The LDAP Patch" that has been circulating for some time, written by Brian Masney and S.Kalyanasundraram and maintained for application to the DHCP-4 sources by David Cantrell has been included. Please be advised that these sources were contributed, and do not yet meet the high standards we place on production sources we include by default. As a result, the LDAP features are only included by using a compile-time option which defaults off, and if you enable it you do so under your own recognizance. We will be improving this software over time. [ISC-Bugs #17741]

While the "do not yet meet the high standards we place on production sources" statement is a bit subjective, the bottom line is ISC has recognized that people want this support. Many thanks to everyone who contributed patches to improve LDAP support in DHCP. And many thanks to ISC for merging this code upstream!

NOTE: I am keeping the ldap-for-dhcp project alive on github for people still wanting to use older versions of DHCP. We have patches going back to dhcp-3.1.x which may be of use to someone.

Tape? Really?

I've moved my backup system to tape. My Amazon S3 experiment has not been reliable (or fast). Network backup is great, but going from a residential connection out is just not useful if have more than a couple gigabytes of data that changes daily. So I decided to go with tried and true technology: tape.

I have an HP StorageWorks DAT 72 external USB tape drive now. And 5 tapes. I'll probably need more tapes, but they cost around $5 each, so I'm not too worried about that.

Plugging in the drive caused the kernel to excrete these messages:

usb 1-1.4.2: new high speed USB device using ehci_hcd and address
usb 1-1.4.2: New USB device found, idVendor=03f0, idProduct=0125
usb 1-1.4.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
usb 1-1.4.2: Product: DAT72 USB Tape
usb 1-1.4.2: Manufacturer: Hewlett Packard
usb 1-1.4.2: SerialNumber: 4855311024394344
scsi5 : usb-storage 1-1.4.2:1.0
scsi 5:0:0:0: Sequential-Access HP C7438A ZU8B PQ: 0 ANSI: 3
scsi 5:0:0:0: Attached scsi generic sg3 type 1
st: Version 20081215, fixed bufsize 32768, s/g segs 256
st 5:0:0:0: Attached scsi tape st0
st 5:0:0:0: st0: try direct i/o: yes (alignment 512 B)
osst :I: Tape driver with OnStream support version 0.99.4
osst :I: $Id: osst.c,v 1.73 2005/01/01 21:13:34 wriede Exp $

I have a test backup running now, but will play with it more tomorrow. So far it's A LOT faster than any of my network backup attempts.

Wedding Invitations and the USPS

We recently finished up our wedding invitations. We did the invitations ourselves, which involved finding stationary, figuring out the content, printing everything, and getting it all assembled in to envelopes. We both worked on the content and layout for each component of the invitation. Our parents helped us collect mailing addresses, but I also have to thank Facebook for helping out with that too. I purchased the massive quantities of postage we needed. Karen handled addressing all of the envelopes by hand. I handled printing everything as well as figuring out the return address labels. We used OpenOffice on Fedora Linux, which caused a bit of frustration, but really if we had been using any other office software, it would have been just as frustrating. As I told Karen, I am incapable of using office software (which she finds amusing because I work with computers, but I tell her it's just not the same as what I do).

But most importantly: invitations are done!

During the addressing phase, I learned more about preferred USPS addressing formats. Yeah, this is real edge-of-your-seat reading, I know. For starters, I was already familiar with the request by the USPS that addresses appear in all caps, no punctuation (except the hyphen in ZIP+4 codes or in street addresses), and using approved USPS short forms for types, directionals, and common words. The address should be left justified in the center of a #10 envelope, except centered is pretty loose since the scanners can pick it up from most anywhere on the front of an envelope. The return address is to be written in the same manner, but aligned to the upper left corner of the envelope. Postage is aligned to the upper right corner.

I learned some more specifics about preferred addressing and corrected some things I had wrong. For example:

• Directionals are to be abbreviated as N=North, S=South, W=West, and E=East. If you have an intermediate directional, use the same letters to abbreviate, but put a space between them. This is a really common mistake. Instead of writing NW, you need to write N W.


• Do not use the hash mark for the secondary unit number. If you know the secondary unit type, you need to use the abbreviation and then the number, e.g. APT 603. For each deliverable address, the USPS keeps normalized addresses in a database. They prefer you use those addresses on mailings. If you live in an apartment, but the USPS has your address listed as SUITE 603, you need to use SUITE 603 on your address. You can figure out your normalized address by looking it up on the USPS web site.


• If you DO need to use a hash mark for the secondary unit number because you don't know what abbreviation you should use, put a space between the hash and the number, e.g. # 603.


• Do not write a comma between the place name and the state abbreviation on the last line. Instead of writing HONOLULU, HI you need to write HONOLULU HI.


• The hyphen is allowed in ZIP+4 codes and unit numbers (but only when it is part of the official unit number).


• Only put a single space between the state abbreviation and the ZIP code. I did know this, but I feel it's worth mentioning as the USPS preferred method conflicts with business and personal letter writing styles that we are all taught in school.


• Another I do know, but feel is worth mentioning are state and territory abbreviations. You need to use the two character USPS abbreviations and not GPO abbreviations that were taught thousands of years ago in school. That means writing AL instead of "Ala." and MA instead of "Mass."


• Addresses are scanned from right to left and from bottom to top, which means the most significant information is at the bottom right corner of the address, which is the ZIP+4 code. If you have other lines of information you want on the mailing, place it on the top lines. The general rule I've picked out of the USPS information is that there are 4 important lines on an address and everything else is extra (this is only true for personal mailing, not business mailing). That's the list line, secondary address line, delivery address lines, and the recipient line.


• Another I know, but want to point out. The city/state/zip line is really last line name/state/zip. The last line name does not necessarily correspond to city names. Last line names are assigned by the USPS and reflect city, town, CDP, or region names. You need to use the correct place name for your ZIP code, which may or may not correspond to the actual city or town you live in (though it may be an honoured exception).

I started looking this information up because while we were addressing invitations, Karen wanted the return address label on the back flap of the envelope and I wanted it in the upper left corner. I was trying to see if the back flap was acceptable. No conclusive answer found, but since it is not specifically stated, I can only assume it's not preferred.

What are the advantages to using preferred USPS addressing? More accurrate and faster deliveries. The USPS is extremely flexible when it comes to addresses, so these are not rules, they just ask that people follow them because it speeds up processing. It helps them help you.

Would you like to know more? Check out USPS Publication 28. It's a page turner, that's for sure.

Meta Blog

Have not posted here in a while. I like keeping my blog around because I periodically come up with something I want to write about and it does not fit in the Twitter 140 character limit. But, I have nothing to post right now, so how about a collection of updates.

Karen and I went to Turtle Bay Resort this past weekend. Originally planning on having a beach cottage, the hotel upgraded us to the Ali'i Presidential Suite. It was more than twice the size of our condo. It was really nice, but I hope it didn't spoil me on conventional hotel rooms. Pictures of the room are here. We tried to guess who would stay in this room normally. The room entrance is not clearly marked, probably to keep the typical guest of this room from being bothered. The room covers an entire end of one of the 6th floor hotel spokes (3 spokes to Turtle Bay Resort, check out aerial photos via Google). The entrance is a double door, but it's past the regular rooms and it appears to be a service door, so you might think it's where the service elevator is or maybe an area for housekeeping. Nope, it was our gigantic room. One of my favorite parts of the room was the card from the VP and General Manager of Turtle Bay Resort including his office and cell number and email address, indicating we should contact him if we have any issues. They are serious about the high rollers.

You know the card on the back of hotel room doors that lists state hotel laws and the rack rates for the room you're in? The card for our room did not indicate a rate, but rather a rate range of $800 to $3300 per night. Ha!

Karen and I are nearing the end of what has seemed to be infinite wedding planning. We wanted something simple and while it's still simple, there are so many questions people have. Questions that sometimes we don't care about, but people still want an answer to. Karen is having to help me remain sane and I'm having to do the same for her. We have a rule where we only focus on one task per day, otherwise it's entirely too overwhelming.

In other news, I am awaiting the title to my car. Yes, it has finally been 72 months. That's right, I financed it that long. What? You think I'm insane? Yeah, maybe. But the point is it's over. I purchased the car shortly after graduation and took the new graduate financing option where you didn't need any cash down and could purchase the car rather than lease for 3 years and have a 100 mile limit on the car. 72 months is an insane amount of time to pay off a loan. Since I purchased the vehicle, I have put about 68000 miles on it and lived in 4 different states. The car has driven through 15 states and DC. The car has also been on both Oahu and Maui. In short, it's definitely done a good job of getting me around and not being a burden. Once the title arrives, I have to go and get a Hawaii title. Yes, the car is still titled in New Hampshire.

Well, that's it for now. It's been a very busy summer so far. Before we know it, we'll be packing things up to move back to Boston.

Energy Sources in Hawaii

The topic came up in discussion with some friends the other day. Where does Hawaii get energy? What energy sources are available in Hawaii? The following is my own research in to the subject, so if anyone has anything to add, feel free.

First, those who don't know, Hawaii is composed of many islands. The islands are so far apart that they lack physical utility connections between them. That means that each island has its own generating facilities and for fuels like gasoline, they are brought to the island. But more on that later.

Hawaii has no sources of natural gas and since it's impractical to transport natural gas by any means other than pipe, Hawaii just doesn't have natural gas. What we do have is synthetic natural gas (SNG). Synthetic natural gas is made from petroleum byproducts and while the composition is different, can be used in applications where natural gas would be appropriate. SNG is currently only available on the island of Oahu and even then in limited areas. The Gas Company provides SNG service to customers on Oahu via tank delivery or access to their pipeline network. Their site claims to have around 1000 miles of SNG pipeline.

So are those tiki torches I see at night around Waikiki using SNG? All of the information I can find on the Internet tells me no. They primarily or exclusively use propane for the torches. You can also tell by the smell when they light the torches. It smells like someone firing up a barbeque.

Which brings me to propane. Propane is used in a lot of places in Hawaii where natural gas would be used on the mainland. It's an established energy source in Hawaii and can be transported by tank or pipeline. Propane also makes sense because it's a byproduct you get when you refine petroleum. There are two petroleum refineries on Oahu, so it makes sense for Hawaii to make use of as much of that fuel as possible.

Which brings me to gasoline, diesel, aviation fuels, and bunker fuels. We have all sorts of vehicles zipping around the islands. Cars, trucks, buses, airplanes, jets, and ships. All of these vehicles require petroleum for their engines. Hawaii's two refineries produce these fuels and they are distributed from tank sites that are very similar (if not identical) to tank sites you see on the mainland. Ever see those not so tall but really large diameter white cylindrical towers in the industrial area of your city? These hold the fuel that you will eventually buy from your local station. There is not one tank site for each brand of fuel. There is generally one or two suppliers for a major area and all stations buy from that. The branding of fuel is simply that, branding. Larger brands add stuff to the fuel, like detergents, to make their fuel better (or worse) than other brands. Chevron Techron, for example, is a branding for a detergent that is added to fuels sold at Chevron stations.

Fuel is refined on Oahu and sent on barges to the neighbor islands. This is one reason why fuel tends to cost more on neighbor islands than on Oahu.

What about electricity? Since each island has to generate its own power, we have many different solutions. Here is the breakdown by island:

• Oahu: Serviced by Hawaiian Electric Company (HECO). There are 3 petroleum-fired generating plants owned by HECO. There is another petroleum-fired generating plant owned by Kalaeola Partners. In addition, Oahu is home to H-POWER and AES-Hawaii. H-POWER is a waste-to-energy plant (it burns trash to make power). AES-Hawaii is a coal-fired generating plant. Yes, they ship a small amount of coal to Hawaii to run this plant.

• Kauai: Serviced by Kauai Island Utility Cooperative. They generate power via petroleum, hydroelectric, biomass (like burning trees or sandwiches), and solar.

• Maui: Serviced by Maui Electric Company (MECO). There are two petroleum-fired generating plants on Maui. HC&S also generates power on Maui by hydroelectric means, bagasse (sugar cane pulp), coal, and petroleum. Maui is also home to the Kaheawa Wind Farm and a small as-needed petroleum generator in Hana.

• Molokai: Also serviced by MECO. Molokai has a single petroleum-fired generating plant.

• Lanai: Also serviced by MECO. Lanai has a single petroleum-fired generating plant.

• Hawaii (Big Island): Serviced by Hawaii Electric Light Company (HELCO). There are six petroleum-fired generating plants on Hawaii. Puna Geothermal Venture and Hamakua Energy Partners can supply up to 90 MW for Hawaii. There are also three wind farms (one owned by HELCO) and two hydroelectric generating plants.

HECO, MECO, and HELCO are all part of the same holding company.

The needs of each island vary, but you can see the majority of the electricity in Hawaii comes from petroleum. There is also no way for one island to back up another island if the lights go out. Each island is self-sufficient for electricity generation. And yes, the lights have gone out before. Oahu went dark around 7pm on 27-Dec-2008. Among the many people here at the time were the Obamas for Christmas.

Friends Using Fedora part 2

The comments and email replies I received to my previous post seems to indicate that some people missed the point I was trying to make. A lot of people I heard from privately seemed shocked that I do not come running out the door, guns blazin', screaming USE LINUX! USE FEDORA! I'm not that sort of user. As I previously stated, if people are interested in Linux, I will answer questions. I will help them set it up too, but I do not have the time nor desire to become everyone's personal IT department. I don't even want to be my own sysadmin. Those days are long since over.

My main point was that, in general, Linux distributions have advanced to the point where most users can figure things out for themselves, much like they would have done on Windows or MacOS X. A decade ago, you couldn't really say that about Linux. It's really nice that usability in Linux has reached that point. My fiancée and my friends being able to figure out how to play movies, work with MS Office document formats, and so forth all without asking is nice. At one point in time in the Linux world, answering those questions meant sitting down with someone and telling them how to compile software. Fortunately we are way past that point.

The other point I was trying to make was that despite that fact that we still do development at a ridiculous pace and push releases out all the time, my friends still using Fedora Core 6 have no complaints and no problems. The people telling me that I'm horrible having them still use it because they are missing some security update simply doesn't matter. Most end users don't care about updates, ever. These users are like that. If they were running Windows on this system, they would still ignore updates. Would a Windows system of that age still be usable? I don't know. I'd like to think the Fedora system of that age holds up better.

If I had approached them each time a new Fedora release came out -or- made sure they were installing updates on an almost daily basis, they probably would have said to me, "you know, this is too much work, just forget about it." And they would have left it running whatever was on the system.

So, for those users, in the amount of time since Fedora Core 6 was released, the only thing they wanted that was newer was Firefox. In retrospect, CentOS probably would have been a better option for them. But really, I don't think it matters for them in the end.

Thanks for the suggestions for getting a newer Firefox to them as well as all of the concerns for them being vulnerable to countless security issues. I wanted to make sure knew the points I was trying to make.

Friends Using Fedora

I'm not one to push Linux on people, but if they ask about it and decide to give it a try, I will help them out. First, my fiancée started using Fedora when she bought a new laptop. Her old one just stopped working and she took the opportunity to switch over to Linux on the new system. She is currently using Fedora 12 and has only had minimal questions. Most of her questions have been about how to do things in OpenOffice, which I am generally unable to answer immediately but can usually poke around and figure out what to do. All of the other typical desktop tasks such as web browsing, email, music, photos...she has no problems doing on Linux.

Oh, and in addition to having to adjust to OpenOffice, she has also had severe problems with the touchpad. She has a Dell Mini 10 and the touchpad is absolutely irritating under Linux. It does not have physical buttons on it, but rather button areas on the touchpad. But the driver can't seem to distinguish between a click and a drag and in the middle of dragging if you hit the button region on the pad, it translates that to a click. Very irritating. So irritating that I just got her a USB mouse. If anyone knows how to make the touchpad on a Dell Mini 10 behave, let me know.

Second, I have two friends in Somerville who bought a computer from me several years ago because they needed a new one and I had one that I wasn't using anymore that was less than a year old. I told them I could set it up with Linux and help them with that, but if they wanted Windows, they'd have to figure that out by themselves. They chose Linux. So I set it up with our latest release at the time they bought the system: Fedora Core 6. I was just back in Boston recently and visited them and they are still using Fedora Core 6. They commented on how reliable the system is and it's so nice not having to worry about viruses and spyware and other junk software that tends to pollute a Windows system. Mind you, I really just set it up, showed them a few things, and they haven't really asked me much since then.

They did ask me two questions while I was there recently. One was about mounting an external USB hard disk with an NTFS volume on it. That was easy to solve, they just needed the ntfs-3g package installed (which we had available in FC-6 fortunately). The other was for a newer version of Firefox. I said it would probably be to their benefit to upgrade to a newer Fedora first and they asked what they were running and what the latest was. I told them they had version 6 and we were nearing the release of version 13. They laughed and said, "eh, well we'll worry about that later."

To me it's an interesting type of user. These are people who do not care at all about the latest and greatest everything. Of the new stuff out there, they wanted a newer version Firefox. The fact that they are still running FC-6 and haven't hit any issues is nice to see. I did see some things on their desktop such as iTunesSetup.exe and other such things, which are probably leftovers from attempts to figure something out in Fedora, but learning they needed to take a slightly different path. I saw they had added software to the system since I set it up, mostly for movies.

I imagine they will start to hit hardware failures before the software stops being useful. I wish there was still something like Fedora Legacy for these types of users. When I think about it, it's really security updates that would matter the most as well as updates to high profile applications like Fedora. Even keeping the older repositories still available would be nice. I installed ntfs-3g for them, but had to modify the files in /etc/yum.repos.d by hand to point to the correct repo locations. Would be nice if the last update delivered before a release is marked EOL is updated repo files in the fedora-release package to point to the new repo URLs.

In an effort to help them out, I'm going to see how much of a disaster it would be to upgrade from Fedora Core 6 to Fedora 12, doing a yum upgrade to each release. Sure, I could reinstall, but it would be interesting to see if a yum upgrade through each release quickly would work.