Multi-WAN DNS in pfSense

Update: I later figured out there are many other places pfSense restarts Unbound, so this is simply not worth the effort. I reversed the changes & moved Unbound to another box and using just DNS forwarder on pfSense — which is used by the Unbound server.

Having multiple broadband connections at home, I have a pfSense which takes care of load balancing and firewalling. pfSense is pretty good in almost everything, except one thing that was annoying me a lot — That it restarted the DNS Resolver (Unbound) every time either of my WAN connections restarted (one of my ISPs restarts the connection periodically), and the traffic originating from the box itself cannot be load balanced across multiple connections due to a limitation in FreeBSD’s implementation of pf itself – it is unable to set the correct source address.

It’s quite annoying that – even when you use the forwarding mode of Unbound, your DNS still goes through a single WAN interface. Moreover, Unbound doesn’t seem to do parallel querying across DNS servers. So if you have listed multiple DNS servers as forwarders it will try them one by one as they fail. Suppose, the WAN interface from which DNS traffic is outgoing is running at full capacity – a download or somebody is streaming a video, then your browsing becomes slow as well – but the browsing itself may go through another WAN connection. Notably, for having a stable multi-WAN setup in pfSense – you have to use forwarding mode. The gateway switching for the box itself doesn’t work reliably in my experience, due to which I’ve had to face “host not found” error messages even when one of the connections was up.

Continue reading “Multi-WAN DNS in pfSense”

Advertisements
0

The sad state of social media support among Indian companies

Use of social media by Indian companies have skyrocketed in the recent years due to many reasons, two to be specific –

  1. It helps people connect directly with government – a lot has been done in this regard under the Digital India initiative.
  2. Since social media is a public space, brands / companies are pressurized to correctly resolve the issue or it is a ticking time bomb for them in case the problem becomes viral, can damage reputation easily.

Now coming back to the support brands on Twitter, an example here:

BSNL is a telecom operator in India, and they have a Twitter account where they answer queries. My query was pretty simple – BSNL announced availability of 4G uSIMs nationally so I asked them if 4G service is available in Pune. Their response as seen above – they want contact details from me. Moreover, the reply says “Sorry for the inconvenience caused”. I didn’t face any inconvenience here. It’s just out of context! Why not just reply to the tweet with a simple yes or no? It doesn’t contain any private information.

Many such countless examples can be seen on the Tweet with replies page of their twitter profiles. Interestingly it’s a common trend, and I don’t know why. If you look at the twitter profiles of some international brands – they don’t reply in similar fashion, except in cases where private information (account number, mobile number, etc.) is involved.

Common general information can be shared publicly, no? If information involves private matters such as – someone has a specific problem for which details are needed – that conversation can happen in private.

0

History repeats itself – RSS and Blogs making a comeback?

Unless you’ve been sitting under a rock for the past couple of weeks, you would be well aware of the Cambridge Analytica scandal that happened with Facebook. Around the same time, I came across an article on Twitter – the source for all the content I read, which says It’s Time for an RSS Revival. I wasn’t using Facebook much and this news has pushed me even farther from it. There are specific reasons I am still on Facebook but my activity has reduced significantly.

Ever since Google Reader was killed, I had been using this RSS reader called NewsBlur. But I was already significantly into using social media as a source of new content, so I never really used Newsblur seriously – in spite of me having a premium account all these years.

Continue reading “History repeats itself – RSS and Blogs making a comeback?”

0

A WAN monitor running on Google AppEngine written in Go language

As I stated in my earlier post, I have two WAN connections and of course, there’s a need to monitor them. The monitoring logic is pretty simple, it will send me a message on Telegram every time there’s a state change – UP or DOWN.

Initially this monitoring logic was built as OpenWrt hotplug script which used to trigger on interface UP / DOWN events as described in this article. But then I got a mini PC box and it runs Ubuntu and a pfsense virtual machine. While I could build the same logic by discovering hooks in the pfsense code, but it’s too complex and moreover it doesn’t really make sense to monitor the connection of a device using the same connections!

Continue reading “A WAN monitor running on Google AppEngine written in Go language”

0

Supt Padangushtasana to recover after intense cycling

I started cycling again after a gap of 4-5 years. Bought Firefox Maximus D 29er last year and it’s been amazing in terms of fun and saving money as well because I ride to many places where I used to go driving previously.

Few days back I decided to improve on my average speed and the solution was to change my pedaling pattern – what I used to do was shift to highest possible gear on the road and pedal slowly but because of the gear ratios I used to get good average speeds.

The human body cannot deliver high amount of power for a long duration but can do low power for higher duration much, like a IC engine – which is why you have gearbox in it; the engine rotates at higher RPM on lower gears and vice-versa.

Continue reading “Supt Padangushtasana to recover after intense cycling”

0

Monitoring your internet connections with OpenWRT and a Telegram Bot

For the past 5 years or so, I have been using a single ISP at home and mobile data for backup when it went down. But since last few months, the ISP service became a bit unreliable – this is more related to the rainy season. Mobile data doesn’t give fiber like constant speeds I get on the wire. It’s very annoying to browse at < 10 Mbps on mobile data when you are used to 100 Mbps on the wire.

I decided to get another fiber pipe from a local ISP. One needs to be very unlucky to have both going down at the same time – I hope that never happens. Now the question is how to monitor the two connections: Why do I need monitoring? – so that I can inform the ISP when it goes down, with the fail-over happening automatically thanks to OpenWRT’s mwan3 package, I won’t ever know when I am using which ISP (unless I am checking the public IP address, of course).

Continue reading “Monitoring your internet connections with OpenWRT and a Telegram Bot”

2

Asterisk PJSIP wizard and phone provisioning

So after setting up Asterisk with a working DAHDI configuration for the PBX project, next was configuration for IP phones using PJSIP and provisioning them.

Asterisk has a built-in module called res_phoneprov which handles HTTP based phone provisioning but that didn’t work for me – I just couldn’t have it generate XML configuration for the phones that we had, i.e. Grandstream GXP1625.

The server on which I had configured PBX was multi-homed, as in it was part of multiple networks. But there was no reason to run the service on all interfaces except the VLAN on which we were going to connect the phones.

Continue reading “Asterisk PJSIP wizard and phone provisioning”

5

Asterisk PBX with Reliance PRI Line using Digium TE131F

So I got an opportunity to set up Asterisk PBX with a Reliance Communications E1 line. I have worked with Asterisk PBX, but without PSTN interfacing. This post is about what all stuff I have done to get a Reliance E1 line with Digium TE131F card.

Having explored a lot of other distributions like Fedora, Arch, Gentoo, Sabayon, etc. since I ventured into Linux world and learning the internals of Linux and how different components are stitched together I settled on Ubuntu. It’s my favorite these days because  everything seems to work out of the box… except when it doesn’t, then you have PPAs. 😛 For this project I have installed Ubuntu 16.04 server edition.

Continue reading “Asterisk PBX with Reliance PRI Line using Digium TE131F”

0

A nonsensical ride with a rude UberPool rider

So I had went to drop my vehicle for servicing and took UberPool to return back home. UberPool is quite economical compared to traveling in auto rickshaws – they quote random prices which is not justifiable according to the distance.

There was this co-rider with me who had come with some luggage from another city and apparently the driver had suggested him pooling because his distance was long; and it seems the rider had never used UberPool earlier.

The logical thought about pooling would be – drop the rider at the specified drop location and continue with next passenger. And that’s what holds in Uber’s policy as well – I did not know about this either but came to know about it when the guy called Uber customer care and started complaining to them about not dropping at the specified location.

The problem with the specified map location by the rider was – there is construction going on at that place and due to road rerouting it is not possible to go there. So the rider called up his local contact and asked where to come, the person on phone said some location which was a some 100-200 meters away from the drop location and inside some lane. The driver refused for the same. The rider got angry about this.

The driver stopped at the junction but it was creating traffic jam so he went to the other side, and stopped under the flyover where the original map location was given.

Looks like that shot his anger off the roof and he called police and said driver is refusing to drop at his location and taking him elsewhere and also said since he was not from this city the driver was harassing him. The driver explained to police (over phone) about the reality and police also asked the rider to get down at the drop location or discuss this problem with Uber customer care.

This is when he called Uber customer care and once again, he was proved wrong (because Uber can track vehicle location) and vehicle was standing exactly at drop location. Customer care rep also asked him to get down and not get into any fight.

Since lot of time was getting wasted I asked the driver to take him to the nearby location which was originally discussed by this rider’s local person. So both of them started arguing with the driver that it is his mistake and he is harassing him because he is from other city. Eventually the argument settled down after driver apologizing for no mistake of his.

End of story.

People have brains in their knees or what? You can clearly see traffic getting piled up and there is construction going on in the front, and your drop location has been reached yet you are arguing about dropping at a different location?

Also do not treat cab drivers like they are your slaves. They are doing business.

NONSENSE. TIME WASTE.

0

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: