www.technotes.se » Networking
Posted on 17-01-2011
Filed Under (Hardware, Intel D525MW, Linux, Networking) by Lonezor

The goal has been to setup a computer that is energy efficient, doesn’t occupy too much physical space and that is completely silent with no moving parts inside. Comparing with normal PC hardware equipped with powerful CPU cores (with capabilities far exceeding a mostly idling server), energy draining graphics cards and so on, there are much that can be stripped away for a Linux server with no keyboard/mouse/monitor attached.

For this a Mini-ITX board has been chosen with an Intel D525MW Board inside together with a 80GB SSD drive. The good thing about the Intel board is that it has all the peripherals that are needed, including 1Gbps LAN, USB 2.0, serial ATA, serial port (for serial console) and a VGA connector. The fact that it is a 64bit dual core Intel Atom CPU with hyper-threading together with a memory bank of 4GB DDR3 RAM @ 1066MHz enables almost all usecases for a server such as this. In total the price tag is roughly 600 USD or 4000 SEK, so it is cheaper than standard PC hardware.

It should be mentioned that there are solutions that goes further when it comes to saving power than this (e.g. using ARM based HW). But that usually means a more traditional embedded solution that is more specialized. Being able to attach standard PC componentes in a plug and play fashion (without extra kernel patches complementing the vanlilla kernel sources) is quite convenient.

To drive the board a Mini-ITX power supply adapter is used. Unfortunately, the particular unit I use does have a manufacturing flaw. The molex connector (with yellow=12V, black=GND, red=5V) is wired incorrectly, were the red wire has 12V. This is not according to the specification and is an obvious manufacturing error. But this is not something that most people questions when plugging in hard drives and so on. It is assumed to be correct. But in this case the 5V SSD drive circuitry was supplied with 12V and it got completely fried (something that got me quite upset for a while). The problem is solved by cutting the wires and swapping them (se image below). Because of this issue I plugged in lab power supply to detect potential issues and to see the energy consumption of the board (excluding the energy consumption of the AC/DC inverter).

Testing the hardware

Final HW setup (also note the Soekris HW that is another candidate for a server such as this)

Instead of the previous LAMP configuration the site is now powered by lighttpd that is both poweful and easy to use (especially for multi-site virtual hosting). The Linux distribution used in this case is Gentoo Linux.

To summarize. This hardware setup seems very promising. How it performs in the long run remains to be seen, but I am hopeful.

(2) Comments   
Posted on 28-09-2010
Filed Under (NAT, Networking, OpenBSD, port forward) by Lonezor

Starting from OpenBSD 4.7 a new packet filtering syntax is used. It is more generalized than before. This means that pf.conf needs to be translated to work properly. Typical use cases are NAT and port forwarding.

Example of the new syntax in /etc/pf.conf:

# Setup NAT for local ethernet network
ext_if = "vr0" # WAN net device
match out on $ext_if from nat-to ($ext_if)

# Port forwarding, HTTP traffic
pass in on $ext_if proto tcp from any to ($ext_if) port 80 rdr-to port 80

Load new configuration:

pfctl -f /etc/pf.conf
(0) Comments   

Sometimes the IP address of a net device needs to be determined programatically in cases the shell command ifconfig is not desirable. As an example, I wrote a small C program that updated the DNS records in the DNS provider’s database in the case of an IP address change.

Code example (tested on Linux and OpenBSD)

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/if.h>

#define C_ASSERT(expression, name) \
typedef int c_assert_##name[-1 + (expression)]

typedef unsigned int uint32_t;
C_ASSERT(sizeof(uint32_t) == 4, uint32_t);

#define IP_UNDEFINED 0

uint32_t get_ip_addr_for_device(char* net_device_p)
  struct ifreq ifr;
  struct sockaddr_in* sock_addr_p = NULL;
  int ctrl_socket = -1;
  uint32_t ip_addr = 0;
  int res = -1;

  ctrl_socket = socket(AF_INET, SOCK_DGRAM, 0);
  if (-1 == ctrl_socket) {
    perror("get_ip_addr_for_device, socket");
    goto cleanup;

  memset(&ifr, 0, sizeof(ifr));
  ifr.ifr_addr.sa_family = AF_INET;
  strncpy(ifr.ifr_name, net_device_p , IFNAMSIZ);

  res = ioctl(ctrl_socket, SIOCGIFADDR, &ifr); /* Query IPv4 address */
  if (-1 == res) {
    perror("get_ip_addr_for_device, ioctl (SIOCGIFADDR)");
    goto cleanup;

  sock_addr_p = (struct sockaddr_in *) &ifr.ifr_addr;
  memcpy(&ip_addr, &sock_addr_p->sin_addr.s_addr, 4);

  if (ctrl_socket != -1) {
  return ip_addr;

static void print_ip_addr(uint32_t ipv4_addr)
  unsigned char* ip_addr = (unsigned char*) &ipv4_addr;
  printf("IP address: %d.%d.%d.%d\n",

int main(int argc, char* argv[])
  uint32_t ip_addr = 0;

  if (1 == argc) {
    printf("usage: ip_checker NET_DEVICE\n");
    goto exit;
  else if (argc < 2) {
    printf("ip_checker: too few arguments!\n");
    goto exit;

  ip_addr = get_ip_addr_for_device(argv[1]);

  if (IP_UNDEFINED != ip_addr) {

  return 0;

Usage example

$ gcc -Wall ip_checker.c -o ip_checker
$ ./ip_checker eth0
IP address:
(1) Comment    Read More