Re-purposing the ALIX.2c3

2009.01.22
I work in telecom, from home mostly, and found myself needing to put 3 switches and 3 routers into their own class C network. This network had to be available remotes for my co-workers use.

Starting pretty much from scratch (and from memory now):
voyage:~# apt-get update
voyage:~# apt-get install openvpn
OpenVPN brought in alot of other packages.
voyage:~# apt-get install telnet

The only thing I had on hand to do this with was the Alix so I installed OpenVPN on it. I installed telnet on the Alix so that I could access the managed equipment from the Alix - you don't really need it.

I did all the OpenVPN key generation on my laptop and just copied the server files across to the Alix.

-rw-r--r-- 1 root root 1716 Dec 23 06:21 ca.crt
-rw-r--r-- 1 root root 424 Dec 23 06:22 dh2048.pem
-rw------- 1 root root 636 Dec 23 06:22 ta.key
-rw-r--r-- 1 root root 5530 Dec 23 06:22 voyage.crt
-rw------- 1 root root 1679 Dec 23 06:22 voyage.key

Blatant Plug: Get the LINUX Networking Cookbook by Carla Schroder. Worth it's price the first time you use it!

Today the power went out. Not normally a problem because all the management comms equipment and computer equipment is on nice beefy UPSs. Printers, managed comms equipment etc. is surge protected but not UPS'd. Guess who plugged the Alix into a non-UPS line? Yup, that'd be me. Note to self - buy Red/Orange power plates for UPS lines.

I lost a battle to try to pay attention to a conference call and drifted off to do some real work. I thought I'd better check that the lab equipment was still accessible remotely before I got a phone call asking about it. It turns out that I could not use openvpn to access the lab from my work LAN but I could SSH to the Alix.

After some investigation I realized that the Alix had rebooted into Jan 1 2000 - and my keys were generated in 2008. Resetting the clock on the Alix solved the access issue but that got me thinking that I didn't want to have to worry about this if there was a power failure while I was away.

What I need to do is set the date/time from an external source on boot and then I should be good. Reading around on the Internet I realized that the RTC on the Alix wasn't too accurate. I run NTP internally to keep my servers sync'd so I figured that would be a good solution to keeping the Alix on time too.

voyage:~# apt-get install adjtimex ntpdate ntp
adjtimex is used to coarsely calibrate kernel time keeping
nptdate is used for the initial time setting on boot.
ntp is used to finely calibrate time keeping

I got tired of the apt-get warning messages:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_CA.UTF-8"
are supported and installed on your system.

so I:
voyage:~# apt-get install locales
voyage:~# apt-get install apt-utils

I needed to modify the boot scripts to run ntpdate, and it has to be run before ntp is run.

Step 1: Figure out when ntp will be started:
voyage:/etc# ls -l rc?.d/S*ntp*
lrwxrwxrwx 1 root root 13 Jan 22 13:05 rc2.d/S23ntp -> ../init.d/ntp
lrwxrwxrwx 1 root root 13 Jan 22 13:05 rc3.d/S23ntp -> ../init.d/ntp
lrwxrwxrwx 1 root root 13 Jan 22 13:05 rc4.d/S23ntp -> ../init.d/ntp
lrwxrwxrwx 1 root root 13 Jan 22 13:05 rc5.d/S23ntp -> ../init.d/ntp

I figured the easiest way to do this would be to patch the ntp script.
if [ -x /usr/sbin/ntpdate ]; then
/usr/sbin/ntpdate
else
echo "Could not find executable /usr/sbin/ntpdate - set system time manually!"
fi

I rebooted and it seems to work.