Author Archives: David North

Business travel

Business travel is tedious at the best of times. But last night (and the early hours of this morning) were so tedious I thought I’d vent some steam here…

Because of the last minute nature of our trip to Italy, we ended up doing a silly pair of flights to get home at the end of Friday (Florence to Rome, Rome to Heathrow). An hour and 20 minutes on the ground in Rome should have allowed time for a nice dinner, albeit not a very leisurely one. But of course the first leg was 45 minutes late (thanks, Alitalia), so by the time we’d marched a mile from one part of the airport to another, we had to go straight into the queue for the final leg.

The final leg (Alitalia again) featured no food or drink apart from a packet of nibbles and some orange juice – making Ryanair’s offer to sell you an overpriced sandwich look like the stuff dreams are made of – and was aboard a creaky old aircraft whose lights flickered in an alarming manner when we landed. The staff were rude beyond belief (not a shred of help or sympathy in letting me get past the trolley when I wanted to go to the toilet, I just had to wait half an hour for them to finish), it was too hot, and generally deeply unpleasant. I’ll never be flying with them again.

Meanwhile back on the ground, the Brits were anxious to prove that we too can fail utterly at customer service: rather than sod about with two busses at what was by then 11.15PM, I thought I’d get a cab to take me the few miles from Heathrow’s Terminal 4 to the long stay parking at Terminal 5 where I’d left my car. The driver chatted to the chap in the booth and cheerfully informed me “we don’t do that”. Presumably because it’s not lucrative enough. Dear black cab drivers: This sort of behaviour is what makes me look forward to the day when Uber bankrupts the whole sodding lot of you.

Fortunately, a bus did turn up shortly afterwards, and the driver of the last T5 long-stay parking bus of the evening (which I had to myself!) kindly dropped me off right next to my car. After that, it was just some night closures on the M4 (should have taken the M40, but at least the road workers had the decency to actually be working behind all the cones, even after midnight on a Saturday) and home sweet home was finally reached behind the wheel of the mighty GTi.

At least Brexit didn’t take place while we were in the air, though, which was the original plan…

Paying for things with your phone

Last time I paid for a round in the pub by tapping my phone against the card reader, someone asked me if there was a purpose to such things, other than showing off.

There is (though I personally like the showing off in any case). When you pay with your phone, instead of using the same fixed 16 digit number printed on the corresponding credit or debit card, it uses a different number for every transaction (with a handful of exceptions … for example, it’s smart enough to keep it the same when touching in and out on the London Underground). This means that anyone getting hold of your card number from the merchant receipt printed out by the till can’t use it for another transaction, unlike when you use the actual card. OK, so they’d potentially need to guess other details in either case, but it does provide a decent level of protection over and above paying with a card.

It’s also worth knowing that the normal contactless payment limit of £30 doesn’t apply to cases where you pay with your phone (because the phone can challenge you for a fingerprint or other secondary authentication). Provided the till supports it (which is rare, but getting more common – try a petrol station), you can pay up to £100 (but your phone will ask for a PIN or fingerprint when it’s above £30).

Huawei E3372h + Mikrotik: LTE fallback

LTE modem in the Mikrotik router

LTE modem in the Mikrotik router

Now that my Mikrotik router is up and running, I turned my attention to a side project I had in mind for the USB port it boasts. I have some data SIM cards courtesy of Three UK – they had (have?) an offer going where you can get 200MB of data per month with no ongoing cost (but obviously you need to pay up to top up). Armed with this and a cheap USB 3G/4G modem, one could arrange for a back-up cellular internet connection on the Mikrotik, ready to switch over to in the event of an outage on my main BT connection.

To be fair to BT (and EE before them), I’ve not had a single outage in the four years I’ve lived here, so this is mostly a learning exercise and a bit of fun.

Based on the supported peripherals page, I found a Huawei E3772 on eBay. It was only after receiving it that I dug into the forums and read about how there are two variants with the same model number, and mine (the E7732h) operates as a router, meaning you end up behind double NAT when connecting it to the Mikrotik, rather than getting the IP address Three assign on the LTE interface.

This is a bit sad, but contrary to reports on the forums, the E7732h does work with the Mikrotik (without any of the extremely painful sounding flashing of firmware). I plugged it in, it appeared as an LTE interface. The trick is to ignore the word “minimal” on this screen, which doesn’t mean (as I incorrectly assumed) that it’s all broken. It just means the modem and Mikrotik don’t support rich functionality like scanning for networks.

On the other hand, once you have the APN set correctly (“3internet” – get it from the E3372’s web page when plugged in to a Windows laptop), you can add a DHCP client to the LTE interface, and the Mikrotik will take an IP address behind the dongle’s NAT. This client should have a default route distance of 2 to ensure your primary internet link is preferred.

At this point, I still wasn’t convinced it was actually working, but disabling the interface for my primary internet link left me in a world where I still had a connection (and not a bad one for no wires, either):

Result! Of course, it’s a bit sad that the double NAT means no hope of monitoring the cellular interface from the outside, or straightforwardly logging in via it. But I have a cunning plan in mind to alleviate that which will be the subject of another post.

Everything you never knew you wanted to know about phone numbers

A couple of months ago, a number of my friends were surprised to encounter a “landline” phone number (01865 …) which, when called, got through to someone on a mobile phone. So I was inspired to write up a bit about the technology behind that and how it’s easier and cheaper than you think it is.

Here are some fun facts about phone numbers (I live in the UK, and most of these are UK-specific).

  1. 07 doesn’t necessarily mean mobile. Yes, there’s a fair chance that a UK phone number starting with 07 will have somebody’s mobile (or voicemail) on the other end of it, but it is perfectly possible to buy 07 numbers which have no device/SIM card attached to them and simply direct calls to other numbers.
  2. 01/02 doesn’t necessarily mean landline. Analogous to the above, while it’s a fair bet than an 01x or 02x UK phone number corresponds to a physical piece of copper with one or more telephone handsets on the other end of it, that doesn’t have to be the case. And even if it is, your call could be diverted to somewhere else entirely by the recipient’s equipment (at their cost). It’s especially important to know that, because of this, a business publishing a number with a certain area code is no longer a guarantee that they are actually based in that area.
  3. You don’t have to have voicemail on your mobile. If you’re as annoyed as I used to be with people leaving ten second voicemails identifying themselves when you already knew from the “missed calls” list and caller ID who they were, then you can usually ask your mobile phone operator to disable voicemail on your mobile. I don’t miss it.
  4. 03 means “non-geographic”. Because pricing of 08xx numbers in the UK is complicated, numbers beginning with 03 were introduced for use in company/government settings where a nationwide number is needed, and should have similar cost to a normal national call to 01/02. Most mobile and landline packages treat 03 the same as national calls to 01/02
  5. “Virtual” phone numbers are surprisingly affordable. As I’ve blogged here before, I run an 07xx number which we program each week to divert calls to whoever is leading that week’s walk for the Ramblers. It has a fixed cost of around £14 per year, plus a per-minute cost for the forwarded calls. Last year it cost us less than £20 in total.
  6. Caller ID should no longer cost money in the UK. The telecoms regulator Ofcom ruled last year that Caller ID on landlines should no longer be a chargeable extra (given that it’s been a standard facility of the network for decades now, charging more for not turning it off seemed dubious to me for quite a while). Given this, all you need is a landline phone handset modern enough to have a display, and you can see who’s calling you. If you’ve ever wondered why it takes one ring before the ID shows up, it’s because it is transmitted as a modem-like series of sounds after the first ring (as long as you don’t pick up very quickly).
  7. 17070 can be useful. If you want a UK landline to read back its own number to you, most networks allow you to get this by dialing 17070, an engineers’ test facility which should be free and work even on stopped/suspended lines e.g. when you’re moving into a property – as long as it has a dial tone, 17070 should work.
  8. You can “call” people using Facebook Messenger, WhatsApp or Signal. Look carefully at the interfaces in these apps, and you’ll see the option to call people using them. The advantage of this is that the call goes over the internet, so provided you are on a non-metered internet connection, it won’t cost you on a per-minute basis. This is especially useful when calling home from abroad (although, at least for another two months, EU roaming means UK citizens abroad in Europe can usually call home on their mobiles at the same cost as calling from within the UK).

tar pipe with nc, updated for 2019

If you’re a Linux user, you’re probably familiar with the so called tar pipe, a quick and dirty method for transferring files across the local network. It works, and it uses the most basic of tools. Indeed, if you want to shove a load of data between two Windows machines as a one-off, e.g. for a backup, I often find it quickest to boot them both from a Linux live CD / USB stick and use tar pipe (ntfs-3g to mount the disks, naturally). Much easier than trying to persuade file sharing to work properly.

My personal variant, on systemrescuecd:

sending end:~# tar cvf - * | nc receiving-end 1234

receiving end:~# nc -l -p 1234 | tar xv

The addition of v for verbose means you get a print out of files being sent and arriving, giving you a crude approximation of progress and a rough idea of when it’s finished.

It’s also worth noting that the connection provided by netcat is bidirectional (it’s just a TCP socket), so you can in fact establish it the other way round (which is handy if the receiving end is e.g. the Windows Subsystem For Linux, where the Windows firewall gets in the way of listening for an inbound connection):

sending end:~# tar cvf - * | nc -l -p 1234

receiving end:~# nc receiving-end 1234 | tar xv

SSD transplant: Windows 8

A disk I’d been keeping a concerned eye on for some time … now retired

As is traditional while staying with relatives at Christmas, I did some PC upgrades. I was much happier with the slightly venerable Lenovo desktop running Windows 8 once I’d swapped out its rather noisy/crunchy 1TB hard disk for a 250GB SSD I happened to have spare.

Either I’m getting better as I get older, or the tools are improving. Five minutes on Google suggested using ddrescue from SystemRescueCD, and I simply deleted the references to recovery partitions which were beyond the end of the original disk. By far the longest part of the job was taking a backup first.

I’ll do a separate post on how that backup was done, as it was also the fiddliest part of the operation.

Credit where credit’s due to Microsoft: although Windows refused to boot after the transplant (“A required device is inaccessible”), it did offer me safe mode, and rebooting from there restored normal service. No need for CDs or suchlike faff.

TP Link Archer VR600

TP-Link Archer VR600

You might be wondering why I’m blogging about another router just after buying myself something much nicer. The answer, as ever, is one of the handful of friends and family for whom I still do tech support. In their case, it really had to be a single-box solution which does everything, and while MikroTik is all good fun to spend hours configuring for oneself, something much more plug in and go was needed in this case.

The person in question had a Billion 8800NL (ISP supplied), which is well regarded but felt a bit flimsy. More to the point, it didn’t seem capable of reliably reconnecting after line drops without being turned off and on again. Things had massively stabilised (maybe one reboot per week required) and I was almost tempted to leave well alone, but even one failure to recover automatically is really too many for this user. It needs to Just Work, especially since we are indulging in the rather adventurous practice of VoIP over ADSL as this person’s primary “landline”.

A trawl around Amazon for ADSL routers is a rather boring thing. Anything costing less than £100 – and plenty costing that or more – seem to have at least some reviewers ranting about lock-ups, over-heating and dead spots. In the end, we spent £100 on the TP Link Archer VR600, partly because it looked OK and partly because I could go and get one from Argos rather than waiting for delivery.

It’s quite nicely built, and the web interface makes reasonable sense. It allows various things including setting it to respond to pings from the internet (essential for my tech support “clients”, whose lines I have configured on my monitoring system so I get notified of any outages), and the usual array of port forwarding, WiFi, etc. It was rather sad to find an option in there to have the thing reboot itself on a daily or monthly schedule – surely an admission that they haven’t engineered it very well in the first place…

That said, it was really good to find an option for automatic firmware updates – the days of downloading arcane .bin files and uploading them by hand are (or should be) well over, and I’d much rather have an installation like this one take care of itself automatically.

The router also allows remote admin from a specified IP address, which is handy as it allowed me to set it up for remote control from a location of mine with a fixed IP. This is good in theory, but the web interface is horribly broken unless you visit it at http://ip-address-of-router (i.e. anything different in the address bar, caused by assigning some DNS or reaching it indirectly via a port forward, causes it to get upset and fail to load its CSS).

I’ll update this post in a couple of weeks with how well it manages to hang on to the ADSL connection (and recover it in the event of blips).

Update, 5 January 2019: The end user now thinks the connection is rock solid reliable. Nagios shows it does still flake out occasionally, maybe once every few days, but these blips all seem to recover automatically without human intervention. The Billion is going on eBay.

Innotech iComm and SSH port forwarding

You don’t get uptime like that on anything modern

A bit of a blast from the past, this one.

Back in 2011, we replaced all the heating at the church. Sadly this was just before the era of off the shelf heating controllers which did multiple zones and could be controlled from a web page or an app. So instead, we have a more old-fashioned HVAC controller made by Innotech. It cost (from memory) a couple of grand to source and install, and it’s less capable (in my opinion) than a Raspberry Pi with a few relays wired to it.

It was designed to be controlled over serial, so the installer attached an Ethernet to serial module to it, we ran Ethernet to the basement, and bam – we can use their clunky but servicable suite of Windows apps to program the temperatures and seven day calendars controlling the heating and hot water.

Sensors report … lots of things

The installer claimed this could be done remotely by forwarding the port the software uses (20000) from our ADSL router to the controller, then connecting to our IP address remotely. This never worked at the time (we suspected the latency on our ADSL upset it), but now we have a Virgin Media link it was time to try again.

This stuff may be arcane, but exposing it unprotected to the Internet felt like asking for trouble. However! A quick port forward in PuTTY (connecting to the Raspberry Pi sitting in our comms cabinet), and it actually manages to talk to localhost and works.

Now that it’s finally possible to work with this stuff from the comfort of my own home, I am tempted to see if I can reverse engineer enough of its communications to write a web front end and ditch the elderly Windows apps.

Triple monitors + T470s: yes you can

If you happen to have a Lenovo T470s and a USB-C dock with a single HDMI output, it seems Windows 10 can cope with driving twin external displays: one over the dock, and one on the laptop’s own HDMI port. This is in addition to the laptop screen, although my particular monitors aren’t HD.

Update: don’t unplug the connections after suspending the laptop, or the internal display won’t work when you wake it up again!

Mikrotik hAP ac: really rather nice

Mikrotik hAP ac

I got myself an early Christmas present. Various things have always bothered me about ISP-supplied routers. In particular, the BT Home Hub 6:

  • Slow web interface
  • Can’t be made to respond to ping from the internet (or at least, the machine running my monitoring system)
  • IPv6 support feels sort-of iffy – hard to pin this down, but sometimes devices seem not to get a v6 address for no good reason
  • No way to get it to tell you stats, e.g. how much have I downloaded this month? (Useful to know if you’re pondering the cost of switching to an ISP with usage-based billing)
  • No guest WiFi network option
  • Broadcasts a BT Free Wifi type network with no way to turn it off
  • Occasionally gets a different IPv6 prefix when rebooted

And, although you can keep the WiFi network name the same when swapping in a new router, you still end up having to reconfigure static IP addresses, port forwarding, etc. Time to separate the job of routing from the job of speaking to my ISP…

Various colleagues recommended Mikrotik. I had a dig around their Home/SME offerings and decided on the hAP ac – for a two bedroom flat, fewer Ethernet ports and faster WiFi makes sense. It’s handy that it has five ports, because all four on the HomeHub were occupied, and of course you need an extra one to link to whatever takes over the job of establishing your DSL connection. Fortunately I happened to have one of these lying around:

The classic OpenReach VDSL modem (ECI). They don’t do them any more.

These aren’t the most awesome VDSL modems in the world – you can’t get it to tell you the sync speed, etc. – but the HomeHub claimed I was syncing at 80mbps down and 20 up, and speed tests via the above and the Mikrotik suggest I’m still in that ballpark. Maybe I’ll replace it with something fancier in due course.

First impressions of the Mikrotik are good – with their quick setup and some Googling, it took me less than 20 minutes to re-establish WiFi and an internet connection with IPv4 NAT and a sensible default firewall. Someone out on the internet had written up the instructions for getting BT’s IPv6 working, and it looks like their prefixes are supposed to last for 10 years – so hopefully telling the Mikrotik to supply a “prefix hint” to re-request the same one on reboots should put a stop to the occasional changes.

The web interface is nice and snappy and allows you into all the hidden corners. You do need to know a decent amount of networking, and a bit of Linux IPTables, to make sense of it all. You can also configure over SSH via the command line.

To make the transition easier, I set it to broadcast the same WiFi network name (with the same password) as the old HomeHub. Almost everything transitioned over seamlessly. The one exception was the Amazon Echo (interestingly, the newer Echo Dot was OK). A bit of Googling suggests that it does not like the default DHCP lease time on the Mikrotik. Ten minutes does seem a bit tight, so I’ve bumped it to 24 hours and Alexa now seems happy.

Finally, guest WiFi was easy to turn on. I have a more complicated future set-up in mind, but for now, everything is in place and it’s nice to know that next time I change ISPs, I’ll only need to plug in a new bridge (or even just new credentials for the PPPoE link), and everything else will stay the same. And for the first time in four years, Nagios can run active ping checks on my home connection and see that it’s up.

Update: the “Torch” and packet dumping features are excellent – this sort of instrumentation capability comes in really handy for the discerning nerd, e.g. seeing what your IoT devices are up to.