Monthly Archives: September 2004

Switching to kernel 2.6 (part 2)

Yesterday I switched all of my machines but one to kernel 2.6. The last one to migrate is a SparcStation 4. It is a little bit complicated as the BIOS refuse to recognize my hard-drive since I changed it from a 2.1GB one to a 9.1GB. After an afternoon of tests, I decided to boot this workstation via the network, as the Linux kernel recognizes it.

Using a 2.4 kernel was very easy, you just have to convert the Debian kernel in aout format using zcat and elftoaout. For a 2.6 kernel, it is a little more complicated as Debian ships them with an initrd image. After a few minutes searching google, I found the solution:

zcat /boot/vmlinuz > vmlinux
elftoaout -o netboot.img vmlinux
piggyback netboot.img /boot/ /boot/initrd.img

It seems to work well, however the image is 271,654,944 bytes long. I still don’t understand why.

My firewall

In my latest post (Switching to kernel 2.6), I spoke quickly about my firewall. In the comments, I was asked for information about it. So I decided to write a new post.

My firewall is based on a micro-ATX PIII mainboard with an Intel Celeron 600. I know that it is too much for my use (the load is almost always 0), however I already had the mainboard. This processor is one of the slowest processor that the mainboard accepts (the lowest speed is 500 MHz). Anyway that kind of processor is a good choice for such a computer, as it is one of the first processor using a 0.18µm technology, thus it doesn’t need a lot of power (for an x86). Using an Aqua 690 heatsink it can run without a fan.

This mainboard has an integrated Ethernet adapter, and 3 PCI ports. I chose to use them to plug three Ethernet adapters, that is to say a total of four. Currently three of them are setup in bridge, but I can later un-bridge one or more ports if I need. It could be useful to plug a WiFi access point, or to create a DMZ for my servers (just for the fun as I am the only user of my LAN).

Instead of using an hard-drive, that makes noise and heat, I chose to use a 256MB Compact Flash instead. I made a CF/IDE adapter using the article published in Elektor (April 2002 for the French edition). It is now possible to find such an adapter in some webshops.

I packed all that stuff in a metal box, with a 120W Shuttle Power Supply. The longest part was to machine the metal, with a drilling machine and a file in my case.

On the software side, this firewall is running Debian, with two scripts of my own using iptables: one for IPv4 and one for IPv6. 256 MB is enough for that and some useful packages (ADSL modem drivers, radvd, ping, traceroute, tcpdump, ethstatus, lm-sensors, snmpd, ntp, logcheck, etc.).

Below is a photo of the inside (sorry for the poor quality, I took it with my webcam as I still don’t have a digital still camera):

Inside my firewall

You can see a fan grille on the front, however there is no fan behind it. I removed it as it was making noise, and was not really necessary. Concerning the processor’s fan, I control it using lm-sensors, and it is almost always off, resulting in a very silent firewall.

I used the same box for my servers, however they are using an hard-drive. It is possible to put up to two hard-drives (useful for RAID1) in a such box, if you are using low profile RAM.

Switching to kernel 2.6

I decided to switch all my machines to kernel 2.6. I now consider the kernel 2.6 stable enough, at least for the use of my machines. Except for my workstation on which I like to add some patches, I am using Debian kernels for my other machines. Moreover some of them are very slow (a parisc@60 MHz and a sparc@110 MHz), and building a kernel on such machines takes very long time.

I started with my a backup server, it was very easy, apt-get install and voilà!

Then I switched my firewall. It was not so easy as for my backup server, as I only have a 256 MB disk (actually a compact flash card). Because of its size, it was not possible to have two kernels at the same time on the disk. I decided to remove the old 2.4 kernel (/boot and /lib/modules), to install the new 2.6 kernel. Then I typed reboot, and started to pray. As I don’t have neither a display nor a keyboard on that machine, I started to look both at the hard disk’s LED and at a console on my workstation on which I started ping fourier. After a some time (I don’t know exactly how much, in such situations seconds are like minutes), there was some echo reply. Wonderful!

After such successes, I decided to continue and to switch my hppa machine. Again apt-get, then a quick look at the palo’s documentation to know how to specify an initrd image, and then reboot. After a lot of time, it was still not possible to ping the machine. Shit! PALO has the possibilty to specify an alternate kernel in case of a problem, however in that case it seems it has failed… or the boot was mabe successfull. Half an hour later, after I plugged a screen, a keyboard and a null-modem serial cable, I understood the problem: the module for the network card was not loaded (whereas it was directly binded into the 2.4 kernel). And hotplug doesn’t load it as it is not on a PCI bus. I tooked my keyboard and started to write my login. Nothing. The keyboard’s module was also not loaded. I switched back to the 2.4 kernel, I put a lot of modules into /etc/modules (network card, keyboard, mouse, sound card, parallel port, serial port, etc.). And it worked!

Moral: Don’t change your kernel when you only have very few time to do that. It always take a lot longer than expected.

Finding a flat

On monday, I received a phone call to tell me that I am accepted at the Centre de Recherche Astronomique de Lyon to do a PhD. I will begin it the 1st of October.

I am currently living at my parents’ house, which is located in Toulouse, so I have to find a flat very quickly. I’ll take the train to Lyon tomorrow, and I hope my search will be successfull.

Fixing gcc-m68h1cx

Today, I spent all the day fixing gcc-m68hc1x. It is gcc built for cross-compiling to 68HC11 and 68HC12 microcontrollers. There was a strange bug: an ICE on 64-bit hosts. Actually the bug was there for a long time, but I had decided that the version currently in testing will be enough. However, yesterday a bug was filled as a package need to build it was not available anymore in testing.

So I started to try to debug it. It was the first time I was looking at gcc’s sources. Whow! I didn’t know were to start to find the bug. I asked on IRC on #gcc, but people were no encouraging me: “aurel32, that bug is not easy to tackle for newbies”. I first reduced the file causing the ICE to a single line in a function, I added a lot of printf in gcc’s sources, and then tried to compile the same testcase both on a 32-bit host and a 64-bit host. At the end of the day I found some differences, and with that, the bug!

As the ICE was triggered by the build of libgcc2, gcc-m68hc1x was unbuildable on 64-bit hosts. Now that this bug is fixed, it means one RC bug less.

And in short for any people writing code: please don’t assume that a 64-bit number needs two int to be represented!