Author: teemu

Posted on

Mac App Store and multiple Macs

I was planning on buying Apple’s Aperture 3 as I saw it was about 62 euros in the new Mac App Store (comes with Mac OS X 10.6.6) and after reading some reviews which showed it to be at least in par with Adobe Lightroom 3 (better speed, better for Mac users, mostly only lacking the lens correction features). I just needed something more than iPhoto, but Photoshop is expensive and Gimp is messy. I have about 15,000 photos in iPhoto so the automated move to Aperture was really appealing.

The funny thing is that stand alone Aperture 3 sells for 199 euros in retail stores and in online Apple Store. How can it be only 62 euros in the Mac App store? Maybe it can only be installed on one machine, and for the second one you need to pay another 62 euros? That would have made sense. However, after installing Aperture on my MacBook, it seems to install fine also in the living room on my Mac Mini. Just went to the Mac App Store’s “purchased” view and clicked “re-install”. Cool.

Yes, it installed and runs fine. The only difference is that I had to find it from Applications and then tick “keep in dock”, while on my MacBook (the first purchase) it installed directly to the dock. That is on the borderlines of even mentioning, but I did.

Facebooktwitterredditpinterestlinkedinmail
Posted on

OpenBSD and duplicate next hop routers

As I describe in an earlier blog post, I am running an OpenBSD packet filter firewall which has three network interfaces connected to the same ISP. Everything worked so well until the ISP changed something in their configuration and two of the interfaces started to get the same next hop router (gateway) through DHCP configuration. This obviously causes problems with e.g. ARP and routing in general. The solution to this was to start using the “routing domain” feature of OpenBSD.

All interfaces are in routing domain “0” by default. I then set the two “extra” outgoing interfaces to routing domains “1” and “2”. That way each outgoing network interface has its own routing table and ARP table, and routing/ARP problems with the “duplicate next hop” were fixed. However, by definition, routing doesn’t work between routing domains. Luckily I found a way around this by tweaking pf.conf. The solution was to

a) split the “binat” rules and use “rtable” keyword for the rule used for incoming packets, and
b) add the “rtable” keyword for outgoing packets.

That way the route lookup is done on the correct routing tables for both incoming and outgoing packets.

Here are the modified sections in /etc/pf.conf:

# binat on em2 for host "ps3"
match out on $if_ext3 inet from $ps3 to any nat-to $if_ext3 static-port
match in on $if_ext3 inet from any to $if_ext3 rdr-to $ps3 rtable 0

# binat on em1 for host "core7"
match out on $if_ext2 inet from $core7 to any nat-to $if_ext2 static-port
match in on $if_ext2 inet from any to $if_ext2 rdr-to $core7 rtable 0

# NAT on em0 for the rest of the hosts
match out on $if_ext1 from $home_net_v4 nat-to ($if_ext1)

...

pass out quick on $if_ext1 inet from ($if_ext1) modulate state
pass out quick on $if_ext2 inet from ($if_ext2) modulate state rtable 1
pass out quick on $if_ext3 inet from ($if_ext3) modulate state rtable 2

Facebooktwitterredditpinterestlinkedinmail
Posted on

PS3 download and upload speed test failed?

I was having trouble with the Playstation 3 network test. Everything else passed, but the download and upload speed tests failed almost always and randomly. Reason to that was found after running tcpdump on my OpenBSD firewall – I noticed that TCP connection was opened properly from PS3 to some internet server, but it often stalled. I have been using the “scrub tcp reassemble” feature of the OpenBSD packet filter. Disabling that from the external interface that my PS3 is mapped to, fixed the problem. Now I get 100% success rate on the network test and also the downloads from the Playstation Store work properly.

Facebooktwitterredditpinterestlinkedinmail