CQ / Hello World…

A quick introduction: by day, I'm a DevOps Engineer at Red Gate, a software company in Cambridge, UK. Outside of work, I enjoy both amateur radio (hence the callsign, M0VFC) and community broadcast radio at Cambridge 105. This blog aims to span all those interests - so feel free to ignore the posts that aren't relevant!

Feel free to get in touch on Twitter (@rmc47).

73 / Best wishes,
Rob


IIS causing TLS connections to reset when no SNI binding is matched

25 June 2015 | Comments

We just hit a rather confusing issue while building up some new infrastructure for the new Redgate website. We have a couple of IIS servers, sitting behind nginx, which proxies requests through.

Pointing nginx at the old IIS boxes worked fine, but changing it to the new ones resulted in a gateway unavailable error from nginx. More curiously, running curl from the load balancer's console gave an SSL unknown protocol error, yet if we put a hosts file entry on the IIS box itself, everything worked.

Cue tcpdump, Wireshark, and so on, and we could see that after curl sent an SSL Client Hello packet, IIS instantly terminated the connection with [RST, ACK], never sending the expected Server Hello.

Eventually, it turned out we had no default (no-SNI) binding set, and nginx and curl weren't passing a hostname that matched an SNI-enabled binding. So IIS was terminating the connection - very aburptly!

The fix was easy: use the --resolve switch in curl, and the proxy_ssl_server_name and proxy_ssl_name settings in nginx to pass the correct SNI header to IIS.

Windows Server 2012 R2 VM blue-screens in VMWare after export from EC2

20 February 2015 | Comments

Amazon's EC2 provides a very useful virtual machine import and export service that lets you move VMs from your own virtual environment into EC2 and vice versa.

I've used this with good success in the past - at Redgate, we have a standard VM we use for demonstrating our products, which needs to be run offline on laptops at various events, but hosting it in the cloud gives us useful flexibility in situations where we do have a good internet connection.

For our previous Windows Server 2012-based image, we've round-tripped it several times with no problems, but a recent export of a newer 2012 R2 image gave this error on its second boot:

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (xen.sys)

Subsequent boot attempts had the same problem, though Safe Mode worked OK.

Skip forward several frustrating hours trying to work out how to fix this, and with some invaluable help from the wonderful Clive, here's the somewhat dirty fix:

This removes the Xen filter driver (Amazon EC2 uses the Xen hypervisor), which for some reason seems to confuse Server 2012 R2 running under VMWare Workstation, at least.

Disclaimer: I've not tried re-importing one of these VMs to EC2 after removing the Xen filter driver. My assumption (hope?) is that on import, the Amazon PV driver will be re-installed and put it back, but you may want to check this.

SOTA - Bardon Hill, G/CE-004

15 February 2015 | Comments

It's been quite a while since I last activated a SOTA (Summits on the Air). According to the database, my last activation was 2010, though I think there may have been a couple more recently that I've lost the logs from.

Having just acquired an Elecraft KX3, I decided it was time to put it through its paces, so Neil G4HUN and I decided to head to one of our local summits for the day. "Local" is perhaps a little kind - the nearest qualifying hill to Cambridge is an hour and a half's drive!

Nonetheless, we went for Bardon Hill, reference G/CE-005. The summit is a relatively walk - perhaps a mile - from a convenient parking spot, and while somewhat muddy, not a difficult ascent. The weather was pleasant enough for a February day - dry, not too cold, but rather misty:

Neil started on 2m FM and easily qualified the summit by the time I'd set up on HF; I started on 30m CW using a 7m vertical with a 9:1 un-un, and made 14 QSOs inside ten minutes. Switching to a low 40m dipole and SSB made for some nice contacts with those back home, including M1ACB, G8NWC and G1SAA, as well as several others. After lunch, 40m CW bought a further 17 QSOs, all at 3W from the KX3.

Meanwhile, Neil had good success on 2m SSB using an FT-817 and Arrow antenna (3-ele yagi). My KX3's internal batteries (8 non-rechargable lithium AAs - <£10 on eBay) easily lasted the day, which gives me the confidence not to take an external battery pack in the future!

Finally, someone asked whether we were within 30m of the trig point - I think so!