CQ / Hello World…

A quick introduction: by day, I'm a DevOps Engineer at Red Gate, a software company in Cambridge, UK. Outside of work, I enjoy both amateur radio (hence the callsign, M0VFC) and community broadcast radio at Cambridge 105. This blog aims to span all those interests - so feel free to ignore the posts that aren't relevant!

Feel free to get in touch on Twitter (@rmc47).

73 / Best wishes,
Rob



Getting started with IPv6 in Amazon EC2

1 February 2017 | Comments

IPv6 has been around for many years, but until recently, support was lacking from a lot of providers, including the major public cloud players. Amazon launched it in one of their US regions at the back end of 2016, and have now rolled it out across all their regions.

I assume they may have enabled it by default in new accounts, but if you already have infrastructure, you'll need to turn it on in a few places:

  1. On your VPC itself, use Edit CIDRs to allocate a /56 IPv6 subnet to the VPC as a whole.
  2. On each of your subnets, Edit IPv6 CIDRs to allocate a /64 to the subnet.
  3. On your route table, add a global route (::/0) via your internet gateway. If you currently use the default route table, you'll need to create a new one and associate your subnets with it.
  4. For each of your security groups, define the behaviour you want for IPv6 connections. For IPv4 access control entries previously specified as 0.0.0.0/0, you'll want to append , ::/0 to allow equivalent connections over IPv6.
  5. You may want to change the subnets to automatically assign an IPv6 address to newly-created interfaces. This is under Modify auto-assign IP settings.

You can assign an IPv6 address to an existing instance by using Networking -> Manage IP Addresses.

I found that when creating a new Ubuntu 16.04 LTS instance from the current template (as of 2017-02-01), the network interface doesn't acquire an IPv6 address even if the EC2 console shows it having one. I fixed this by creating /etc/network/interfaces.d/60-ip6.cfg with a single line, iface eth0 inet6 dhcp to enable DHCPv6. The current Amazon Linux AMI works straight out of the box.

With that, you should be able to start using IPv6:

It's worth noting (thanks @jen20 for the reminder) that anything with an IPv6 address is publicly addressible - you can no longer hide behind NAT as a security feature. If you want an instance to be internally-routable only, then check out Egress-only internet gateways.

Windows Nano Server

30 January 2017 | Comments

With the release of Windows Server 2016, there's a new version to play with: Nano Server.

Nano Server is a very lightweight, low surface-area server with no console access at all. It uses less disk space, less memory, and because there's less stuff in the box, there's fewer reboots for updates.

The flip side of this is that it doesn't do so much: there's no local console, not even the limited one you get with Server Core, and a bunch of other tools are missing - msiexec, for example. That means it's very much not for every workload. But I had something I thought would be suitable: a simple scheduled task running a .NET application.

To create a new Nano machine, a quick way of getting started is the Nano Server Image Builder. This is a friendly front-end to the PowerShell commands, and a good way of experimenting when you're first starting out. You'll need:

I installed the above directly on my (Windows 10) desktop PC; you might want to do them in a dedicated VM.

The image builder is mostly self-explanatory, but I tripped up a couple of times:

Having created the image and booted it, you're left at a basic login screen. There's not a lot you can do except enable and disable existing firewall rules - handy for turning on the ICMP Echo Request rule so it responds to pings!

So, how to actually use the new VM? Remote PowerShell, basically.

For interactive use, you can use New-PSSession -ComputerName foo then Enter-PSSession to get a remote console on the Nano VM on your desktop:

So far so good. But how to actually get code on there? We use Octopus Deploy for a lot of our application deployments, and it's great. Unfortunately, the agents (known as Tentacles) are .msi packages. Normally, that's a great thing, but with Nano there's no msiexec.

A bit of manual file copying later, and I realised the real blocker for my application: Nano is CoreCLR only - not the full .NET Framework. It's also 64-bit only (no WOW64), though that didn't affect me in this case.

Never mind, back to Server Core for now!

SOTA in North Wales - Snowdon and Moel Siabod

24 July 2016 | Comments

I've climbed Snowdon, Summits on the Air reference GW/NW-001, several times over the years, but a glance through my SOTA log showed that either I've never activated it on air, or that I've lost the log! Either way, it felt like an omission.

Armed with a rare weekend free of other events and with promising weather, I set out from Cambridge at 0630 Saturday morning, arriving in Snowdonia around 1100. The car park at Pen-y-pass was full, and Nant Peris looked similarly busy, so I headed on to Llanberis. Given the choice, I'd probably have gone for the Pyg Track or Miners' Track, but I was conscious of time, so headed up the Llanberis path.

As usual, I felt a little silly carrying a fleece, waterproof jacket and gloves as I set off in blue skies and bright sunshine, but also as usual, I was very grateful for them all at the top!

Cloudbase was around 750m, so views from the summit were notable by their absence:

The summit was incredibly busy, so there was no way an HF activation was going to be possible. Thankfully, 2m FM using hand-held and 3-ele yagi was perfectly productive, netting 12 contacts including a couple of summit-to-summits.

Total time came in at a little under five hours: two up, one at the top, and a little under two back down, including a coffee at the half-way house.

Camping overnight at the Dolgam campsite just outside Capel Curig gave me a good view of Sunday's target, Moel Siabod, GW/NW-010:

Sunday's weather wasn't as good as Saturday's, and the forecast suggested the best would be in the morning, so another early start got me packed up and on the road by 0800.

I followed Tom M1EYP's route, and agree with his comments: it's not a hard climb, but it is unrelentingly "up"!

Almost the entire ascent was in the clouds, but the track is relatively obvious for the majority of the trip. I was grateful for the map, compass, and GPS as backup, though, particularly for the last 500m on the way up, and later in re-tracing my steps coming back down.

With the rather wet and miserable weather at the top, I again chose to start on 2m, and again it proved productive enough to easily qualify the summit despite it being relatively early in the morning. There was plenty of room for HF antennas, and zero other folks there, but it seemed wiser to start the descent before the weather got worse.

In the event, the clouds lifted somewhat as I headed down, but the rain continued - until I reached the car, of course, at which point it stopped!

GPS track of the trip, excluding a little of the descent where I knocked the power off:

As always, thanks to everyone for the QSOs, and sorry to those I missed.