Search This Blog

Thursday, June 18, 2020

Linux, Newest Kernel, Old Hardware, Windows 10

I just had to do this post!  August will be 4 years of great performance for this Dell Precision 7710.  Kudos to Dell for great hardware design. I did an in depth review here in August 2016, Linux, Newest Kernel, Newest Hardware, Windows 10 when I first set up the system.

First, big Shout Out to one of my best friends and co-workers that introduced me to Debian, Nate!  Thanks for all the tips and support over the years.  Even though you couldn't keep up w/ the bleeding edge that is... testing! LoL

Next, I must say the folks at Oracle have done great at keeping VirtualBox Free to use at home, and stable enough to keep upgrading the same VM for four years.  Also, great work with the new VBoxSVGA graphics controller with 3D acceleration.  It not only works great, but screen resize and responsiveness with graphics intensive applications is flawless, even on this older Quadro M!

Microsoft, I'm shocked.  I thought for sure I would be wiping this VM at some point. Never did I think it would be running my entire Windows Experience flawlessly virtualized with Office, VPN and Updates for years.  I have almost 4 years of content packed in there!   I even use the USB passthrough with Web Cam and Smart Card reader, to support the use of Skype!

Last but not least, Linux Debian community.  Your packaging and persistence to compatible releases and regression tests has helped keep us Debian users stable.  At this point I'm running on Buster, and have made significant upgrades.

I can't recommend this configuration enough.  Only down side has been the Broadcom 5580 Smart Card reader, which has been broken in Virtualbox for at least 10 years.  USB card readers work just fine.

I should also say I spent a few years doing photogrammetry development.  That means this machine's CPU has been pegged at 100% for >24 hours continuously, while enormous amounts of disk have been consumed and deleted, with thousands of small to large (4GB+) files.  It is an absolute work horse.

I've also carried this thing around the U.S. and dragged it through airports and scanners on multiple occasions.  The disk is still encrypted with LVM, and I've updated the password more times than I can remember at this point.

Pleased to say I am now smoothly running with:

VirtualBox 6.1.10
Windows 10 Pro Build 18362.19h1_release.190318-1202
Debian 4.19.118-2+deb10u1 (2020-06-07) x86_64 GNU/Linux

The only question now is, when do I get a new PC?  I still have 32 GB of RAM, 8 Logical CPUs running on a 6th Gen Core i7.  The GPU is totally adequate for almost all workloads, and the SSD SMART logs show no issue with the hard drive.  Wifi is fine, as well as sound.  All pluggable ports work well and the Keyboard and mouse pad has no issues or stuck keys. The backlighting for the keyboard still works as well.

One thing I did not cover in the original post (because I must have not seen the error) is the microcode for the Intel Chipset.  Make sure to install that if you see the TSC_Deadline Failure during boot. This was a "WARNING" i saw for years and ignored.  It may have effected performance but I didn't notice.  Nevertheless, I aim to understand all errors on my Linux PC, and solve them.

TSC deadline support is nice to have, but not vital. The kernel has an elaborate framework for timekeeping and timed event handling; TSC deadline is one possible implementation of event handling, but not the only one. On CPUs which support it, it is nice to have though, because it’s very efficient.

To upgrade your microcode and hopefully re-enable TSC deadline support, you can install the microcode update packages from Debian’s contrib and non-free repositories. To do so, edit your /etc/apt/sources.list to ensure that your Debian repository definitions include main, contrib and non-free; then run

# sudo apt update

followed by

# sudo apt install intel-microcode

(for Intel CPUs) or

# sudo apt install amd64-microcode

(for AMD CPUs). Once that’s done, reboot, and your microcode should be updated. If TSC deadline support is re-enabled, you won’t see the error message at boot, and you’ll see tsc_deadline_timer in the flags lines of /proc/cpuinfo.

The Debian wiki has more information on microcode updates.

Saturday, February 8, 2020

Synology Follow-Up

In the previous post ( I configured the Synology DS218j through a virtual network using an Ubuntu VM as the DHCP Server.  Today I wanted to back up some of my files, so I needed to configure some kind of share.

Enable SSHd on the VM

  1. $ sudo apt-get install -y openssh-server
  2. $ sudo systemctl enable ssh.service
  3. $ sudo systemctl start ssh.service

Create an Account on Synology

You will need an account to connect to on the Synology.  You could use the admin account, but don't.  This was easy enough and walking through the Wizard after clicking "Users" somewhere in Control Panel, I created an account named 'charlie'.  
The Control Panel is easy to find when you log in with the Web Browser on port 5000 over HTTP
HTTP is Plain-Text and thus Not Secure.  This is another good reason we are working on a private virtual network, as there are no other devices that could be snooping.

Check SMB Settings

By default SMB is enabled, but I discovered I needed to enable SMB version 3.0 on the Synology!  You'll find this under the "Advanced" SMB settings. 

Create a "New Folder"

Creating an account by itself does not create a Share/Folder that can be accessed from a remote client.  You'll need to create a new folder as well.  Again, the UI is intuitive and you should be able to navigate to "Folders" in the control panel, and create a new one, giving your user account created in the previous step "Customized" permissions.  I enabled "Full Control".  

Also, when creating the folder I set a password and enabled disk Encryption.  Filename lengths are restricted to ~170 characters in your storage folder if encryption is enabled.

Mount the Synology Share using CIFS

You'll need to install 'cifs-utils' using apt-get install first.  Then you can easily add the entry to the /etc/fstab using sudo.

Note the 'user' option.  This allows you to mount with the 'vubuntu' user, making it read/write approved for the SSH User.  Using `sudo mount` works too, but then accessing the VM remotely would require an SSH as root.  You can only SSH as root after modifying the "PermitRootLogin" setting in /etc/ssh/sshd_config.

Was all that Worth it???

I would have to say it was.  The goal was to back up my Desktop PC's data to the Synology, and I've achieved peek throughput of 540 Mbps while using WinSCP to move files from the Desktop's E:\ Storage drive to the Synology over the Cat5 cable.  Which is 67.5MB/sec.

While the connection is 1Gbps, Secure Shell and Virtualization are at play.  Again, this isolates the Synology from the web, while still providing high throughput.  Don't forget to run your Virus Scan on files before backing them up!

Synology Home NAS

Virtual Networked NAS

Everything Configured from My Desktop PC running Windows 10; Color-Coded based on Trust, where Green is obviously the most trusted.

Purchase and Put Together:

Total: $386.42
Both Seagate IronWolf 4TB Drives Installed in Synology DS218j

Create Virtual Switch for Desktop NIC:

  1. From Hyper-V Manager, Click "Virtual Switch Manager" on the Left-Hand "Action" Panel
  2. Select "External" for Create Virtual Switch Type
  3. Set Name as value that will be intuitive for your Desktop NIC. e.g. 'Wired External Switch"
  4. Choose the Ethernet Device Connected Directly to Synology NAS Device
Creating an External Switch in Hyper-V
Think of this as a 'physical' switch between your CPU and Network Card, with only 1 port (Your NIC!)

Create Virtual Machine and Install using ISO

Don't forget to add a second virtual NIC to the VM and attach it to the previously created external switch.
Creating "Dual-Homed" VM w/ 2 Virtual NICs
One for Synology, One for Internet(NAT)

Static IP for "Wired External Switch"

You've now got everything connected.  When you boot ubuntu you'll see 1 NIC has an IP (dhcp) from Hyper-V and provides Internet Connectivity.  The second is not enabled at all.  You'll need to enable this by editing /etc/network/interfaces as follows:
Configure Ubuntu to have a Static-IP.  This is normal for Servers that provide DHCP
Ensure 'eth0' or 'eth1' corresponds with the External Switch chosen above.
'sudo ifup eth0' will bring your NIC online after editing the interfaces file

DHCP Configuration (This part can be tricky)

I've used the network in this example to match up with the information provided in the link above.  Make sure to check your syntax after editing the file.  `ps -ef | grep dhcpd` should show the server is running.  If there are errors, use `journalctl` to view any errors, fix them, and use `sudo systemctl restart isc-dhcp-server.service`.  Once DHCP is running and everything is connected, you should see a Lease for the Synology using `cat /var/lib/dhcp/dhcpd.leases'.

Make sure to enable 'authoritative' DHCP, since this DHCP server is the only one on this External Switch.

Set up your Synology, Download the OS with VM

When the Synology gets an IP, it should get the first IP in your DHCP range. For me this was  Inside your VM, open a browser and go to 
You will be redirected to set up the device.  Your device wont have an internet connection because we did not configure the VM to act as a gateway/router.  So you'll need to click the link provided in the Synology setup, and Download the OS software to the VMs Downloads folder.  Once complete, verify the checksum `md5sum ~/Downloads/DSM_DS218j_24922.pat`.  This ensure you are getting the right software and no corruption occured during download.  Then switch back to the Synology configuration Tab, and Choose "Select a File/Browse", navigate to the Downloads folder, and 'upload' the .PAT file to the Synology via the web interface.  Finish the configuration and make sure to remember your NAS does NOT HAVE INTERNET CONNECTIVITY.  This is so that you can ensure it is secure and not downloading software you do not explicitly provide.

Once configured using Defaults, you should have 2 drives providing redundant storage with 3.6TB of Storage

What Next?

Now that everything is connected you'll want to think about how you want to access your synology from other devices.  You could simply connect the Synology to your Wifi Router now and access it via wifi.  However, this would expose it to the internet, so make sure you want to do that.

Another option would be to configure the Virtual Machine as a "Reverse-Proxy" for HTTP/HTTPS or set up the routing tables to forward specific ports and provide NATing back to the requester.  There are several possibilities at this point and I hope you have found this tutorial useful and informative.

Read more on how I configure SMB w/ SCP between the Host OS, VM and Synology devices in the next post,