Infostrada

New chapter of my router project if you don’t care to follow it you probably don’t want to read this at all.

Libero – or Infostrada, Wind, how the heck do you want to call it today – is my provider. Like other providers in Italy, who have probably noticed their users using OpenDNS instead of the standard DNS they provide, they started providing “captive redirects” on failed urls: when you mistype an URL or you try to access an hostname that does not exist, they redirect to their own servers, using their own “search engine” (nowadays just a Google frontend!).

This breaks quite a few assumption, included the fact that the .local domains won’t resolve in the standard DNS servers, which in turn makes nss-mdns almost unusable.

Up to a couple of months ago, Libero only provided this service in the primary nameserver, and if you switched around primary and secondary servers, you sidestepped the issue (that was the actual advertised procedure by the Libero staff, on the public page that was linked from within the search results). Unfortunately this had other side effects, for instance the time needed for the update of records more than doubled, which was quite boring with dynamic DNS and with newly-created domains.

Luckily, pdnsd supports blocking particular IP returned by the results to avoid the fake records created for captive redirects, and the example configuration file itself provides an example for using that with OpenDNS to avoid falling into their redirected Google host (quite evil of them in my opinion). And in particular, at the time, there was only one host used for captive redirect, so the rule was quite simple.

Fast forwards to today, the rule have changed; first of all it seems like Libero now uses redirects on both servers (or the secondary fails so often that it always responds from the primary), and most importantly they increased the number of IPs the redirects respond from. After counting four different IPs I decided to go with something more drastic, and ended up blacklisting the whole /24 network that they belong to (which is assigned, in RIPE, to Tiscali France… which is quite strange). I’m not sure if I ended up blacklisting more than I should have; for now it blacklists just enough for me to keep on browsing the net without adverse effects that I can see, and it also no longer stop me from enjoying .local domains… and Firefox auto-search with Google when the hostname does not exist.

For those interested, the configuration section is this one:

server {
 label= “libero”;
 ip = 193.70.152.15, 193.70.152.25;
 proxy_only=on;
 timeout=4;
 reject = 195.210.87.131/32, 62.210.183.0/24;
}

The first IP (a single host) is the one that was used earlier, I keep it on the blacklist just to be on the safe side.

In the last two weeks I didn’t have much time to write, and in the past week I really didn’t have time. Till today.

In theory today I should have been offline so that my ISP could switch my connection from a 2.5Mbit ADSL to a 20Mbit ADSL2. Unfortunately they did some mess, and instead of disconnecting the network connection while that was switched, they disconnected my phone line.

Luckily my “office” number is a VoIP number, and I use it through a Siemens S450IP cordless that actually continued working. My VoIP provider is also quite cheap when it comes to calls, even though they cost more to Italy than to UK (“uh?” don’t ask…), so I’m not isolated.

If all goes well, tomorrow I’ll be really offline, and then I’ll be back up with ADSL2+. In the worst case, I’ll be offline a few months while I fight against my ISP and I’ll connect from the UMTS phone in the mean time.

Also, it’s the second week in a row that I can spare some time for electrical chore. Last week I modified an halogen lamp (500W!) so that it now has an E27 screw, which in turn allows me to use a standard fluorescent lightbulb, removed the dimmer and replaced it with a foot-controlled switch. Quite a nice thing as we can get to use again the lamp without consuming so much. It’s actually the second lamp I cable back in less than a month, the one by my bed is a very old glass and ceramic lamp, quite nice, but had a very bad cable, I didn’t like touching the plug because it wasn’t properly insulated, so I bought some new cable, a new switch, and cabled it back…

This week instead I was able to put back one of the three lights I removed on the stairs and the corridor because the cable was incorrectly connected. I decided to split the two on the stairs (that were cabled together before), so that the one upstairs is only switched on and off right outside my room, while the one in the middle is connected where it was before downstairs, and on a new, external, plastic box upstairs. This way I can avoid mixing the two phases like they did before, I don’t have to let cable pass through the whole house, and I can still turn them on and off both downstairs and upstairs.

I’ll also avoid adding a switch for the third light outside my room, as it’s basically only used when coming outside either my home office or my mother’s room, which are on the far end of the corridor (which is quite small anyway).

I think this is nice because it means I need less cables. I also was able to pass a new satellite cable in my mother’s room so i don’t need to have it running around the whole room (I just recently found how to pass underneath the floor to get to my room).

Unfortunately, I don’t have all the things I need to complete the cabling, I need some a couple more sockets, and a few more switches, I’ll get those next week hopefully. Piece by piece I’m being able to review the whole electric system.

Oh well, tomorrow I’ll probably be doing some woodwork, maybe I’ll get some photos of what I’m going to do…

Avoiding captive redirects on Libero/Wind/Infostrada

Free time? Where can I get some?