All posts by richard

Arduino, Blue Pill, STMDuino Serial and the non-booting Meshnode

I’m posting this because I just KNOW someone else is being driven nuts by this.
I’m migrating away from the Atmega chips and Arduino, but doing it in stages. For now I’m using STM32F devices with the Arduino IDE. I have a mesh system that works OK wiht the Atmega but it really needs a bit more CPU horsepower and memory. I’m going to write the new mesh from scratch so I thought I’d at least get the off the shelf stuff working first.

After some false starts I got it all running, talking to the old Atmega based nodes and all was good. Popped it into a case, powered it up…nada…zip…nothing. It seemed to boot as best as I could tell but the slave nodes never connect.

Switching back to the PC to power it, all works just fine. Ahh, must be power. So I go on and add way more filtering than needed, check the +5v and +3v rails with a scope, they seem quieter than the PC by a wide margin, way less switching noise. I’ve put bypass caps everywhere at this stage and lost two days to this, I’m about ready to quit. I’ve even used a USB power bank on the basis that should be as close to a perfect supply as possible. Every time the moment I plug the PC in, everything syncs up and all is good.

So I decide to plug a USB to TTL onto A9 and A10 and power it that way… nothing, no boot messages at all. But on reset I CAN use the bootloader, uh? At this point I’ve reached out to people for a few ideas and not had anything back. On the way back from I job I decide I have way too much else to do so it can all go back in it’s project box for now.

Then sat down blasting aliens on my phone I had a thought… Am I barking up the wrong tree here, it can’t be power. Does the STM32 bootloader evaluate available serial ports at boot? Are the UARTs getting messed up somehow. If the PC isn’t connected is port 0 ( Serial.begin() ) getting messed up? And then it hit me. Like many coders I use a line like this:

  Serial.begin(9600);
    while (!Serial) {}

Some of the ARM based Arduinos need this, I was also seeing some loss of console logs so I left it there, and this is where it falls over. We get stuck here, the mesh never starts, the other serial port never gets initialised hence the no output on the other port. I wouldn’t say it’s a bug, in fact the contrary I can see it being handy to jam the STM32 into a debug mode. What happened is if there is no USB connection the serial port presented by the bootloader/HAL presented UART simply never becomes ready. The code above hangs and nothing ever works. For now, I’ve removed that line and added a delay (5 seconds) as a fix for having no delay to wait for the port to become ready.

Sometimes a break is all you need!

‘Motes’

This is more for the guys that I work with detailing what got done today…

The ESP based ‘motes’ are an arse to setup needing a serial console to do so. We’ve standardised on a WiFi setup for initial setup of most things so today was centres on making the motes manageable remotely.

A mote as it stands needs a hard coded SSID and PSK to use. This means the customer has to let us know these in advance and if they are going to change this the motes all need reprogramming. The upload settings, name, id etc all had to be hard coded at compile time, this is an immense ball ache

So as of today the motes will use a default SSID, PSK and server address on first power up. They will generate their own unique ID and then ateempt to connect to our service. The mote will be denied a connection however t he attempt is logged. The mote can then be enabled from our control panel, the ID, Name, SSID, PSK, Poll frequency, server address, server port can all be set from our control panel and updated on the next data push to the server from the mote.

This is all in preparation for the first ‘Swarm’ devices being deployed shortly and allows us to not only build our own, secure IOT cloud but unlike other services, allows us to support local servers.

New motes can be designed, built and be up and running in minutes rather than days.

“My Broadband is Slow – Pt 2”

So we looked at the things that could happen at your end to make things slower and how you might look to resolve them. Now lets look at what your provider may be doing and what could happen on their network. We will be focusing on Cable and Telephone delivered services here (ADSL/VDSL). For those of you that work on these networks there is a level of simplification here. Yes I know there are other steps but they are of little if any concern to the end customer.

So we have two main categories here to look at. Deliberate decisions by the provider and ones they have no control over.

Deliberate decisions include over subscription, capping, bandwidth management, backhaul insufficiency and under investment. Now if you are going with a low end or monopoly provider all of these are likely to be bigger factors. So lets look at them….

Over subscription, the single biggest cause of slow downs and issues. Bandwidth is a finite resource and despite the technical differences both cable and phone delivered services use the same model with the only difference being where your connection gets merged with the rest. With VDSL and Cable this happens at your local cabinet and ADSL at your exchange. With the latter your connection goes to a local cabinet or mode. Once it’s here it is combined with everyone else’s and send on to providers facility. What you need to note here is that if you use VDSL you’ll be getting stuffed in with everyone else no matter who the provider is unless you are very lucky and use a provider with their own network. From the exchange out to the cabinets and on you you BT Openreach own ALL of this and you are on their network, even if you use Sky, Plustnet or Kcom for example. In some areas its even the case that Virgin traffic flows on these lines. So at this stage for 99% of the UK you are on the Virgin Network or the Openreach network. Each cabinet is normally supplied by a fibre and includes either the Virgin Headend or BT DSLAM. There is another small difference in that smaller Virgin cabinets feed into the “master” cabinets so one Virgin master cabinet may serve thousands of properties. These then connect to the Virgin fibre network and everyone’s traffic gets blasted down the same fibre. A BT DSLAM tends to service around 300 properties.

The backhaul, the fibre that goes to the next stop for your connection, has to carry everything and bandwidth on a fibre is again, finite. Multiple pairs can be used but there is a realistic upper limit on this. Right away you can see that 300 32Mbit connections isn’t going to be the same issue as say, 3000 100Mbit connections. ADSL, although slower, is actually installed at the same location as most BT connections end so it’s less of an issue here. The number of properties you share this fibre with is your contention ratio. This was a headline figure years ago when fibre was slow and many hundreds of ADSL connections were connected to low speed fibre. Nowadays it still plays a huge part but no one mentions it.

This all relies on one really big assumption, all of the customers arent going to be online using all of their bandwidth at once. Traditionally this works well but with the massive uptick in people staying at home or home working, it isn’t working so well and has been a source of constant issues and failure. This is where over subscription, selling connections based on a theoretical traffic model rather than actual traffic comes in. Virgin has way more scope to add users past what is sensible than Openreach as the DSLAM units are physically restricted in terms of connections.

One way providers try and manage this is use of traffic or bandwidth management. Although your connection speed doesn’t slow, the provider artificially slows the traffic on your connection to free up more bandwidth. This is a process many use and has drawn a lot of bad press. Thankfully it is falling out of favour. Lower cost providers or those with heavily congested networks often resort to this. As the data has to be paid for by the provider to BT many will use this as a cost reducing exercise. Incidentally traffic management is also VERY common on 3.5G and 4G mobile networks. As an end user this will show up as loss of performance despite your connection showing a normal speed. This will often happen at the same time every day and most end any management after midnight.

Under investment is the last part. All carriers are guilty of this one. Much of the network is old and in some cases bits of the Openreach network just cant support the speeds people want, this is particular bad on some industrial sites where older aluminium cables are installed. Large chunks of the Virgin network are as Nynex/Videotron/CW left them in the early 90s and this leads to some of the issues we will look at next.

External Forces

There are any number of things that can cause issues on the network of providers. Some obvious, some less so. There are of course the really obvious ones, damage to infrastructure from road works, road traffic accidents, tress and lightning and to be fair, there is little anyone can actually do about these. It wasn’t long ago our local FTTC cabinet was flattened by a car.

The cable network is pretty resilient, it’s almost exclusively underground and bar someone taking a cabinet or cable out its rare to have issues related to weather. Most cables in the network are point to point, so your cable goes to the cabinet in one go meaning its a long, uninterrupted run. Phone lines however run all over the place, the infrastructure is often quite old and lines are frequently merged and connected underground or in exposed locations leading to frequent issues with water ingress and/or flooding. Failing cables overhead can cause issues in winds and in icing conditions and are frequently treated to lightning strikes. Flooded ducts and open junction boxes are common causes of issues and the sight of an Openreach engineer in a cabinet or up a pole strikes fear into many customers.

Some sections of the Openreach network do use microwave links. Mostly these are remote villages or locations it’s hard to get fibre to. These installations can be affected by the weather in particular heavy rain, snow and fog.

“My Broadband is Slow”

Possibly one of the biggest complaints I hear and often the provider isn’t to blame or a simple change of equipment is all you need. So lets look at things you can do to help, how to narrow down issues and why they may happen.

This covers the issues you have control of, if you want to see what your provider may be doing to cause it click here…

Before we go anywhere remember, faults can and do happen. How often and how long for is directly related to your bill. Our Leased lines cost a fortune but in the time we have had them we have had one outage in three years which lasted minutes. Don’t expect to pay bargain basement prices and get good service, that’s not how it works.

WiFi

That out of the way lets look at the most common issue: WiFi
Almost all of t he issues I see are caused by WiFi. Either bad equipment, poor setup and unrealistic expectations. If you are having speed issues the very first thing you need to do is rule out the WiFi connection. Connect to the router with a cable, if you are using a laptop, turn the WiFi off on the machine, some machines will STILL use WiFi even if cabled (I’m looking at you here HP). Re-run your speed tests and if all is well, you have WiFi issues. If not, something deeper is going on. for at least half of people that have issues this will solve the issue.

So what are the possible causes. First and foremost, the router may just be pants. There are a lot of very unrealistic claims put out by many providers about their kit. At the end of the day these were all built by the lowest bidder with little QA or actual verification of the claims. A number of times providers have been told by the ASA they need to prove this and have been unable to. Dont beleive the hype. For example one of the larger providers touts their router as being the best in the world, able to solve world hunger and cure cancer in rats. Sad fact of the matter is that not only is it garbage, but it can actually slow other people’s connections arounf you down which brings us on to:

Congestion. The radio waves are not an infinite resource. You have to share a relativeley small amount of radio spectrum with everyone else. The most commonly used band at 2.4Ghz is quite small with only 11 channels. Given the distance WiFi can go thats normally enough but in dense housing you may have a problem. This is made worse by many supplier routers being fixed to one of those 11 channels by default and in the case of one of the larger suppliers, the router using up to 4 channels in one hit. That 11 channels doesn’t go so far with this happening. To make it worse. Microwave Ovens, Wireless AV, DECT cordless phones, Bluetooth, radio control and many, many other things.

The location of your router can make things worse with regards to interferance, especially with cheaper units. Site the router away from any of the above items and one of the most common trouble makers here is the DECT cordless phone sat on the top of the router. It needs to be at least 3ft from the router.

5Ghz WiFi can reduce a lot of this but that band also has some big users meaning that its not immune, although there are less things up here at the moment it IS affected by some doppler and fire control radars making it a little hit and miss around military installations and airfields

There are many apps available for mobiles that enable you to see channel use in relation to your router and if you know how, you can fix your router on clear channels. If your provider use your router to broadcast a free network for your provider’s customers to use, you can ask for this to be turned off (Virgin and BT do this by default!) Sometimes a channel change is all that’s needed.

Obstruction is another issue. WiFi does not penetrate well, especially metal or materials containing moisture. Adding repeaters or moving your router can help but a repeater may be the best bet. The 2.4 and 5Ghz bands behave differently. Although both are affected by metal 2.4Ghz gives better distance where as 5Ghz scatters better and gives better connections close in. Many routers use both to get better coverage.

Often overlooked is the capability of the router. Many broadand connections are capable of well over 100Mbit and many routers top out at 54Mbit. This was a particular concern for some BT Homehubs where the WiFi cannot match the broadband speed. Replacing an older router may help and you have to remeber, once again, that your connection id not only shared by you and your household but by every device and router in range on that channel.

The Router

We have touched on this already above, sometime it’s just time to upgrade the equipment. Your provider will sometimes do this but in most cases it is easy enough to do yourself and you’ll get better equipment this way. Quite often as technology advances lines get the new technology but the old equipment can’t support it and so you never see the gain. Vectoring being deployed by BT is a good example of this. Very few routers including their own support this yet it is being enabled on many lines and gives more stable connections and in some cases better speed. G.Fast is another example. There are still DOCSIS 2 modems out there on the virgin network that top out at 10Mbit despite Virgin no longer offering a service that slow.

Supplier routers are normally ‘just good enough’ often with just enough processing power to get the job done and no more. On top of this some kit is bugged and crippled out the box. The Virgin Superhubs are infamous for having a serious bug that couldn’t be fixed. When you get down to the very low end routers they can be truly awful.

A router issue will show up with a poor speed result regardless of what you do, even direct cable connection. Its always worth rebooting the router before you go any further and leave it off for at least 5 mins before powering back up. If you still have issues then you have one last thing to look at, the line.

Sadly not all broadband services are created equal. With ADSL, VDSL (Also incorrectly called Fibre) and 4G you have the option to change your router. Some providers don’t like this but you are free to do it and in almost every case, even where there is no problem this will result in an improvement. If you are on a cable connection though you have less control and you must used the supplied router. All is not lost though, most of not all support being used as a modem, turning off the router side of things and then you can use most types of commonly available broadband router. The same can be done with most satellite providers, however as a rule the supplied routers are normally actually pretty good and rarely a source of trouble.

The Lines

This is different depending on your provider.
For cable all you can do is look for loose connections. The F connectors used can work loose. Check the box outside and make sure the cover is on. Thats about all you can do.

For full fibre, you are in the same boat. Check the cables for damage and make sure they are secure.

For ADSL and VDSL youc an do a little more. The first thing your provider will ask you to do is disconnect everything except the modem. If you have a BT type socket you can remove the lower half of the face place on the NTE5C sockets with a built in filter. This leaves your modem as the only thing connected. If this helps, you have an issue in the house and more likeley than not a bad or missing microfilter. They do actually fail believe it or not! On the older sockets you can remove that plate and plug your microfilter right into the socket behind it. Likewise if this helps you have an issue in the house. Now Openreach will do this same test for your provider. If THEY find this solves the issue you’ll be charged for the call out so its good to do this if you can.

If it’s still no good the odds are you have a line problem and you need to speak to your Provider.

“Stuck” BT Office 365 Tennancy

This is hopefully a quick guide to get you out of a hole with the old, free O365 offer BT did. Neither MS or BT will be helpful with this BUT if you can make it to second line support, you do get the answer. Neither online chat/WhatsApp or basic business support will be able to help and you’ll often end up getting the run around.

You can *try* to ask MS to remove the account, I’ve tried numerous avenues to make this happen, none even got a response even those suggested by our O365 partner. Its also been suggested invoking right to be forgotten may be helpful but I’m not sure how that applies here.

If you have an on site exchange server you *may* have had random password warnings after an Outlook patch a few months ago, I think I covered this elsewhere but it does serve as a warning you *may* be about to run into this issue.

This will only work if you can still log into the BT business portal at http://business.bt.com/ Otherwise you’ll need to throw yourselves on their mercy. The portal is painfully slow and I got a fair few HTTP 500 errors. The Ui doesnt seem to refresh that well, this may be Edge as Chrome wouldn’t login at all!

The Scenario:
Customer would like to move to Office 365. Upon setting up the count you find their tenancy can’t be completed as the domain is already used in a tenancy elsewhere. It transpires the customer had a 365 account which is no longer used as part of a BT business package. The above password symptoms can give this away.

The Fix:
Log into http://business.bt.com/
Under “Manage Services” click “Manage Domains”
Click “Manage Email Accounts” to expand it
Find your package, normally “Business Email Lite” and click Manage
Every single account shown on the domain you wish to recover must be removed, this isn’t a quick process. you’ll potentially have issues with the Primary User. Use the “go back to main hub” link at the bottom liberally as it seems to not always refresh the email list.

Primary User:

*IF* your primary user is not an account on that domain then you are done. The moment the last user of your domain has gone BT will release that domain.

If the user *is* a member of the domain this is where is goes all runny. I’ve not been able to find a way within the broken UI or O365 to do this. You are on the mercy of BT for this step I’m afraid. However if you call them and are clear about what you want and what you are trying to do this will only take a few moments to sort,




Huawei SmartMX 5616 Crash Guide Part 2 – Chassis Setup

If you haven’t already please read part 1

W have our telnet connection up and running, we have the cards initalised and we know why we are here. Next up we need to get the VDSL profiles, line profiles and templates done.

First up we want to force H248 mode. H248 is covered here

protocol support h248

This has been the default so far for the systems I’ve looked at. I’m not overly sure WHAT the repercussions are of not setting this are but this is Huawei’s recommendation for VDSL. We now setup a line profile. When you hear the words “reset your IP profile” this is what is meant. These profiles decide how to handle your line and decide what connection speeds you’ll be allowed. A profile may have a max and min SNR and these are used to calculate what settings to use. We will only be adding one here but you could add multiples or just add them as needs be. The line profile and channel profile go together to make an overall picture of how that line will be handled. Huawei go into this in exhaustive detail here

vdsl line-profile quickadd 3 transmode 1 bitswap 2 2 adapt 2 2 snr 60 0 300 60 0 300 power-management 2 2 255 30 255 3 9 name VDSL LINE PROFILE 2

If you are copy and pasting you may want to pop this into notepad first, copy and pasting long lines *can* include line breaks too.

So what are we doing here? vdsl line-profile quickadd is our command. You *can* use add rather than quickadd and do this interactively. Specifying quickadd a profile number and pressing ? will help you build the line. Most of what’s here can stay as defaults unless you REALLY know what you are doing, the SNR parameters are specified after power-management and using the help system will help you build a different line profile if you know what you need. This line works well with the Huawei white modems and the HomeHub 5 so it follows this is a good setup for UK specific modems. And alternate line looks like :

vdsl line-profile quickadd 3 snr 60 0 300 60 0 300

Which is the one used by Hong Telecom. The first line is from Huawei themselves so I’d stick with that. Next up is the VDSL channel profile…

vdsl channel-profile quickadd 3 path-mode both interleaved-delay 8 2 inp 4 2 rate 128 100000 128 100000 100000 100000 rate-threshold 0 0 0 0 name VDSL CHANNEL PROFILE 3

This one is the profile that’s applied to a line, this is where you apply line rate limits etc. Again you have the option to do this interactively (recomended) or use ? to build the command line but most of what is above will do you. This is going in as profile 3 again there is a lot you should leave be but the rates are specified after the rate keyword. In order these are:

Minimum transmit rate downstream
Minimum reserved transmit rate downstream
Maximum transmit rate downstream
Minimum transmit rate upstream
Minimum reserved transmit rate
Maximum transmit rate upstream

The last bit is to stitch these together into a template….

vdsl line-template quickadd 3 line 3 channel1 3 100 100 name VDSL LINE TEMPLATE 3

Again you have the same two options to do this interactively or be guided. In this case we added template 3 using line template 3, channel template 3. the two numbers control line adaptation and can stay as they are, then lastly we give it a name. The documention does mention alarm profiles however we will stay with the default one for now. We just want these lines up.

We are working with VLAN 1, the default one for ease of use. We now need to make sure our GE and fibre ports are members of VLAN 1, they are by default but it can’t hurt. These are ports 0 and 1 respectively. Bear in mind the SFP port 0 is connected to the GE port so you only have 2 ports here

port vlan 1 0/0 0
port vlan 1 0/0 1

You’ll most likely get a warning about the ports already being members. Now comes the bit that will mess you up, especially if you follow the online examples. Pay careful attention to this next bit.

We mow need to tie each vdsl port to the VLAN we are working with. Here you have the ability to control exactly how traffic will be handled. We could split endpoints into multiple vlans, provide multiple vlans to the endpoint, eg a CCTV and Telephony VLAN and direct these to actual VLANs on the outgoing trunks. A vlan MUST exist and be routed to an external interface before traffic from the remote will flow. Vlan ? will get you started on this part. So our command here is:

service-port 0 vlan 1 vdsl mode ptm 0/1/0 multi-service user-vlan 100

If you want to omit the vlan management (this gave me some issues) use:

service-port 0 vlan 1 vdsl mode ptm 0/2/1

So we are setting up service port 0, you can have 1999 of these so even with the number of channels on this unit you wont run out soon. Our destination vlan is 1, the default vlan and we are in ptm mode. Next is our port ID, we covered this in part one. So we are looking at frame 0, board 1, port 0 here. which is the first VDSL channel on board 1. Multi-service as we want to be able to embed multiple tags. You can ignore this, however if you want to use BT surplus kit or equipment setup for use in the UK you will want to set this. User VLAN specifies the vlan we are going to use.

Many people setting up VDSL modems in the UK will run accross a modem that syncs but no traffic flows. By default *most* UK providers use a VLAN which is why we enabled multi service above and set the VLAN as 101 which is what most use. You can of course set this as anything you want or even not set multi-service at all. By doing so your modems and routers will need to be configured specifically for this setup, the beauty of setting this is that all the off the shelf, cheap/free ISP provided kit will work right off the bat with no modifications especially the white Huawei and ECI modems.

The bad news is you’ll need to do this on a per port basis, have fun with that. Last make damn sure you do

save configuration

If you plug in to that VDSL port now and all is well traffic will be flowing. You’ll note there is no authentication going on here. Generally what would happen is each port gets mapped either to a specific vlan and then this vlan is forwarded to a PPPOE server either in bulk or a per port vlan. Typically a carrier would use per port and something called stacking so that authentication and traffic are unique to each user. In this setup we have done you *could* snoop traffic at an endpoint.

Now there is an issue here I haven’t fixed, I can’t get the second SFP port running. This is do do with working as part of a GPON solution which means there’s only 1Gb or 10Gb of traffic routing here and thats only if your infrastructure is capable of handling 10Gbit. A 10GBit capable card in the firewall itself would be one way to do this but watch your PCI-E bandwidth if you are planning on getting close. 10Gb allows for 100 100Mb channels concurrently, which *should* be enough.

UPDATE

Changing the port mode is stupidly easy. After trying some more things I ended up with a non routing system again, so I dug round, fixed the issue and stumbled on the solution. In my case this did nuke all the settings and it does warn you of this!

port mode 0/0/0 ge

Will put port 0 and the GE port into plain old Gigabit ethernet mode. This is the default. To take 1 out of GPON and into GE just do:

port mode 0/0/1 ge

Port now will happily play with a normal SFP now. Dont forget to save!

Huawei SmartMX 5616 Crash Guide Part 1 – Initialisation

We recently managed to get hold of one of these units and the power supply unit for it. Although the power supply is pretty simple to get setup the DSLAM itself is a little bit more complex.

We have had issues and concerns with the older Versa DSLAMs we use. We simply aren’t getting the reach we are expecting even on brand new cable and though on paper these seem flexible the command interface is horrid and it seems getting them working is more dumb luck. On two events we have places that on paper, should not be an issue, but in practice we were struggling at the 1km mark to get anything where on paper we should have been around the 30Mbit range. We may have been able to work on this a bit by forcing the use of lower line speed profiles but the Versa dosnt make this easy. On top of this we found we had to disable 17a due to crosstalk issues. VDSL2 was ratified in 2005 which is pretty close to the manufacture date of these units which may mean there are protocol oddities here.

So in comes the Huawei SmartMX. We got this unit complete for a good price along with most of the kit. Because we are suspicious we checked the serial numbers with Huawei and all good. At this early juncture they were helpful and the documentation is concise and the staff helpful. Versa were right up to the point they realised they were not going to get any more sales. The support team walked me through a full factory reset to clear the passwords on the unit and they did ask me NOT to share this part, sorry guys. The info is out there though and if you ask the support team they will tell you. I’m guessing this is a result of the high retail value of these units and the fact there are thousands of these in poorly protected street cabinets.

Our unit came with the CCUE card, which is the top dog in terms of management cards and two H835VDSH cards and a DC PSU. We got the SMU01b unit with this which gives AC to DC, environment monitoring and support for 48V of battery power.

The H835VDSH cards are 24 channel VDSL2 boards. These have no on board splitter or pass through port so you’ll need to provide the splitter elsewhere. Annoyingly they use 64 way telco connectors rather than 50 and these can be a dog to find, expect to make up your own leads and note that the pairing is NOT the standard used on 50 ways! We wanted VDSL2 with Vectoring so a search found us two H83BVCLF boards for the right money. These don’t have splitters either but we can work round that.

Vectoring allows higher throughput as a result of less crosstalk. Draytek have a write up here :
https://www.draytek.co.uk/support/guides/kb-what-is-vdsl-vectoring-sra-and-ginp about what this is. In our case the environments are often VERY noisy electrically split accross phases, multiple generators and run in large copper backbones. Vectoring should help us here, a LOT.

So off we go and the first thing we run in to is that all the config guides are aimed at use in FTTC networks,. There is little or no allowance for using it as *just* a bridge in the examples. The unit can do it but everything is overly complicated. Connect up to the console port with a Cisco cable at 9600 baud. And now bring on the pain. This console is beyond awful. dont even think about using backspace 🙂 Its also slow and easy to out-type where it’ll just drop chars. So we want to improve this as fast as we can.

First up login and do the following. If your system is defaulted you might not want to do this but it cant hurt. The default user is root with the password mduadmin. Once logged in..

enable
erase configuration

It will prompt you if this is right and then go on to reboot. Thsi means you have a nice clean canvas. This does NOT erase the management interface settings, this is possibly deliberate so the whole thing can still be setup remotely. Let’s get that management interface sorted, login again..

enable
config
interface meth0
ip address <desired ip> 24

Obviously <desired ip> should match what you want to use IP address wise. Now if this is all you are doing then quit and save. Make sure the ‘ETH’ port is connected to your Lan and for simplicity connect the GE port too.

quit
save configuration

If you find the interface is already setup you’ll need to change the settings/ after typing interface meth0 you can press ? for help with this. Once you get your head round how the system goes together its pretty easy. Now, logout of the console by typing quit till you get to a login prompt. this is important as it’ll only allow one session. You should be able to telnet into the unit at the IP you set and we are off. It doesn’t solve the awful terminal setup but it stops the dropped chars. There may be a solution for this via serial as Huawei do give some very specific serial settings that they suggest.

We have three boards, the two VCLF boards and one VDSH. The system organises things into frame/slot/port. We only have one frome here so thats always 0/. Slot wise, 0 is the CCUE, 1 is the top slot, 4 is the bottom and 5 is the PSU. So we have:

CCUE = 0/0
VCLF = 0/1
VCLF = 0/2
VDSH= 0/3
PDVA = 0/5

0/4 has nothing in it. This may be different depending on your cards. Each board must be confirmed except 0/0 to enable it, so we need to do this for each board we have

board confirm 0/1
board confirm 0/2
board confirm 0/3

Once you’ve done this try:

display board 0

You should see something like:

  ---------------------------------------------------------------------
  SlotID  BoardName  Status           SubType0 SubType1  Online/Offline
  --------------------------------------------------------------------
  0       H831CCUE   Active_normal    UP2A
  1       H83BVCLF   Normal
  2       H83BVCLF   Normal
  3       H835VDSH   Normal
  4
  5       H832PDVA   Normal
  --------------------------------------------------------------------

Now if all says normal we are good and we can start the setup. you’ll want part 2 for that..

VOIPFone Referrer Link

Any of you interested in a free trial of VOIPFone can use the link below. You get a free trial of the system and I get a little something if you decide to use it.

We use VOIPFone now for most of our installs. they offer the best combination of flexibility and features for us. Where events frequently use large numbers of lines then go dormant for the rest of the year we can park and manage numbers without issues. The system also works flawlessly with Freepbx and out own fork and the mobile app gives a level of redundancy if a site goes ofline.

Voipfone 30 day Free Trial

WHOOPS!

Well its been a manic few months and what a ride. Amongst the chos we had to bump our “scratch” host up to PHP7. This host is used for things that arent important in the scheme of things. This had two side effects:

  1. The Facebook plugin for WP had a meltdown over the upgrade knocking this site offline
  2. People actually noticed this, in fact a few people did, I didnt actually think anyone bothered with this much!

Running into event season as it were we HAD to sort out the main site first, then we simply ran out of time to sort out the extra bits on the scratch server. Its all gone quiet now and we have moved this sit to the main host as it IS getting traffic and does aparently provide a good resource, and all is well…ish!

This host can’t send email, well not of yet, that will get fixed in the next few days. So if you do tag any articles etc I won’t see them till I log in. Same with user accounts.

The PHP issue stil lives on, this is an older version of PHP, mainly as the old website needed it. The new one doesnt even use PHP yet so at some point it’ll get upgraded too, the hope is I can bump wordpress up a few versions to solve the compatibility problems, pull the FB plugin then upgrade the lot.

Moving on it’s good to see that this site IS getting hits and it is helping people out. That’s exactly why it exists. I do have a youtube channel ad although it’s VERY early days, you’ll find it here : https://www.youtube.com/channel/UCDGHnpD1qx3flLZH4O-jlGA

R

SPA525G Vodafone Password Clear

This document is aimed squarely at the Vodafone incarnation of this phone. This *may* work with other providers. You will possibly want to look at the SPA504 wipe procedure as its a similar process in more detail.

We have recently ended up with a load of these phones to go into my event stock. I was offered these at a daft price with no history. As these have WiFi they are VERY handy. They can be paired up with a 5V battery supply and they are instantly seriously useful at an event. After my experiences with the SPA504’s I wasn’t too worried and indeed when I flashed them up I was able to factory reset them all without any bother. Awesome….or so I thought.

Fast forward to today and I want to start getting these setup. I pop into the web interface, asked for a login, so enter the default (admin, no password) and get thrown out. Bum! Tried a few defaults, nothing. This doesn’t look so good all of a sudden. A quick look at the UI and the firmware customization is set to Vodafone…uh oh…this is feeling familiar. I can get to the firmware update screen though so I’ll blow the firmware away… no, that didn’t help either, arse! I’ve spent money on stands for this lot so I’d really like them working.

Off we go to Google, and we find dozens of threads on this, ok this isn’t looking great. So let’s do some sniffing, maybe the 504 process works…

On boot the phone is trying to pull the config off of the damn firewall, ok, this is odd, maybe my fault, but its not helpful, of all the places you don’t want a TFTP server your firewall is WAY up the list. I also then spotted it tried to go out to ctprov.ctukprod.ims.vodafone.pt in particular it’s after http://ctprov.ctukprod.ims.vodafone.pt/vfuk/base/ciscoSpa525g2.xml. A quick browse and it seems Vodafone have used a bit more intelligence than Gamma. Although the phone gets a response from the server I don’t with a browser, I’ll bet they are looking at user agent strings or there is more to it than that URL, either way I don’t care at this point as I know what file is needed.

A quick google finds a template config file which I will link below. The file was saved onto a handy web server so that it gave us http://192.168.223.3/vfuk/base/ciscoSpa525g2.xml (I’m not fussy about internal IP secrecy). You’d need to provide that tree though for this to work, the IP address we are going to fudge in a second.

As with most of our sites we use PF or SmoothWall, so this bit is easy. You need to be able to create a DNS override, some routers allow this but most basic units don’t. ctprov.ctukprod.ims.vodafone.pt was pointed to our web server with an override so the phone now gets our web server’s IP and not the provisioning server. A reboot of the phone and it started up, still locked, asked the web server for the file ( tail -f /var/log/httpd/access.log on most systems) and rebooted again. This is a Cisco product, this means nothing until tested. Upon reboot nothing has changed, this doesn’t feel great at this stage so I fire up the web UI….and the password has gone. We are in, the phones are useful again.

Now there is a Caveat here. I’ve not really played with the phones much. I don’t know for sure they won’t revert if that DNS fudge is removed, eg if they are plugged in elsewhere. However the web UI has a lot of options to stop auto provisioning so you *SHOULD* be able to stop it undoing your hard work. Of course if you want to provision these phones from a central location you’ll need to dig deeper.

You can find an example config file here which is what I used with no changes.

UPDATE:
Since posting this I have found out that these will partially revert to locked if allowed out in the big wide world. There are three fixes…
1) Block 85.205.252.214 at the firewall, or better still block the whole /24
2) Block port 80 from your IP phones getting to the outside world
3) in the UI, go to advanced mode, Provisioning tab and turn off “Provision Enable”

Which one you use is up to you, they all work.