In our previous post, we showed how to automatically generate and activate/renew a Let’s Encrypt TLS certificate on a Mikrotik device: https://www.amd-k6.com/automate-letss-encrypt-tls-certificate-on-mikrotik-routeros/
Today, we look at configuring an SSTP VPN server which uses this certificate so you can remotely connect to your Mikrotik router from a Windows PC, for example.
The first step is to create a VPN user, this is done in PPP > Secrets. The options are mostly straightforward:
Name: you username
Password: select a strong password
Service: select sstp
Local address: set the IP address of you mikrotik device on the LAN-side
Remote address: this is the IP address you will get from the VPN, select an address that is available on your LAN
To configure an SSTP or OpenVPN service on my Mikrotik Router, I had the need to generate and upload a real TLS certificate to the device. Some solutions exist in various blog posts but they are either too complicated, outdated or badly documented. So I made my own post and script. I hope it helps someone!
The goal here is to generate a Let’s Encrypt certificate and upload/activate it on a Mikrotik router. What you will need to do manually is:
Generate a Let’s Encrypt certificate
Create an user to SSH to your Mikrotik
Run the script to transfer and activate the certificate
If you ever installed a Kubernetes cluster, you probably know that the minimal setup is composed of 2 nodes: a Control Plane Node (previously called master) and a Worker Node. This is a good thing as we usually don’t want workloads interfering with the API in production environments.
But what about lab environments where you want to run everything in a single VM for example? Well, it’s absolutely possible and actually very simple to configure a Control Plane Node to also accept workloads (pods).
This is managed by “taints”, which is a configuration string applied to nodes. On your Control Plant Node, you can see this by running:
This post has nothing to do with the usual content of this website (not K6 related) but I’m sharing my experience of configuring a CentOS Stream 8 Linux software RAID 1 installation on an UEFI system that actually boots when you replace a failed disk.
Most of the tutorials and articles online are about such installations where the the disks are in MBR (legacy) mode and not GPT (UEFI) and this has a huge impact on how your system boots and how you act when a disk fails. We’ll have a look at a scenario where we:
Start by installing CentOS Stream 8 in software RAID 1 (on 2 disks) mode
Simulate the failing of one drive
Replace the drive so the RAID arrays are synchronized again
Configure the UEFI to be able to boot on this new replacement drive
For demonstration purposes, this will be done using a VM in VirtualBox, but it also applies to any PC or Server booting in UEFI mode, as most machines do nowadays.
Having my working K6 system since a couple of weeks now I began tweaking the BIOS settings for my Gigabyte GA-5AX rev 4.1 to find the best performance, as it took quite some testing I’m now sharing what I found ;)
First of all let’s remember the system:
AMD K6-2+ 550 MHz
768 MB PC133 CL2 RAM
nVidia GeForce 3 Ti200 64MB
Fast SATA HDD
Windows XP SP3
I began by setting reasonably good BIOS settings and after each individual setting change I ran a series of 5 benchmarks using the good old Quake 3 v1.32 with “timedemo 1, demo four”. Quake 3 has the advantage of giving very consistent and reproducible results over any other benchmark tool and after all I’m using this system for old games…
The first tests I made is not BIOS related though…I tried to find the best nVidia driver working with my card. The 23.01 gave me an average of 28 FPS and the 21.83 WHQL an average of 28.7 FPS so there is the first base…I’ll be using the ForceWare 21.83 WHQL for the rest of the tests.
Now I’ll go trough each BIOS setting and give the fps change from this baseline…note that the changes are “incremental” by always keeping the previous test’s best performance.
Primary Frame Buffer
2 MB (BIOS default): 28.7 FPS
All: 28.2 FPS
Disabled: 28.8 FPS
VGA Frame Buffer
Enabled: 28.8 FPS
Disabled: 27.7 FPS
Enabled: 28.8 FPS
Disabled: 27.7 FPS
Tweaking “IO Recovery Period” or “AGP Texture Size” didn’t change anything. Then I changed the CPU from an AMD K6-2+ 550MHz to an AMD K6-3+ 550 MHz to see how the 128kB additional L2 cache influenced the result. Well the fps jumped from 28.8 to 31.1 FPS which is nice!
As you can see I wasn’t that wrong with my default configuration as I only managed to “lower” the result by tweaking some settings…that’s experience talking ;) Here are the pictures of my final best result settings…
A quick video which shows the boot speed on an AMD K6-2+ 550MHz, 768 MB RAM and SATA disk system for Windows XP and Ubuntu 10.04. Bot operating systems are “stock” with the latest updates installed and no special optimisation has been done.
As you can see, you are much better off using Windows XP on a K6 machine as the Linux distributions with GUI are terribly slow on this hardware.
It’s not only the boot process which is slow on Linux but also the whole OS GUI (Gnome in this case) which feels awfully slow to the point where it’s unusable; Windows XP on the other hand is quick and snappy!
So the common myth that Linux is faster than Windows on old hardware isn’t so true here…
Just in case someone crazy tries to know if Windows 8 can be installed on a K6 machine, the answer is NO. It will not even install due to the fact that Windows 8 is enforcing some specific CPU instructions the K6 doesn’t support: PAE/NX/SSE2.