Automatic network recovery when ping fails

Problem Description

I encountered numerous times network issues where I had to manually intervene and resolve them. When the root cause is always the same, you may want to automate the resolution. Beware though, don’t try to automate something that does not occur frequently enough, otherwise you spent time and effort for trivial things that don’t bring any value. When I try to automate something, it is because I am fed up doing it manually (so it is proven it can be automated) or if I want to learn something new.

In this particular case, I have VPN connections to several remote locations and one of them sits behind CGNAT and a 4G router. If, for whatever reason, I lose the VPN to that remote site, I cannot initialize the VPN connection from the central site since the remote site is ‘hidden’ behind the provider’s NAT. In other words, I don’t know its public IP address. After a few trips to the site, I realize the interface (the wlan and eth0) go down and lose their IP address. Up until know, I don’t know the reason, I suspect it has something to do with the DHCPCD service and I am planning to replace it with networkmanager service in the near future. But for now, I need to automate the network recovery. This is all in a raspberry pi running the latest raspberry OS.

Continue reading →

Calculate rate of change

In a previous article I explained how to install telegraf on OPNSense so that you can collect several metrics from the box into your influxdb. In my case, since OPNSense is my DHCP, DNS and VPN server I really want to know if something happened to it and when.

Since I could not really use telegraf to monitor my wireguard connections because of this, I focused on getting metrics from the wireguard interfaces themselves. If the VPN was down there would be no traffic on those interfaces. In order to collect network metrics, you need to go to OPNSense –> Services –> Telegraf –> Input and check the Network checkbox as this is not enabled by default. Once you do that you see the following in influxdb

Continue reading →

How to collect OPNSense metrics

Why monitor OPNSense

For those not familiar with OPNSense, is an opensource firewall and routing platform. I use it mainly for DHCP, DNS server, port forwarding, dynamic DNS and VPN server (viva wireguard!). Since many things depend on it, I really wanted to have a way to monitor it. Now you will tell me, what’s the point of monitoring since you will not be even notified if OPNSense goes down. I will not have internet so any notification outside my LAN will be impossible. it could be though that through monitoring, I can at least see into historical data and find out what might have gone wrong.

Monitoring Solution

I have already setup with different docker containers, influxdb and grafana to monitor my openHAB server so everything is almost setup. Influxdb is a time series database that stores data from vaious sources and grafana pulls those data and create very nice-looking graphs. At this point, I am still working in adding several data sources and metric to monitor so I am not too focused on making everything look nice. That will come later.

How to push data to InfluxDB

Continue reading →

Why I hate thermostats

It’s the first time I live in a house that has thermostats (one per floor) to control the heating. They are not ‘smart’ thermostats, but over the years and after fiddling with many useless ‘smart’ devices, you tend to appreciate the simplicity of a good old ‘dump’ device. Now that it’s winter and I started using them I realized I don’t like them very much.

Continue reading →

Make an old alarm “smart”

I recently moved to a house that has a 10-year-old wired alarm. You can look it up, the model is IDS805. I like wired alarms because they are stable, trustworthy, have a battery for redundancy and they cannot easily be tampered without creating some noise. The problem is though that they age fast. Alarms from 10 years ago feel “old tech” in our modern, connected world. When the alarm is triggered, the siren is activated and I am not at home, I don’t get notified. Granted, you can rely on your neighbors if you have any but being notified the second something is wrong is crucial for me.

If you have such an old alarm, you have a few ways to make the alarm “smarter”.

Continue reading →

Smart Home Object detection with AI

I have been pondering on the idea of playing with object detection and AI for a long time. I have even implemented this project which was really fun and I learned a few things along the way. But I did not know what to do with it. Until I came along Frigate.

What is Frigate

Apart from its weird name (who cares about names anyway), this is a pretty cool piece of software. It takes a camera video stream and does object detection on it. It can find a person, cat, dog, car, bicycle, bus, train, airplane and many many more. Once it finds what you are looking for, it sends you a snapshot or a short video with the detected object.

Continue reading →

Renew Let’s Encrypt certificates on Synology using acme.sh

The problem

I have a synology NAS server in my home that I would like to access from external networks. Obviously the only viable option is to use HTTPS to connect to its webpage. Before 2012, getting a certificate to use for HTTPS would cost you some money. With the advent of Let’s Encrypt this became completely free of charge, but not free of complexity if you know what I mean. The good news is that synology supports Let’s Encrypt certificates out of the box. The bad news is that it supports only the HTTP-01 method for customized domains. If you happen to use the synology DDNS service (you use the synology.me domain to access your NAS) then you could use the preferred method DNS-01 but that’s not my case since I have my own domain.

The problem with the HTTP-01 method is that you need to open port 80 or 443 to your NAS in order to make it work and this is something I am not willing to do. Furthermore many ISP’s block by default those ports. I definitely prefer the DNS-01 method as you don’t need to expose any ports to the internet. With this method, you prove that you control the DNS of your domain by putting a specific value in a TXT record under that domain name. The drawback here is that in order to do that, you need to have API access from your DNS provider.

Continue reading →

How to filter bootstrap gallery

Creating a basic filter for a bootstrap gallery using HTML and a bit of Javascript is a lot simpler than I thought. You can always go the long way with HTML / CSS / Javascript but if you don’t have much time like me or you want to just focus on getting something else done (again just like me) you can keep it really simple

Here is what we will see after going through this tutorial

Continue reading →

This website uses cookies. By continuing to use this site, you accept our use of cookies.