Firmware Update for TP-Link TL-WR840N Router

For the test, I will update the TP-Link TL-WR840N V1 with firmware 13xxxx RU.

1) Let’s look at the revision of the router, in my case it’s V1, and it’s for it that we download the archive with the new firmware from the official site:
https://www.tp-link.com/us/download/TL-WR840N.html
In my case, the last firmware for V1 was TL-WR840N_V1_151023_EN. If you download the firmware from an incorrect revision, you can damage the router. Unpack from the downloaded archive firmware file.

2) Open the router settings by typing in the browser address http://192.168.0.1 and enter login – admin, password – admin.

3) In the menu, select “System Tools” – “Firmware Update”, click the “Browse …” button and select the previously unpacked firmware file from the archive. Next, click the “Update” button and wait until the firmware is loaded into the router and it will reboot.

At the time of upgrade, you can not turn off the power of the router.
After updating the firmware, the settings in the router are not reset.

IPTables rules for FTP server

To open access to the FTP server in IPTables, you need to add rules:

sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 1024:1030 -j ACCEPT

To only allow access to a particular network, for example 192.168.1.0/24:

sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 21 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 1024:1030 -j ACCEPT

To remove a rule, we’ll specify the same command, replacing -A with -D, for example:

sudo iptables -D INPUT -p tcp --dport 21 -j ACCEPT
sudo iptables -D OUTPUT -p tcp --sport 20 -j ACCEPT
sudo iptables -D INPUT -p tcp --dport 1024:1030 -j ACCEPT

To view the list of rules, use the command:

sudo iptables -nvL

1024-1030 – example ports for passive mode are specified in the FTP server configuration, for example for ProFTPd are specified in the /etc/proftpd/proftpd.conf file as follows:

PassivePorts 1024 1030

See also my articles:
Configuring IPTables
Active and passive FTP mode
Installing and Configuring Pure-FTPd in Ubuntu
Installing and Configuring ProFTPd in Ubuntu

Alarm solution 0x2e112007 “The OLT cannot receive expected optical signals from the ONT in four consecutive frames”

Recently noticed that OLT (MA5683T) disables one ONT and reports an alarm “0x2e112007”.

After watching the alarm history:

display alarm history all
display alarm active all
alarm active clear all
display alarm active all

Observed the following:

ALARM 470141 FAULT WARNING 0x2e112007 SERVICE QUALITY 2017-10-19 09:17:50+02:00
ALARM NAME : The distribute fiber is broken or OLT can not receive
expected optical signals from GPON ONT(LOSi)
SRVEFF : SA
PARAMETERS : FrameID: 0, SlotID: 4, PortID: 3, ONT ID: 38, Equipment ID:
I-010G
DESCRIPTION : The OLT cannot receive expected optical signals from the ONT
in four consecutive frames
CAUSE : (1) The fiber is broken
(2) The quality of the optical path is poor
(3) The ONT hardware fails
ADVICE : (1) Check tributary optical fiber connection and backbone
optical fiber orderly, clean the fiber connector and replace
the fiber if necessary
(2) Ensure that the optical attenuation of the optical path is normal
(3) Reset the ONT or replace the ONT
— END

I tried to activate ONT:

interface gpon 0/4
ont activate 3 38
quit

But OLT still turned it off, at different intervals of 1-10 minutes.

Example of viewing the statistics of the number of alarms:

display alarm statistics

Viewing the alarm configuration:

display alarm configuration 0x2e112007

The ONT model was TP-Link GP110 with a signal of -15 for receiving and 2.1-2.7 for sending.
We tried to replace ONT with Alcatel-Lucent I-010G, the signal became -17, and OLT even more often began to turn it off.
Cleaning the connectors and digesting the dividers also did not help.

The problem was in a sagging piece of cable that hung from a very high altitude, after its replacement, the alarm disappeared, and the send signal became stable 2.46.

Updating the firmware of the Planet GT-90x series

1) For example, let’s go to the web interface of the managed media converter Planet GT-90A. The standard ip-address is 192.168.0.100, the password and login is admin.
In the tab “System” -> “System Information” see that the current firmware V1.0b081017.

Continue reading “Updating the firmware of the Planet GT-90x series”

Configuring PIM on HP A5800 Switch

First make a copy of the configuration file on the tftp server:

backup startup-configuration to 192.168.1.100

To configure the PIM on the HP A5800 switch, connect to the switch via telnet and enter the following commands:

1) Enable the multicast routing switch and pim-sm in vlan 963 which comes from the provider.

system-view
multicast routing-enable
interface Vlan-interface 963
ip address 172.24.24.158 255.255.255.252
pim sm
quit

2) Turn on pim-sm and igmp in vlan 964 on which IPTV will be broadcast to the local network.

interface Vlan-interface 964
ip address 172.25.25.25 255.255.192.0
pim sm
igmp enable
quit

3) We’ll assign the static ip from which the multicast is broadcast.

pim
static-rp 10.0.200.200
quit

4) Add the route to ip from which the multicast is broadcast.

ip route-static 10.0.200.200 255.255.255.255 Vlan-interface963 172.24.24.157

5) Suppose that we accept multicast on vlan 963 tag.

interface Bridge-Aggregation1
port hybrid vlan 963 tagged

6) We will configure any free port for iptv verification and connect to it a computer for example with a playlist in the VLC player.

interface GigabitEthernet1/0/5
port access vlan 964

To test the health and diagnostics, you can use for example the following commands:

display pim interface
display pim interface verbose
display pim rp-info
display pim bsr-info
display pim neighbor
display pim routing-table
display igmp interface
display pim control-message counters
display pim claimed-route

Configuring low-level discovery in Zabbix

Low-level discovery allows you to automatically create data items, triggers, graphics.
Massively it is better not to use it, since in practice it noticed that it gives a significant load on the system.

Here is an example of the discovery configuration for viewing the port load of the managed switch.
To start, open the “Settings” – “Templates“, create a new template, or click “Discovery“.
Click “Create rule” and fill out the main parameters:

Continue reading “Configuring low-level discovery in Zabbix”

How to format UDF Volume in Ubuntu

I recently wanted to format the USB flash drive in the Ubuntu operating system, but since it was in UDF format, formatting was refused and many programs did not see it as a flash drive.

To begin with, let’s look at the discs:

sudo fdisk -lu

Then the solution was to execute the following command:

sudo shred -vzn 0 /dev/sdc

After that, the flash drive can be formatted by any program.