tips and tricks – LostGeek.NET

Supercharging your home network on the cheap

Its no secret that if you want to do multi-gig networking on the cheap, sites like eBay are the place to visit. Castoff enterprise gear can be had for pennies on the dollar, if you don’t mind getting equipment used. Used it may be, but this stuff was absolutely top of the line a decade ago, and it will still impress you with the performance and stability for casual use cases.

My first rule for doing multi-gig on the cheap: Do not overpay!

The kinds of network cards I’ll be mentioning in this article are often literally being thrown away into ewaste. Not because they’re not good or anything like that, they cost a small fortune 8 – 10 years ago… but in the enterprise, nothing gets kept that long.

Here are two examples of extremely affordable 10 GB networking, on the cheap. Both cards use an Intel chipset… what does that mean? World class stability and reliability, mature robust drivers, and excellent support under both BSD based operating systems aswell as Linux. These two cards use different chipsets, but all you need to know for now is that both are reasonably solid and battle tested options. What’s the difference? The media they use.

The first card is the X540-T2, and this is the dual RJ45 version. This readily takes twisted pair ethernet. Now, on the surface you’re probably thinking “OK, that would be the one I want!” and you may be right. Let’s get into it.

So yes, that first card will take normal Cat 5 / 6 / whatever twisted pair ethernet cabling… the stuff you’re already using at home to do gigabit. There is a catch though. We’ll get back to that. The second card, instead of having RJ45 jacks actually takes SFP+ modules. These come in many different options, and are typically used for fiber optic networking. SFP and its variants can support everything from 1 GB all the way to 400 or even 800GB on modern network gear.

If you’re like me, you’re thinking well why would I want that? I don’t want that! (That was what I thought, early on in this endeavor)

Cards set up for SFP+ transceivers generally consume less energy and as a result don’t get quite as hot as 10 gig gear which takes standard twisted pair ethernet. Notice that the X540 has a fan while the second card does not? Well, that second card actually runs substantially cooler! Even when using a transceiver which furnishes an RJ45 10GB ethernet connection!

There is a catch though. Fiber optic moduiles can be found very cheap. You can also often find direct-attatch cables (DACs) which are essentially two SFP modules joined by a wire… these are also a good affordable and energy efficient option. There is one reason why you may not want to go with SFP style interfaces, atleast not on too much of the gear you pick up… and that would be if you’re planning on running it with twisted pair anyway. Sure, you can buy transceivers on Ebay and Amazon, but that is an additional $25 – $30 per port you’ll need to invest, and boy do those suckers run HOT.

The information above covers use cases for home servers and NAS builds. It probably won’t be too helpful on your desktop or gaming PC though… And the reason is PCIE lane availability. Consumer platforms only have a limited number of PCIE lanes… basically just enough to give you 16 lanes for your graphics card slot, and then another 4 for the primary NVME/M.2 slot. Everything else is used by the chipset, and chances are that if you do have a second M.2 slot or additional PCIE 1x, 4x, 8/16x slots that the chipset is what drives them. Also, don’t be fooled. There is a chance you can configure a consumer board with two physical 16x slots to run both at 8x bandwidth… but if you have your graphics card getting 16 lanes, you will not have more than 4 lanes left over… And more than likely, you’ll be working with just a single lane!

The achelies heel of those old enterprise castoff 10 gig cards is their age. They’re probably going to be gen 2 PCIE, which is why they need 8 lanes for the two 10gig interfaces. Will it work at 4x? Sure. But not at 1x… Even if the card does work (it might!) the bandwidth just isn’t there.

Your modern system will have fast PCIE, likely gen 3, 4 or perhaps even 5… But if the peripheral you’re dropping in (the NIC) only supports gen 2, then that is what we need to account for to determine bandwidth needs.

For my desktop, I had a secret weapon…

We don’t want an 8x card if we’re only going to be giving it a single lane… Know what would be great? Using something with a more modern interface. Gen 3 x 1 lane can darn near do 10gig. I’m trying to keep this on a shoe-string budget though, and since my server uses SATA SSDs for the bulk storage I only needed roughly 500MB/sec to take nearly full advantage of what those disks can do.

So what we want is a card with a gen 3, single lane interface. We want do avoid total no-name solutions… Stick to brands which you associate with the IT world. Intel, Mellanox (now nVidia), Chelsio, Aquantia are some good ones to start with. Don’t buy a Realtek 5 or 10 gig card, if you want my advice. You can get something much more reliable/performant for the same or less cost.

For just $20, I was able to score this Aquantia 5GB/sec network card. It is a gen 3 card, and is only a 1x card anyway. Perfect! It also isn’t a furnace like the 10gig RJ45 cards are… this is another big bonus since I like my workstation as quiet as possible.

Connecting it all together…

You’ll need a switch that supports these faster standards. As of lately, there are some no-name switches with a half dozen or s0 2.5 GB ports and then a pair of 10GB ports… there are tons of these on the market, and they are dirt cheap. What’s the catch? Well they’re no-name for one. And you’ll need to accept the fact that they’re going to all use SFP+ for their 10GB ports. Fear not.

For around $40 I got this “managed” switch. Why did I put it in quotes? Well because this thing is kind of a joke… but what the heck, it works!

This is one of the two SFP+ transceivers I ordered. I got my second one off Amazon, and pair $10 less for that one. The ebay (goodtop) one seems to run noticably hotter! I’d recommend ordering modules by HiFiber instead. The HiFiber module I got even says right on it that it supports 1GB, 2.5GB, 5GB and 10GB… this is good to know because there is a lot of 10GB gear (especially older stuff) which only supports two speeds. 10GB and 1GB. Got a 2.5 or 5 GB siwtch? Too bad, if you’ve got something like the X540-T2.

For the rest of your PCs

How about 2.5 gig? The cheap switches mostly have 2.5 gig ports, so I got a couple cards. Again, avoid Realtek. Intel chipsets are better, but some can be buggy. Avoid the i225, try and stick with something like the i226 cards. Expect to pay $25 – $30 for a card. Perhaps just skip it and go for 5 gig? Maybe… Just make sure whatever you get can negotiate to speeds other than 1 and 5 gig. (Example: you have a 5 GB nic and 2.5 GB switch, but you’re stuck @ 1 GB because your nic can’t negotiate @ 2.5GB…)

Performance: Desktop to Server (5gb -> 10gb)

Excellent. Beats the pants off 1Gig! Something is going on there where we’re seeing a little more in one direction than the other, but I’m not too worried about that. What I’m happy with is I am seeing a substantial uplift from what I was getting with a 2.5 GB nic in the same situation.

How about NFS performance? Benchmark of an NVME disk in my server, mounted on my workstation.

While it may not be 10 gigabit, this is nothing to snuff at. I’m very happy with the results, given the restriction of only being able to use a 1x PCIE card.

Modernizing a Barracuda Backup Appliance: Upgrades, FreeBSD + ZFS

My Barracuda “Backup Server 290” Journey

Back in October of last year, I got bit hard by the eBay bug. “Woah, that’s actually a pretty reasonable price… I’ll do SOMETHING with it!” — and just like that, I became the owner of a lightly used Barracuda “Backup Server 290.”

What is the BBS290, one might ask? Essentially, it’s a 1U rack-mount backup appliance. This one was running CentOS 7 with some custom interface stuff at both the VGA console as well as on a web server running on the box — basically a proprietary backup solution built from open-source software and a mix of consumer PC hardware, with some enterprise bits included.

I got mine for $40 USD, with the unusually low shipping price of $5. Shipping is usually the killer on these things; expect any 1U server to be listed with a shipping cost between $30 and $100.

What $45 Got Me

Honestly, not a bad little backup server. Funnily enough, that is exactly what I’m going to use it for: a target to back up my main server to.

As it arrived, it included:

• 1U Mini-ITX rackmount chassis
• 1U ATX power supply rated @ 400W, 80+ Bronze
• Western Digital enterprise-grade 2 TB 7,200 RPM SATA hard drive (Mfg 2022)
• Celeron N3150 on an OEM variant of the MSI N3150I ECO
• 1× 8GB DDR3 memory module

Not winning the lottery here, but with a few upgrades, this machine can fill a very real need in my setup. For this tier of hardware, I would not recommend paying more than $60–$70 total at the very most. That is up to you though. The platform (CPU, DDR3) isn’t worth a whole lot, and performance is underwhelming at best… but it is sufficient for what I wanted to do.

Low power draw, low heat, and the case and power supply are probably the best part of the “deal.”

The lightly used 2TB enterprise-grade drive was a nice bonus if you’ll actually use it for something. For instance, if 2TB was enough for your backup needs, then this box as-is is an excellent value. Most of us will want a bit more storage though.

Upgrades

WD 8TB Enterprise Drive
Replaced the original 2TB HDD. This is a CMR drive, 7,200 RPM — not SMR or 5,400 RPM (two big gotchas to look out for). I shucked it from an 8TB WD MyBook purchased locally for $150; it had only ~600 power-on hours. Shucking is far from foolproof, but I got very lucky to get a top-tier hard drive that had barely been used. It will live much longer being used in this server than in the fanless plastic heat trap it came in as a MyBook.
G.Skill 8GB DDR3L RAM ×2 (16GB total)
Helps with ZFS caching. Cost: $16.86. A basic setup could run with 8GB, but doubling helps ZFS performance. Additionally, using two memory modules allows the memory controller to operate in dual-channel mode, effectively doubling memory bandwidth. On an anemic CPU like the N3150, this can make a surprisingly substantial difference for I/O, especially when ZFS is handling many small files or metadata-heavy operations.
Intel 480GB SATA SSD
Data center–grade SSD costing about $25 on eBay. It allows the OS and root filesystem to live off the spinning disk and can also be used to accelerate ZFS performance via a special vdev for small file storage. You don’t need to do this if your data is mostly large files, media, or ISOs — but for small files, the performance boost is noticeable. If the special vdev disk dies, the pool dies — which is acceptable here, because this machine is strictly a backup target.
Intel i226-V 2.5GbE NIC
Cost: $30, combined with a PCIe x1 ribbon riser ($8.59) and some DIY shielding. This upgrade doubles network throughput over the onboard 1GbE Realtek NIC for very little money. Drivers are mature and stable on both BSD and Linux. For nighttime backups or casual use, the onboard NIC is fine; this is a small cost for a large convenience.

Total upgrade costs:

• RAM: $16.86
• SSD: $25
• NIC: $30
• PCIe riser: $8.59
• 8TB WD CMR HDD: $150

Grand total: $230.45 (including the original $45 for the machine itself)

Chassis and Cooling

The chassis originally had a lit Barracuda Networks logo and a cheap internal 40mm fan. I removed both and resprayed the case dark red for a fresher feel. The stock fan was noisy, and the PSU provides sufficient airflow, so I skipped adding a replacement.

I’ll keep an eye on temperatures. The CPU doesn’t require a fan at all. The 7,200 RPM disk gets slightly toasty, but it’s far better off here with airflow than in a MyBook enclosure with none.

OS Choice

I mostly run Linux, but I appreciate the technical merits of FreeBSD, especially for enterprise-grade storage and high-performance, low-latency applications. On FreeBSD, ZFS is a first-class citizen, unlike Linux where it’s often bolted on.

I initially experimented with XigmaNAS but wanted more control, so I went with FreeBSD 15.0-RELEASE.

Honestly, if you want to keep things simple, just go for XigmaNAS or TrueNAS Core. Both are solid FreeBSD-based storage appliance OSes which make ZFS much more approachable. Linux ZFS implementations like Ubuntu’s are fine, but FreeBSD is where it truly shines.

Installation

I wrote the 15.0-RELEASE image to a USB stick and booted it. Setup asks whether to install via Distribution Sets or Packages (Tech Preview); I used Distribution Sets.

• Disabled kernel debugging and lib32 support
• Selected the igc0 NIC (leaving re0 unused)
• Chose manual partitioning:
– 480GB SSD: MBR, 64GB partition for root / (UFS), SUJ off, TRIM on
– Swap: 2GB partition as freebsd-swap
– Remaining HDD space left unpartitioned for ZFS setup post-install

Enabled SSHD, NTPD, and powerd. Added a user in the wheel group. Other options left at defaults.

Post-Installation Storage Configuration

Check free space on the SSD:

gpart show ada0

This revealed ~383GB free for the ZFS special vdev:

gpart add -t freebsd -s 383G -a 4k ada0
gpart create -s BSD ada0s2

Create the main pool on the 8TB HDD:

zpool create -f tank /dev/ada1

Add the special vdev on the SSD for small files:

zpool add tank special /dev/ada0s2
zfs set special_small_blocks=128K tank

Set mountpoint and ownership:

zfs set mountpoint=/mnt/tank tank
chown -R 1000:1000 /mnt/tank

Enabling and Setting Up NFS

Enable ZFS and NFS-related services:

sysrc zfs_enable="YES"
sysrc rpcbind_enable="YES"
sysrc nfs_server_enable="YES"
sysrc mountd_enable="YES"
sysrc rpc_lockd_enable="YES"
sysrc rpc_statd_enable="YES"

The zfs_enable=YES setting is important: without it, ZFS pools may not automatically import and mount at boot. This was the reason the pool initially failed to remount after a reboot.

Start services manually:

service rpcbind start
service mountd start
service nfsd start

Edit /etc/exports:

/mnt/tank -network 10.16.16.0 -mask 255.255.254.0 -alldirs -maproot=1000:1000

• -network / -mask restricts access to your LAN
• -alldirs allows mounting subdirectories
• -maproot=1000:1000 maps all remote users to a local UID/GID

Apply the configuration:

service mountd restart
service nfsd restart

This method alone works reliably. Using zfs set sharenfs is unnecessary here and can introduce confusion.

Syncing Data via NFS

Mount the NFS share on the main server at /mnt/cuda, then ensure permissions:

chown -R 1000:1000 /mnt/tank
chmod -R 755 /mnt/tank

Run rsync:

rsync -avh --info=progress2 --modify-window=1 /mnt/sda1/ /mnt/cuda/

• -a preserves timestamps, permissions, symlinks, etc.
• --info=progress2 shows real-time progress
• --modify-window=1 handles timestamp differences between Linux and FreeBSD

Observations:

• The SSD-backed special vdev noticeably improved small-file performance
• Dual-channel memory helped I/O on this low-power CPU
• The 2.5GbE NIC provides a large convenience boost
• Transfer speeds are currently limited by the source system’s storage and workload characteristics

Real-World Testing

Copying a 4.1GB Debian ISO from the Barracuda to my desktop completed in roughly 10 seconds. Both machines and the switch are 2.5GbE capable. Renaming the file and pushing it back (desktop → Barracuda) took about 15 seconds.

Htop reported 100–200 MB/s in both cases, though reads from the Barracuda are clearly faster than writes.

Pings between the two machines show excellent latency and consistency:

100 packets transmitted, 100 received, 0% packet loss
rtt min/avg/max/mdev = 0.103/0.114/0.175/0.009 ms

Closing Thoughts

For now, all my personal goals for this project have been met. Eventually, I plan to implement scheduled wake-on-LAN (or something conceptually similar) so the box only powers on when backups are needed. I don’t need it running 24/7 — it’s here to quietly snag incremental backups in case something goes wrong elsewhere.

For those new to FreeBSD, maintenance is fairly simple. Updates are handled with freebsd-update fetch install. After fetching, you’ll see a wall of text — press q, and the install will proceed.

That’s all for now.

Installing Debian onto Mirrored rootfs (Soft RAID 1)

Introduction

I’ve been in the process of upgrading my server… going all the way from the modest i5 7500T all the way up to a Ryzen 5 5500. Since I started acquiring the first couple items for the new build, I had the goal of booting this machine from a mirrored pair of SSDs… This way even if one had some kind of catastrophic failure, I can still boot from the second drive and replace the failed one when convenient. Now, I must state the obligatory “RAID IS NOT A BACKUP!”… If and when something gets screwed up, it will immediately screw up both copies instantaneously. So you’re really only protected from an actual disk failure. Frequent backups are still something one must do, to protect from all other scenarios.

So, why are we here?

Glad you asked! Some Linux distributions have evolved to be a bit more ‘helpful’ in scenarios like this… for example, while it isn’t as easy as it perhaps could be, Fedora had absolutely no problem doing what I wanted the first try. No fuss. It just worked.

Debian on the other hand… I’ll admit I re-installed 3 or 4 times. Once I realized the problem, it was obvious… But if you’re reading this, you’re probably wondering what the problem is!? Why won’t this junk work??

What worked for me

So, what we need to understand here are a couple of limitations. I’m not totally sure if they’re limits of EFI, grub, or debian’s specific configuration but none the less, this is what I’ve learned.

You can’t put the ESP/EFI partition on your linux mdraid. What you want to do instead is, slice up both your disks like normal… in my case, I did:

— 500 MB EFI
— 477 GB RAID PARTITION
— 2 GB RAID PARTITION

Do both disks exactly the same. The key here is, set up that first partition as a normal EFI partition… and do it on BOTH disks. Once both disks are sliced up, go into the Linux Software RAID option… Create an MD device. Pick your two devices for RAID 1… Firstly the large (in my case 477 GB) partitions… Then run through again, this time pairing up the smaller ones for SWAP. Finish the MD setup.

Back on the partitioner’s main screen, you’ll now see two additional devices above your physical disks. Double-click them… setting the first one up with ext4, xfs, whatever you’d like… and a mountpoint of / for rootfs. Next, do the swap.

In each disk, ensure that the ESP/EFI partition has the bootable flag checked and the EFI System partition type has been used (not RAID, fat32, etc).

Finish the install… it should go without a hitch. Now, we’re in pretty good shape here. Everything on this Debian system will be mirrored to both disks, meaning each write is simultaneously sent to each disk. One can die, and nothing will be lost, but we still need to resolve EFI. To get our second EFI partition populated, read on…

On the initial boot

Go ahead and run lsblk and see which disk you’ve booted from. It will likely be sda but could very-well also be sdb. Whichever disk we *did not* boot from, we want to mount that disk’s EFI partition.

Make a directory, /mnt/efi2 and mount that partition there… then copy everything from /boot/efi into the mirror disk’s EFI partition.

(as root)
mkdir -p /mnt/efi2
mount /dev/sdb1 /mnt/efi2
cp -a /boot/efi/* /mnt/efi2/

Now, we’ll also install grub to that disk…

grub-install /dev/sdb
update-grub

Reboot… And try booting into your other SSD. It should work!

Firefox Scrolling Inverted??

First time this has happened to me, but running the FireFox Nightly (which came on NetBSD 11 BETA) I noticed my TrackPoint \ middle mouse scrolling was reversed. I think they might call this “natural scrolling”… anyway, to fix it simply go to about:config in the title bar and search for mousewheel.default.delta_multiplier_y — Change it from 100 to -100 and presto, normal scrolling behavior.

Trying out FreeBSD 15.0 BETA 1 on ThinkPad T500

Screenshot — FreeBSD 15 running MATE Desktop

I for one am definitely looking forward to FreeBSD 15 RELEASE! 14.3 brought strong improvements, and things can only get better. Going to be putting it on my X1 Carbon Gen 3 soon, but for now I figured I’d try it on a spare machine. Nice to see it got going with hardly any effort on this 15+ year old machine! Just had to do a bit of manual X.Org config tweaking…

For a Core 2 Duo with 4 GB RAM in 2025, it runs surprisingly well. I’m posting from this machine right now 🙂

Resetting CMOS Password on ThinkPad T420

I recently picked up a used Thinkpad T420. While I could boot it up, use it, install another OS and all that there were some settings locked out.

There is apparently an option for a regular CMOS password, and a “supervisor” password. Hitting enter got me in with limited access, but I couldn’t do things like turning hardware virtualization on or off… among other things.

If you’re like me, maybe you’re thinking: Hey, just unplug the coincell for a few minutes!

Well that doesn’t work. Fortunately though, there is an easy enough hack. Remove the screw for the RAM door on the bottom of the machine, then use a credit card or blade to nudge the keyboard up from the palm rest. Carefully keep the keyboard connected, but place it sideways out of the way. We need to short a couple pins below where the CMOS coin cell battery connection is on the main board.

General Area — We need to be in this general area. Excuse the flashlight!

Now, lets zoom-in on the actual area where we need to short two points… Tweezers will work well for this purpose.

Now, inside that area where we have the orange box… We need to short the upper left corner to the middle right (center row) pad. This should make things totally clear:

So, this is what to do… Keep either the AC supply, or battery attached to the machine and boot it up.
When you boot it up, hit the blue ThinkVantage button and QUICKLY use your tweezers to short those two points together for a second. If successful, you’ll see the following message.

“Data access error” sounds bad, right? Well in this case, such an error indicates success. Yeah, and you don’t stop ‘Cause it’s 1-8-7 on a undercover tsop! Well, SPI, but that wouldn’t rhyme…

Once you get into the BIOS (press F1), be sure to disable all passwords or set them to blank and then save.

That’s it! Worked perfectly on my Thinkpad T420. I found this method via a YouTube video, his pictures were not so clear though. Hopefully this will help my fellow Thinkpad enthusiasts!

OpenWRT on a Thrift Store Router (Netgear WNDR3700 v4)

Earlier today I stopped by a local Goodwill to see what they had in the way of electronics. Among the digital photo frames and old keyboards, I spotted two routers. I’m always on the lookout for hardware that can run Linux. One of the routers was a Netgear WNDR3700 v4. It was in its original box with the power adapter and a couple of patch cords.

Normally I’d pull out my phone and check OpenWrt support before buying, but this one looked old enough that I figured there was at least a 50/50 chance it would be an easy convert. I’m glad I grabbed it; Not only is this model supported, but flashing OpenWrt is about as painless as it gets.

Flashing with OpenWrt — No UART, no TFTP, no drama.

Factory reset the router.
Connect to it at http://192.168.1.1/ in your web browser. Log in with:
Username: admin
Password: password
Go to Advanced.
Download the latest OpenWrt “factory” image for WNDR3700 v4 from the OpenWrt site. *Note, maybe do this first!*
Upload it via the Netgear’s firmware page, under “Advanced” in the web ui.
Wait a few minutes for the flash to complete.
Reconnect your computer (get a fresh DHCP lease), then visit 192.168.1.1 again.
Log in with:
Username: root
Password: (blank)*Note, maybe do this first!*
Set your own password… and you’re done!

This 2012-era router is now running a fully up-to-date Linux distribution.

In My Case…
I reconfigured mine to serve as a simple gigabit switch:

Disabled both Wi-Fi radios.
Configured the “WAN” port into another LAN / switch port.
Disabled the DHCP server.
Set the LAN bridge (br-lan) to DHCP client so it picks up an IP from my main network.
Gave the new router’s MAC a dhcp reservation on my main router, and added the new hostname to my hosts file.
That way I can still log in for maintenance while it’s acting as an extra switch.

WNDR3700 v4 Hardware

CPU / SoC: Atheros AR9344 @ 560 MHz
RAM / Flash: 128 MB RAM / ~128 MB flash
Wireless: Dual-band 2.4 GHz + 5 GHz, 802.11n (N600)
Ethernet: 1× Gigabit WAN, 4× Gigabit LAN
USB: 1× USB 2.0 “ReadySHARE” port

What Can You Do With It?
Plenty. This hardware can easily run the latest OpenWrt without feeling sluggish. The USB port opens up even more possibilities:

Failover WWAN modem or phone tethering
Network printer sharing
USB hard drive for network storage
DIY internet radio streamer with a USB sound card

With OpenWrt, you’re only limited by your time and imagination.

Why Bother?
Netgear’s last firmware for this model came out in 2018. That’s seven years without security updates. OpenWrt gives you:

Modern kernel & drivers
Current security patches
A huge ecosystem of packages

All on hardware that cost me four bucks at a thrift store.

OpenWrt Support History for the WNDR3700

Original WNDR3700 (v1) launched in mid–late 2009 with Atheros hardware.
OpenWrt support for the series appeared within months of launch, making it a long-time favorite in the community.
The v4 hardware revision hit the market around June 2012.
Because v4 kept an Atheros chipset (AR9344) with generous RAM and flash, it was officially supported soon after release.
The best part: Netgear’s stock firmware for v4 accepts an OpenWrt “factory” image through the web interface. No serial cable required, no bootloader tricks, just upload and reboot.

This combination of long-term support, open-friendly hardware, and GUI-based flashing makes the WNDR3700 v4 one of the easiest budget OpenWrt targets you can find.

NETGEAR WNDR3700 on OpenWRT Wiki / TOH
OpenWRT Version 24.10 Factory Image for WNDR3700 V4 – Direct Link

Building an Optimized Linux Kernel on Fedora 42

fastfetch screenshot — Fastfetch shows my custom 6.15.9 Kernel

Preparation: You’ll need to install some tools and dependencies required by the build process. On Fedora you’ll want to run the following:

sudo dnf install gcc make ncurses-devel bc openssl-devel elfutils-libelf-devel rpmdevtools fedpkg rpm-build
sudo dnf builddep kernel

Getting the Kernel source tarball
Head over to https://kernel.org and download your branch of choice. I’d recommend the latest Stable tarball.

wget https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.15.9.tar.xz

tar -xf linux-6.15.9.tar.xz

cd linux-6.15.9

Copy your current defconfig

We’ll copy the running kernel’s configuration into our source tree…

cp /boot/config-$(uname -r) .config
make oldconfig

You should see some output, ending with “configuration written to .config”.

The easiest way to set our flags is to simply export them in our current shell before proceeding to run make. I did the following for my AMD Ryzen 5800XT:

export KCFLAGS=’-march=znver3 -O3′
export KCPPFLAGS=’-march=znver3 -O3′

You can do march=native if you’re not sure exactly what to use for your specific CPU. Only do znver3 if you’ve got a Zen 3 chip!

Then build.*

make -j$(nproc)

* If you’d like, make additional makefile edits before running make. Or, make menuconfig if you’d like to browse through available options. But, be careful… It gets pretty technical! Simply by following the instructions above you’ll end up with a Kernel which is newer than what you’ve got, better optimized, and smaller. Basically, better in all ways. All without having to make any questionable changes on your own… But of course, feel free to explore the available options! Keep in mind, always keep a known-good stable kernel in your grub configuration in case you make a mistake!

Your kernel will take some time to compile. Anywhere from several minutes to a couple of hours, depending on how powerful your processor is and how many modules must be built. Higher optimization levels typically will take more time as well; the standard level is O2, we’re doing O3. Performance is generally better but the initial build will take a bit longer.

When the compilation is finished:

sudo make modules_install
sudo make install

This will install the kernel modules to /lib/modules/6.15.9/ (in this case). These are drivers and kernel features compiled as =m; they’re loadable instead of built directly into the kernel. Make install will install the compiled image to /boot. In this case /boot/vmlinuz-6.15.9.

We can verify our new image is Grub’s default by running:

sudo grubby –default-kernel

We should see “/boot/vmlinuz-6.15.9”.

Reboot into your new optimized kernel!

B550M AORUS ELITE AX — Replacing the lousy WiFi!

Finally decided to retire the Haswell system I’ve been using, and ordered up some AM4 goodies during the recent Prime Day sale. I grabbed an AMD Ryzen 7 5800X (8-core, 16-thread), 32 GB of DDR4-3600, and the Gigabyte AORUS Elite AX (Rev 1.3) motherboard. The CPU was the main draw — it was only $130! The board was on sale for $90 (currently $149.99 on Amazon).

Aorus Elite AX Rev 1.3

Thus far I am happy with this motherboard. It doesn’t give me the same vibe of Gigabyte superior value which I got back in the day from the likes of the classics — GA-EP45-UD3P comes to mind! — but, for under $100 it seems quite adequate.

The included WiFi leaves much to be desired though… Maybe it works fine on Windows?? On Linux, I was only seeing 2 bars and maybe 300 – 400 Mbps.

The solution? Grab yourself an AX210.
Intel wireless cards have excellent support on Linux and BSD alike. For just $20–$30 online, you can replace the built-in Realtek card. It takes about half a dozen screws to open the board and swap the M.2 module. I highly recommend tweezers for disconnecting and reattaching the tiny U.FL antenna connectors.

Where’s the Wi-Fi module located?

Motherboard WiFi — Board with VRM heatsink and shroud removed

WiFi Cards — Realtek NIC beside the new Intel AX 210

My pings are now way, better. Night and day. And the speed is a solid 100 Mbps better, or more. See for yourself!

AX 210 Results — AX210 Results: iPerf3 Test and 100 pings to my server

Utilizing Apt-Cacher-NG’s cache on the server hosting it

apt-get

I’ve been using apt-cacher-ng for a few months now. For those who don’t know, this is a service you can run locally which will proxy apt requests from your network clients. This way, each time a package or update is requested there will be a copy retained in the cache. Upon each subsequent request for the same file(s), the local copy can be served instead. This saves bandwidth, and offers a speed advantage since you’ll likely be getting full GB ethernet line speed on your LAN. Read more about ACNG here.

While several local machines and VMs have no issues using my local ACNG proxy, the server actually hosting ACNG itself seemed to be giving errors when doing an apt update.

You’ll likely see the warnings “503 Server reports unexpected range” as well as “Some index files failed to download. They have been ignored, or old ones used instead.”

Basically, because the machine is trying to proxy through itself, some kind of problem occurs. Now, the simple solution is to just point to the normal Debian mirrors directly. That however wouldn’t offer the benefit of our local cache! The more boxes / VMs pulling for it, the more value you’re getting out of the whole setup… So here’s how we resolve this issue.

Write a text file to /etc/apt/apt.conf.d/00acng and place the following lines inside:

Acquire::http::Proxy::localhost “DIRECT”;
Acquire::http::Proxy::127.0.0.1 “DIRECT”;
Acquire::http::Proxy::novo.lan “DIRECT”;

Of course, change “novo.lan” to the hostname of your ACNG host. My sources.list looks like this, hence the hostname used in my example.

deb http://novo.lan:3142/deb.debian.org/debian/ bookworm main non-free-firmware
deb-src http://novo.lan:3142/deb.debian.org/debian/ bookworm main non-free-firmware

deb http://novo.lan:3142/security.debian.org/debian-security bookworm-security main non-free-firmware
deb-src http://novo.lan:3142/security.debian.org/debian-security bookworm-security main non-free-firmware

deb http://novo.lan:3142/deb.debian.org/debian/ bookworm-updates main non-free-firmware
deb-src http://novo.lan:3142/deb.debian.org/debian/ bookworm-updates main non-free-firmware

You may want to add a 4th line, with your actual LAN IP if you’re naming the apt mirror by IP instead.

The LostGeek Weblog

Category: tips and tricks