I am going to upgrade the router firmware shortly after 5pm tonight.  This will result in a brief interruption of Internet connectivity, usually lasting 1-2 minutes.  Usually this is brief enough that ssh sessions will not be knocked down but no guarantees.

     The reason that there have been no kernel upgrades for the last two weeks or this week is that 5.12.x has reached the point where it has been stable on our platform and I’ve been monitoring the progress and have not seen any changes that fix bugs that impact us, provide security improvements, or provide performance improvements.

     I do not anticipate going to 5.13 kernels because they don’t offer anything new that is of any benefit here.  5.14 when it reaches stable, we will try because they are replacing the E1000 Ethernet driver with a new copyless driver that will provide more efficient network I/O and hopefully also address the hardware offloading bug with this chip.  I do not expect this until sometime in August.

     VNC on Mint is fixed.

     VNC is currently broken on mint, it will produce only a small fixed-size screen.  I am working to resolve.

     In the meantime, either use a different shell server, or a different protocol such as web based, or x2go, or rdp.

     Mail issue has been resolved.  An update altered the permission on the mail spool directory in a way that, while more secure, (using a mail group rather than setuid mail programs) breaks it’s compatibility with many applications which are not setgid.  Permissions have been reset.

     An update today seems to have broken dovecot resulting in webmail and external imap and pop-3 mail clients failing.  Shell mail clients that read the mail spool directly will still work.  I am working to resolve this issue.

     I am working on some additional security measures, and there is the potential I may break things at least temporarily in the process.  If you noticing anything broken, please submit a ticket or e-mail support@eskimo.com.

     Kernel upgrades are completed, all NFS mounts and NIS binds are working.  Everything should be in service.

     I am planning on doing kernel upgrades tonight starting at 11pm.  If things go well they may be concluded by 11:30, if they go like last time might be 2:30, hopefully not.

     There has been problems with grub configuration being properly updated by the automatic kernel installer lately and when it fails it does so silently so I don’t know it’s failed until I try to boot and it doesn’t.  Most of the time this only affects the virtual machines but last time it affected one of the physical hosts requiring a drive to the co-location facility.

     So, probably facilities will be mostly usable by 11:30PM, there are generally one or two servers that don’t properly bind NIS or mount NFS and it takes me about another half hour to go through and resolve those but there is the potential for a physical host to have grub issues like last time so please don’t plan anything critical during this interval.

     The denial of service attack seems to have concluded.

     It was not of sufficient intensity to cause lost packets but it did cause delays of up to two seconds from time to time which would be noticeable if you were typing something interactively like using an ssh terminal or composing e-mail.

     There was a brief interruption near the end of about two minutes but that was me rebooting the router to apply a software fix.