The Grumpy Troll

Ramblings of a grumpy troll.

Household Infrastructure

So, I need to get one of these plug computers up and running, so it can be my monitoring server for my household.

This morning, DNS resolution broke at home. My router, running OpenWRT, is using unbound, so I can get DNSSEC validation. DNSSEC validation broke, on being unable to validate the keys for the root zone, so I could only get DNS service back by disabling DNSSEC.

Turns out, the clock on the router said it was November 27th, 2012. Yet I had ntpd set up. My installation notes record the steps I took to set NTP up. Bonus feature of keeping a logbook of system installation, even if the logbook is just a text file somewhere: you can prove to yourself that if you are barking mad, it's not affecting your recollection of machine setup.

Alas, when I set that up, I hadn't yet set up off-device syslog of system logs, so have no data about when things broke. Since then, I've set up the syslog service on my home NAS (Synology 413j) and directed the router to send logs there, so if time fails again, I should at least be able to dig out logs of the incident (even if the two systems don't quite agree on syslog format and include a little garbage in each entry).

Since my laptop clearly uses Apple's time instead of trusting me to make sure the NTP server issued via DHCP is correct, I clearly need to actually set up home-based monitoring. It doesn't need its own long-term store, just needs to be able to give a web-page and send email. Needs to monitor itself, my router, the available routes, the services on the router, the services on the NAS, and perhaps reachability of a machine or two so I can charts and graphs to back up my experiences with occasional wedged network from my ISP.

And hey, perhaps even run arpwatch, so I can track the appearance of machines on my network.

Sounds like I've a project for, oh, next year sometime. :-/ Heck, my home setup might even start to appear professional … nope, no centralised configuration management.


If you have a phone that does SIP, it's not hard to use it as a pager for the monitoring system if you're already running VoIP infrastructure (which I am - that way my SIP phone is an extension of the house's POTS, even when I'm in the pub).

Categories: DNSSEC OpenWRT home sysadmin dumbass NTP