RE: Motion B6 – Don't Feed the Wildlife

Peter

My letter to City of Vancouver council regarding Motion B6 – Don't Feed the Wildlife.

Hello,

I do not support Motion B6 – Don't Feed the Wildlife, submitted by Pete Fry.

The proposed ban is overly broad, and unnecessary. There is already a Park Board bylaw on banning feeding wildlife in our parks, which is the advertised target of this motion.

The City and Park Board should enforce existing bylaws, instead of adding new ones. And, when necessary, work with the province on enforcing laws against feeding dangerous animals.

Pete Fry stated that the proposed bylaw is also meant to target people who attract vermin to their properties. Does the City not have bylaws in place already that cover this? I believe they do.

Many residents in Vancouver feed the various birds in their area using methods banned with this proposed bylaw (i.e. putting out nuts while under observation in a container during the day: to prevent vermin), and use it as a way to improve their mental wellbeing, especially during COVID-19. This will unfairly target seniors and people with restricted social circles.

Please consider voting against this motion.

Thank you.

A critique of Ubiquiti Dream Machine (UDM) Pro, etc.

Peter

My partner and I purchased a new home, and it came prewired with CAT5E, and outside rough-ins for security cameras.

I decided it was time to get "serious" and have a proper pro-sumer setup at home for Internet access, and while we were at it: Security cameras! I didn't want to go with Hikvision or any of the other Chinese manufacturers of IP cameras.

With those requirements in mind, I settled on the following hardware from Ubiquiti for an end-to-end solution:

  • UniFi Dream Machine (UDM) Pro
  • UniFi Switch 16 POE-150W
  • UniFi Switch Flex 5 POE
  • 2x UniFi AP-Flex-HD

For security cameras (UniFI Protect), I went with the following:

  • 2x G4 Pro
  • 2x G3 Pro
  • UFP Viewport

These products, in my opinion, are not prosumer. They have a number of issues, especially for the price point (I would expect better.) In a lot of cases, pfsense would buy you better bang for your buck.

UDM Pro

Dual WAN

  • Does not support load balancing, only fail over (despite option being available in the UI – disabled in 1.8.3 and above)
  • Port forwarding only works on the active WAN connection, despite both WAN connections being selected for the port forwards
  • No ability to set the primary WAN interface
    • Documentation claims to allow you to swap WAN interface port assignments around, unfortunately swapping interfaces around causes no interfaces to work
  • No ability to set independent upstream and downstream speeds per WAN interface (ala "Smart queues")
  • Static routes only work with the active WAN interface. My modem for Shaw uses 10.0.0.1 for management, to see levels, etc. I added a static interface route for 10.0.0.1/32 pointed at the interface for the modem, it does not work. No route is added, and nothing shows in iptables. If I add the route manually via SSH, it works.
  • The inactive WAN interface: DHCP will stop working, think it still has it's old IP address. Via the GUI it will say the interface is up, but via command line the interface will be shown as failed. To fix you need to restart the UDM.

Missing Features

  • No link aggregation (LACP or LAG) support
  • No policy routing (load balancing of Dual WAN doesn't work, so what's the point?)
  • Proper bandwidth limiting via QoS

Bugs

  • On 1.8.3 I experienced a condition where the UDM Pro stopped accepting traffic to Protect, Network and the web interface. I was not able to safely reboot the machine and had to power cycle it to restore service.
    • This issue has occurred on 1.9.3 as well. System ends up in an out of memory condition and will stop recording security cameras and you have to power cycle the device. It seems to occur when the Web UI is used.
  • DPI statistics do not accurately reflect traffic counts, and has apparently been broken for years. I have 900GB of traffic attributed to PayPal, and if you click for a breakdown about 100KB is used in total.
  • Unifi Network App on Android will drain battery if left to run in the background. Does not reliably provide notifications/alerts that are displayed in the web interface.
  • Adding new WiFi SSID causes all the Access Points to restart and service is unavailable for a few minutes.
  • Restarting the UDM Pro is a gamble, sometimes it will not boot at all and will display "UDM-Pro is having an issue booting" and stop there
  • Access Points will randomly stop working until PoE port is power cycled

Unifi Protect

Missing Features

  • No ability to backup camera footage to a remote endpoint
    • Videos stored in a proprietary format on disk
  • Only the G4 cameras support People and Car Detection

Bugs

  • The service running on the UDM will crash randomly when retrieving videos
  • On Android, the video from an Event will not always load or take 3-5 seconds to load
  • Your authenticated session will be randomly logged out, and you will sometimes still receive notifications of movement, but not always. When you open the app, you will have to log in again.
  • Motion is detected for car headlights, even at very low motion sensitivity
  • Software updates despite automatic upgrades being disabled

UFP Viewport

Missing Features

  • HDMI-CEC to turn TV on and off at certain times

Bugs

  • Views that change between cameras do not work on UFP Viewport despit being able to set them on the web interface
  • Takes many tries to adopt to Unifi Protect, as well as failed firmware update attempts
  • Sometimes the feed will freeze and you will have to restart the UFW Viewport for it to work again.

Other issues

Conclusion

I'm in the process of looking for a replacement for Ubiquiti UDM. I will most likely replace it with a pfsense firewall, but I don't know what to do with my existing cameras as it was not a low-cost or low-effort investment.

Ubiquiti may be "okay" if you're not doing anything complicated, but at that point you might as well buy a cheaper solution that "just works" and doesn't arbitrarily have features removed or just plain not working.

deCONZ VNC access without full blown Xorg install

Peter

deCONZ / Phoscon-GW recommends a full blown Xorg install on a Raspberry Pi to access their GUI. deCONZ is a utility to work with Zigbee controller provided by Raspbee / Conbee. deCONZ GUI provides more advanced control of Zigbee devices, and has functionality that is not available via web interface/REST API.

No need to install a full blown UI if you want to run headless. These instructions are for Raspbian.

Make sure to disable and stop existing deconz services if enabled:

systemctl disable deconz
systemctl stop deconz

You may also have deconz-gui service if you have followed their install guide, so make sure to disable and stop this as well if applicable.

Install TigerVNC which we will use to provide headless VNC access to the GUI:

apt-get install tigervnc-standalone-server

You will create a new systemd service definition, which is outlined below .

/etc/systemd/system/deconz-vnc.service

[Unit]
Description=deCONZ: ZigBee gateway -- GUI/REST API VNC
Wants=deconz-init.service deconz-update.service

[Service]
User=1000
Environment="DISPLAY=:0"
ExecStartPre=/usr/bin/tigervncserver -geometry 1024x768 -useold -SecurityTypes None -localhost yes -noxstartup "$DISPLAY"
ExecStart=/usr/bin/deCONZ --http-port=80
Restart=on-failure
StartLimitIntervalSec=0
RestartSec=30
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_KILL CAP_SYS_BOOT CAP_SYS_TIME

[Install]
WantedBy=multi-user.target

Then reload systemd, enable and start the newly created service:

systemctl daemon-reload
systemctl enable deconz-vnc
systemctl start deconz-vnc

Once this is done you can setup a SSH port forward to localhost:5900 and access deCONZ GUI using your favourite VNC viewer.

Home Assistant sensors and CyberPower UPS via RMCARD205

Peter

RMCARD205 supplies metrics via SNMP for all supported CyberPower UPS. Who doesn't want to display power usage on their UPS via Home Assistant?

Lovelace card for CyberPower UPS

I created a "package" for CyberPower UPS RMCARD that exports data via SNMP. This assumes your default read-only community is named public.

packages/ups.yaml:

sensor:
  - platform: snmp
    scan_interval: 60
    name: ups_nompower
    host: x.x.x.x
    baseoid: 1.3.6.1.4.1.3808.1.1.1.4.2.5.0
    accept_errors: true
    unit_of_measurement: Watts
  - platform: snmp
    scan_interval: 60
    name: ups_nominv
    host: x.x.x.x
    baseoid: 1.3.6.1.4.1.3808.1.1.1.3.2.1.0
    accept_errors: true
    unit_of_measurement: Volts
    value_template: '{{((value | int) / 10) | int}}'
  - platform: snmp
    scan_interval: 60
    name: ups_itemp
    host: x.x.x.x
    baseoid: 1.3.6.1.4.1.3808.1.1.1.2.2.3.0
    accept_errors: true
    unit_of_measurement: "°C"
  - platform: snmp
    scan_interval: 60
    name: ups_timeleft
    host: x.x.x.x
    baseoid: 1.3.6.1.4.1.3808.1.1.1.2.2.4.0
    accept_errors: true
    unit_of_measurement: 'minutes'
    value_template: '{{((value | int) / 6000) | int}}'
  - platform: snmp
    scan_interval: 30
    name: ups_status
    host: x.x.x.x
    baseoid: 1.3.6.1.4.1.3808.1.1.1.4.1.1.0
    accept_errors: true
    value_template: >-
      {% set status = (value | int) %}
      {%- if status == 2 -%}
      Online
      {%- elif status ==  3 -%}
      On Battery
      {%- elif status ==  4 -%}
      On Boost
      {%- elif status ==  5 -%}
      On Sleep
      {%- elif status ==  6 -%}
      Off
      {%- elif status ==  7 -%}
      Rebooting
      {%- elif status ==  8 -%}
      On ECO
      {%- elif status ==  9 -%}
      On Bypass
      {%- elif status ==  10 -%}
      On Buck
      {%- elif status ==  11 -%}
      On Overload
      {%- else -%}
      Unknown
      {%- endif -%}
      
group:
  ups:
    name: UPS
    entities:
      - sensor.ups_status
      - sensor.ups_nompower
      - sensor.ups_nominv
      - sensor.ups_itemp
      - sensor.ups_timeleft

homeassistant:
  customize:
    sensor.ups_nompower:
      friendly_name: 'UPS Nominal Output Power'
      icon: mdi:flash
    sensor.ups_nominv:
      friendly_name: 'UPS Nominal Input Voltage'
      icon: mdi:flash
    sensor.ups_status:
      friendly_name: 'UPS Status'
      icon: mdi:information-outline
    sensor.ups_itemp:
      friendly_name: 'UPS Internal Temperature'
      icon: mdi:thermometer
    sensor.ups_timeleft:
      friendly_name: 'UPS Time Left'
      icon: mdi:clock-alert

Supermicro IPMI Virtual Media and Samba 4.11 (Ubuntu 20.04)

Peter

Unable to mount an ISO using Virtual Media function available on Supermicro IPMI with Samba 4.11 (used in Ubuntu 20.04)?

You successfully set the Share Host, and Path to Image. You select "Mount", and Device 1 virtual media status does not change to "There is an iso file mounted." It stays at "No disk emulation set."

Samba 4.11 in Ubuntu 20.04 has changed the server minimum protocol supported. To enable IPMI to work with the new Samba, in /etc/samba/smb.conf you need to change/add server min protocol to NT1.

[global]
server min protocol = NT1

Then you can reload Samba:

smbcontrol all reload-config