We will be rolling this out for the other controllers soon. Bye bye 802.11b!
Posted onApril 4, 2014
 My Republic Teleport is free till 31 Dec, $5 a month afterwards (I really hope they don’t charge!)
 I’ve heard Apple TV works, and WD TV Live too. Let me know if your device works for you
 Free trial for 1 month, so that you don’t lose anything if it doesn’t work. You need to pay for it after free trial.
[edits:] added information that you need to create a Roku US account BEFORE activating Roku
In addition, I also purchased a WD TV Live to watch Netflix on my big screen TV. However when I set it up, I realized that the WD TV Live does not work with Netflix! 😦
After feeling sorry for myself, I decided to figure out how Teleport works, and maybe try to fix the issue with Netflix and WD TV Live.
First of all, I heard that many WD TV Live users have managed to let Netflix work using Unblock-Us. I went ahead and tried configuring Unblock-Us, and sure enough, it works! This made me further believe that the issue is not with WD TV Live nor Netflix, and surely is with Teleport.
I set up my laptop to NAT all traffic in and out of the WD TV, so that I could listen to all the traffic.
In short, MyRepublic Teleports uses their DNS to redirect you to an Amazon instance in the US for specific domains – mostly the authentication / setup part of streaming services like Netflix. The main bulk of the streaming content afterwards comes from CDNs, which I believe does not need to go through the US link. Let’s take a look.
The WD TV Live starts off by connecting to
nccp-nrdp-31.cloud.netflix.net. If you look it up using MyRepublic DNS servers, you can see that it resolves to an Amazon EC2 instance in the US WEST.
$ dig @126.96.36.199 nccp-nrdp-31.cloud.netflix.net.
;; ANSWER SECTION:
nccp-nrdp-31.cloud.netflix.net. 0 IN A 188.8.131.52
$ dig -x 184.108.40.206
220.127.116.11.in-addr.arpa. 300 IN PTR ec2-54-215-3-116.us-west-1.compute.amazonaws.com.
After that, it connects to 2 other domains,
api-global.netflix.com. This is where the problem lies – MyRepublic still resolves these two to the same EC2 instance.
uiboot.netflix.com. 0 IN A 18.104.22.168
api-global.netflix.com. 0 IN A 22.214.171.124
As far as I can tell, both
uiboot.netflix.com connections are HTTPS, which means they can’t share the same IP. To test my theory, I set up a DNS server that responds with the Unblock-Us DNS servers for
api-global.netflix.com. It works!
I guess the fix for MyRepublic is simple – they just have to create another 2 instances to take care of the traffic going to the 2 affected domains, and everything should work!
I’ve forwarded them the information, hopefully it’ll help them.
Recently, we had a bit of a puzzle over VTP pruning. We have two switches, S1 and S2. Both of them are VTP Clients in the same domain and have pruning enabled. There is no VTP server in that domain (don’t ask).
We needed to add a VLAN to S1, but since it is a VTP client, that is not going to happen. We decided to change S1 VTP domain name to something else first, then change it a Server in the new domain. This is to prevent the S1 from changing the vlans for other clients in the old VTP domain (S2).
However, changing the VTP domain resulted in HSRP of S1 and S2 breaking. After some troubleshooting, we found out that it was caused that by us pruning vlans!
Basically, when pruning is switched on, broadcasts in a vlan are not sent to a downstream switch if that switch has no client ports in that vlan. We suspect that active vlans information of a downstream switch are propagated by VTP in a domain. When we changed the VTP domain of S1, it would have appeared to S2 that S1 has no active VLANs, thereby pruning all traffic to it! 🙂
The solution? Set S1 to VTP mode transparent. Then you can make all the changes you want to it, and it will not partake in any VTP. Should have known better, I think this is in CCNA.
Most devices support some form of WPA/WPA2. Sadly, NUS has always been using 802.1X WEP, as we’ve been working with Cisco Wireless Lan Controllers. For quite a while now, we’ve rolled out WPA/WPA2 with 802.1X. Below are the generic details:
Phase 2: MSCHAPv2
Phase 2: MSCHAPv2
Now all your WPA/WPA2 devices can log into the wireless with no problem!
Note: This is only available in SoC premises. COMCEN is rolling out similar profiles, but we are not sure which parts they have covered yet.