Recently I wrote that AntMedia does not support IPv6, see also Ant Media Server mit Apache Reverse Proxy.

This problem is now fixed. Many thanks at this point for the quick help from the Ant Media team, who contacted me personally!

Continue reading →

I’ve been using the Communtiy Edition of Ant Media Server for quite a while. The server is normally addressed via HTTP on port 5080. In principle HTTPS with Let’s Encrypt is also possible, but only if no web server is already active on port 80, which is not practical for my application. Instead, I configured a reverse proxy in Apache.

However after one of the last updates there was an unexpected problem: the live stream was still working, but trying to login to the dashboard was acknowledged with HTTP 403. The solution for this is to add the option ProxyAddHeaders off to the proxy configuration. Apparently Ant Media denies access to the dashboard when a proxy is used. The new configuration now looks like this:

RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://localhost:5080/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://localhost:5080/$1 [P,L]
ProxyAddHeaders off
ProxyPass / http://localhost:5080/
ProxyPassReverse / http://localhost:5080/

In this way, both the dashboard and live streams can be used. Just be aware that Ant Media now also treats every incoming request as it was from 127.0.0.1 and not the IP address of the client.

Update 2022-08-29

The reason for this behavior is now also clear:

Ant Media doesn’t support IPv6 – at least the community version I’m currently using. This can easily be checked by setting up an FQDN for the machine running Ant Media that only has an AAAA record and then trying to contact Ant Media using that name and port 5080. In this case no connection is possible since Ant Media does not have any IPv6 listener only IPv4.

When using a proxy, connection requests via IPv6 are handled by proxy and then forwarded to Ant Media with IPv4. However, these requests contain the IPv6 address as the source in the headers, which Ant Media cannot interpret as an allowed IPv4 address and therefore rejects the request.

The addition ProxyAddHeaders off prevents the IPv6 source address from being passed on in the headers, so that for Ant Media all requests come as IPv4 from the address 127.0.0.1, which is accepted.

Update 2022-09-10

The problem can be fixed by adjusting the configuration which will propably included in one of the next updates of Ant Media – also see Use Ant Media with IPv6.

Does anyone remember Meltdown and  Spectre? These vulnerabilities were discovered in June and July 2017 and publicly documented in early 2018. As a result, countermeasures have been taken by software manufacturers for both operating systems and applications, some of which also lead to reduced performance.

As reported on https://www.ncsc.admin.ch/retbleed-en, researchers of the ETH Zürich now discovered a vulnerability in one of the counter measures – retpoline – affecting CPUs by Intel and AMD which got the name “Retbleed” (CVE-2022-29900, CVE-2022-29901). Also see the description at https://comsec.ethz.ch/research/microarch/retbleed/.

Apple is considered the inventor of smartphones… are they really?

By the way… I used a Palm Pilot and a Sony Clié N770C myself a long time.

An impressive example for the state of the art in the year 1972. You find more about this on https://computeranimationhistory-cgi.jimdofree.com.

Recently I discovered Betterbird – a “soft fork” of Mozilla Thunderbird, which exists since sommer of 2021 and was created to provide a better version of Thunderbird.

Continue reading →

NVMe is the abbreviation for “Non Volatile Memory Express” and describes a standard for connecting SSDs via PCI Express. With SATA the speed is limited to 600 MB/s. In addition, AHCI (Advanced Host Controller Interface) used by SATA was primarily developed for hard drives and limits the possible I/O operations per second (IOPS). With NVMe both have been improved – PCI Express enables significantly higher transfer rates of up to 32 GBit/s or 4 GB/s via PCIe 4x and more than 500000 IOPS.

After one of the SSDs in my “retro PC” started reporting checksum errors I installed an NVMe drive with a PCIe adapter card for M.2 as a replacement.

Continue reading →

My PC is built into a tower case from Chieftec. This case offers also external ports for USB 3 among other things. Internally, these ports are connected to the mainboard.

However, I also installed an internal memory card reader from Chieftec, which also uses USB 3 and offers a 4× USB hub. This means that the only internal USB 3 port on the mainboard is occupied. In order to be able to use the external USB connections, I bought an additional controller for PCI-Express, which offers two external USB connections and two more internal connections. The connections in the housing can also be supplied via this.

So far so good – but there was a strange effect when I tried to use a Velleman K8055N: as soon as the connection was established in the software, the software stopped working. This effect did not occur using the connections of the mainboard itself. The USB connections of the memory card reader were not a problem either.

Continue reading →