BAUDI/O

This post is a bit lengthy and focuses more on the journey behind creating the device rather than the technical details. If you’re more interested in the technical specs, head over to Github to read the documentation and download the Gerbers to build one yourself. Hopefully, you’ll find the background story intriguing…

Background

My fascination with audio electronics began when I discovered the CMoy DIY headphone amplifier. The thrill of hearing music from something I built was incredible and addictive. Over the years, I crafted numerous power and headphone amplifiers, fueled by my passion for the audio and DIY audio subreddits. One project I always wanted to revisit was that first headphone amplifier, but with a twist: using SMD components to see how small I could make it. However, staring at the PCB, I realized how uninspiring it was and never printed it.

Introduction

The new ATtiny chips feature enhanced performance parameters including up to 32 KB of flash memory and up to 2 KB of RAM. These microcontrollers operate at clock speeds up to 20 MHz and include support for the Universal Serial Interface, which allows for I2C, SPI, and UART configurations. Importantly, they feature improved 12-bit ADCs, 10-bit DACs for better analog performance, and the capability to operate at a voltage range of 1.8V to 5.5V, making them highly adaptable for various power supply conditions. Some models also include a built-in hardware multiplier, which facilitates faster calculations for control applications. Additionally, the new ATtiny series maintain compatibility with the AVR instruction set and can be programmed via UPDI for straightforward development and debugging.

Sony Portable CD - The D-EJ2000 and EU Volume Limiting

I bought a few years ago what is considered one of the best examples of Sony engineering - a D-EJ2000. Unfortunately, this model if you got it in the EU comes with a rather silly limiter on the output to stop us europeans going deaf.

This limits it by a factor of 10, to 0.6mw output compared to 6mw of output for the ’tourist’ version or the US version.

ChatAI - make me a shell script

One of the things I’ve always ended up doing is writing little shell scripts, or one liners, to do stuff, generally this requirement comes from some sort of needing to tickle of my rather extensive (1.4Tb currently) music library.

I recently got a new music player (A Zishan - now Zisan - Z5). It’s a pretty awesome DAP and does a lot more than the previous generation (the Zishan DSD with an AK9945 DAC), including much improved displaying of Album Art.

Setting up bgpd on OpenBSD (and dn42)

So this is the third part of the series, with the other two focusing on ospf and iked.

We’re using OpenBSD, and OpenBGPD which comes as part of the OS.

The aim of this was to hook up to DN42, a decentralised network which participants join and create wireguard tunnels to peers, and then exchange routes via BGP. It’s an awesome playground if you wanted to dip into learning BGP. Having 0 experience with BGP, I muddled my way through, so consider this - at best - a starting point for configuring BGP.

OpenBSD & ospfd

So, in a previous article we looked at setting up IPSec ikev2 tunnels between some nodes, all conncted via sec interfaces.

Now that we have connectivity, the next step is to distribute some routes. Let’s revisit our network diagram, with some IP ranges shown:

           ┌──────────────┐         ┌──────────────┐
           │              │         │              │
10.0.0.0/24│ reachout     │         │ outreach     │ 10.0.1.0/24
           └──────▲───────┘         └──────▲───────┘
         sec0     │100.64.0.2       sec0   │ 100.64.1.2
                  │                        │
                  │                        │
                  │                        │
                  │                        │
                  │                        │
                  │100.64.0.1              │100.64.1.1
             sec0 │   ┌───────────────┐    │ sec1
                  └───┤               ├────┘
                      │    fw0        │
            ┌────────x►──▲─────────▲─x◄───────────┐
            │            │         │              │
            │            │         │              │
  ┌─────────┴──┐ ┌───────┴────┐ ┌──┴─────────┐ ┌──┴─────────┐
  │vlan100     │ │vlan200     │ │vlan210     │ │vlan220     │
  │172.16.100  │ │172.16.200  │ │172.16.210  │ │172.16.220  │
  └────────────┘ └────────────┘ └────────────┘ └────────────┘

We could simply edit the route tables by hand to create connectivity between all of our hosts, but that soon starts to get messy and complicated - everytime you spring up a new network, you will have to run round and change the configuration on each of the boxes. Assuming you wanted to do that, the easiest way would be to add another line to our hostname.if files, like this:

Setting up sec interfaces with iked

This article is mostly around how to get IKEv2 setup on OpenBSD. It took me a while, as I was ‘windmilling in’ and working on it without correctly sitting down and thinking what I wanted to achieve.

On OpenBSD, the iked daemon configures and handles all this stuff. It’s nice enough to generate you some rsa keys on startup, so that saves you a trip to the hell that is the openssl command.

Getting golang to talk to AWS/KMS RSA Keys

In short, there’s a few things to get done. To start with we need the Amazon C++ SDK to be able to provide the first layer. Then, we need a pkcs11 provider to talk to that SDK. After that, we need a golang library to be able to talk to that pkcs11 provider. 😀

Amazon Linux

Because I’m a sadist, I decided on using AWS Linux to make things as complicated as possible. To build stuff later on, you’ll need to yum install cmake3 package, as well as yum groupinstall "Development Tools".

Packet Queuing with OpenBSD’s pf.

Two immediate links for you, one to Solene’s fantastic explanation of queueing, and another to the pf.conf manpage.

I’m on fibre now at home, which is rather fantastic. In the UK you pay for packages which are sometimes described as 100, 200, 250, 500 etc which indicates the download speed, but annoyingly, they still insist on asymmetric traffic flows, meaning your uplink is limited. As a result, in order to get the maximum download speeds you’ll find yet again, you need to do some traffic shaping.

openbsd - veb’s, vport’s and vlan’s

Inspired by a question on reddit from someone who wanted to create another wireless network for guests to the house, here’s a short how-to on how I’ve got things set up at home.

My main router/firewall is an OpenBSD box, with multiple nics. A few of those nics’ connect to some Wireless AP’s, running OpenWRT. The OpenWRT AP’s run a few different SSID’s for things, for example I’ve got one for guests to the house, one for the AV kit, one for the IoT devices…