Know How... 136 (Transcript)
Net casts you love from people you
trust, this is Twit! Bandwidth for Know How is brought to you by cachefly.com.
It’s time for Twit’s annual audio
survey and we want to hear from you. Please visit twit.tv/survey and let us
know what you think. It only takes a few minutes and your anonymous feedback
will help us make Twit even better. We thank you so much or your continued
support. Twit.tv/survey.
This episode of Know How Is brought
to you by Smart Things. Smart Things lets you monitor, control, and automate
your home from wherever you are using your smartphone. Right now Smart Things
is offering Know How listeners 10% off any home security or solutions kit and
you get free shipping in the United States when you go to smartthings.com/twit
and use the offer code twit at checkout.
Today it is NAT, DMZ, Quad Copters
and other letters.
Father
Robert Ballecer: Welcome to Know How, it’s the Twit show where we
build, bend, break and upgrade. I’m Father Robert Ballecer.
Bryan
Burnett: And I’m
Bryan Burnett.
Fr.
Robert: And for the
next 45 or 90 minutes we are going to be talking about some of the projects
that we have been playing with over the last few weeks, so that you can take
them home and geek out on your own time.
Bryan: That’s right. The things that have
interested us over the last couple weeks in this last story actually kind of
just frightens me.
Fr.
Robert: Yeah, every
once in a while we stumble upon a project that is like oh that is really cool.
And then a second later we say that is terrifying.
Bryan: The possibilities are… so if you
are wondering what that is, it is car hacking. What is the name of the kid?
Fr.
Robert: The name of
the kid is Eric Evenchick. I think he used to work
for Tesla.
Bryan: As an intern or something.
Fr.
Robert: Right. Smart kid. And what he has done is he has created an
inexpensive device that runs between $60 and $100. It interfaces with the OBD2 port, that is the onboard diagnostic port in your car. Which connects to the CAN. That is the control area network.
So that is everything that is connected in your car, which in a modern car is
everything.
Bryan: Every car in the last two decades
has the system.
Fr.
Robert: Exactly.
And controls braking, the engine, the entertainment system, the lighting.
Basically anything that does something in your car that requires the input of a
computer is connected to the CAN. So he has created a device that will plug in
to the OBD2 port on your car and the other side has a USB port that plugs into
your PC and it gives you access to everything.
Bryan: You have been able to get access to
the OBD2 before but this is something that allows it to translate into a more
usable, hackable format.
Fr.
Robert: Exactly.
The OBD2 port has always been there. Anyone who has messed around with cars has
probably found it. There have been a lot of aftermarket car parts that will
utilize the OBD2 port to advance timing, or to mess with the performance of the
engine.
Bryan: Or to take off that speed limiter
that might be there.
Fr.
Robert: Yeah. Or
even, for example like mine I just use it so that I have a separate screen that
will log RPM and engine tach.
Bryan: There is a little dongle that you
had and BYB that would log the miles in things like that in your admissions of
things.
Fr.
Robert: So it is a
useful port, it is not like it is an exploit.
Bryan: It was designed in an era where
they didn’t think of encryption, there is no password or anything like that to
get access to that stuff.
Fr.
Robert: No. Now,
the one difficulty has been the language that the OBD2 port speaks is kind of
cryptic and it really was designed for diagnostics. But what this dongle does, what
this Eric has created is it converts it into a programming language that
basically any hacker can figure out. That is cool. This is actually designed to
be a tool so that you can look at the inner workings of your car. He says he
wants it to inspire the next generation of car hackers to do things like change
engine timing to increase performance or increase economy. Allow you to
interface the entertainment system with other pieces of technology. The problem
is this is so incredibly easily abused. Essentially anyone who has physical
access to your car, and that is anyone. Unless you keep your
car in a vault.
Bryan: It wouldn’t be too difficult.
Fr.
Robert: All you
would have to do is get inside, plug this and if you can reprogram someone’s CAN.
If you read programmed their CAN, you can make their car react anyway you
wanted to react.
Bryan: And with some cars you don’t even
need to get physical access to the system.
Fr.
Robert: We actually
covered that story a while back. The connected drive.
Bryan: Something like that. But they were
able to get into the system through the entertainment software.
Fr.
Robert: Which, again is connected to the CAN. So we are starting to
get in this era where manufacturers are going to have to figure that they need
an air gap. There has to be an air gap somewhere that you can say, I don’t need
any access to the computer that controls braking, or the engine. So let’s put
that aside unless I physically do something better. Like a key or a code that
has to be connected into a secure area. Otherwise, if you’ve got something like
connected drive and it is not protected and it is really easy to get into,
someone can rewrite your car as you were driving. And that would be so not
good.
Bryan: From my own experience using the
Rasp Pi or something like that I would love to be able to mess around with all
the options. But sometimes it is like oh I should have done +1 instead of -1
and now my brakes don’t work, oops.
Fr.
Robert: Well the
Rasp Pi you could just reinstall the OS but with a car you can’t go, oh wow my
brakes made the car go faster, I should probably trouble shoot this.
Bryan: Let me just hook that up.
Fr.
Robert: So don’t
panic, this is not cause for mass hysteria. It actually is really cool. Because
we are DIYers, we are makers and any time someone
releases tech like this it does open up options. But hopefully, the car
industry will figure out quickly that they are no longer building cars they are
building computers that have engines.
Bryan: Well, I love this technology and I
love the idea of being able to tinker with the hardware that I own. But we are
in a wild West era where things aren’t as secure as
they should be. And it is something that car manufacturers are going to have to
think about. Especially as we get into the time of driving driverless cars and
things like that.
Fr.
Robert: I will say
I don’t have this device but I did play around a lot with OBD2 when I living in
San Jose. And I managed to interface it with my laptop and it was very cool.
Late at night when it was raining to be able to flick off ABS and all the
stability control. And just go crazy. You can’t do that when that stuff is on. It
was literally like click and we were good and then reset it when I was done.
Bryan: Just don’t forget to reset it. Or
let someone borrow your car for a little bit.
Fr.
Robert: I was
driving a front engine, rear wheel drive car at the time. The amount of power
that is in a modern vehicle is uncontrollable without the computer assist.
Because if you try to drive a car the way that you drive the car that has all
its computers on, you will put it out of control. It really makes you
appreciate how much the computer is doing.
Bryan: It is good to have that
appreciation. But please let me know before you do it.
Fr.
Robert: Let’s go
for a ride. All right, let’s get away from cars because what we want to talk
about is networking. Specifically, we had a question from the member of the
audience in the Google plus group. Bryan do you want to take
that?
Bryan: Yeah. This comes from Miguel. He wants
to know how to segment his network. “I want to segment off my home network but
I cannot change my router to my current one. It does not support any features
to do that. Some of my colleagues suggested a NAT on NAT, a firewall OS and a
switch/router that supports VLAN. To me this sounds very complicated, is there
an easier way of segmenting my network? Just to be clear, I want two networks
to communicate with each other”.
Fr.
Robert: Yes. So you
are talking about a NAT on a NAT and that is actually not as dirty as it
sounds. It sounds bad. We don’t like it, it is not an ideal situation but it is
something that you can do if you don’t have more advanced gear. I am going to
give you two different options. I am going to give you that NAT on NAT and I'm
going to give you a VLAN option which we are going to go into a bit more depth.
But before we do that, there is something that you need to understand about IP
addressing. Now, Bryan, you know about how IP addressing works right? The IP
address we have on the Internet is a unique number that is like an address or
phone number that is unique. If a server pings 143. blah blah blah,
it will get to you.
Bryan: That is your outside address.
Fr.
Robert: That is
your outside address. Those are called routable addresses. And
IPV4. IPV6 works the same way but it is much longer.
Bryan: Right. Because they needed more
addresses for more people.
Fr.
Robert: IPV6 has
more combinations then there are molecules on planet Earth or something like
that. It is a ridiculous amount of numbers.
Bryan: So we shouldn’t have any worry
about running out of IPV6.
Fr.
Robert: Of IPV6, we
are already out of IPV4. But IPV4 is what networking solutions
has been using for the longest time. It is the easiest to visualize, so
that is what we are going to use for the demonstration. Now there is a
difference between what are called routable addresses and non-routable addresses.
So in the beginning, everything was routable. The idea was you had 4 routable
octets, but I can’t remember the combinations - was it 32 bit? In the 90’s we
started to realize we were already running out of space.
Bryan: The 90s was kind of a long time ago
now.
Fr.
Robert: Then we
came up with this wonderful thing that we call to NAT, network address
translation. Because subnetwork engineers figured out wait a minute not every
device that is on a network needs its own routing address. It doesn’t need its
own address because we don’t want outside world to communicate with it. So we
came up with these boxes that did what is called network address translation.
And it allowed us to take a single routable address and share it among a lot of
devices.
Bryan: And I would be your local network?
Fr.
Robert: That would
be your local network or LAN. But before that could work they broke off a chunk
of the usable addresses and they made them non-routable addresses. So anything
that is 192.168.0.0/16 so that is 65,536 possible combinations. 172.16.0.0 up to 172.31.0.x.x/20 so that is like a million something on
to 10.0.0/24 that is all of it. All of those addresses are now non-routable.
But what it means is that I can reuse these over and over again every time I go
behind a NAT.
Bryan: I was going to say the 192.168 is
very familiar.
Fr.
Robert: Every
device that you buy on the consumer market is probably going to start with
192.168.0.1 or 1.1.
Bryan: A Linksys router.
Fr.
Robert: But the
important part is that any of those devices can use any of these numbers. All
of these non-routable addresses. And like I said, if I
have two different routers they can both use the exact same number because
those are non-routable addresses. They don’t have to be unique. As long as
those numbers don’t translate power to the box is fine. Everything works fine.
Bryan: There is no conflict.
Fr.
Robert: There is no
conflict. Which freed up those numbers. So even though
we were running out of addresses in the 90s, we didn’t actually run out of
addresses until the 2010’s and that is because when we started NATing off the devices that didn’t need a real address is
saved us a lot of space. It makes sense right? Okay, now. Now that we know that
let’s take a look at this. This is what Miguel, ME, is suggesting. You’ve got
the internet, the router and then you’ve got a NAT and a NAT.
Bryan: And now these other NAT’s are other
individual routers?
Fr.
Robert: Right. So
what I am doing is I am having the Internet, I’m having my cable modem/router
whatever this is going to be, I’m assuming this is a home network, and I’m
going to use multiple NAT’s, using a unique non-routable IP address as its
range. So this might be 192.168.0.1 and this is 0.1.1 and then .2.1 and .3.1. I
could use the same for all of this but to make it
simple for us to keep track I am going to use different addresses. Now here is
the fun part. He doesn’t want these networks to talk to each other. This
network will not actually be able to talk to this network or this network and
vice a versa. Anything on the same level cannot speak to the other routers, the
other NAT’s on that box. It can only speak to a single address.
Bryan: A single address that is connected
to the Internet.
Fr.
Robert: Right.
Anything in one of these NAT’s can address any device that is in that NAT and
can address any device that is in the internet.
Bryan: Okay. It just can’t see the other
NAT’s that are on the network.
Fr.
Robert: Right. That are on the same level. So for example if I had multiple
of these, these are my favorite. These are the old standard. This is a WRT54G. This
is a classic because you can see it is the Funero. The
idea was to share your internet. They had a program where they would send you a
free router and I got like 12.
Bryan: Did you use them for your own
individual NAT that you needed?
Fr.
Robert: So what I
can do, is I can take this and I can put this all on
the same network. And being on the same network both being NAT’s on NAT’s they
can only see one address. The WAN address from the other
device. So the devices with in each of these NAT’s would actually be
protected unless I did port forwarding or something like that. Is this making
sense?
Bryan: Yes, this is making sense. I feel
like it is a little bit NAT-ception but…
Fr.
Robert: It is NAT-ception but I would not do this.
Bryan: If you wanted to do a home network
where you had computers on separate NAT’s this is the way you would do it.
Fr.
Robert: If you
wanted a simple way to do it and you had a bunch of leftover routers you can do
this. It is not preferred because when you NAT a NAT you start to run into
performance issues, you can miss configure things and make things bad.
Bryan: And what I always run into is my
gaming machine so any Xbox or PlayStation’s connected to the Internet will have
issues with the NAT and being open or strict.
Fr.
Robert: Now,
essentially can you do this? Yes. Should you do it? No.
Bryan: I guess the concern is that if you
had an infected computer on your network you wouldn’t want that getting
transferred to any of the other computers?
Fr.
Robert: Yes. So, in
this example if this was a public network that had the Wi-Fi spot in everything
and it was an infection over here that computer could see this and could see
that and would be able to see the WAN address of this NAT but wouldn’t actually
be able to see any of the devices behind it.
Bryan: So it is like a firewall?
Fr.
Robert: It is a
firewall, you are creating a firewall.
Bryan: Like the Titanic, I can’t think of
the word.
Fr.
Robert: Compartments? Watertight compartments?
Bryan: Making compartments of your
network.
Fr.
Robert: Exactly.
Now, this double NATing, and we don’t like doing
that. Because that means your network address is translating a network address
translation. Don’t like that. Don’t do that.
Bryan: That is when things start not
talking to each other and stuff?
Fr.
Robert: It will
work, but it tends to start slowing down and if you lose things, just don’t do
it. It will work. But don’t do it. If it is a short time thing great if not,
then don’t do it. Let me show you a way really quickly. I’m not going to action
show you how to do it until next week, but if you have a router that can run
DDWRT, one of the cool things about this is that it does what is called
VLANs, and Miguel actually did mention that VLANs were one of the possible
solutions. VLANs are incredibly powerful. Essentially it allows you to take the
same cable, so rather than botching all this and putting a NAT on a NAT on a
NAT, if you have a VLAN capable router port or VLAN capable switches it allows
you to separate your network without having to run multiple cables and put
multiple NATs.
Bryan: Or buy more routers.
Fr.
Robert: Exactly.
And it is incredibly powerful. What I’ve got here is a little bit of a video
that is going to show you in broad strokes what a VLAN and can do. Alex, could
you push that magic button?
Fr.
Robert: We’ve got a
really good demonstration, a really simple demonstration on how all this works.
Now explain to me what do we have on the table? We’ve got these Intellijacks, which by the way I have to add these are some
of my favorite pieces of gear to come out of Interrock.
These are essentially power over ethernet powered
managed switches. But why do we have four of them on the table? And what are
they doing?
We’ve got a real simple
configuration here that I show people what VLANs are about. I’ll show you guys what
this is all about. So pretend this is a regular switch that is in your
environment 24-4 switch 48-4 switch or whatever it might be. Pretend this is
another one. And in these two over here we are just using them as end stations, pretend those are laptops or what have you. We are
just using those as a device that we compete to two verify that kind of activity. So again, very simple configuration of two switches and
two and devices and we just essentially have two VLANs going across here, VLAN
11 or VLAN 12 and we are going to show you how these VLANs keep that separated.
The originating laptop over there can see one VLAN but can’t see the other
VLAN.
Fr.
Robert: And that is
what you are saying right now on this feed. And that is if got two windows, one
is trying to Pete this device and one is trying to peak that device and as you
can see traffic is only getting through on one of these. The reason for that is
that we have set these up so that port 1 and port 2 have the same VLAN on this
switch as port 1 and port 2 on that switch. Which essentially means the on this
one cable I've created two isolated networks so that traffic doesn’t flow
between them.
That is absolutely correct. So to
further that just a little bit, this port number one here is VLAN 11 and this
port number one here is VLAN 11. Number two here is VLAN 12 and number two
there is VLAN 12. On the back, this purple cable goes straight from here in the
back of this with and that cable has both VLANs. And that is the VLAN tagged
with 802.1Q and 802.1Q is the technology in the standard use to tag the VLANs.
Fr.
Robert: What I’m
going to do is I’m going to go ahead and switch this over to Port 2 and in a
second I should start to see pings off that second Intellijack.
But tell me how does the tagging work? Where do the
tags start, how do they end and how do they run to my network?
So most of your workstations and
servers typically are not going to send out a tag and a packet, they have the
capability to use these but typically they are not. So a packet is going to
come in in this situation to Port 2 and is going to be untagged, the switch is
going to receive that packet with no tag on it. It is going to look at it and
say that port is only VLAN 12 so immediately any packet coming into the switch,
even a behind switch that has no configuration on it, is essentially what they
do is tag the packet as a traverse switch. So the switch can keep an I on where that packet is supposed to live. So again, it
comes in and immediately the switch tags the packet for the VLAN 12 and sends
it out the back with the 802.1Q tag on it with VLAN 12 in that tag.
Fr.
Robert: You can see
on the screen that we flopped. So now I can access the other Intellijack but that first Intellijack is no longer pingable. if that is all it was, that would not be all that impressive. I can actually start
grouping together VLANs. I can start grouping together other ports to
particular network zones. Show me how I do that on this interface and tell me
why I would want to do that.
So in our example here, you look at
the screen and you can see on port one and it can switch number two here. In
Port number one it has what is called a PVID of 11 and Port number 2 has a PVID
of 12. PVID says if I receive a packet and I don’t know what VLAN I should put
that on, that PVID says you can only receive a packet that doesn’t have a VLAN
tag on it put it on this VLAN. In this situation we are putting it on 11 or 12.
So here we go. What I’m going to do is make that laptop peen both of these in
devices. And the way we are going to do that is we are going to switch port 2
here to VLAN 11. Alright so here we go. That is going to apply and now, we need to switch this back over to port one.
Fr.
Robert: In a couple
of seconds after it has dumped out its cache, it should show was that it can
help you need both of the devices. That is correct.
Fr.
Robert: Now we’ve
got both feeds so that one port is now able to see the traffic on both of these
switches. Both of these ports. Now, this is a very
small demonstration but hopefully it shows you the power of a VLAN and it will
totally inspire you to go out and play. Because again, the best place for you
to find out more about VLANs is to get some gear that speaks VLANS and just
start playing with it. Start assigning VLANs, make a few mistakes, reset the
gear, find out how to use them and find out how they can benefit you in your
network.
Fr.
Robert: Now, we are
not going to show you how to load DD WRT onto your router of choice because we
actually did that, the original Know How crew did that back in episode three.
So if you go to episode three of Know How, it is Ias and Leo, and they actually give you step by step instructions of finding the
firmware for your router and loading it on. What we will do next week is we
will show you some of the different options because it is not just DDWRT. There
is also tomato and open WRT, those are also good options. We are going to go
back and forth on some of the pros and cons of each one and then we are
actually going to show you how you would do VLANs inside a DDWRT equipped
router.
Bryan: Cool. Even though episode three was
a while ago, the process really hasn’t changed.
Fr.
Robert: If you have
ever upgraded the firmware on your router, this is exactly the same thing. The
only thing different is what you will hear is a 30/30/30 and we will explain
next week what the 30/30/30 is next week. That is the thing that holds people
up sometimes but seriously if you’ve got a DDWRT capable router, and you are
not using a custom firmware you are wasting the hardware.
Bryan: You are missing out. There are so
many fun things you could play with. Mix-and-match.
Fr.
Robert: And that is
what we will do over the next couple of weeks we want to show you some of the
more advanced features because it is not just the VLANs, you can do things to
the wireless and some fantastic things to the wireless. We are going to show
you some of the pros and cons of messing around with the wireless settings. We
are going to show you how you can install your own open VPN if you want to run
a VPN out of your house. And we are going to show you how to use static router
which are actually incredibly robust. If you ever wanted to do enterprise style
networking that you didn’t want to buy enterprise priced gear, you will be able
to do it with custom firmware.
Bryan: Or you just wanted to open up some
ports to a certain IP address that you can play games without a NAT?
Fr.
Robert: It won’t
work. The only way for you to play your Xbox is directly hooked up to the
Internet. Actually we are going to be talking a little bit about DMZ in just a
bit. But first, let’s go ahead and take a moment to thank the sponsor of this
episode of Know How.
Fr.
Robert: Now, you
know that Bryan and I are big fans of the connected home. Everything should be
connected right? Were not talking just my computer, my lights or my camera. I am
talking about my thermostat, my entertainment system, my sound system, my
appliances, my light. Don’t you kind of expect… they
promised us way back when that we should all have houses that are like Iron
Man’s Jarvis.
Bryan: That’s right. I want my garage door
to open when I roll up into the driveway, I want to know everything that is going
on and I want to be able to keep my eye on Tibs, my
little dog.
Fr.
Robert: The thing is, that technology kind of it exists. But they are sewed
jumbled and there are so many different manufacturers that offer this thing or
that thing where that light switch I really want but this humidity sensor that
I would really like installed. But there is no really good way to combine
everything.
Bryan: Oh, but there is.
Fr.
Robert: There is. Smart Things. What is Smart Things? Smart Things was CES
2015 most valuable product in a home automation sector. This thing is not just
a home automation system. It is a way to connect all of your devices. It starts
with that. That is the hub. This is the device that is going to allow you to
connect multiple devices no matter what you are using. You want to use your
smart home with your Sona sound system, your Nest
thermostat, you can do that. What about your Drop
Cams? Of course. Now the thing is, it is not just
connecting member it is getting it the smarts. So that you can use something
like the moisture sensor under the house so that it turns on a pump when there
is water in the basement. It could use something like the open and close
sensors to control security so that you will know if someone is entering your
house. My personal favorite is this. That is the presence sensor. When you walk
near your house, it knows that it is you and it sets everything to your
settings.
Bryan: Where I would have it is to turn on
in my life when I come walking up to the door.
Fr.
Robert: For me I
have it turn on the lights, turn down the temperature, I like it cold. But also
do things like turn on my sound system. It is also integrated with my Drop Cam
so if someone violates a boundary within the Drop Cam frame, I get a text
warnings saying there is a package for you or someone is coming to the front
door.
Bryan: Sometimes Shara will take my dog to her parents house but I still want my house to be protected so I could hook up one of these
to play a barking noise when motion is detected at the gate.
Fr.
Robert: It can do
it all with Smart Things. Now, Smart Things is CES 2015 highest placed home
automation system that one editor’s choice award. You don’t have just lights,
locks, thermostat, you’ve got everything. And that is what Smart Things lets
you do. You can control everything with intuitive controls that let you use set
the rules on your smart phone through their free iOS, android and Windows phone
apps. Now with Smart Things you can customize the way that you’re smart devices
talk to each other. Just like Bryan and I just said make your house react the
way you want it to it becomes your own personal Jarvis. You can set your lamps
to brighten each morning at sunrise or whenever you want to wake up. You can
protect your things with home security motion detection sensors, water
detection sensors and more. You can set the cameras to take a series of photos
when unwanted motion or injury is detected. And you can have your doors
recognize you when you walk up. And have them unlock themselves. Welcome home.
There are so many different ways to customize your’s Smart Things home. Now here is what we want you to do. We want you to get
started setting up your smart home right now. Smart Things is offering Know How
listeners 10% off any home security or solutions kit. And you will get free
shipping in the United States when you go to smartthings.com/twit and use the offer code twit at checkout. Smart Things. Your smart home now. We thank Smart Things for their
support of Know How.
Bryan: Thank you, Smart Things.
Fr.
Robert: Now, Bryan.
Bryan: What?
Fr.
Robert: We took two
weeks off from the Alien X Quad Copter build because we wanted to give people a
chance to..
Bryan: To catch up. To get the parts so
they could play along.
Fr.
Robert: But those
two weeks have elapsed and it is time to show them how to put it all together. Alex,
do me a favor and push that magic button.
Fr.
Robert: in the last
installment of Project Alien X we showed you the parts and tools that you will
seem to build the stretched 450 class quad copter. This time
we are going to show you exactly how to build it. The first step in
integration is mounting motors on the Alien X arms. Your frame kit should have
included 4 arms in 2 different colors. Decide which arms will be forward and
which ones will be asked. Now mark your arms from 1 to 4. With one being the
forward left and two being the forward right, three aft right and four aft left. This is important if you are using motors that are threaded
for clockwise and counterclockwise operation and it is just good practice if
you ever need to disassemble your Alien X. In our set of EMAX 2213 motors, the two
red Motors are threaded to turn counterclockwise while the two black Motors
turn clockwise. If you have a similar set up rotation for the motors but are
unsure of which way they are designed to operate, just remember that holding
the prop that while turning the motor in the direction it is supposed to turn
will tighten the nut. Take our number one and one of the motors that turns
clockwise, again in our build it is one of the black cap motors. Then mount the
motor to the arm using four M3 – 0.58 mm machine screws. The length is
important. Because 6 mm screws won’t penetrate far enough into the motor
housing and 10 mm screws will penetrate too far. Apply a very thin dab of
Loctite glue on each screw to prevent them from vibrating loose. Repeat the
process for all forearms. Our number three gets the other black cap Motor while
arms two and four get the two red capped counterclockwise turning Motors. Now
that the motors are mounted let’s get the electronic speed controllers
installed. If you are using the EMAX 2213 that we suggested then you already
have pre-soldered male 3.5 mm bullet connectors on the motors. However, our
ready to fly quads red series 30 amp ESC’s need female 3.5 mm bullet connectors
on the motor leads and male 3.5 mm bullets on the power lead. I actually prefer
to not have pre-soldered connectors on the ESC’s because it allows us to cut
the motor leads down to keep excess wire to a minimum. Read your motor leads up
through the lattice of the arms with their connectors ending up on the upper surface.
Then place the ESC towards the rear of each arm and eyeball how much wire you
can remove. Account for the length of the wire but if it is too short you will
have to solder new wires. Measure twice and cut once. Then repeat the process
for all four ESC’s. It is time to solder the connectors. Strip about 4 mm of
insulation from the ends of the ESC’s motor leads, ten your leads then solder
3.5 mm female bullet connectors to each lead. The easiest way to attach the
bullet connectors is by heating the bullets until you can flow solder inside
the mounting cup. Fill the cup halfway with solder and then insert your pre-tened lead. Allow the solder on the lead to reflow. Then
remove heat and hold the wire in position until the solder cools. With the motor
leads down you can now solder male 3.5 mm bullet connectors onto the power
leads of the ESCs using the same process that we used for the female connectors
on the ESC motor lead. Double check your work, look for a empty mounting cups are obvious gaps between wires
and solder. The heat shrink will hide bad joints so it is best to take a second
and third look now. Once your satisfied with your
soldering work use lengths of 3/16th inch heat shrink tubing to insulate the
connectors. For the female connectors you want to cover everything from and of
the connector to a quarter inch past. For the male connectors insulate
everything from the rotating part of the bullet to a quarter inch past. Connect
the motor leads to the leaves on the ESC’s and zip tie them to the far end of the arm away from the motors. The ESC should be securely
mounted to the arm and I like using a second smaller zip tie to secure the
motor leads. But don’t overly tightened the motor
leads and don’t zip tie the wires to the motors. As we may
need to swap several of the connectors when we check motor rotation in the next
segment. Set the arms of side and let’s make a power harness. Our power
harness starts with a 45 mm power distribution board from ready to fly quads. Basically
any power source you connect to the positive and negative leads on the inside
of the board will be distributed to any devices that are connected to the
positive and negative leads on the outside of the board. The board comes with
soldering points for 8 ESC’s and three peripherals but we are always going to
use the four point towards the front and the back of
the board. Cut 8, two inch lengths of 14 gauge silicone wire. Four black and four red. These will become the leads that go
from the distribution board to the power leads on the ESC’s. Also cut a pair of
5 inch lengths. These will become the wires that connect the power distribution
board to the battery. Strip 4 mm of insulation off of each end of the two inch
wires and tend each end. Now solder a female 3.5 mm bullet connector to the end
of each of the 2 inch wires. Insulate each connector with heat shrink tubing as
before. The 5 inch pair of wires will be connected to a female XT 60 connector,
a popular connector found on many LIPO battery packs. Soldering XT60 connectors
can be a little tricky because too much heat will melt the plastic housing
surrounding the XT 60, warping the alignment of the conductors or destroying
the connector altogether. I’ve found that the easiest way to solder the XT 60
is to first plug the connector into its opposite to
spread the heat and to maintain alignment of its conductors. Insert your
pre-stripped and tend leads into the correct cup. Note that the negative lead
will always be on the side of connector with the cut corners. Then apply heat
to the wire, not the connector. When the solder on the pre-tend wires start to
flow quickly apply solder to the wire and fill the cup. Never spent more than
eight seconds applying heat and make sure to let the XT 60 cool before soldering
the other wire. Once your wires are attached use 3/16 inch heat shrink tubing
to insulate the conductors. Now let’s assemble the power distribution board.
Making sure to match the positive solder points to the red wires and the
negative points to the black wires, solder each to which lead to the board. Making sure to use the front two and rear two contact sets for the
ESC leads. Take the 5 inch leaves and solder them into the contact
points on the inside of the board. You can use either side of the board but you
will want all your wires mounted on the same side, it doesn’t have to be pretty
but try to avoid an excess of solder which risks a bridged connection, a really
bad thing when you are passing 50 to 100 A through the board. With our leads in
place and the boards checked for solder bridges it is time to mount the power
distribution board on the lower half of the frame. If you are wondering which
plate is the lower half, the lower half is wider and longer than the top half.
Using nylon spacers and the pre-drilled mounting holes secure the board so that
the solder points point up and the power leads point into the front and rear of
the frame. If you have the spacers you can also screw spacers on top of the
board with a total height of 1 1/2 inches. This will allow you to secure the
board to the top frame once the arms are installed, making your framework
rigid. Remembering that the numbering of your arms, attach them to the bottom
plate with two screws each. Pass the power leads through the arms and connect
them to the leads from the power harness. Make sure not to flex the frame or
put any undue pressure on it since it is relatively fragile until the top half
of the frame is attached. Using the included screws, attach the top half of the
frame to the arms. Once those are fastened use four aluminum posts to complete
the tail towards the rear of the frame. Then zip tie your receiver to the tail and use the excess zip tie length to secure the
receiver’s antenna. Using more nylon spacers about the flight
controller on the top deck directly above the power distribution board. This is the center of gravity for your craft. I’m mounting the flight
controller on the top deck because I am using a K2.1.5 board and I want easy
access to the controls while tuning. But you can also mount your flight
controller within the frame just above the power distribution board. Using the
four included rubber adapters install the clean plate on the
nose of the alien X. This clean plate will allow you to mount go pro
style cameras on a surface that is somewhat isolated from the rest of the
frame, reducing vibration while placing the camera in the nose of the craft.
Now it is time to wire the flight controller. We are using the KK. So if you
are using something else you will need to modify these instructions to fit your
controller. The ESC’s will be connected to the row of pens to the right of the
KK with the topmost set of pens for ESC one, the second set for ESC two and so
forth. The number of the ESC is the same as the arm member I have you marked
earlier. When connecting the ESC’s to the controller, make sure the ground wire
is to the outside of the board while the positive wire is to the middle and the
signal cable, usually yellow or white, is on the inside. Most non-opto ESC's include a battery eliminator circuit or BEC that
provides five or 6 V of power to the flight controller and the receiver from
the main battery. But they can also fry electronics if incorrectly connected.
Check and double check your connections before you apply power. Also, while the
KK will only accept power from the first ESC some flight controllers will fry
if you connect them to more than one BEC equipped ESC. If you are using such a
flight controller, snip the red central wire on ESC’s other than the first.
Your receivers should have the schematic for which pins are signal and which
are power. Plug one of your signal leads into the pins for channel 1 making
sure to use the white or yellow wire for signal. Plug the other side of the lead
into the topmost center pins on the left side of the controller with the white
or yellow signal cable towards the inside of the KK. Take a second lead and
connect it to just the signal pins of channels two through four on the receiver
and then connect the other end of that lead to just the signal pins closest to
the screen for channels two through four on the flight controller. Use the last
lead to connect channel 5 from the receiver to the controller. Our KK came with
a small alarm that gives us audible information about arming status voltage and
if we crash and the weeds, location. On the top left side of the KK there are
two pins labeled buzzer. Connect the red lead to the positive pin and the black
lead to the negative. Now for the moment of truth. We
are going to connect power to the alien X for the first time. Re-check your
connections to make sure that you have not cross connected anything and make
sure your props are not yet on the motors. Then, standing ready to remove power
at the first hint of trouble connect your XT 60 power connector to a LiPo battery. If all is well that you should hear the
flight controller B and C the LED screen light up. If so,
congratulations. In the next segment of Project Alien X we are going to
set up your receiver, to your flight controller, set motor rotation, square of
the center of gravity and get you ready for air.
Fr.
Robert: In the next
episode we are actually going to show you some of the finishing steps. Because you do have to calibrate and set up the flight controller. You have to balance the craft, and hopefully you have already balanced your
props as we told you how two weeks ago.
Bryan: I’m ready to fly, Padre.
Fr.
Robert: I know,
right? But building is actually part of the fun.
Bryan: I know, that Is why I let you do
that. Then you let me crash them so you get to build them again.
Fr.
Robert: That is
kind of true.
Bryan: That is why we are a good team. I
break them, you build them.
Fr.
Robert: Let’s get
away from quad copters for a bit because we will have plenty more. Because the next week you are going to have to learn how to set the
center of gravity of these crafts. As we get bigger and bigger, that
becomes far more important. Actually we did have a question about that. People
were wondering how important balancing your quad is. It is incredibly
important. The problem is, if you have one side of the craft that is heavier
than the other the flight controller is going to do what it has to do in order
to balance it. In other words, it is going to increase the thrust on the side
that is low and decrease the thrust on the side that is high. The problem is,
even though it looks level your Quad is actually using more of its power up
front. Which means that when you do want to use it you don’t
have much range left.
Bryan: I’ve notice when trying to do
certain maneuvers if I am coming down at a certain speed or trying to go up at
a certain speed it definitely affects the handling of the Quad if it isn’t
balanced.
Fr.
Robert: You just
feel it. It won’t go as fast forward as it does backward. Or it won’t go as
quickly to the left or to the right. The more balanced your craft is, the more
power you need in reserve for when you actually want to punch it and make it do
fun stuff. By the way I can’t remember who, but someone did in the Google plus
group say that he landed his 250 in a pond. That is my nightmare scenario. I
fly over water because it is beautiful but I know that if it goes in and it is
gone. I won't get it back. I’m sorry.
Bryan: If you are going to be flying in an area overwater it might be a good idea to get a frame
that will cover most everything. There is a quad that you can fly off your
sailboat or something like that right?
Fr.
Robert: We do you
have an episode I think it is like 2 1/2 months from now where I am going to
show people how to waterproof and pond to their quad. So if you do want to fly
over water you can do it. Just be prepared. Now we do have a
another question about networking. Bryan?
Bryan: This comes from Benjamin and he
wants servers without hackers. “ If I want to run a
server on one of my computers what is the best way to secure it and make sure
that hackers cannot get to the rest of my network if they hack that server? Or
would it be better having it on a nether Internet connection?”
Fr.
Robert: Okay, this
is actually a very good question. He wants to know if he runs a server at home, it could be any server, a game server, a file server
or whatever it is going to be. If he allows people to access that server, what
would happen if that server got compromised? The short answer is everything.
Everything bad would happen. If you have the server in the same segment as
everything else, if that server gets compromised and that server can see
everything else then bad things can happen to everything else that is on the
same network segment.
Bryan: Would this be kind of like what we
were talking about earlier? Would this be something you would keep on a
different server?
Fr.
Robert: Yes. A different network or a better network. Better would be to
put it in its own VLAN. So you have a VLAN that is set up so that only the
devices connected to that port, which would be the server, can connect to the
Internet. They can’t see anything else on the rest of the network. And the rest
of the network can’t see it.
Bryan: Okay. What if you are at home and
you want to access the server? You’re going out to the internet and coming
back?
Fr.
Robert: Yeah. Well
actually what you are doing is going to the edge of the router and then coming
back. It is not that big of a problem and it is actually far more secure. I am
paranoid about running a server inside of my production network. Because, by definition I am allowing people to access it. And
if I am allowing people to access it that it means that thinks can happen to it
that I don’t anticipate. And I don’t like having anything in my core network
that has the that I am not anticipating.
Bryan: And you would have to port forward
to the server?
Fr.
Robert: Let's talk
a little bit about that. Because I remember there was this one guy who wanted
to play games. So he decided the best way for him to be able to play games on
his PC would just be to set up the DMZ to the IP address of his PC.
Bryan: That way he just got free access to
everything. There is nothing holding you back.
Fr.
Robert: There is
also nothing holding them back. Okay. Refer back to our NAT discussion. Remember
NAT allows you to take one routable address and share it with a bunch of
non-routable addresses. And one of the advantages of that is something on the
outside can’t actually see something on the inside. Unless
you open up a DMZ. If you open up a DMZ you are basically saying
everything, all the traffic that hits that routable address goes to one
specific non-routable address on the inside which is a essentially the same
thing as taking your computer, throwing away the firewall and plugging it into
the Internet and saying hey, come own me!
Bryan: And DMZ stands for what you think
it might? Nothing protected.
Fr.
Robert: Nothing
protected - just go. Now that used to be useful in the old Internet days when
people were very ignorant of some of the threats that were out there. Never,
ever use a DMZ. The only time I would suggest using DMZ is if you are doing
something inside your network like NATing a NAT. I
could actually take the DMZ and assign it to the web address of one of the
other NATs inside of my network. And then I give that the ability to do cool
things. But I would never take a DMZ and throw it on a particular device.
Bryan: Could we run a test some time where
we have a computer on a DMZ and just see how long it takes to get compromised?
Fr.
Robert: Yes. We can
do that. And believe it or not, if you run a windows XP machine clean and clear
with fresh installation on the open Internet which we can do. I would think
within five minutes we would be compromised. There are scripts that are running
constantly and within five minutes something would happen.
Bryan: Is the DMZ something that you have
to be concerned about if you use it on a console? Or use it at all on anything
in your home network?
Fr.
Robert: Just don’t.
Remember what a DMZ is allowing you to do is it is allowing you to take all the
ports, all 65,536 possible ports, and they can all access that one device. An issue
with a lot of older Windows boxes is they know well enough to block certain
ports but they leave a lot of other ports opened by default. Even
if they should be. And so what I would do if I was running an exploit I
would be looking for those open ports and once I get one that is not properly
protected I can now own the machine.
Bryan: And that is when you can insert malicious
files and things like that?
Fr.
Robert: Literally
owning that. I can use the machine as if I am sitting in front of the keyboard. Scary. Now we have addressed a better way to do this.
If you look at episode 101 of Know How, we actually did port forwarding and
port forwarding, we did this with cameras remember? we could use this same vein for that server if that server is an FTP server. I
know that is port 21, so I would only forward port 21 to the server and all the
other ports would be shut down. Or if I knew that my gaming server is on port
2100 I would forward just port 2100. So if you want to know how to do that go
to Know How episode 101. Which is kind of great. And
you’ll figure it out.
Bryan: We were so young back then. I
remember that. Oh no. That was terrible.
Fr.
Robert: You had a
lot of hot spots. This makes me realize he should never be given toys.
Bryan: We have way too much fun on these
shows. I guess that about wraps it up, it’s been about
50 minutes.
Fr.
Robert: One last
thing. This is not a segment. This Is just a really
quick preview. People have been asking when we are going to start doing 3-D
printed objects. We can show it to you yet because the 3-D printer we have has
not actually been released. It won’t be released for another month. In a month
we are going to be going crazy on printing 3-D objects. It is not just these
really cool shapes. But it is things that will help us in the other projects
that we are doing. For example, I decided I wanted to start building a
retractable landing system for some of my Quad copters. I came up with a quick
mockup and this is just a servo attached to a little strut. What happens is
when I activate the servo it allows me to extend and retract a landing gear. This is a super crude initial go. This is basically
just me not sleeping. I have made a little tri-copter mount and the base is
solid. My design for the upper plate did not, no. It kind of imploded in the
printer. But when this is done, this will allow me to tilt my motor back and
forth so I can actually have a Tri-Copter. The cool thing about this is that I
have designed it so that it can takes standard and aluminum dowels. It is
actually really solid. This is a lot stronger than I thought it would be.
However, this did allow us to create some objects that would address another
question that some people in the Google plus group had. They have about angled
arms. And what the angled arms on quad copters are all about. Now, when you
have a standard Quad copter, here is a 250 that some of us have built and
crashed. There have been a lot of crashes and send us some of your crash
footage, it is awesome. But, the way that we move a quad copter we reduce power
on the motors in the direction we want to move and we increase power on the
motors away from it. I want this to go forward I would dip it like this and now
these motors are basically pulling me forward. The problem with this is that if
you have flown quad copters you lose a bit of control when you do that. And you
lose altitude. You have to increase the rest because you are falling. And it
can make going around hairpin corners a little bit tricky. What we have been
able to do, is tilt the motors inward. What tilting the motors inward does, is twofold. First if any of you have ever tried to go
straight down, you are going to notice how it kind of wobbles. That It is because all the thrust is going straight down and you
were flying into the air you just created. If you angle the motors so that they
are all facing a little bit inward the thrust is going at an angle away from
the craft of you are actually flying down into cleaner air.
Bryan: It gives you a little bit of a
cushion.
Fr.
Robert: It gives
you a cushion and it allows you to get more steady shots. Check this out. This is
the 250 frame that we have been using.
Bryan: They look like normal frames but
they are…
Fr.
Robert: This is a
250 frame that you can also give from hobby key but notice how it has a little
bit of an angle to it. What that angle will do is allow you to use larger props
that it gives you a natural upheaval so that I could take all of the components
from this craft, put it on this board and now it is going to fly like a
different craft. And, this is what I really like. When I am going forward and
tilt forward so that these motors are up to pull me forward but the motorist
here are no longer pointing, they are flat. Which means I am
not going to lose altitude as I am going to those curves.
Bryan: That is cool. I want to play with
them.
Fr.
Robert: Yeah. This
is nice. But, I bring this up only because the other night I was sitting at my
desk and I was like you know what I want to give the audience a way to retrofit
their craft without having to buy a brand-new frame and move everything over.
So, I came up with these. I 3-D printed this on our not yet existent printer.
These are just little stand offs, they are angled and they go under the motors
on top of the motor mounts. What they will do is actually angled motors about
10° so that you get most of the same affect that you would from a frame with headrow. And the cool thing about this is that the total
cost on something like this is ten cents. What I want to do when we get the 3D
printers up and running, I want to print out a bunch of these and send to
anyone in the audience that wants to mess with them.
Bryan: Just mass produce these.
Fr.
Robert: Exactly. And
the nice thing is that you can retrofit your old craft and it will feel like an
entirely different craft. It feels much more aggressive. You do lose a little
bit of flight time because the motors are kind of at odds with each other but
it just makes it a much more fun ride.
Bryan: That is pretty neat. It is like
adding different suspension to your car.
Fr.
Robert: Now next
week we are going to be continuing with the Quad Copter build. We are going to
finish it out and let you get it into the air. We’ve also got our special on
VLAN so I am going to show you how to VLAN off your network if you have a DDWRT
compatible router and Bryan, you’ve got a segment on smart watches.
Bryan: That’s right. The Apple watch is
coming out soon. I’ve been using the Moto 360 pretty religiously since I first
got it but I thought maybe people would want to play with the do it yourself
watch. That is much cheaper.
Fr.
Robert: We like
DIY. Folks we know this has been a lot of material and believe it not we’ve got
some great notes for you. Including step by step directions. I literally wrote up all the instructions for assembling Project Alien X so if
you watched that video and you were a little bit lost, watch it along with the
instructions and it should guide you through each and every single step along
the way. We’ve also got notes for where you can buy various notes where you can
check out the data base for DDWRT compatible routers. That is just a great
resource to have. Where do they go to find that?
Bryan: They can find it at twit.tv/kh and like we pointed out earlier in episode 101 you can
go back and flip through that because that is where all our old episodes live. There
are also handy links for subscribing and yeah. You got drilled last week. Padre
has been doing a good job with all his step by step notes and you can find all
the links that you need to buy things, along with the prices and stuff. Yeah,
but that is not the only place you can find our stuff.
Fr.
Robert: You can
find us on Google Plus. In fact that is where I insist you go. It is an 8000
member strong group and just go to Google Plus and
look for Know How. It is not just Quad Copters, we’ve
got quite a few networking geeks in there. We’ve got a couple people suggesting
Rasp Pi and Ardueno projects. Jump in. That group is
really the way that we figure out what you want to see on the show. Do us a
favor, don’t just get in there and say I hate everything. In fact that doesn’t
help. Suggest projects that you actually want to see on the show and if we can
do them, we’ll do them.
Bryan: Yep. If you think we’ve been
talking about something too much, that is fine but at least give us a
suggestion of something else you’d like to see.
Fr.
Robert: Don’t
forget GPlus isn’t the only place to find us. You can
find us on Twitter. I’m @PadreSJ.
Bryan: And I am @ cranky_hippo.
Fr.
Robert: Follow us
and you can find out what we are doing for every week of the show as well as
suggest topics for future shows and see what we are doing just in general.
Bryan: All kinds of shenanigans. And speaking of Twitter. @anelf3…
Alex: We are out of time, Bryan.
Fr.
Robert: Whoa, whoa,
whoa.
Bryan: Somebody convinced me to put Windows
10 preview on my gaming PC downstairs last night. First thing that happened
when I got to it this morning? It froze. I think it is okay now, I think it
needed a good re-boot. We might do some Windows tips in upcoming episodes.
Fr.
Robert: Give him
some love folks. He just sits behind his desk and gets grumpy.
Alex: We are really out of time.
Fr.
Robert: Fine
whatever. Until next time I’m Father Robert Ballecer.
Bryan: And I’m Bryan Burnett.
Fr.
Robert: And now
that you know how…
Bryan: Go do it!
