Telecom BigTime: Unleash the Internets! (or not)

October 30th, 2009

You may have noticed the ads for Telecom Big Time on TV recently. Flat rate! No Caps! Traffic Managed! uh oh.

First off, flat rate never ever works for long. Second, Traffic Management is never a good thing. It is normally sold as keeping it fair for everyone and only affecting those dastardly pirates. In reality in usually means making everyone suffer.

I had a colleague at work switch to Big Time. He had nothing but positive things to say. Slow to 200k from 5PM-12AM, but then full rate, perfectly usable during the day etc. He had pulled down something like 100 gig in a week or so. He also said that his SSL usenet downloads were unaffected. As I had recently hit my 40 Gig cap on my Telecom Pro plan, I thought I would give it a go.

One point: no static IPs on Big Time!

I filled out the online form (hooray for not having to call!) and the next day I was on Big Time. I did a speed test at 8:00AM that morning and I got ok speeds (8Mb down, 0.6 up) which were below my previously plan speeds (12Mb down, 1.4 up). I left for work excited at the prospect of massive downloads. Getting home that evening I fired up a few downloads using Free Download Manager, a multi part download tool. My speeds hit around 900k down using HTTP and HTTPS. Fantastic!

Youtube videos also loaded really quickly. Apparently due to some fancy caching going on at Telecom’s end.

However, about half an hour later bad things started to happen.

  • My downloads slowed to 100k, then 60k.
  • I started having problems with my download accelerator. Somehow the HTTP/S traffic was being mangled to the point that my app was reporting that the server didn’t support resuming downloads, which meant no multi part downloads.
  • Single stream downloads would range from about 150k to an awesome 3k/sec. This is regardless of protocol (HTTP or HTTPS) or source (US, NZ)
  • The same single stream downloads would periodically stop completely. Couple with the HTTP mangling meant no resuming.

In short, my internet connection was an inconsistent, unpredictable pile of shit. Some examples:

  • My stepson jumped on to play Battlefield Heroes. A new version was released so we left it to download. It took over 5 hours.
  • I went to Windows Update my laptop, 186MB of updates (Office 2007 SP2) took over 2 hours.
  • My wife’s VPN connection dropped every 10 minutes.

    • Long story short, I changed plan on the 21st of October. I changed back on the 26th. I would rather pay the extra 2c a MB than sit with this pathetic excuse for an internet connection.

    To be fair, I did download 30GB of stuff over the 4 or 5 days I was on this plan. Also Telecom were very prompt with changing me back and forth. It is great to be able to do this all online without having to call them.

    In conclusion, Big Time delivers exactly what you expect from a traffic shaped flat rate service. terrible, terrible performance.

Posted in Technical | No Comments »

Detective Work with RADIUS, VPN and Wireshark

July 3rd, 2009

Introduction

The best projects are those that teach you something new. I’ve recently been tasked with decomissioning a RADIUS Server. Not a major task when you first think about it, but the plot thickens.

  1. This RADIUS server is running Netware 6.
  2. RADIUS is provided by BorderManager.
  3. It is used to authenticate ADSL Routers, CDMA Devices and dial up connections all over the country.
  4. It authenticates against E-Directory.
  5. That particular E-Directory tree is not replicated anywhere.
  6. Noone knows the usernames and passwords for the ADSL Routers around the country, so we can’t change user credentials on them.
  7. Noone knows the shared secret for the RADIUS Clients.
  8. Once connected users connect a PPTP VPN to a Windows Server which authenticates against AD.
  9. Some connections have multiple users behind them.

Investigation
Oh man this is going to be fun. I’ve got no Netware or Borderware experience and the people who setup this system are long gone. There is no record of anything and we have no idea as to the number of connections in use, what they are used for and who uses them.

The first step is to figure out our current state. To do this we have to do some pretty heavy log analysis. Our data sources are:

  1. RADIUS Debug logs: Shows all Access-Request, Accounting and other RADIUS Requests for a 6 month period.
  2. VPN logs: Shows all PPTP VPN connections for a 6 month period.
  3. Export of E-Directory accounts.
  4. Export of Active Directory accounts.

The initial stats from these were a great start. We were able to export a list of unique connections over the past 6 months, with an idea of frequency of use. We were then left with a list of RADIUS connections (ADSL, CMDA and Dial-Up) and a list of VPN Connections, both with a fair amount of contact info such as name or telephone number. The next hurdle was mapping WHICH VPN users used which RADIUS connection.

We first matched the obvious ones, those connections with E-Directory and AD accounts with the same names. We were still left with a large number of unmatched accounts. Had the RADIUS connections had static IPs matching these would have been trivial. Unfortunately they were all dynamic, meaning that one address could be mapped to any number of RADIUS connections over the time period. After much hacking at the data I ended up importing it into Access so I could try and perform some SQL magic. Much googling later I ended up with the following query:

SELECT RADIUSLogs.Date AS RADIUSLogs_Date, RADIUSLogs.Time AS RADIUSLogs_Time, RADIUSLogs.[User-Name], RADIUSLogs.[Framed-IP-Address], VPNLogs.Date AS VPNLogs_Date, VPNLogs.Time AS VPNLogs_Time, VPNLogs.Username, VPNLogs.RemoteIP
FROM RADIUSLogs INNER JOIN VPNLogs ON (RADIUSLogs.Date=VPNLogs.Date) AND (RADIUSLogs.[Framed-IP-Address]=VPNLogs.RemoteIP)
WHERE VPNLogs.Time>=dateadd(”n”,-15,RadiusLogs.Time) And VPNLogs.Time<=dateadd(”n”,+15,RadiusLogs.Time) And VPNLogs.Time>RadiusLogs.Time
ORDER BY RADIUSLogs.[User-Name], VPNLogs.Username;

which joins the RADIUS and VPN logs by Date and IP Address and shows results where the VPN connection was connected within 15 minutes of the RADIUS connection connecting, bearing in mind that connected RADIUS connections sent accounting requests every ten minutes. This query can then be used to populate a Pivot Table mapping RADIUS connections to VPN connections, giving me a list of VPN users per RADIUS connection. This is by no means full proof. I can think of several situations in which the results returned will be invalid, but it is a first step. The output of this was run by a business user who helped identify those entries that didn’t make much sense and they were removed. We now had a list of RADIUS connections and the VPN users behind them.

RADIUS Migration
At this stage we decided to migrate the RADIUS functionality to a Windows IAS Server. This would mean that authentication would be performed against Active Directory rather than E-Directory. By a stroke of luck a decent number of the E Directory accounts used were already synchronised with AD using Identity Manager. Unfortunately a large number were not, which left us in a difficult situation. As stated we are unable to change the usernames and passwords used on the ADSL routers as we don’t have passwords for them and now we have accounts that we don’t have passwords for.

I did a bit of Googling. It is possible to capture RADIUS traffic, but the password is encrypted with a shared secret. Then I found the Wireshark Wiki page on RADIUS (http://wiki.wireshark.org/Radius). Wireshark can quite happily decrypt RADIUS if you configure the RADIUS shared secret within the app. To do this:

  1. Open Wireshark. Go to Edit, Preferences
  2. Expand Protocols, then go to RADIUS.
  3. Populate the Shared Secret field.

So now all I needed was the RADIUS shared secret. This is stored in BorderManager and cannot be exported. I tried various asterisk reveal apps with no luck. Luckily the company who maintains the RADIUS proxy servers which forward the authentication requests (Telecom) were able to give this to me.

Next problem, how do I capture network traffic on a Novell server? I can’t install Wireshark locally (it may be possible but god knows how!). Network Team to the rescue here. I got a colleague to mirror the port that the RADIUS server was on to an unused NIC on an old server. This means that all traffic to and from the RADIUS server also shows up on this unused NIC. I installed Wireshark, unbound TCP/IP from the spare adapter (just in case it caused issues) and started capturing.

It is impossible to try and watch unfiltered traffic so I started with the following display filter: radius

This shows all RADIUS traffic. Simple and effective. However it soon became apparent that I was only interested in the

Access-Request packets, not the accounting ones. So after a bit of playing I had the following: radius.code==1. RADIUS code 1 is Access-Request, which is the packet that contains the username and password.

Now I could catch every authentication request sent to the Novell RADIUS server and hopefully see the username and password used. I crossed my fingers and waited.

It worked. As you can see from the  packet below we can now see the username and decrypted password!radiustest

We left Wireshark Capturing for a week and managed to capture all but 5 of the passwords we needed. Phone calls to the remaining sites asking them to reboot their routers got the rest.

All that is left to do is configure IAS on the Windows Server and perform the change. I’ll write about those in another post soon. In the meantime I’m going to be sitting here feeling happy with myself for learning something new.

Posted in Technical | 2 Comments »

Sylvia Park La Premiere is approx. 2.6 million times better than Village Gold Class

June 12th, 2009

I took the wife to see Terminator Salvation last week. Having a hard week we thought we”d catch the 5PM Friday screening and treat ourselves to Gold Class. $30 each.

We are regular(ish) visitors to La Premiere at Sylvia Park in Mt Wellington. $60 gets you two seats (you can no longer buy individual seats), a house wine or beer each and access to the La Premiere ”Lounge” before your movie starts. You are able to order food and drinks to come in during the movie or bring your own in. The La Premiere seats are located in the main cinemas at the rear, so you get the big screen but you are above the rest of the cinema. Sylvia park also has free parking.

La Premiere – detail

  • Seats are arranged in pods of two and are leather, motorized recliners. There is an arm rest in the middle which can be slid up so you can have a big couch. Beside each chair is a small table with a lamp for your drinks/meals.
  • House wines are decent and house beers good (Steinlager Pure last visit).
  • The Lounge is large and on a separate level to the rest of the cinema complex. There is a nice bar and plenty of comfy seating and tables. It even has a nice view over the shopping centre.
  • Our usual plan involves getting burger fuel before the movie and taking it in to much during.
  • Sylvia park has great screens. You get the big screen experience and you”re reasonably private in your pod.
  • Free parking!

Lets compare to Village Gold Class at Queen Street.
$60 gets you two tickets (you can buy individual tickets.). There is no equivalent to the lounge. You can order food or drink but not bring in your own (unless purchased at Village). You are in a small cinema with approximately 30 seats. You have to find parking somewhere nearby (and there ain”t no free parking in Auckland).

Gold Class – detail

  • Seats are upholstered,motorized arranged in twos. In between each seat there is a big wooden table. This is of the lift up and fold out variety (like a plane). If you are not careful it would be easy to mash your finger. There is no way to remove this or join seats.
  • No free drinks.
  • No lounge.
  • You can order food, but not bring in takeaways.
  • Small screen.
  • Pay for parking.

Not really much of a comparison. The one big advantage Gold Class has is it’’s central city location but to be honest I will be sticking to La Premiere in the future. If you don”t want to spend $30 a pop on La Premiere, Sylvia Park also has what the call Director’’s Lounge, which is in my mind as good as Gold Class and from memory about $15-$18 a ticket. You get leather seats, smaller cinema and a bar beforehand.

In short, Village Gold Class bad, Sylvia Park La Premiere awesome. Terminator:Salvation was also quite good.

A final recommendation, if you do go to La Premiere, take a blanket. Makes for a much cosier viewing experience (unless you are going with a mate, as that would be a tad odd).

La Premiere bookings: http://www.hoyts.co.nz

Gold Class: http://www.village.co.nz

Posted in Random | No Comments »

MySky HDi Failure! followed by replacement

March 19th, 2009

So our MySky HDi box dies a couple of weeks ago.

Shows started freezing and skipping, the planner froze when you went into it and none of our recorded content showed up.

After a reset (button behind the sky logo on the right) I could hear the Hard Drive spinning up, beeping and spinning down again. About half an hour later the box just died. No picture.

Called Sky and they were out the following afternoon with a new unit. I asked the tech if he was doing a lot of replacements. His response was “Yep, heaps”. Heat appears to be the issue in most cases. Apparently there is a second fan in the boxes which is supposed to fire up above a certain temperature, which doesn’t appear to be happening. End result, cooked unit.

The new unit is running quiet happily now. We did have to ring Sky and ask them to activate our new card however as we were unable to record until they did!

Posted in Random | No Comments »

How to change VMWare Virtual Centre and ESX Host IP Addresses

February 24th, 2009

I’m in the middle of a Network Segmentation project at the moment, which involves splitting a previously flat network into various subnets/vlans for security and management reasons. End of the day it involves changing IP addresses on servers.

I recently completed the segmentation of the VMWare environment, which includes around 50 hosts and a VirtualCentre server. I ran into some issues which took a bloody long time to fix, so I thought I’d share my experiences.

First off you will need the following:

  1. Out of band management (such as iLO or Console Access) to your ESX hosts. SSH is NOT out of band management. You WILL lose IP connectivity to your host during these changes.
  2. root logins for your esx hosts.
  3. Knowledge of your network, specifically what VLAN your new ESX host Service Console is going to be on and what IPs/Gateways to use. For this guide I am assuming that the Service Console will be on a tagged VLAN presented to the ESX host. If you don’t know what that means then ask your network person.
  4. An outage window for the VirtualCentre move. You will have to disconnect and reconnect ALL your ESX hosts after this change, which will mean they won’t be able to be managed for a while.
  5. If you do not have licenses for VMotion this is going to be a lot harder and more disruptive. For the purposes of this guide I will assume you DO have VMotion available.

Before we start, a word about name resolution. VMWare is very reliant of DNS for operation of its various services. It is necessary for you to know how your name resolution works. In my case, each host used a HOSTS file (/etc/hosts) to resolve names. You may use this method, or a DNS server. Find this out now.

Also before we start, disable HA on your clusters if you can, this will stop any migrations while you are trying to disconnect/reconnect hosts. You can do this by right clicking your cluster and clicking Edit Settings, then removing the checkbox from VMWare HA.

Section 1: Change VirtualCentre IP

  1. Log on to Server hosting VirtualCentre. Stop VirtualCentre service.
  2. Change IP Address/Gateway
  3. Change port VLAN assignment if required
  4. Reconnect to Server.
  5. Run ipconfig /flushdns, ipconfig /registerdns and nbtstat -RR
  6. Start VirtualCentre Service.
  7. Test connectivity from your VirtualCentre server to your hosts (ping).
  8. Connect to VirtualCentre using Virtual Infrastructure client.
  9. Confirm it loads cluster information successfully (lists Clusters/Hosts etc, disregard their status for now, if they show as offline that’s OK. Don’t worry your VMs are still running).

At this point you will need to update either your /etc/hosts file on each server or make sure that your dns server returns the correct address when you lookup the name of your VirtualCentre server. If not, update the A record.

Your hosts will probably all be showing up as offline at this stage. Don’t worry. We’ll soon fix that.

  1. In the Virtual Infrastructure client, right click the first host in your cluster and select disconnect. Wait for this to complete, then right click again and select connect. Once this is complete the host will show up online and be able to be managed again.
  2. Repeat for each host in the Cluster. Again, this will NOT pause or stop any VMs running on the affected host.

Once you’ve disconnected and reconnected all your hosts your VI Client should look all happy campers again, with all your hosts online. If you are not going to change the ESX Host IPs you’re done. Re-enable HA and test VMotion, Cloning etc.

Section 2: Change ESX Host IP

  1. Open your VI Client and connect to your VirtualCentre Server.
  2. Right click on your first host and select “Enter Maintenance Mode”. At this point all the running VMs should be VMotioned off to another server automatically. If this doesn’t occur you will need to manually migrate them by clicking each VM and selecting Migrate, then selecting a destination. Don’t move them all to one host or you will probably hit major performance issues.
  3. Once the host is in Maintenance Mode, right click it and select Remove. Once this is complete the ESX host should no longer be in the console.
  4. Connect to the Host using iLO or a Keyboard and Mouse.
  5. Push Alt-F1 to get a console, you should be presented with a username prompt.
  6. Login as root.
  7. Run the following command, where XX is the VLAN that your new Service Console IP address is on: ‘esxcfg-vswitch -p “Service Console” -v XX vSwitch0′. This will change the VLAN that your Service Console listens on.
  8. Run the following command, where X.X.X.X is the new IP address of your Service Console: ‘esxcfg-vswif -i X.X.X.X vswif0′. This will change the IP address of the Service Console.
  9. Add a new default route using the following command, where X.X.X.X is the default gateway for your new service console: ‘route add default gw X.X.X.X’.
  10. Test connectivity to the VirtualCentre server using ping.
  11. You can now log out of the console using Ctrl-D and close your iLO.
  12. At this stage you need to update any DNS/Hosts files to make sure the Host’s name resolves correctly to the new IP address (especially on the VirtualCentre server).
  13. Go back to your VI client, right-click your Cluster and select “Add Host”.
  14. Put in the hostname, username and password for the host you just changed the IP address on.
  15. The host should be discovered and added to the cluster, and should still be in maintenance mode.
  16. Click on the host, and in the right pane select Configuration then Networking. Click Properties on vSwitch0.
  17. Select your Service Console and click Edit. When prompted select “Continue modifying this connection”
  18. VLAN ID, IP address and Subnet mask should all be populated, but Default Gateway will be blank, Click Edit.
  19. Fill out the Default Gateway field under Service Console, then click OK and exit the configuration.
  20. Right click your host and select “Exit Maintenance Mode”. Once this is complete your host is ready to go.
  21. Repeat this process for all your other hosts, making sure to update either your DNS server or hosts file each time you change an IP.
  22. Once all your hosts are done, you will need to test that your Cluster is still functioning.

If you do not remove and re-add the host, the VI client will still show it and it will appear healthy. However some automated operations, such as Cloning or VMotion will fail with cryptic, unhelpful messages. Removing and re-adding the hosts is the ONLY way to successfully resolve this.

So there it is. In my case I didn’t discover the need to remove and re-add hosts until after I had made all my changes (only disconnecting and reconnecting rather than removing). This meant that I had to do all my changes 2 or 3 times.

Save yourself some time and follow the process.

Posted in Technical | No Comments »

NFS Undercover – again

January 30th, 2009

I spent a couple of hours finishing off NFS Undercover last week.

I’ve now completed all the races, dominated over half, have 3 tier 1 cars with Ultimate parts.

You know what happened when I finished the last race?

Nothing.

Not even a congratulations screen. Nothing.

I’ve sampled all I need to now, I’ve driven a Bugatti Veyron at 400km/hr down the highway and disabled 50 cop cars in a pursuit. Undercover is getting uninstalled. Let’s hope the next iteration is a lot better.

Posted in Gaming | No Comments »

MySky HDi FAQs

January 30th, 2009

There appears to be a fair bit of interest about MySky HDi given the search terms people are getting here using (thanks google analytics!). Below are answers to some of the more common questions.

  • Sky provides a 1.5m HDMI cable free with the install. This is all you need to hook it up to a standard HD TV. If you’ve got a more complicated setup you need to provide any extra cables.
  • The unit has Ethernet and USB connectors but they don’t do anything. I have yet to find any sources that detail how to hack the unit to make use of them.
  • There is no way to copy media off the MySky unit, unless you play it back and record it to DVD manually.
  • 5.1 sound is provided with most HD programs. You can connect your unit to your amp using either optical, coax or hdmi cables (only the HDMI cables are provided by Sky).
  • There can be a long delay from requesting the unit and having it installed. I suspect this is due to limited stock of the decoders, or a limited number of skilled installers. Wait time seems to vary by location too.
  • The MySky unit does 720p or 1080i. I personally prefer 720p.
  • There are 2 costs associated with the unit. There is a $15 monthly rental (unless you pay $600 up front) for the decoder and its PVR functionality. There is ALSO a $10 monthly fee for access to HD programming.
  • Current channels available in HD – TV3 (all the time), Sky Movies 1 (almost all movies) Sky Movies 2 (most movies), Sky Movies Greats (most movies), Sky Sport 1 and 2 (some programs, mostly rugby, league, golf, car racing, tennis and cricket).
  • The unit gets very very hot and can hang if not properly ventilated. There is a reset button under the MySky HDi panel on the front of the unit.
  • The hard drive can hold a ton of standard definition TV episodes, but probably only 5-10 HD Movies or league games. There is no way to add additional storage.
  • Series link allows you to record every episode of a particular series, in most cases. We have found it does not work with NRL games and Snoop Dogg’s Fatherhood.

That should hopefully answer most questions.

Tags: ,
Posted in Technical | No Comments »

NFS Undercover Finished: Worst Ending Ever.

December 15th, 2008

I finished the “story” part of NFS Undercover over the weekend. Once you get access to Tier 2+ cars and full upgrades the game becomes a lot more fun (not to mention easier). 380km/hr down a highway with the ocean on one side and mountains on the other is a fantastic way to drive.

The final mission however, is officially the most frustrating, painful and stupid of the entire modern NFS series.

If you’re really into the “story” beware, spoilers follow.

The story goes that your handler (random asian-american actress I don’t know) double crosses you and frames you, leaving you in the shit. We find this out through a really poorly acted FMV sequence. She drives off in a BMW M6 which kicks off the mission…. Take Out asian lady (whose name I forget).

So you’re chasing a BMW M6, not in your car from career mode, but in a BMW M6.. with no nitrous.. that is less than half the speed of your career car. This in itself is immensely frustrating. I’d gotten used to nitrous boosting up to 280km/hr from standstill in my Lamorghini, now I have to drive a stock BMW with a top speed in the mid 200s?

Don’t get me started on the “Take Out” game mode either. The idea is to ram the other car into submission but in reality is incredibly boring, as ramming them from behind at speed appears to cause the same amount of damage as ramming them full speed into a police roadblock, causing them to flip 3 times. Your car is also invincible for these races which makes total sense.

Anyway, because you’re being framed, you’re also being chased by a metric shittonne of cops. They take great delight in ramming you, jamming you into corners and generally being a pain in the arse while you’re trying to smash into your target as hard as possible. I realise this is to make the final mission challenging, but in combination with the shit car you are driving it just adds to the frustration.

Once you ram asian lady’s car enough the cops get called off and you can finish her off, which queues more poorly acted FMV, then that’s it. End of story mode.

Thankfully, you can continue once story mode is finished (unlike Fallout 3) and I still have another 40 races to do, plus I have only dominated half of the total races. I have also got to buy a Bugatti Veyron and try out a couple of the other interesting cars. I’ll continue playing Undercover because with super cars it can be great fun but whoever wrote the story/mission side of this game should stick to day time TV.

On a side note, the physics in Undercover break spectacularly once you reach silly speeds. I have hit traffic coming head on at 380km/hr and had them fly through the air across lanes to land hundreds of metres away, while my speed drops to 120km/hr instantly. I have also had them get stuck on my bonnet for a good couple of minutes until they eventually roll off. My best bug so far I experienced when re-doing one of the first races in my Tier 1 car with Ultimate upgrades. With a top speed well over double that of the competition I had a huge lead, when I messed up a corner and went flying towards one of the crane pursuit breakers. Instead of hitting the side and releasing the pipes I hit it head on and instead of spinning out of control the entire crane went up the bonnet, onto the roof and caught me underneath. I spent a good 15 seconds maneuvering/ hammering nitrous and eventually found my way out. You will also find invisible walls in the air when hitting some of the jumps in earlier parts of the game in fast cars.

Posted in Gaming | 2 Comments »

Games Season: Need for Speed Undercover

December 9th, 2008

The other game I’ve been playing recently (in combination with Fallout 3, see below) has been Need For Speed Undercover. I am a fan of the arcarde racing series having completed all modern iterations (Underground, Underground 2, Carbon, Most Wanted, Prostreet) and having played some of the older ones too. The last release, Prostreet, aggravated a lot of fans by moving away from the illegal street racing theme of underground and its kin and moving to a professional racing system. EA have either listened, or saw reduced sales of Prostreet, as we are back in the illegal street racing scene in Undercover, albeit as an undercover cop.

It seems odd to be talking about story when discussing an arcade racer, but Undercover tries really hard to wrap story around its gameplay. From the bad boys style intro (sweeping seaside city vista, follows helicopters into car chase) to the copious live action video, the developers have obviously tried to make this less arcade racer, more Fast and the Furious: The Game. Thankfully you can quite happily ignore all this fluff, mission/story based races will normally tell you what to do when you start them, even if you ignore the cutscene beforehand.

On to gameplay. The game is set over a large, free roaming area which you will probably ignore completely in favour of using the GPS map to quickly skip between races. A useful new feature is the ability to push Tab and immediately enter the nearest (or just received mission) race. This means the time between races is minimal and you can quickly go from one to the other without downtime.

Race types are a mix of old favourites and new blood. Sprint, Circuit and checkpoint are back along with newcomers Highway Battle and Outrun. If you remember the drag races in Underground which took place on a highway with traffic, take the frustration of that, multiply it by 40 and that’s highway battle. Outrun is pretty simple, stay ahead of your opponent for a minute or so while driving around the city, wherever you choose. There are also various story missions which involve “taking out” other drivers, which are a yawn fest. Ctach up to them, ram them and their health goes down a bit, rinse, repeat. Really uninspiring gameplay and should have been axed. I have yet to see any drift races, which is a shame.

As I said we’re back in the illegal street racing scene so Cost to State, Escape and Cruiser disable races are back as are pursuit breakers.

I have found Undercover to be far more frustrating that other iterations so far. As an arcade racer it is incredibly forgiving (roaring around corners at 200km/hr with no loss of traction) but opponents are incredibly unpredictable. I have been 12 seconds ahead in a circuit race to either just win (by less than a second) or just lose, because one car out of the pack suddenly catches up. It is amazingly aggravating to see a car with similar specs to yours catching up to you on the straight despite travelling at full speed with your nitrous going. This is especially true on the Highway Battle races. Roaring down a four lane highway trying to either get ahead or stay ahead of your opponent while avoiding heavy traffic can be a huge adrenalin rush. Having to do the whole bloody thing 6 times over because your opponent gets a mysterious speed burst and roars past you, leaving you with no way to catch up has caused me to smash my desk many many times. Having to sit through the scripted intro each time doesn’t really help either.

I cannot explain these mysterious speed bursts. I am in the early stages of the game, still driving a tier 3 car (with pro parts) so it may just be their car is that much better than mine but it does seem incredibly unfair at times.

Bullshit computer cheating aside the racing is fun. Tracks are varied, some take place in the city, some in the surrounding hills, some in construction sites. Even on my older PC the game looks good and that is with pretty much everything turned off. I was able to scale down the settings enough for it to run well on my old P4 which is always appreciated.

All in all I am enjoying Undercover. Ignore the story guff, try and forgive the random speed bursts your opponents get and it’s great fun.

I’m off to try this Highway Battle again. Attempts 1-6 didn’t go so well and my fist if getting sore from hammering my desk.

Posted in Gaming | No Comments »

Games Season: Fallout 3

December 1st, 2008

Ahh games season, this year is the worst I’ve seen in a while. We’ve had Need for Speed Undercover, Red Alert 3, Far Cry 2, Left for Dead, the list goes on. I will start this season with Fallout 3.

Let me begin by stating that I have NOT played Fallout 1 or 2. I’ve not entirely sure why, maybe I was too young when it came out, maybe I was too busy playing Team Fortress. However I am aware of how amazing everyone considers the games and I am well versed in the universe and story.

I say this because there appear to be two camps in the fallout 3 players universe. Those that hate it because it isn’t “true to the originals” and those that hate the first group. I don’t happen to be either.

So, Fallout 3. After what is possibly the most creative character creation processes I have experienced it is into the game proper. We have the usual tutorial process (how to walk, how to shoot) then the G.O.A.T. which is a fairly funny aptitude test which as far as I can see has no effect on the rest of the game. From discussion on several fan sites it also appears that the choices you make in S.P.E.C.I.A.L. (the stats system) really don’t make a huge amount of difference, far less that the originals.

I won’t bore you with the details so let’s just start when you leave Vault 101. I can honestly say that that I was blown away when I first left the vault and stood on a hill staring out across the wasteland. Maybe it was the openness after being stuck in the vault or just the sheer desolation  I don’t know, but for the first time in a long while I had an emotional reaction to a game moment.

Unfortunately I had to stop at this point and turn down all my graphics settings. Running a 6 year old P4 and a 7800GS means I had to turn off most of the detail and turn the res down significantly (I’m now running in 1024×768). At these settings the game runs well, which is my main concern. My only issue so far has to do with draw distance. With my current settings enemies can fire at me outside the draw radius, meaning I get bullets and worse flying at me from non existant models. Zooming in pops the models but it is still disorientating. I don’t blame the game for this, having the ability to turn the settings down enough to run properly is a good thing. I am however looking forward to getting a new PC in the next few months so I can experience the game in all its glory.

Anyway, a quick jaunt to Megaton gets the game started proper. You start the main quest and start picking up side quests and very quickly hit your first moral dilemna. Fallout 3 has a Karma System, do good things, good karma, bad things, bad karma. The choice is normally fairly obvious, e.g. Kill Everyone to solve problem will give you bad karma, while talk the situation through will result in Good Karma. This adds up and certain NPCs will react to you differently. As a good player I get hunted mercilessly by Talon Mercenaries and there are apparently Enforcers which do the same for evil characters.

On the whole quests are fairly interesting. There are NO go kill 500 of X to get Y, which is nice. There is normally a bit of back story which adds some character. This backstory doesn’t necessarily stick rigidly to Fallout canon, which has pissed off a large number of fans of the original. As I’m new to the universe I don’t really care, the situations on the whole are entertaining and engaging. However the delivery and voice acting are fairly awful. In my case I just skim read the text and ignore the voices. It becomes really annoying the 5th time you hear the SAME voice coming from several different characters in game in the same flat manner. I would honestly expect a bit more emotion from someone who just MURDERED HIS PARENTS AND DRANK THEIR BLOOD, but maybe that’s just me.

As mentioned before most quests have a variety of ways to complete them. This usually comes down to the Good guy and Bad guy choices, but there are also occasions to use your speech/medicine or other skills to resolve the situation in alternate ways.

On to combat. In a word, uninspiring. V.A.T.S. in Fallout 3 is an attempt to bring turn based combat into an FPS.  Basically push V, which will freeze the combat, target the various target parts and then click away. Each shot takes a certain number of “Action Points”. Once you are happy you push E, and your target shots are played out in slow motion. Your action points regenerate over time, after which you can rinse and repeat. You can fight in real time as well, V.A.T.S. is purely optional but I believe you will spend a lot of time there.

The main problem with this system is that the slow motion gets really old, really fast. The last game to use slow-mo well was Max Payne, but in a similar way you eventually end up spending all your time in slow-mo because it is the most efficient, safest way to fight, even though you are sick to death of watching it happen.

This wouldn’t be too much of a problem if real time combat was a legitimate alternative. It’s not. Combat in real time uses three times as much ammo and in most cases end up costing you more health than using V.A.T.S. However, when NOT using V.A.T.S. , most weapons are your standard FPS fare, your bullets go where your cursor is. In V.A.T.S. you have a percentage to hit different body parts, which is tied to stats, perks, weapon condition etc. Which means if you are trying to snipe someone in the head from range, DON’T use V.A.T.S.

To give you an idea, in most combat situations I will sneak around. As soon as I see the Caution warning, which means that someone or something is nearby, I will push V, which will zoom in on an enemy, if they are visible (this normally overcomes the getting shot at from outside view distance issue I mentioned before). Once I know where they are, I will try and line them up and hit them in the head with a ranged, scoped weapon without using V.A.T.S.

In sewers/rail tunnels etc I will normally run around, wait for something to aggro (yes I played WoW) then wait for them to get close. Once they are right in front of me I will hit V.A.T.S. and pop them in the head. If they survive, dodge/run away until my AP recharges and repeat.

That’s combat for you.

That’s about enough for now. I will start writing up some play/quest logs later.

Posted in Gaming | No Comments »

« Older Entries