So I bought a new 32GB iPhone 3G S this morning at a Rogers Plus store. Was painless and, since I give them so much money each month, I received the $299 pricing.
Different from last time is that the staff activated the phone before handing it over.
I plugged it into iTunes which offered to restore my previous unit’s backup and I’m good to go. Smooth!
I thought I’d let everyone know that I upgraded my iPhone 3G to iPhone OS 3.0 yesterday and tethering Just Works™ over both Bluetooth PAN and USB. In fact, it’s much simpler to use than I expected.
I have an original 6G data plan with Rogers and according to their FAQ, this is a supported feature and I am not going to get a multi-thousand dollar bill next month. 
So Rogers (and their other brand, Fido) have Unlimited Data plans. And guess what? The fine print is so bad I do not know whether to laugh or cry. The Fido page says
The Unlimited surfing on your Fido option includes unlimited mobile surfing on your handset only and is only available on selected handsets (non-Fido certified handsets, WindowsMobile devices and PC cards are not eligible). Data usage incurred on ineligible handsets and devices, incurred while tethering (using a handset or device as a wireless modem or laptop) or incurred using non-Fido (third party) applications downloaded to your handset will be subject to pay-per-use charge of 5¢ per KB. Option applies within Canada only. While roaming outside Canada, data transmission charge of 5¢ per KB apply, except in the U.S. where data transmission charges of 1¢ per KB apply.
The Rogers page has a few good ones too, have a look.
This means that I can have unlimited data, but only on devices where I would likely not use much, right?
The Torontoist has an article on this subject.
Since my previous posts (1 & 2) about using IPsec in tunnel mode to securely connect multiple networks (I’m up to 17 on the same gateway.), I have needed to add support for “road warriors”.
While IPsec has low overhead, even in tunnel mode, it requires a lot of effort to configure for use by mobile clients. First, we must now assume NATs in the field; whether they are behind the now omnipresent home gateways or on public wireless networks. Secondly, it is my experience that using a VPN system based around bridging has many advantages:
I will elaborate on the routing issues. In our setup, our main gateway connects to 17 remote networks via IPsec. In order for a remote client to access a remote network, both the client and the remote gateway must have the correct routing table.
In light of the above, I decided to use OpenVPN. It fulfills my main objectives: simplicity and security. Correctly setup, OpenVPN will perform verification against both the client and server certificates and uses very strong crypto. To set this up you will need a PKI (Public Key Infrastructure).
My server-side configuration:
ca /etc/ssl/certs/ca.crt
ccd-exclusive
cert /etc/ssl/certs/gw.domain.ca.crt
client-config-dir ccd
client-to-client
dev tap0
dh /etc/ssl/dh2048.pem
float
group nogroup
keepalive 10 120
key /etc/ssl/private/gw.domain.ca.key # This file should be kept secret
local 66.46.199.130
passtos
persist-key
persist-tun
port 1194
proto udp
push "route 10.100.0.0 255.255.0.0"
server-bridge 10.100.0.1 255.255.255.0 10.100.0.90 10.100.0.100
status openvpn-status.log
user nobody
verb 4
My client-side configuration:
dev tap0
remote gw.domain.ca
tls-remote gw.domain.ca
pull
nobind
passtos
float
tls-client
ca ts-ca.crt
cert adam.crt
key adam.key
keepalive 15 45
persist-tun
persist-key
verb 2
Note the tls-remote directive. This is critical to ensuring that the client verifies the identity of the server.
This has some serious merit. If the SIP registrar can notice when an endpoint’s IP address changes and proactively query the user to reset the emergency services destination, we could have a workable solution.
While waiting for the bus in Montreal this weekend, I found a Starbucks with free wireless Internet access, provided by VidéoTron.
It’s a block away, on Saint-Denis, parallel to Barrie.
Some really shiny new products are coming out, first there is a nice unit from Pulver here and Daily Wireless mentioned this one from ZyXEL Wireless VoIP devices that are standards compliant (SIP & 801.11g) are going to become an important piece. Next is to see how softphones on PDAs stack up.
Cool gear of the month: Apple AirPort Express & AirTunes
I’m not sure what the difference between the full blown AirPort and the Express version is, but the AirPort Express supports use as a bridge to extend the range of an AirPort Extreme-based network. (I assume this is WDS.)
There are many candidates available now, all with something problematic about them it seems. Bit of a PITA.
On my radar are the following:
The P900 sounds great, but for the Memory Stick slot that can only handle up to 128MB cards. The Treo 600 has a terrific form factor, but comes without Bluetooth or a high resolution screen. In addition, Handspring is not confirming that a quality J2ME implementation will be available for it.
Ideally, I’d have a phone that can handle the new North American frequency, 850MHz, in addition to the frequencies used outside NA. Good Java support is also very important to me.