California Audio Labs CL2500-MCA Repair Saga

The CL2500-MCA 5-channel amplifier is one of the most powerful home audio amplifiers. For sale between 1999 and 2001, it had a short retail life and few were sold until California Audio Labs ceased operations. There are no parts, schematics or service manuals.

CL2500 MCA Power Supplies

CL2500 MCA Power Supplies

Under the hood, you’ll find a low voltage / standby power supply and three 1500 watt ZVS (zero voltage switching) resonant phase shift switching power supplies providing 4500 watts of continuous power. This is a state of the art power supply design (most patents are from the 90’s) and I’ve never seen them in consumer audio gear.  So far, I’ve only seen these types of power supplies recently in modern solar MPPT and EV charging systems.  They are extremely efficient at very high power levels and are the “black magic” of state-of-the-art power supply design.   To top things off, each amplifer channel uses 20 matched power transistors in their output stages.   That’s 100 matched output stage transistors in total.

The unit on my bench has a few problems. Sometimes it won’t power on at all (unable to build rail voltage), while other times it powers on and works fine for hours or days, until rail voltage becomes unstable and starts “motorboating”.  The unit does not go into protection and hammers on the speakers until power is removed.   This is a loud, startling noise. It usually happens on channels 1 and 2 (power supply #1), but occasionally it will spread to other channels if power is left on.

CL2500 MCA New Soft Start Resistors

CL2500 MCA New Soft Start Resistors

My first task on the bench was to investigate the soft-start system, because it was blowing my 15A breaker every time I plugged the unit in.  Moving it to a 20A circuit stopped the breaker popping, but a 50 watt 4-ohm soft-start resistor was open.   I replaced it with 4x 20 ohm 20 watt resistors in parallel which resolved this problem.

Next, I investigated the power supplies because when the “motorboating” is happening, rail voltages swing from 30-100 volts a couple times per second.  Given the track record of 90’s electrolytics, I ordered new Nichicon electrolytic capacitors – 12x 2200uF, 200v bulk caps and various other smaller values.  I re-capped and reflowed solder on all three supplies (8x PCB’s for the power supplies). This was a huge undertaking with a hundred+ screws and everything sandwiched and hard wired together.  Testing on the bench seemed fine with channels 1/2 driven to full power for several hours, so I reassembled and returned it to service.

CL2500 MCA Incorrect Voltage to Switching Supply Control Circuits

Incorrect Voltage to Control Circuits

A week later it is back to the bench with the same issue.  It’s unlikely that all three power supplies are failing in the exact same way, so I looked for a common point. I probed two 12 volt rails on each switching supply and measured only 10.6 volts.   I got the exact same reading for all three units (6 rails total).

According to the switching control IC (UC3879N) datasheet, AT LEAST 12 volts are required for operation. Anything lower should cause a shutdown.  The voltage was slowly dropping the longer it was powered on.  Once it drops closer to 10 volts, the rail voltages become unstable as the supplies cycle on and off rapidly.

CL2500 MCA Manufacturing Error

Manufacturing Error

This takes me to the low level power supply board, which provides 12 volts to the switching supplies.  On visual inspection, I found an obvious defect – power transistor (Q3) wedged under a transformer, with exposed tab (collector) possibly shorting out on a transformer tap.  This transistor is responsible for providing 12 volts to the switching supplies.  It is jammed in such a way that it could not be removed without cutting the transistor legs or desoldering the transformer.   I chose to cut the transistor off, desolder the legs and install an identical unit (TIP32C) in the correct orientation.

The unit is back in proper working order.   I am considering adding active cooling fans at some point, because this passively cooled amplifier runs very hot with an idle draw of almost 500 watts.   I also plan to interface with the RS232 control port using an Arduino to turn the amplifier on and off remotely.

Categories: Uncategorized. Comments Off on California Audio Labs CL2500-MCA Repair Saga

.htaccess force SSL (AutoSSL safe)

The following is safe to use on Cpanel/WHM with AutoSSL enabled.

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Categories: Uncategorized. Comments Off on .htaccess force SSL (AutoSSL safe)

JunOS (MX) Cheat Sheet

BGP Commands

BGP Summary (IPv4 and IPv6):

show bgp summary

BGP Received routes (shows routes BEFORE filtering? Always check local routing table):

show route receive-protocol bgp <neighbor>

BGP Sent routes:

show route advertising-protocol bgp <neighbor>

Shut/unshut a BGP peer

<set|delete> protocols bgp <group> neighbor <neighbor> shutdown

Reload inbound routes

clear bgp neighbor soft-inbound <neighbor|all>

Reload outbound routes

clear bgp neighbor soft <neighbor|all>


Test a policy against the current routing table

test policy <policy>

Show firewall log

show log firewall [detail]

Show CPU and memory utilization

show system processes extensive
show chassis routing-engine

MX equivilant for IOS “show ip arp <ip|mac>”

show arp no-resolve | match <ip|mac>

Show interfaces “brief”

show interfaces terse

Check interface packet rates

show interfaces <interface> | match rate

Traffic flow overview

monitor interface traffic

Configuration Tips

Automatic rollback in case you blow everything up.  10 minute default.  Issue another commit or rollback to stop the timer.

commit confirmed [minutes]

Quickly find those commands you ran before

show cli history | grep <pattern>

Move policy statement term (in edit mode just before term)

insert term <TermX> before term <TermY>

Check candidate config

commit check

Get rid of uncommitted changes


Commit [and exit config mode]

commit [and-quit]

Clear current command line

Ctrl-x or Ctrl-u

Detailed command reference

help <reference|apropos> [<command>]

Display config in set format

show configuration [section] | display set

Grep configuration

show configuration | <grep|match|find> "<regex>"

Load entire section of config

load merge terminal

Move around configuration levels


Compare candidate config to running config

show | compare

Run non-configuration command in config mode

run <command>
Categories: Uncategorized. Comments Off on JunOS (MX) Cheat Sheet

Starting a temporary MySQL instance for table/DB recovery

In this example we assume a restored backup of mysql’s datadir exists at /mnt/restore/mysql.

mysqld --port=3307 --socket=/mnt/restore/mysql/tmp.sock --datadir=/mnt/restore/mysql --pid-file=/mnt/restore/mysql/ --user=mysql

If the backups are ‘dirty’ and innoDB corruption won’t let it start, you can try –innodb-force-recovery=N if needed (start with N = 1 and go up to 4 as neccesary).

If the instance was part of a cluster, you may need to delete galera.cache and dat files.

Once the backup instance is started and running, you can cherry-pick DB’s or tables as needed by using –port=3307 in mysql or mysqldump commands.

If you’re only interested in a single DB, you can save time by skipping unneeded DB’s during the filesystem restore. The following would be a minimal datadir structure for accessing only the “magento” DB:


Mysqld will complain about the missing/unwanted DB data folders, but it should still start. It may also start without the ib_logfile0 and ib_logfile1 but could cause issues if the backup is dirty.

Categories: Uncategorized. Comments Off on Starting a temporary MySQL instance for table/DB recovery

XenServer recovery – XAPI won’t start

If running XenServer on a RAID array with writeback (controller cache) enabled and no battery backup, don’t lose power. If you do, you will discover the state.db is corrupt and XAPI fails to start. Everything is down, Dom0 lost it’s network config, you’re screwed. Maybe. This tutorial assumes you’ve got a metadata backup, all your VDI’s on LVM local storage, and the server is not part of a pool. If you meet this criteria, you can be back up in just a few minutes.

First, remove the corrupt state.db and restart XAPI:

[root@xen ~]# mv /var/xapi/state.db /var/xapi/state.db.bad
[root@xen ~]# xe-toolstack-restart

Reboot the server again for safe measure, then make sure you can see the XE Console. Reconfigure the network as needed.

Look for your orphaned SR and obtain it’s UUID (the UUID is after ‘VG_Xenstorage-‘)

[root@xen ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda3   <--- Take note of this for later
  VG Name               VG_XenStorage-768e6b7c-e466-1ef8-eee1-8a7e0b2bdd09   <--- Use this UUID

  PV Size               3.63 TB / not usable 9.14 MB
  Allocatable           yes
  PE Size (KByte)       4096
  Total PE              951549
  Free PE               337665
  Allocated PE          613884
  PV UUID               QZ2vnb-1rDi-sFKD-6ofg-czgs-BYjn-u6dO6x

Using the UUID in the VG Name above, reintroduce your storage:

[root@xen ~]# xe sr-introduce uuid=768e6b7c-e466-1ef8-eee1-8a7e0b2bdd09 type=lvm name-label="Primary Storage" content-type=user

Take note of the sr-uuid result of the previous command, you need to plug it in next. Now look for the disk ID so we can create the VBD. Pro-tip – press TAB after host-uuid= and it’ll auto complete.

[root@xen ~]# ls -l /dev/disk/by-id
total 0
lrwxrwxrwx 1 root root  9 Feb 12 22:36 scsi-3600605b008f8a2501b80cee707491e0f -> ../../sda
lrwxrwxrwx 1 root root 10 Feb 12 22:36 scsi-3600605b008f8a2501b80cee707491e0f-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 Feb 12 22:36 scsi-3600605b008f8a2501b80cee707491e0f-part2 -> ../../sda2
lrwxrwxrwx 1 root root 10 Feb 12 22:36 scsi-3600605b008f8a2501b80cee707491e0f-part3 -> ../../sda3 <---- This one!

[root@xen ~]# xe pbd-create host-uuid=c7b099d9-1d50-402f-ae3b-1a52ca811a8f sr-uuid=768e6b7c-e466-1ef8-eee1-8a7e0b2bdd09 device-config:device=/dev/disk/by-id/scsi-3600605b008f8a2501b80cee707491e0f-part3

Take note of the new PBD UUID and plug in the new PBD:

[root@xen ~]# xe pbd-plug uuid=9d657c71-7e85-ace8-719c-1d20890fce59

Now go into XE Console, search for and restore the metadata backup. You have automatic metadata backups enabled, right?

NOTE: If you are running tagged VLAN’s, before starting any VMs use XenCenter to straighten out the VLAN config on the host network before starting any VM’s. You will need to edit each one and assign to the correct interface.

Good luck.

Magento2 – Upgrade using Composer

This is the preferred, Composer method for upgrading Magento 2.X.X between minor versions. Replace X.X with the minor version numbers of the target version. The last line is optional, use it only if you’re in the middle of a migration and need to continue to be able to sync data with a 1.x site. If composer fails, this usually means you manually installed magento via GitHub or a tarball. You should probably go back and reinstall magento via Composer to avoid a world of hurt down the road.

php bin/magento maintenance:enable
composer require magento/product-community-edition 2.X.X --no-update
composer update
rm -rf var/di var/generation
php bin/magento cache:clean
php bin/magento cache:flush
php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento indexer:reindex
php bin/magento maintenance:disable
composer require magento/data-migration-tool:2.X.X
Categories: Code and Technical. Comments Off on Magento2 – Upgrade using Composer

Windows Vista through Windows 10 Boot Repair

After cloning a larger HDD to a smaller SSD, you will most likely face a blinking cursor or other boot issues.   The following steps should get you back on track from a rescue command prompt:

bootrec.exe /fixmbr
bootsect.exe /nt60 all /force
bootrec.exe /rebuildbcd

If you are getting integrity check errors on winload.exe, you can try this:

bcdedit.exe /set {bootmgr} nointegritychecks ON
bcdedit.exe /set {default} nointegritychecks ON 

If you are having registry issues (complaining that it’s corrupt or missing), you can try the following (assuming your system drive is C):

bcdedit.exe /set {bootmgr} device partition=C:
bcdedit.exe /set {default} device partition=C:
Categories: Uncategorized. Comments Off on Windows Vista through Windows 10 Boot Repair

GL-MT300A tricks – WIFI Client Bridge

In a search to replace several NetGear WNCE2001 devices which had over time, proven themselves to be so unreliable they would literally kill entire wireless AND wired networks by randomly hijacking DHCP. I tried many devices — some either couldn’t bridge at all, others ‘worked’ but had such terrible range or connection quality they were practically useless, others were simply too large, the list goes on.

Almost ready to give up on the project, I discovered the GL-MT300A – a tiny Linux / OpenWRT powered cube for around $35.   The list of built-in features is impressive.   But I need it for only one thing – a small, USB powered wifi client-mode bridge.

3154ku5uvqlI had high hopes – given the fact it ran OpenWRT along with the LUCI web interface – that I’d be able to do practically whatever I want through a nice GUI.

Unfortunately I was unable to create a working bridged repeater setup due to a limitation in this particular (MediaTek) hardware.   Apparently, only Broadcom hardware can natively bridge between wired and wireless networks.

With some google-fu, I discovered an open-source ‘software fix’ for this hardware limitation called ‘relayd’.   It’s available through the built-in package manager and can be installed with a few clicks.

Here are the resulting specifications:

  • WIFI bridged repeater to the physical WAN port (my only ‘must have’)
  • WIFI routed repeater to physical LAN port and WIFI hotspot (NAT, administration).  You could also put the LAN/hotspot in bridged mode but it requires several more steps and changes that I do not cover it in this tutorial.
  • Manage WIFI networks list and hotspot settings through the ‘basic’ (non-LUCI) GUI.

I attribute the following steps to more detailed information gathered here and here, adapted to the firmware and GUI on this particular hardware:

  1. Connect laptop or PC to the LAN port, and perform a factory reset (hold reset button for at least 10 seconds)
  2. Log into with a browser and do the initial setup.
  3. Standard GUI -> In WAN setup – Set to ‘repeater’ mode and join a network.  Wait at least a minute for the connection to come fully online before the next step.
  4. Standard GUI -> Make sure you are on the latest firmware (v2.22 as of this writing).   Do another factory reset after flashing it.
  5. Standard GUI -> Go into ‘app repo’ (wait for the packages to populate),  seach for “relayd” and install both packages which appear.   The GUI will show ‘error status 255’ each time but don’t worry, it worked.
  6. Advanced GUI -> Network -> Interfaces – Delete WAN6 (this interface is unneccesary/redundant after we repurpose the WAN port).
  7. Advanced GUI -> Network -> Interfaces – Edit WAN and change protocol to ‘Static’ and set the IP address to an IP on a random unused subnet – I used /   Also (VERY important) – go to physical settings and create a bridge between VLAN interface eth0.2 (WAN) and the Wireless Network Client.
  8. Advanced GUI -> Network -> Interfaces – Create an interface called ‘stabridge’ with type set to ‘Relay Bridge’.   On the next page, set the IP address to the IP you used in the previous step ( in this case), and select the WAN and WWAN interfaces for relaying.
  9. Advanced GUI -> System -> Startup -> Disable and stop ‘firewall’ and ‘firewall_gl’ services
  10. Advanced GUI -> System -> Startup -> Enable and ‘restart’ relayd

At this point you can plug into the WAN port and receive a DHCP IP from your primary router, as we expect in ‘bridged repeater’ mode.  Relayd handles the broadcast/DHCP traffic exchange between your wireless network and the WAN port.   If you plug into the LAN port or connect to the WIFI hotspot (routed repeater), you’ll receive an IP in the 192.168.8.x range from the GL-MT300A’s built-in DHCP server and your traffic will be routed using NAT.

I’ve found using the LAN port (or WIFI hotspot) is an easy way access the GUI to change WIFI networks or other settings since the management IP will always be  NOTE: You can access the GUI on the upstream network or WAN port by going to the WWAN’s IP address in your browser.   However keep in mind the WWAN IP is assigned by DHCP, so you should consider using a static DHCP reservation upstream.

To change the WIFI network just repeat step 3.  I’ve discovered that the device will remember all network connections and automatically connect to to the best available, and you can edit the list in the basic GUI as well.

To manage the hotspot, go into the standard GUI and toggle the ‘switch’ to enable/disable or click on the WIFI icon to change the settings.   NOTE: Disabling the hotspot causes latency and packet loss due to a bug in the custom firmware, which constantly tries to ‘bring up’ the disabled interface.  Killing off ‘gl_health’ fixes the latency and syslog errors, however, the wifi client will no longer auto-connect which basically renders the device useless.

One other thing I’ve noticed is the device regularly ‘phones home’ to and several other sites for firmware checks and dynamic DNS service.   There is no way to disable this in either GUI nor in any configuration files.   To stop the unneccesary requests, you can chmod ‘000’ the following files using SSH to prevent their execution:

root@GL-MT300A:~# chmod 000 /usr/lib/ddns/
root@GL-MT300A:~# chmod 000 /usr/bin/glautoupdater

Lastly, it should go without saying: the firewall is completely disabled so this should ONLY be used in trusted, private network environments.   NEVER allow this configuration to be openly reachable from the internet (e/g using as a travel router) without re-enabling the firewall and carefully setting up the rules.   I use these only in private/trusted networks so I haven’t spent time on firewall configuration testing.