Last month one of my SolarEdge inverters stopped generating power. I called New Dawn Energy and they had SolarEdge to remotely diagnosed the system. It turned out this time, it will take more than a simple firmware update. A replacement is approved through their RMA process. This all happened on August the 22nd.
This is the second replacement in three years of operations. SolarEdge really needs to improve their quality process.
Today, the unit finally got replaced after 25 days. During this time 50% of my total solar power was dormant. For something that you think should be part of utility, this is certainly a very long lead time for replacing something that I think would be pretty critical if I was off-grid. Glad I was not!
TelMax started to roll out their fiber infrastructure in my neighborhood during the summer. Last month, a sales team knocked on my door and asked whether I was interested in switching. I told them I was, and it was the symmetrical 2Gbps speed that caught my attention. I also shared my concerns:
The ability to establish bridge mode with an external IP address;
I have interlock bricks on the side of the house, so I wanted to ensure the installation was clean and neat with the interlocks;
I have the flexibility to where I terminate the fibre cable in my basement;
The sales person told me all of my issues will be addressed to my full satisfaction. I inquire how long will it take for the installation process? They told me it should be up and running within 30 minutes.
I took the plunge decided to sign up on the last week of August, and got an appointment for September 8th (today) for installation. The appointment is suppose to be today from 8am to 12pm, see the email below:
Email from TelMax from the day before.
The installer came at 11:49am and told me that the installation is broken into two parts. He is just the first part, which is to install a fibre cable from the side of the house and into the house where I would like the modem and WiFi units to be. Since I didn’t care for the Eero units, I left them in the box and instructed the installer where he can place the Adtran modem. This part of the installation was fairly painless. Overall I think the installer was courteous and did a pretty good job running the wire in my basement.
After the second party connected the fibre cable to the curb.
The second part of the installation came around 2 hours later. They installed a flexible, orange conduit that contains a fibre cable from the curb to the side of the house. I told him that I have interlock bricks by the side of the house, and then to my surprise he said that they don’t handle the interlocks. Another party will come later to fix the interlock.
Once again we are in a waiting mode with a safety hazard on my interlock. There is again no expectations set, no scheduling, no appointments. We are now with more anxious waiting. I guess that is how it goes.
Where we are now as of 5:26pm:
Wait for the interlock guys to come;
The modem still shows a red LED so not yet connected;
Feeling a little anxious because the promised of 30 minutes has turned into a drip by drip installation experience by different parties providing services for TelMax but not really from TelMax;
TelMax is a typical case of over promise and under deliver. For a new service being introduced to a new neighbourhood, its opportunity to shine has been turned into mixed feelings of anxiety and customer service uncertainties. This is NOT how you should roll out a brand new service in my opinion.
Update September 8, 5:30-6:00pm:
I logged into the TelMax site and logged in. I contacted their customer support via email and indicated my current status. There was no ticket generated, so we will see what happened.
The process is still fluid, and I will update this as the installation process continues.
Update September 8, 6:11pm:
Someone called me from TelMax provisioning team (not their customer support team) and wanted to know the status of the modem. I told him the optical LED on the modem is still red and he confirmed that there is still a line integrity issue.
This call was not the result of my previous support email that I sent. I also took the opportunity to let him know about the outstanding interlock brick issue, and he told me that is a separate team.
Net-net, they will have to send someone out tomorrow to check the line. I am lucky to be working from home otherwise not sure how other customers can deal with this fluid situation.
Update September 9, 11:49am:
Called TelMax customer support at 1-844-483-5629 spoke to a wonderful lady and told her of my situation and inquired about what is the next step, since I have no visibility on when this will be resolved. She told me that she coordinated with dispatch and that someone, named Bill, will be coming between 4pm to 8pm this evening.
Update September 9, 5:09pm:
I received a text message from 1-289-212-4413 at 5:09pm.
Once again another let down. I freed my evening in preparation for the visit, to learn from the above text message that it is now moved to tomorrow morning, which I am only partially available. Perhaps I am not being patient enough, but I am beginning to feel from frustrated to annoyance.
Update September 10, 1:16pm:
A technical service guy came near noon. His name is Carlo, and he was the first person who I felt really know what he’s doing. Kudos to both Carlo and Peter in identifying the cabling issue and completed the provisioning. Now we are up and running. Problem solved!
Update September 12, 11:56am:
TelMax sent an email to me indicating that the installation process is completed, which is largely true since I am now using their Internet service. However the interlock bricks and the exposed fibre cable is still an outstanding issue. I just sent an email to their support for follow up. So far, no responses.
Update September 16, 6:33pm
This morning at around 8am I called customer support to enquire about the interlock bricks, because the wire is still exposed and it has been more than a week since initial engagement for the deployment. The customer service rep was trying to be helpful but the net-net result is that he listened and took notes. We ended the call with him promising me that someone will call me today to follow up.
We are now in the evening, and no one has called. I also took the opportunity to reach out to the original sales staff, who to their credit is trying to help me out. So with another day gone, the orange wire is still a safety hazard on my pathway. I still do not have an idea of when this will be resolved.
Update September 16, 6:47pm
After venting out my frustration by writing the previous update, I finally decided to just contact my landscaping contractor who originally did my interlock and get it fixed. They got back to me immediately with a timeframe of either Friday or Monday. It is wonderful to deal with professionals. No fuss no muss. No customer support that never gets back to you. I felt like a load off my shoulders.
Yes this is additional cost but I rather pay to get a good night sleep and lower blood pressure.
Update September 17, 5:06pm
About an hour ago DHM, a wonderful interlock contractor showed up and told me that TelMax asked them to come and fix up my interlock. They did excellent work, and the line is finally suppose to be where it is, below the ground and underneath the bricks.
The person from DHM were great guys, and I thanked them profusely. Their workmanship was topped notch!
So all in all it took 9 days from September 8th until now. We can finally claim that the deployment is completed and the service is working normally. Given the multi-party or contractors involved for the deployment, I personally think TelMax could have made things easier and put my mind at ease by keeping me the customer fully informed of the status. They failed in the coordination, and turned what could have been a wonderful experience into one filled with anxiety and frustration. I hope they learn from this will treat future deployment with proper communication.
I want to put in a special thanks to Khushboo Mistry, who really helped me in coordinating and navigating within the TelMax team to finally get this done. As a person on the Sales team, this was not part of her job. She really did above and beyond for me. For this, I really thank her for it.
So in conclusion, here is my assessment:
A – for Internet service;
A – for professionalism of all staff involved; from sales, technicians, and to the DHM the contractor who fixed my interlocks;
F – for communication and customer support department; mainly for unpredictable planning and scheduling; non-existent feedback loop; and no commitment and expectation setting;
It is unfortunate to have one part of the organization to spoil the experience. I wish they will fix their customer support and scheduling process. It is people like Khushboo who will make TelMax a great company, and not the poor organized deployment and installation process that someone else in the company came up with.
In a previous post, I talked about upgrading to the UDMPro Max. This was in preparation for upgrading a series of new switches in the house. Effectively bringing our networking speed from 1Gbps to 10Gbps or 2.5Gbps for most of the house devices. Some home automation devices, TV’s, and other media devices will remain at 1Gbps, since this is plenty for what they need.
Another major reason for upgrading the switching speeds is to prepare for WiFi 7 upgrade. Most of the access points supporting WiFi 7 now require at least a 2.5Gbps wired connection in order to take advantage of the full WiFi speed improvements.
Below is my updated networking landscape for now.
Current networking landscape after several switch upgrades.
New hardware:
1 x UDMPro Max
1 x USW Pro XG 10 PoE
1 x USW Pro XG 8 PoE
2 x USW Flex 2.5G 8 PoE
Old hardware (kept as cold standby):
1 x UDMPro
1 x US 24 250W
1 x USW 60W
The last major upgrade was performed about 4 years ago, as outlined by this post. We also installed fibre about 5 years ago and we talked about it on this post, when we added the USW Pro 24 PoE switch with SFP slots.
I won’t get into the specifications, other than to say the Max offers more speeds and feeds.
I wanted to document the migration process, because for me it was not trivial. The Max came with outdated firmware. The backup and restore options were not visible with a user that had “Super Admin” role. They are only available with the “Owner” role. This took me sometime to figure out.
Step 1: Login into the old UDM Pro with the Unifi owner account. This is usually the account that contains the Two Factor Authentication;
Step 2: Perform a download of all the applications and their respective settings. This should result in unified_os_backup_*.unifi file;
Perform a backup on the old UDM PRO
Step 3: If you are using Protect (Unifi Security Application), and want to reuse the old hard drive, the migration process will not migrate the videos, so be prepare to backup the contents on a separate machine and reformat the hard drive, or just buy new hard drives;
Step 4: I powered down the old UDM Pro, because I need the WAN connection to be connected to the new UDM Pro Max. At this point, you will lose Internet connectivity for most of your household devices;
Step 5: I physically installed the UDM Pro Max, and connected the WAN, and connected my laptop with the unifi backup file that we got in Step 2. Note that I did not connect the rest of my network at this point. Also the entire restoration process requires Internet connectivity so don’t try to restore it without Internet. I learned this the hard way, resulting in several resets;
Step 6: I had to upgrade the UDM Pro Max because it came with old firmware and it will not restore with the old firmware. This was super frustrating because it elongated the down time for your household;
Step 7: Before I perform the restore, I powered down the Max and installed my old hard drive from the old Pro. After restarting the Max, I then reformat the hard drive with the Protect App;
Upload the previously downloaded backup file and do a restore
Step 8: I then proceed to restore from the backup file that I previously copied on to my laptop. This took about 10 to 15 minutes;
The dialog is pretty cryptic, so be sure to click on the upload link and ignore the No Backups Found message.
Step 9: Once the system is up, I attached all the networking devices to the new Max and waited to ensure that all the Unifi devices are recognized by the new Max;
Step 10: I did one final reboot just to be sure that everything is okay;
So far so good. We did find a couple of issues. Rogers, my ISP provisioned a new WAN IP so I had to update my DNS entries. The VPN server configurations had to be updated with the new WAN IP.
I am going to let the Max run for a few days, and then perform a factory reset with the old Pro. We will then use the Pro as a Shadow (Hot Standby) Gateway for potential fail-over.
Today, I found it strange that with a clear, blue, sunny sky, our solar generation is half of what I expected. I then noticed that one of our two SolarEdge inverters was showing a fault.
In the past, when I got hold of a video that has hdmv_pgs_subtitle subtitle streams, I have always ignored it. Instead I tried to find a compatible subtitle in .srt format on the opensubtitles.org website. Today I came across a video that I am trying to archive that does not have the appropriate subtitles that I wanted. All of this would not have been an issue if my preferred mp4 format actually supports the hdmv_pgs_subtitle format.
I know an OCR (Optical Character Recognition) technique for extracting the subtitles from the hdmv_pgs_subtitle stream, but I am always in a hurry. This time, I bit the bullet and went down on this path.
Below are the steps that I had to go through.
First I had to download and install ffmpeg and mkvtoolnix packages on my Linux machine, and then execute the following commands to extract the Chinese subtitles that I wanted.
After the above commands, I will have mysub.idx and mysub.sup files. The first are the time index codes and the latter are the subtitle images.
On a Windows virtual machine, I had to download Subtitle Edit, a subtitle editor tool that has the OCR functionality, and convert the mysub.idx and mysub.sup into mysub.srt, which I can then later use to re-incorporate back into the archive video file.
After the OCR is completed.
Above is a screenshot of the application after the OCR is completed. I found that the engine mode of Tesseract + LSTM worked the best. Of course, I had to select the matching language that is befitting of the subtitle. Once I saved the finished product as mysub.srt I can then use this file to create archive.mp4 using ffmpeg.
Effectively, this article reports that after February 26th, you can only download books from the Kindle store to your Kindle device over Wi-Fi. This means that ebooks you purchased can no longer be downloaded and converted into an epub format to be consumed by another e-reader like Apple’s Books.app, which I normally do on my iPad or iPhone.
Of course, this policy change poses an immediate problem for me when consuming or reading my ebooks. However, it also in my view crosses an ethical boundary. Digital media such as ebooks, which you have paid full prices for, is no longer yours. The buyer of such content is at the mercy of the distribution platform, in this case Amazon. This simply does not sit well with me. In the past, Amazon has also been known to remove purchased content due to changes in distribution rights, which is normally outside of the buyer’s control.
I now have to adopt a new process that I will use whenever I buy ebooks from the Kindle platform. I will describe this process in detail below so that in the future should I need to refer to it, it is here.
This process will remove the Digital Rights Management from the ebook that you just purchased and allows us to store a DRM-free ebook in Calibre, an ebook management software. This process will only work on Windows, so I had to spin up a Windows virtual machine for this purpose.
Software required:
Figure 1 (Click image to enlarge)
Calibre (use the link to download the software for Windows);
DeDRM plugin (use the link to download the zip file);
KFX Input plugin (use the Calibre Preferences & Plugins to search);
Install the above Calibre plugins with the Preferences –> Plugins management;
Kindle for PC (must be version 2.4.0 (70904));
Use Kindle for PC to browse and access the ebooks that have been purchased from Amazon, and download the ebook you would like to convert.
Use Calibre and its Add books functionality to import the azw file from the My Kindle Content. See Figure 1 for details.
Once the book has been imported, Calibre should have a KFX format of the book. We need to convert it to the epub format for other reader devices using Calibre’s Convert books functionality.
I then move the epub formatted ebook onto my macOS Calibre version for long term storage and management.
I recently wanted to install an M.2 NVMe to PCIe 4.0 X4 Adapter on an existing server. The idea was to install a new NVMe SSD drive, and the motherboard had no more M.2 sockets available.
The server is running Proxmox with Linux Kernel 6.8.12. I thought this should be a 15-minute exercise. How wrong I was. After installing all the hardware, the system booted up but there was no networking access. This was especially painful because I could no longer remote into the server. I had to go pull out an old monitor and keyboard and perform diagnostics.
I used the journalctl command to diagnose the issue, and found the following entry:
Feb 01 13:36:21 pvproxmox networking[1338]: error: vmbr0: bridge port enp6s0 does not exist
Feb 01 13:36:21 pvproxmox networking[1338]: warning: vmbr0: apply bridge ports settings: bridge configuration failed (missing ports)
Feb 01 13:36:21 pvproxmox /usr/sbin/ifup[1338]: error: vmbr0: bridge port enp6s0 does not exist
Feb 01 13:36:21 pvproxmox /usr/sbin/ifup[1338]: warning: vmbr0: apply bridge ports settings: bridge configuration failed (missing ports)
The above error message indicates that enp6s0 no longer exists. When I looked at earlier messages, I noticed this one:
Feb 01 13:36:15 pvproxmox kernel: r8169 0000:07:00.0 enp7s0: renamed from eth0
It looks like the interface name has been changed from enp6s0 to enp7s0. Therefore the correct remedy is to edit the /etc/network/interfaces to reflect the name change. Below is the new content of the file.
# cat /etc/network/interfaces
auto lo
iface lo inet loopback
iface enp7s0 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.188.2/24
gateway 192.168.188.1
bridge-ports enp7s0
bridge-stp off
bridge-fd 0
iface wlp5s0 inet manual
This would be very annoying if the old interface name was used in many other configuration files. There is one other reference that I found on the Internet (https://www.baeldung.com/linux/rename-network-interface) detailing a way to change the network interface name using the udev rules. I did not try this, but something to keep in mind in the future.
In a previous post and on another home server, I did fix the name using netplan, but Proxmox is not using it.
Recently I needed to transfer a private binary file from one household to my server. We wanted this transfer to remain private because the file contains sensitive content.
In the past, I set up a WebDAV server using Apache2.4:
First I had to enable the DAV modules using the following command line on my Ubuntu server:
sudo a2enmod dav
sudo a2enmod dav_fs
I already had a directory set up on my file system called: /mnt/Sites/public_share. I made the following changes to my Apache2 configuration files.
<VirtualHost *:80>
ServerName share.lufamily.ca
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://share.lufamily.ca
</VirtualHost>
<VirtualHost *:443>
ServerName share.lufamily.ca
ServerAdmin xxxxxxxx@gmail.com
DocumentRoot /mnt/Sites/public_share
<Directory /mnt/Sites/public_share>
AllowOverride All
</Directory>
<Location />
AuthType None
DAV On
Options +Indexes
RewriteEngine off
</Location>
Include /home/xxxxx....xxxxxxx/ssl.lufamily.ca
</VirtualHost>
I did not have any authentication, because I restricted access to this directory with an override .htaccess file which contains the following:
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set X-Robots-Tag "noindex, nofollow"
</IfModule>
<Files ".htaccess">
Order Allow,Deny
Deny from all
</Files>
<RequireAny>
Require ip 192.168.0.0/16
Require ip 172.16.0.0/12
Require ip 10.0.0.0/8
# Sending computer external IP
Require ip AAA.BBB.CCC.DDD
</RequireAny>
With the above setup, the other party just needs to open up a Finder on macOS or a Files Explorer on Windows with the above URL of https://share.lufamily.ca, and copy, delete, and open files like they normally would. The access will be private because it is restricted by their external IP address. With macOS, copying many gigabytes via WebDAV posed no issues.
Unfortunately, Windows is another matter. This worked for small files. For large files in the gigabytes range, Windows seemed to be stuck on 99% complete. This is because Windows locally caches the large transfer and reports it is 99% completed in a very short time, as the physical transfer catches up. But the actual time needed for the copying across the Internet is so long that Windows became confused thinking that we are copying a file that already exists yielding an unwanted error.
I had to come up with an alternative. We briefly dabbled with the idea of using FTP, but after a few minutes, this was simply a non-starter. The FTP passive mode requires ports to be opened on my firewall which is unrealistic for a long-term solution.
SFTP is a very secure protocol that uses OpenSSH. I also like this technique because the usage is more secure and will be governed by a pair of SSH Keys. The private key on the remote user side and the public key will be used to configure SSH on my server. I set up a ssh user called sftpuser. To prepare for this user to only have sftp access I made the following changes to the sshd configuration file /etc/ssh/sshd_config.
# Added the internal-sftp
Subsystem sftp /usr/lib/openssh/sftp-server internal-sftp
# Configure the local user scpuser to only do sftp
Match User sftpuser
ChrootDirectory /home/sftpuser
PasswordAuthentication no
ForceCommand internal-sftp
AllowTcpForwarding no
X11Forwarding no
AllowAgentForwarding no
I then created the sftpuser using the following command:
This user will not be able to login into a shell and can only use sftp. I also disable the password authentication just in case. For the remote party to upload the file, they will need to provide a public ssh key which needs to be stored in the .ssh/authorized_keys file. The contents of which look something like this:
The above command will upload the bash binary to my server.
An attacker trying to login using ssh will get the following:
❯ ssh -p 55522 sftpuser@lufamily.ca
This service allows sftp connections only.
Connection to lufamily.ca closed.
On Linux or macOS, the remote user can use ssh-keygen to create the public key which by default resides in ~/.ssh/id_dsa.pub. All I need to do is copy the contents of the public key and add it to my .ssh/authorized_keys.
For Windows users, they can generate the key using Windows PowerShell. Below is an example:
> ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\kang/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\kang/.ssh/id_rsa
Your public key has been saved in C:\Users\kang/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:hV6vcChUwpxXXXXXXXXXXXXXXXXXXXXXXXXXX0aTkJZ2M kang@win10
The key's randomart image is:
+---[RSA 4096]----+
| . Eo.==.. |
| * *+++=+ |
| . @ oo.=+* . |
| . = o..B+=.* . |
| . .oSO.o.. |
| ..oo. |
| . |
| |
| |
+----[SHA256]-----+
> cat .\.ssh\id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZQQWgIVShifqFxq78MWQEJrM2xrVQXlPHUncNosEm6P/l0LdWu1nRbIccKMNsmpPK7JOv9XF+CsrtlltnhwDqiuflCGftzhrlmBz8BOJRiwD0Fl1IfQ+Qg7Z1nvIo6+kpkBw7SGPN7fbJxDPPHmc9iPB4RnlG46v6ymd4KM0h1cGlReCly2PTxTG1dcPuDbrBIIdEHoN/40hojrooQf+cQNprvYZY59EjvC0NoZsfiKGDHHq3S7HRPGns9Oo4y8vFl1DrJZFIvBVdjjL28JsmIdeKbMhCynkzIkPLPvsiplxkEF0RQ9fFcIsucuD8leJmMDNPas+8EdueQ== kang@win10
To copy a binary you can do the following:
> sftp -P55522 sftpuser@lufamily.ca
Connected to lufamily.ca.
sftp> put "C:\Windows\System32\tar.exe" uploads/junk.exe
Uploading C:/Windows/System32/tar.exe to /uploads/junk.exe
tar.exe 100% 54KB 13.1MB/s 00:00
sftp> ls
uploads
sftp> cd uploads
sftp> ls
junk.exe sample.bin
sftp>
The above is very similar to Linux and the Mac. Windows and its PowerShell have come a long way in terms of adopting Posix-like capabilities.
For those who want to use WinSCP, a much nicer GUI on Windows, you will need to convert the .ssh/id_rsa private key into ppk format. Use the command below to achieve this.
So what I thought would be a simple matter turned out to be quite a deep rabbit hole. Hopefully with this in place, future transfers can be done quite quickly and securely.
We just returned from our month-long China trip, and I wanted to comment on our roaming strategy.
While in Canada, our cell service provider is Koodo, which offers Easy Roam packages. Effectively when you land in a foreign country, the first time you answer or make a voice call, or send a text message, it automatically engages roaming at $14/day when you are in the US, and $16/day for other countries. I believe other cell providers like Rogers, Telus, and Bell offer a similar service at comparable costs. With this approach for 30 days, it will cost us $480 for each number and almost $1,000/month for both numbers.
Both my wife and I recently acquired iPhone 16 Pros, which are eSIM capable and unlocked phones. We can, therefore, consider eSIM services for travel. One of the most popular services is Airalo. Airalo provides various packages for different countries or regions. Each package will give you a different data capacity within a certain date range. For example, at the time of this writing, they have a $40.50 per 30 days that will give you 10GB of data with the option of topping up should you need more in China. You can already see that this is ten times less than Easy Roam!
I have used Airalo in Mauritius, France, Dubai, Hong Kong, Japan, and China. The trick is to download the Airalo App. Use the App to purchase the package you want that matches your travel itinerary, and be sure to install the eSim on your phone while you have a stable Wi-Fi connection before you travel. Once the eSim is installed it will try to activate. This will usually fail and is the expected behavior because you typically install your eSim in your home country and not in the country of service. I usually turn off the eSim before arrival, and when you arrive, simply turn on the eSim and ensure Data Roaming is turned on. The clock starts ticking as soon as your eSim is activated. Also, ensure that your Cellular Data is set to your Airalo eSim, which is usually named “Secondary” or “Travel”. You can customize the label under “Cellular Plan Label”.
The relevant iOS 18.1.1 setting screens
The downside to using something like Airalo is that it only provides data. For voice, you typically have to use something like FaceTime, WhatsApp, or WeChat substitutes. This is a bit inconvenient but definitely workable.
Some like to turn off their “Primary” line, which is my original Koodo line. The reason for this recommendation is that you do not accidentally use this line while roaming. I personally like to keep my primary line on so that I continue to receive two-factor authentication text messages. However, if I make a mistake in answering a call from my primary line, then I automatically incur the $16/day Easy Roam charge, so beware! If you are not sure, then turn off your “Primary” line to avoid this risk.
Although Airalo worked in China, we wanted a more permanent solution for China since it is a country that we frequently visit. We decided to opt for a local cell plan from one of the three major service providers, which are: China Mobile, China Telecom, and China Unicom. We decided to go with China Mobile. For this to work, your phone must be unlocked and also have a physical SIM tray. Chinese service providers do not support eSim for their normal plans. This also provided us with a voice plan as well, which is another advantage. We ended up paying for a 19 RMB (< $4 CAD) per month plan that will give us 5GB of data and 100 minutes per month. Unfortunately for us to be eligible, we had to spend 1,500 RMB (~$300 CAD) upfront for a giveaway Vivo Y37 phone. Carol is using that phone as an audiobook player, so it is not all lost.
Going with a local provider like China Mobile also means we can receive two-factor text messages while in Canada. This is important as we use certain financial service apps like banking apps that are tied to our Chinese numbers. We also found that using China Mobile while touring in China means problem-free when using Chinese mobile services, such as booking train trips, hotels, renting bikes, and ordering takeout. Previously when we were using the Nihao service. We found that certain services like renting a bike were either not available or extremely tedious to set up, such as requiring registration of your passport.
Having a China Mobile subscription also means that we can have a local bank account tied to our WeChat account. This also makes buying things more convenient and allows us to avoid a 3% surcharge with Alipay when paying with your linked credit card. Our preference is to use WeChat Pay which is either tied with our Hong Kong bank account or with one of our Chinese bank accounts. Unfortunately, opening a Chinese bank account is an exercise in patience in itself. I will not get into that here.
One final bonus with a China Mobile subscription is that I now also have the option of using China Mobile roaming plans, which I found are either equal or lower than the Airalo options. I tried this in both Hong Kong and Dubai. The roaming plan worked but I am still behind the Great Chinese Firewall (GCF) while roaming. However, I do have voice roaming with this option.
To get access to things outside of the GCF, I find LetsVPN is the best VPN service. It worked in all the Chinese provinces and cities that I visited. I needed this VPN service to access my work online assets as well as our Koodo voicemail. To gain access to our Koodo voicemail, I used a Softphone App on my iPhone to use my company’s VOIP.ms account to call the Koodo voicemail access number in North America, which is +1 (647) 580-4001. Therefore when we get voicemail with our Koodo account, we can use this approach to check our voicemail without incurring roaming charges. The Softphone is also a great option to make voice calls to North America from China without incurring any long-distance charges. I could use my China Mobile or Koodo line to make the call then I will be charged either roaming or long distance or both.
I probably make it sound more complicated than it really is. Overall it should be very manageable and there are plenty of roaming options out there other than the $16/day Easy Roam option.
