• Welcome to FlorianJensen.com

    Welcome to FlorianJensen.com

I recently visited my parents and realised that it would be great to continue to easily access my network at home. Sadly, as a Virgin Media customer, the upload speed is poor, so using the VPN I set up isn’t the answer, as all traffic would always be routed to my home.

Looking around the internet I found the answer to my problem. Even better, it was already available on Tomato Firmware, which I use on my routers. The solution was tinc.

What is tinc

tinc describes themselves as a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. It has a few nifty features, such as encryption, compression, mesh routing and a super simple configuration.

My setup

I am in the fortunate position that both my networks have a Asus RT-N66U, the Asus RT-AC66U is the successor, which both run Tomato Firmware by Shibby. This made the configuration very straightforward. Please make sure that you have the AIO builds, that include tinc as not all builds include it.

Router SetupThe networks were configured with the following IP ranges – for this example we will only look at IPv4, not IPv6:

  • London (LDN):
  • Luxembourg (LUX):

As neither side have static IPs, I also have DynDNS hostnames set up for both.

Now that the basics are there, let’s configure tinc.

Configuring tinc on Tomato Firmware

Log in to your first router, we’ll start with LDN, and head to VPN Tunneling -> Tinc Daemon.

I recommend running Tinc in ‘tun’ mode. For tun, each node must use a different subnet. These subnets must fit with the ‘VPN Netmask’ found in the config tab. In our example, as we’re using 10.X.X.X IP addresses for our networks, we can use the full space, meaning the netmask value would be Tomato by default uses a /24 netmask for it’s networks. You can then add subnets starting from – and everything in between.

Once you set the interface type to tun and set your VPN Netmask, you can set the name for your node. We’ll set this to ldn for our first router, and lux for our second one.

Next we’ll go to the Generate Keys tab and press Generate Keys at the bottom. You should end up with a set of keys like the following:

tinc generated keysStarting with tinc1.1pre11, only Ed25519 keys are required. RSA keys are only needed for backwards comparability in order to connect to tinc1.0 nodes.

Copy both Ed25519 Private Key and RSA Private Key (if you want to support tinc 1.0) into the Config tab.

Next we’ll head to the Hosts tab. We must create an entry for the node itself in the Hosts section. This information will be shared with other nodes to create connections. As such, on the router ldn, you would create a host ldn with the keys from the Generate Keys tab for that router. Copy the public keys into the fields.

For the address, use your static public IP address if you have one, or a DynDNS hostname. In the subnet column, enter the network IP range that you want that host to share. In the case of LDN, it would be, LUX would be

Once you have done this on both routers, you need to add them to each other and select the ConnectTo checkbox. The nodes share the hosts’ information to help them connect to each other. As such, it isn’t necessary to define every node in every router. If Node A and Node B are connected, and Node A and Node C are connected, then Node B and Node C will learn about each other through Node A. Node B and Node C should then be able to communicate directly to each other.

The hosts table should look like something like this:

tinc hosts

Now you just need to hit Save and Start on both routers.

The Status area is active when tinc is running, and will give you some information about the mesh.

tinc status

‘Edges’ and ‘Connections’ show nodes for which ConnectTo was defined in one or both Nodes. If you don’t see a connection between two particular nodes, this doesn’t mean they aren’t communicating directly to each other. It means that neither had ConnectTo defined for the other, which is fine. The ‘info’ button will give you more detailed information about a particular node. Sometime it says “Reachability: unknown” if neither of those nodes have attempted communicating to each other yet.

There must be some path of ConnectTo’s among the network so all nodes can learn of each other.

The ‘Scripts’ tab allow you to define scripts to run whenever a subnet or host becomes available or unavailable.

That’s it. Enjoy your connected network.

Read more

If you browse back through my blog, you’ll see that I’ve been a long time fan of Nokia phones. However, after Nokia switching to Windows Phone, and killing a, in my opinion, superb device with the Nokia N9, I decided to switch to Android. So, May 2012 I got myself the Galaxy S3, which I’m still using today.

I quickly realized I wanted more power as well, such as full access to the filesystem, so I rooted my phone and flashed a custom ROM.

Why root your Android?

Looking back over the last 18 months, I still don’t know why I needed my phone to be rooted. I maybe used it once or twice, for stuff like screen sharing in Airdroid, but there wasn’t really any day to day benefit.

Many people will say that they root it to specific applications that require rooting, backing up of your phone, remove carrier stock applications, etc… but to be honest, I’ve never had the need to. Vodafone kept the bloatware to a minimum and it didn’t really stand in my way.

Custom ROM Galaxy S3 detailsCustom ROM?

So, this is the main reason why I had to root my phone. Wanting to improve performance of my Galaxy S3 and increase battery life, I had a look around to see which custom ROMs would be a good fit. Following a recommendation of a friend of mine, I then went with Android Revolution HD. This ROM kept the Samsung specific apps, such as the Camera app, S Voice, AllShare Cast, etc. It basically was exactly the same interface (TouchWiz) but with a lot of tweaks under the hood. My phone instantly became a lot more responsive and battery life increased as well. Great!

However, there are some risks that come with flashing: You void your warranty with most ROMs. And you may encouter some strange issues down the line. In my case, this happened about 1 year after flashing the custom ROM, my phone got stuck in a reboot loop. Some application seems to have broken my phone. So, there were a few options: I could re-flash the same firmware, and potentially encounter the same issue down the line, or I could try something new.

Following another recommendation by a friend of mine, I decided to try an AOSP (Android Open Source Project) ROM. These run none of the Samsung code, and are generally a lot lighter. I took a look around, and not wanting to stick with 4.1.2 (latest version available for the Galaxy S3 supported by Samsung), I went with a ROM that was based on Android 4.3, CarbonROM.

After struggling a bit to install it (note: you’ll have to manually install all Google Apps!), I finally got it running.

All I could say was: Wow. It’s like having a new phone.

The phone was a lot more responsive. Truly worlds apart. I felt like I just bought a Galaxy S4, but it was free, only costing me an hour of tinkering around — if done right the first time, it’ll take you 10 minutes.

So what did I loose by going with a AOSP ROM?

Well, the Samsung apps. The only app I miss is the Camera app, as the stock Android one takes a bit of getting used to. Besides that, I didn’t notice anything that I’m missing. S Voice, well, I use Google Now which is a lot nicer anyway. And the speed boost makes it worth it. Battery life is similar, if not slightly better compared to the custom ROM I had before. Did I mention it’s a lot faster?

My Galaxy S3 homescreenHaving run CarbonROM for the last 3 weeks, there is no way I’m going back to the original Samsung ROM. It took a bit of customizing but it now looks great and I’m back up and running at full speed. There are a few bugs I’ve encountered, but these are mainly related to Android 4.3 itself and are getting fixed on a daily basis.

All in all, if you’re willing to take the risk of rooting your phone, then going with a AOSP Rom like Carbon Nightlies (the 4.3 branch) is definitely worth a try. But be aware that if something goes wrong, the warranty won’t cover it. I may write a small post with some instructions on how to flash CarbonROM onto your phone in the near future.

Read more

Having spent the last 24 hours trying to get Proxmox to play nice with the new VRack 1.5, it looks like it works perfectly, including online live migration of venet based OpenVZ containers, which didn’t work in VRack 1.0.

The configuration makes eth1 the default card for traffic from vmbr0, however allows eth0 to function alongside it so that you don’t loose out on monitoring features. We also route IPv6 traffic through the VRack on vmbr0 and add additional IP ranges for your VM use to vmbr0.

All the configuration that’s needed is done in: /etc/network/interfaces.

Here is my resulting configuration:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# for Routing
auto vmbr1
iface vmbr1 inet manual
    post-up /etc/pve/kvm-networking.sh
    bridge_ports dummy0
    bridge_stp off
    bridge_fd 0

# vmbr0: Bridging. Make sure to use only MAC adresses that were assigned to you.
auto vmbr0
iface vmbr0 inet static
    address 94.23.XXX.10
    network 94.23.XXX.0
    broadcast 94.23.XXX.255
    gateway 94.23.XXX.254
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0
# A secondary IP subnet used for VMs
    up /sbin/ip route add 178.XXX.YYY.128/26 dev vmbr0
        up /sbin/ip route flush cache

#VRack IPv6
iface vmbr0 inet6 static
        address 2001:41d0:XXXX:6810::10
        netmask 56
        post-up /sbin/ip -f inet6 route add 2001:41d0:XXXX:68ff:ffff:ffff:ffff:ff7f dev vmbr0
        post-up /sbin/ip -f inet6 route add default via 2001:41d0:XXXX:68ff:ffff:ffff:ffff:ff7f
        pre-down /sbin/ip -f inet6 route del default via 2001:41d0:XXXX:68ff:ffff:ffff:ffff:ff7f
        pre-down /sbin/ip -f inet6 route del 2001:41d0:XXXX:68ff:ffff:ffff:ffff:ff7f dev vmbr0

auto eth0
iface eth0 inet static
    address 5.XXX.YYY.25
    broadcast 5.XXX.YYY.255
    #Setting up the routing
    up /sbin/ip route flush table 80
    up /sbin/ip route add table 80 to 5.XXX.YYY.0/24 dev eth0
    up /sbin/ip route add table 80 to default via 5.XXX.YYY.254 dev eth0
    up /sbin/ip rule add from 5.XXX.YYY.0/24 table 80 priority 80
    up /sbin/ip route flush cache
    post-down /sbin/ip route flush table 80
Read more

I’ve been spending this morning optimizing the Flosoft.biz website in terms of load times in Browsers, and one key element of that is sending the correct expires headers to allow Browsers to cache the data.

Now, as of Plesk 11.5, you can edit nginx settings via the Control Panel, but this isn’t always straight forward, so I thought I’d write a small tutorial.

In the Control Panel:

  1. Select your Domain
  2. Click Web Server Settings
  3. Scroll down to nginx settings
  4. If you have “Serve static files directly by nginx” checked (which I recommend), you’ll need to remove the file extensions you’re going to use below, such as jpg,gif,…
  5. In the text box “Additional nginx directives” copy / paste the following configuration:

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control “public”;
try_files $uri @fallback;

That’s it. Just hit OK and enjoy a website that sends the correct headers for your static images and CSS.


Read more

One of the legacy systems we still use at Flosoft.biz is Plesk. Over the last few years it has slowly gotten better (don’t worry, it still completely breaks on every version upgrade) and nowadays comes with nginx.

However, I noticed that for some obscure reason, it doesn’t enable GZip compression for the webpages it serves? This is quite odd, having myself worked a lot with nginx over the last few years, it’s a default configuration!

Don’t worry, it’s quite easy to enable it though:

Just edit the following file as root: /etc/nginx/conf.d/gzip.conf

gzip on;
gzip_proxied any;
gzip_types text/plain text/xml text/css application/x-javascript;
gzip_vary on;
gzip_disable “msie6”;

Then run nginx -t to test the configuration and if that’s all ok, restart nginx by running /etc/init.d/nginx restart.

That’s it. Your webserver will now be serving your pages with GZip compression.

Read more

I never thought I would write this post. I am truly amazed.

A few weeks ago, we decided to port our main phone line after 35 years from Belgacom to OVH VoIP service.

Now, the tricky thing was, the Internet line we have with EDPnet in the house is run via the same phone line. This worried me, thinking that I’d end up with my parents losing internet and phone and with me far away. But hey… let’s try it.

Just to make sure though, I called up Belgacom to ask them how these things normally go. After being on hold for 38 minutes in a seemingly endless queue, I decided to call OVH. A few seconds later, I was talking to someone explaining me the process, however with the disclaimer that the information is based on french operators. So I decided to give my internet provider, EDPnet, a call. There I was told that it will ‘just work’, Belgacom would terminate the line automatically, and they’ll step in with a ‘raw copper’ service. Sounds great!

So I scheduled the number port for the 21st of January. Letters arrived from OVH and Belgacom, verifying that I wanted to go ahead with this, and the 21st of January came closer.

Emails from OVH confirming the Number Port

Emails from OVH confirming the Number Port

On the day, I got 3 emails from OVH confirming every step of the number port. The phone service just switched over. Even internet didn’t disconnect. Everything went smoothly. Unbelievable right?

Next, I got a nice email from EDPnet confirming that they heard about the number port, and that they’ll provide the raw copper service on the same line without interruption.

Screen Shot 2013-01-21 at 22.24.57Great! To be honest, I did NOT expect this to go smoothly at all. Given my past experiences with major telephony operators and complex setups like this (with 3 operators involved), I expected to loose my number, loose internet connectivity for at least a few months etc. But no. It all works. So I’d like to thank OVH, EDPnet and even Belgacom for making this a very smooth transition. Awesome work guys!


Read more

One of the main bottlenecks when running high performance virtualization systems is the harddisk. Now, you could of course switch your entire system over to SSDs, but that is costly and you’ll end up with a lot less storage, or a massive RAID array.

Modern filesystems like ZFS have solved this problem by allowing for ‘hybrid’ systems. These use the traditional harddisks for persistent storage, and use SSD drives in front of them to cache the read and write queries. This way you get the best of both worlds. Nearly SSD performance and the storage size of a traditional drive.

At Flosoft.biz we use Proxmox to power our VPS offers, which uses LVM and EXT4 for it’s filesystem which doesn’t have a ‘SSD caching’ method built into it. tramadol without prescription, so they created FlashCache. Flashcache is a kernel module that allows you to add a block caching partition in front of any other partition of your system, resulting in an amazing speedup of your system.

After having spent a night or two on getting this to work on Proxmox 2, I decided to write a small tutorial here. I’d also like to thank @toxicnaan for his l33t hax0r skillz.


Updating your system

Get your system up to date and make sure you’ve got the latest Kernel.

apt-get update
apt-get dist-upgrade
apt-get install dkms build-essential git


Kernel Headers

You will now need to install the Kernel Headers for your Kernel so that you can compile the module. Make sure you install the correct version of the headers. These need to be the same as the Kernel you’re running.

uname -a # to get your kernel version
apt-get install pve-headers-2.6.32-17-pve # to install the headers for version 2.6.32-17


Get FlashCache

Now that we’ve got the Kernel tools, we can get FlashCache and build it.

git clone git://github.com/facebook/flashcache.git
cd flashcache/

make -f Makefile.dkms boot_conf
make install


Load FlashCache

Next we need to load FlashCache into our running Kernel and make sure it’s loaded upon boot.

modprobe flashcache
echo flashcache >> /etc/modules


Re-purposing the SSD drives

Now it’s time to find a new use for our SSD drives, namely as cache. You can skip this step if your server doesn’t have the SSD drives mounted as /var/lib/vz

umount /var/lib/vz
vgremove pve
pvremove /dev/md2


Re-purposing the 2 HDD drives

Now let’s prepare the 2 HDD drives to be used as the storage for /var/lib/vz.

umount /data
pvcreate /dev/md0
lvcreate -l 100%VG -n storage pve
mkfs.ext4 /dev/mapper/pve-storage


Creating the FlashCache partition

Now let’s create the FlashCache partition on the SSD drives & mount it.

flashcache_create -p back pvec-storage /dev/md2 /dev/mapper/pve-storage
mount /dev/mapper/pvec-storage /var/lib/vz
echo 1 > /proc/sys/dev/flashcache/md2+pve-storage/fast_remove


Editing /etc/fstab

Next step is to edit /etc/fstab and remove the /data and /var/lib/vz mounts. If you forget to do this (as I did for quite a while), your server will struggle to boot on it’s own, and you’ll end up with the datacenter techs thinking you’re an idiot 🙂

vi /etc/fstab


The init.d file

This next step is important. We need to add an init.d file to do some operations, like mounting the filesystem and cleaning it up. It will also unmount the drive before shutting down, as if you don’t do this, your kernel will freeze on shutdown. Make sure you edit your file according to your needs.


# Start or stop Flashcache

# Provides:          flashcache
# Required-Start:
# Required-Stop:     $remote_fs $network pvedaemon
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Flashcache SSD caching
# Description:       Flashcache SSD caching


flashcache_start() {
if df -h | grep /var/lib/vz > /dev/null
echo "Flashcache allready running"
flashcache_load /dev/md2
mount /dev/mapper/pvec-storage /var/lib/vz
#mount /dev/mapper/pve-backup /mnt/backup
echo 1 > /proc/sys/dev/flashcache/md2+pve-storage/fast_remove
echo "Flashcache started"

flashcache_stop() {
if df -h | grep /var/lib/vz > /dev/null
#umount /mnt/backup
umount /var/lib/vz
dmsetup remove pvec-storage
echo "Flashcache stopped"
echo "Flashcache not running"

case "$1" in


        $0 stop
        $0 start

exit 0


Enabling the init.d file.

Now we need to make the file executable and make sure it’s run on boot.

chmod +x /etc/init.d/flashcache
update-rc.d flashcache defaults


Give it a spin

Right, that should do it. Reboot your machine and see if it comes back.


If all went well, your drive should be mounted with FlashCache in between.

root@vh43:~# df -h
Filesystem            Size  Used Avail Use% Mounted on
none                   32G  256K   32G   1% /dev
/dev/md1               10G  1.3G  8.2G  14% /
tmpfs                  32G     0   32G   0% /lib/init/rw
tmpfs                  32G     0   32G   0% /dev/shm
/dev/fuse              30M   12K   30M   1% /etc/pve
                      1.8T  196M  1.7T   1% /var/lib/vz

You can also see the statistics of FlashCache by running:

cat /proc/flashcache/md2+pve-storage/flashcache_stats

That’s it! Your Proxmox system should now have it’s VMs on the FlashCache drive.

If you have any questions or feedback, just leave them below.


Read more

This guide will guide you through the process of setting up PHP-FPM and nginx on your Mac OSX 10.8 Mountain Lion using MacPorts.

Installing XCode

For starters, you need MacPorts installed. This requires XCode and XCode’s Command Line tools. You can get XCode off the Apple Store. Once installed, go to preferences and install the Command Line tools.

Next install MacPorts. Just go to this page and download the pkg for your version of OSX.

Once that’s done, we’re ready to start.

Installing PHP-FPM

First, let’s install PHP-FPM:

sudo port install php54-fpm

Now we’ll also need to copy the config file:

sudo cp /opt/local/etc/php54/php-fpm.conf.default /opt/local/etc/php54/php-fpm.confsudo cp /opt/local/etc/php54/php.ini-development /opt/local/etc/php54/php.ini

That’s PHP sorted. If you want to install any PHP extensions, just use port install php54-EXTENSION.

Installing nginx

Next, we install nginx and copy the config files into the right place.

sudo port install nginx
 sudo cp -p /opt/local/etc/nginx/fastcgi.conf.example /opt/local/etc/nginx/fastcgi.conf
 sudo cp /opt/local/etc/nginx/fastcgi_params.example /opt/local/etc/nginx/fastcgi_params
 sudo cp /opt/local/etc/nginx/mime.types.example /opt/local/etc/nginx/mime.types
 sudo cp /opt/local/etc/nginx/nginx.conf.example /opt/local/etc/nginx/nginx.conf
 sudo mkdir /opt/local/etc/nginx/conf.d


That’s it. Now you can go ahead and configure nginx to your liking by editing the file:


I have also changed some configuration files to make PHP work properly off my ~/Sites/ folder.

Edit /opt/local/etc/php54/php.ini:


This will help with the nginx config.

Edit the fastcgi_params file:

sudo vi /opt/local/etc/nginx/fastcgi_params

It should look like this:

fastcgi_param   QUERY_STRING            $query_string;
fastcgi_param   REQUEST_METHOD          $request_method;
fastcgi_param   CONTENT_TYPE            $content_type;
fastcgi_param   CONTENT_LENGTH          $content_length;

fastcgi_param   SCRIPT_FILENAME         $request_filename;
fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
fastcgi_param   REQUEST_URI             $request_uri;
fastcgi_param   DOCUMENT_URI            $document_uri;
fastcgi_param   DOCUMENT_ROOT           $document_root;
fastcgi_param   SERVER_PROTOCOL         $server_protocol;

fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;

fastcgi_param   REMOTE_ADDR             $remote_addr;
fastcgi_param   REMOTE_PORT             $remote_port;
fastcgi_param   SERVER_ADDR             $server_addr;
fastcgi_param   SERVER_PORT             $server_port;
fastcgi_param   SERVER_NAME             $server_name;

fastcgi_param   HTTPS                   $https;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param   REDIRECT_STATUS         200;

And finally, add a location to your nginx configuration for PHP:

sudo vi /opt/local/etc/nginx/nginx.conf

Here’s my config:

        location ~ \.php$ {
            root   /Users/florian/Sites;
            fastcgi_index  index.php;
            include        fastcgi_params;

That’s it for the configuration.

Tweaking .bash_profile

Lastly, we’ll add some lines to your .bash_profile to make it easier to start and stop nginx and php_fpm.

vi ~/.bash_profile

And then add the following:

# nginx
 alias nginx_start='sudo launchctl load -w /Library/LaunchDaemons/org.macports.nginx.plist'
 alias nginx_stop='sudo launchctl unload -w /Library/LaunchDaemons/org.macports.nginx.plist'
 alias nginx_restart='nginx_stop; nginx_start;'
alias fpm_start=’sudo launchctl load -w /Library/LaunchDaemons/org.macports.php54-fpm.plist’
 alias fpm_stop=’sudo launchctl unload -w /Library/LaunchDaemons/org.macports.php54-fpm.plist’
 alias fpm_restart=’fpm_stop; fpm_start’
Boom! That’s it. You’ve now got nginx and php-fpm running on your Mac.
Read more

When was the last time you stayed at a hotel? How would you rate your experience, from a safety point of view? Do you feel the hotel staff could have done something different to make you and your belonging feel better protected? Do you think there is something you could have done differently, from the second you made that call to book the room till the end of your stay there? Here are a few ideas that should help you change your hotel safety mentality and increase your odds of enjoying a secure and comfortable stay next time you need to find hotel accommodation.nationwidelocksmith.org

What To Do Before Booking A Room

  • call front desk or email the hotel and find out if they have 24/7 security personnel at sight;

  • if possible, book a room located between the second and seventh floors, as they are considered to be within the easy reach of firemen ladders – as well as harder to access by thieves climbing the escape ladders on the exterior of the building.

  • Try to get a room that is located far from elevators and stairwells and make sure the room/lobby have sprinklers.

  • Inquire about the type of locks on the hotel room door; do they have deadbolts or privacy latches installed? Are there any surveillance cameras installed in the hallways and elevators?

Add A Few Safety Items In Your Luggage

  • even if you learn there are latches and safety chains or deadbolts installed on the door of the room you will be booking, it never hurts to be cautious;

  • pack along a portable rubber door-stopper or a portable lock that you should have no problem finding with your regular locksmith or local hardware store.

  • Talk to a licensed and experienced locksmith that handles both commercial and residential locksmith services and have them recommend any extra safety devices you could pack along. Talk to the guys at https://www.nationwidelocksmith.org/about-us and see if they are willing to offer any security advice for hotels and other similar accommodation options. The best services that cater to the needs of nationwide customers usually have great customer services. You should be able to talk all the details over the phone and have a trained locksmith come over and introduce their offers in terms of portable locks, personal alarms, and so on.

What To Do Upon Arriving At The Hotel

  • do not wander in the parking lot or the space around the hotel;

  • ask relevant questions concerning the safety of the neighborhood and any peculiar local customs you should know about. Inquire about the local 911-type emergency number and learn how to use their local telephone system.

  • Prop the door open with your luggage upon arriving to the room. Turn on the lights and inspect the door lock, as well as the locks on all the sliding glass doors and windows,or any lock you might see on the interconnecting doors.

  • Maintain the doors and windows locked throughout your stay and always engage the deadbolt and privacy chain. Remember to use the doorstop you have packed.

  • No safe in the room? Keep your passport, cash, and jewelry locked in your suitcase.

  • Before going to bed at night, store your wallet, watch, jewelry, and other valuables in a drawer in the nightstand.

Read more

Are budget airlines an alternative to full service airlines?

A Thomas Cook aircraft at London Gatwick

After having scoured the internet for cheap flights to Tunisia for weeks, I’ve decided to book a flight with Thomas Cook Airlines. The price for this started out as £172 return for a flight from London Gatwick (LGW) to Enfidha (NBE). The reason that I chose this flight was that I needed to be in Monastir for a week, and no normal flights were heading that way. The only alternative was Tunisair who are flying from Heathrow to Tunis for about the same price.

So I decided to give Thomas Cook Airlines a try, knowing that I would be conned out of my money somehow.


The pricing scam

When you go through Thomas Cooks online booking system, it all looks nice in the beginning, but gets worse with every click.
They lure you in with a reasonable (not even low!) fare, in this case £172, but when you start to click next, you realize what’s missing.

Thomas Cook Airlines "extras"

Let’s start off with luggage. On any full service airline, you’d be allowed to take 20-30kg of hold baggage with you. As you’d expect, Thomas Cook doesn’t allow this. Traveling with a bag is an extra for a mere £32 per 20kg.
If you were expecting a complementary meal, or just even a snack on board of a 3 hour flight, think again! That option will set you back another £16 per  flight. Who needs food anyway?
Then you have countless other options to lose your money on. I tried to be smart, and didn’t select any options (like priority check-in or extended seat pitch), as I was set on not paying extra charges.

Come the day of departure, I show up at the airport with a small carry on bag and my laptop bag. I was aware that I’d be allowed to only have 5kg of hand baggage, so I packed light in the morning and made sure all heavy items were in my pockets or jacket.
After a long queue (±80 people 3 hours before scheduled departure), I finally arrived at the check-in counter. The moment of truth, the bag goes onto the scale and shows 5.1kg. Phew, I thought. Just made it! (this was a bag with 2 jeans and 2 shirts, so basically nothing!)
However, a few seconds later, I learnt that unlike full service airlines, Thomas Cook doesn’t allow for a personal item (such as a laptop bag). That meant that I had 2 carry on items which exceeded the limit by 1. That meant I was allowed to do the walk of shame to the additional payments desk (they actually a dedicated check-in counter!) and pay an additional £25 to check 5.1 kg of baggage.

However, the fun good news doesn’t stop there.


Outbound flight fiasco — Operational issues

One doesn’t expect much from a budget airlines like Thomas Cook. I was prepared to having to pay for excess baggage, but I wasn’t for the next one.

We’d like to point out that your flight has been delayed from 19:20 to 23:40.” No reason for this delay could be given, the only thing one got was a £5 voucher. That’s £5 for a flight you’re supposed to check in 2 hours early for! For me that meant 6 hours of waiting at the airport.

Later I found out that the reason was “operational issues”. My guess is that the flight was so overbooked that it was cheaper for Thomas Cook to fly in a bigger aircraft and fly the passengers out than it would be to offload a substantial amount of passengers.


The in-flight experience

TCX 1274's Boeing 757

The plane on the flight out was scarily old. I think that AlItalia actually has newer planes than some of these Thomas Cook Airlines planes. They definitely have a better seat pitch. I’ve flown quite a bit over the last few years, and I’ve never experienced such a small seat pitch as on Thomas Cook Airlines. Any StarAlliance carrier I’ve flown with in Economy has had a larger seat pitch and didn’t require me to squeeze myself between two chairs. Even Nouvelair (a Tunisian charter airline) and AirBerlin have a substantially better seat pitch. Heck! Even Easyjet!

If you decided to pay for a lunch, you would’ve gotten bangers and mash and some tea or coffee, which looked quite nice.


Don’t travel without your Priority Pass

The only upside of having traveled with Thomas Cook was that I was able to thoroughly try out the Priority Pass benefits at London Gatwick and Enfidha.


London Gatwick Nº1 Lounge (South Terminal)

Eggs Benedict in No 1 Lounge

This is a beautifully designed lounge with great service. If you travel through Gatwick Airport, this is definitely a stop you need to make.
It took away the frustration of having to wait 6 hours for the flight as you’re greeted by delightful staff in a calm environment. This lounge definitely makes my personal top 5 of lounges.


Enfidha CIP PrimeClass Lounge

If you’re looking for a place to take out the stress of your travels, the CIP PrimeClass lounge is the place to be. You’ll be greeted by friendly staff offering you breakfast (I was there early!) and taking care of your every need (food, drinks or other). They will also guide you through a private security checkpoint and to the front of the queue of boarding (Hah! You paid for the Thomas Cook extra?!). The only thing that does get a bit annoying is the extremely helpfulness of staff, asking you if you need anything a second after you finish your plate / drink. Just like the Nº1 Lounge, I highly recommend using this service.

The CIP PrimeClass Lounge at Enfidha (NBE)


Post mortem

To summarize, if you have to travel with Thomas Cook Airlines, I feel for you. For me personally this was probably the last time I ever set foot on a Thomas Cook Airlines flight (never say never), and will in future take a Tunisair flight to Tunis instead. The song that pops to mind is the following:

Sorry 🙂

Read more