In this show, we get into what expiration dates on packaged food and drugs really mean. How should you react when the date expires? If
I’m part of a project that’s going to do some physical rack cleanup. As in, the cables are a mess, labeling isn’t consistent, power distribution isn’t quite what it should be, and it’s gotten to the point where doing maintenance on any of the hardware is tough. So, it’s time to tidy everything up. I’ve been a part of several of these kinds of projects before, and I’ve collected a bunch of data on how to approach it.
According to the good folks at Literature & Latte, Scapple is…
…an easy-to-use tool for getting ideas down as quickly as possible and making connections between them. It isn’t exactly mind-mapping software—it’s more like a freeform text editor that allows you to make notes anywhere on the page and to connect them using straight dotted lines or arrows. If you’ve ever scribbled down ideas all over a piece of paper and drawn lines between related thoughts,
I recently needed to configure rate-limiting on a Juniper SRX650 firewall’s 1GbE interface facing an ISP. The scenario was that the ISP allowed line rate traffic and billed at the 95th percentile of utilization. As long as 95th percentile was under the number of bps we were paying for, there was no excess charge. But that possibility of an excess charge was sort of annoying. How to provide ease of mind? Rate limit all traffic going through the 1GbE interfaces to the ISP.
I needed a simple tester for home use to be sure that the twisted pair cable I’ve run was terminated to the right pinouts. I poked around a bit, and finally opted for the Klein Tools LAN Scout Junior Tester (Amazon). This is a $50 unit that provides just the basics. The unit has a handheld base, a remote unit, an LCD display, and a single button to power it on and run a test.
Several folks have asked me about my home lab server build since I’ve tweeted a time or two about it. Here’s what I’ve built so far, and some of the logic behind my choices.
The Purpose Of My Lab
I am working on network virtualization, automation, and software defined networking tools. I need to work with a variety of hypervisors, virtual switches & routers, and virtual networking appliances. While I’ll have a few applications I’m running along the way,
I moved my BIG-IP VE Lab Edition VM from VMware Fusion on my Mac over to VMware ESXi, now that I’ve built a full ESXi 5.5 host to lab with. Here are my notes, as it was overall easy enough, but I did it wrong the first time. Maybe I can save someone a little time. Or better yet, someone can respond in the comments with an even better way to accomplish this.
SNMPv3 is the successor to the more commonly deployed SNMPv2c. While the underlying structure of MIBs & OIDs are not impacted by v3, the way those objects are accessed are. While SNMPv2c offers read-only and read-write community strings (essentially passwords) to secure access to the device MIB, the data flow was in plaintext, easily readable by anyone in the data path with a sniffer. SNMPv3 offers a an authentication and encryption scheme that, should you so desire,
This is documentation of a part of a Juniper MX router configuration that took me a bit time and reading to get working. I had a number of specific goals.
Opengear makes out-of-band management console servers with a great deal of flexibility. In essence, an Opengear box is a Linux machine with ports that can act in a variety of roles. Various models have various console port densities and specific functions.
I ran into an issue with an Opengear IM4216-34 running firmware 3.5.3u1 where the box would give me an immediate “connection refused” when attempting to SSH to ports 3001 and up after it had been working for weeks,
This post is a simple challenge to all of us network engineers. Let’s document our networks better. By “better”, I mean more clearly, currently, and completely. And I will also make the case that new projects should not end with documentation. They should start with it.
I have frequently been in the position of inheriting networks from engineers that have moved on. My new manager and/or peers will share with me the documentation on hand,
Eric Flores, community blogger at Packet Pushers, posted this gem about F5 dropping the price of the F5 BIG-IP Virtual Edition for lab license down to $95. In my opinion, F5 is the market leader in load-balancing appliances – what they call “application delivery controllers”. I’ve used F5 gear for many years now, and have a visceral attachment to the platform. F5 has been in the middle of some of my most frustrating moments in networking,
Arista Networks sells low-latency, high-density, merchant-silicon based Ethernet switches that run a modular OS called Extensible Operating System (EOS). While the hardware is certainly commendable, I feel that software is Arista’s differentiator. From my network engineer’s perspective, EOS was built to make my life easier. The idea is that EOS can be used to get good information about the switch, processes, and traffic flowing through the switch easily. I have several hundred more pages of EOS manual reading to do before I feel competent to talk about EOS magic in much detail;
I don’t usually get excited about new RFCs. They come, they go, with varying degrees of relevance to my day to day networking world. But RFC 7059 is a little different. This informational RFC walks through IPv6-over-IPv4 tunneling. This matters to me for a couple of reasons.
This is a summary of bringing up an IPSEC site to site VPN tunnel between a Cisco ASA firewall we’ll call EAST running ASA 8.2(1) and an Juniper SRX 650 firewall we’ll call WEST running Junos 11.4R7.5. Not the most elegant blog post in the world, but rather a summary along with config files that worked in my case and have been stable for about a week now.
Juniper offers route-based IPSEC VPNs and policy-based IPSEC VPNs.
I’ve recently taken on a new day job, where I’ve inherited some Juniper gear that needs to be put into production soon. As long as I’ve been involved with networking, I’ve never worked with Junos. Mostly, I’ve been a Cisco IOS or NX-OS user. While many non-Cisco vendors ape the IOS CLI as sort of a de-facto standard, Juniper does not. From a CLI perspective, Junos is nothing like IOS. That puts me a time disadvantage.
Some months ago, I migrated from PCs running Windows 7 to OS X running on Mac hardware. I bought a Mac Mini and a MacBookPro with a 13″ Retina display. I don’t use Windows for any personal computing at all now, and I don’t miss it.
Why did I switch?
The change was driven by three things. One was seeing many, many people in my line of work (networking professionals with a creative bent) using the Mac platform.