It’s so easy to build react apps these days. Over two nights, I knocked up a quick website to be able to upload igc flight files, and an xctask files to locally compute if you managed to hit the targets. It’s something to play with more later, but I’m hoping to start putting these widgets into my logbook app to be able to log flights against tasks when they’re done. … »
I’ve not been writing or blogging for some time. Over half a decade. It has been about 12 years since I started this blog, and a lot has changed since then. I’ve not found the time to document my tinkerings and projects as work has taken most of my time. I’m going to leave work related things on Linkedin, personal posts on Facebook, but I would like to continue using this site as my partner tends to use her diaries, as a way looking back at what I’ve been playing with. … »
I made this video a while ago and some people on YouTube seem to like it, so here is my very basic MPLS tutorial. Towards the end of the video there’s a live demonstration showing the concepts with Wireshark … »
One of the biggest problems in the environment I work in is that almost all of the deployment of our 300+ devices is that everything has been hand crafted. Usually this isn’t such a big problem, but add that with a design decision to route right to the access layer of our campus network with a multi-VRF network and you can start to see how mistakes, or changes in design along the deployment has meant inconsistencies. … »
At UOW we had a challenge. We wanted to allow proxy-free internet, but wanted to keep an eye on how much data was being consumed by what sort of users. For this we built Project Herbert http://uowits.github.io/herbert-gui/docs.html. It uses netflow from inside our network and some syslog monitoring scripts to match up our private RFC1918 address space to the users who have it at that time, process the flows in near-realtime so we can adjust throttling and firewall policy to be reactive with the environment. … »
It’s often handy when dealing with infringement notices and the like to have NAT translations logged. Sure a better way would be to record netflow from these devices (and include the translations) but for a quick syslog solution, you can always: 1 2 3 logging enable logging list ToSyslog level critical logging list ToSyslog message 305011 See http://www.cisco.com/c/en/us/td/docs/security/pix/pix63/system/message/63syslog/pixemsgs.html#wp1054604 Messages will look something like: 1 May 08 13:01:20 freewifi-asa.net.uow.edu.au %ASA-6-305011: Built dynamic TCP translation from inside:10. … »
We have an interesting problem at my workplace, we have an MPLS VPN design for separation of security zones (e.g., staff from students.) and we don’t have MPLS support on our edge. With a L3 to the edge design though this means that while every edge switch has its own address space (per VRF), it also has a /30 uplink (once again, per VRF) back to the PE device. While this (rightly or wrongly decided) slightly more complicated design in itself isn’t a problem, I’ve been working on programatically putting all of this data into an IPAM (IP Address Management) solution. … »
At the organisation I’m currently working for, we recently experienced what appears to be a common issue, VLAN’s trunked down to ESXi nodes were inconsistent. In our DC, we’re still running the old school Cisco Catalyst switches. If we were running a fabric, or Nexus switches we could put port profiles to action or if we lucky enough to have some equipment running Junos <3 we could be using apply-groups for this. … »
I’ve been happily running my Apple Airport Extreme as m home router for the past few years (since my debian router died, and I’ve been too lazy to replace it). One of the cool features was the ability to create a guest network (SSID) to access the internet without being able to access your trusted network. One feature I wanted was the ability to throttle the speed guests can access the internet at. While I couldn’t do this with the Airport Extreme alone, Add a Juniper SRX100 into the mix that the awesome Cooper Lees gave me into the mix and problem solved.
I’ve never found a really simple video on what exactly Anycast is with a basic examples when exploring the concepts. I decided to lab it up and figured this might help some of you starting out with the concepts. Any comments feel free to let me know! Config Attached for IOS lab HERE. … »