If you are using Palo Alto Firewalls it could be at times difficult to see whether or not packets are being dropped. If they are being dropped by a policy, you can see that in the traffic logs, but if they are being dropped do to illegal tcp operation, which could manifest itself from asymmetric packets (you see the syn come in zone A leave Zone B and return zone C,) the session has timed out, but the application is using a longer timeout and tries to use a dead session, or many other reasons.… Read more
Cisco CLI “Filter from –more–” (8 of 30)
Posted by kencelenza
on October 20, 2014
No comments
I know it’s a mouthful that doesn’t seem to make sense. But that is what Cisco calls it, and what it is similar to the | (pipe) you are probably familiar with. I was not until recently aware of these commands.
With the pipe you have include, exclude and begin and have to enter them before you run the show command. You have similar options after running the show command, using +, -, and / respectively. After issuing your “show” command, using the ‘/’ it allows you to find the next occurrence of a string and everything after that.… Read more
It’s the Network’s Fault, I promise you (7 of 30)
Posted by kencelenza
on October 19, 2014
No comments
So you probably presume I am entering some tirade in which explain the story of someone insisting that there is a network issue, and after days or weeks the issue is finally found out to not be a network issue, leaving me the unsung hero. Well, this is not that story, if you have been in the network business for any period of time you have this happen many times, and my story is no more unique then yours. While it does help to to relieve some of that frustration, not much to be gained from it.… Read more
Text Tools–Take 1 (6 of 30)
Posted by kencelenza
on October 18, 2014
No comments
I have been a fan of Text Mechanic a site uses javascript to perform a bunch of actions on a given set of text. What is nice about it being javascript is everything is within browser. However it doesn’t meet all my needs. I have started to create some text tools of my own, but I am doing it in Perl, so please note that the configlets are seen by my server, and though I have no intention of logging them, I am not responsible for them either 🙂 I plan on releasing this and more on github, so stay tuned.… Read more
Behind the scenes of RANCID (5 of 30)
Posted by kencelenza
on October 18, 2014
No comments
If you are a network guy, even if you have never installed, used, or seen RANCID, you probably still know about it. However, in case not, you can find more at Shrubbery Networks, where you will find this short write-up on what RANCID does.
RANCID monitors a router’s (or more generally a device’s) configuration, including software and hardware (cards, serial numbers, etc) and uses CVS (Concurrent Version System) or Subversion to maintain history of changes.
There is a log of documentation on how to install, configure and run RANCID, but I haven’t found much that explains how all of the configurations files and scripts interact with each other.… Read more
Vendor Eval Sheet (4 of 30)
Posted by kencelenza
on October 18, 2014
No comments
When doing a vendor evaluation it is never fun process, especially if it is a company you are working with the first time. First the vendor comes in with their sales guy, even though you specifically asked to have a technical resource to come instead, they insist they want to “get a feel” for you are looking for. You get the nice brochure, you have that waste of a meeting, and if you are like me, you partially torture the guy, in mostly good fun.… Read more
CLI your CLI (3 of 30)
Posted by kencelenza
on October 17, 2014
No comments
For the last decade I have been launching my putty from a simple windows+r. I have done so well over 20,000 times in the last 7 years alone, (don’t ask how I know that.) You might remember this feature being depicted in on EtherealMind’s blog post, though I rarely see other net-eng or linux types using this feature. To build on that same topic, there have been three things that I have been doing. The first is integrating within a simple batch file, and the second is integrating tabbed putty via SuperPutty, and finally setting up logging of all my terminal activity.… Read more