vBrownBag: Troubleshooting Multicast High Level

For “basic” multicast I have always found that >70% of the problems I troubleshoot end up being the same things over and over and over again.

  1. Missing “trigger” to “pull” the multicast down to the receiver
  2. Multicast Distribution Tree (MDT) not built cause router doesn’t know
    1. WHO the root of the MDT is
    2. WHERE the root of the MDT is
    3. WHAT is the PIM RPF Neighbor toward the root of the MDT

Thank you, vBrownBag for asking me to present this.  :)   It was lots of fun.

When adding a VLAN doesn’t add a VLAN

Vendor: Cisco
Software version: 12.2(33)SXI7
Hardware: 6509-E

So this is a typical stupid question. How do you add VLANs to a trunk?

Assuming you started with a port with default configuration on it, it would be:

 interface
 switchport
 switchport mode trunk
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan
 switchport trunk native vlan

Now, I was interrupted while doing this by someone interjecting and stating categorically, that

 switchport trunk allowed vlan
 ```

Should be:

```
 switchport trunk allowed vlan add
 ```

Not really the way I would do it on a new switchport, but not wanting to hurt feelings I proceeded and saw this:

```
 TEST(config-if)#switchport trunk allowed vlan add 10,20,30
 TEST(config-if)#do show run int gi9/14
 Building configuration...
Current configuration : 279 bytes
 !
 interface GigabitEthernet9/14
 description TEST
 switchport
 switchport trunk encapsulation dot1q
 switchport mode trunk
 shutdown
 storm-control broadcast level 0.50
 storm-control multicast level 0.50
 no cdp enable
 no lldp transmit
 no lldp receive
 end
 ```

To cut a long story short, the switch takes the configuration, but doesn’t apply it. It lead to a lot of head scratching, because you’d think it should work. Switchport state when doing:

```
 show interface gi9/14 trunk
 ```

Shows a state Continue reading

‘Locky’ ransomware, which infects like Dridex, hits the unlucky

A new flavor of ransomware, similar in its mode of attack to the notorious banking software Dridex, is causing havoc with some users.Victims are usually sent via email a Microsoft Word document purporting to be an invoice that requires a macro, or a small application that does some function.Macros are disabled by default by Microsoft due to the security dangers. Users who encounter a macro see a warning if a document contains one.If macros are enabled, the document will run the macro and download Locky to a computer, wrote Palo Alto Networks in a blog post on Tuesday. The same technique is used by Dridex, a banking trojan that steals online account credentials.To read this article in full or to leave a comment, please click here

Apple ordered to assist in unlocking iPhone used by San Bernardino attacker

Apple was ordered Tuesday by a federal judge in California to provide assistance to the FBI to search a locked iPhone 5c that was used by Syed Rizwan Farook, one of the terrorists said to have been involved in an  attack in San Bernardino, California, on Dec. 2.The government's request under a statute called the All Writs Act will likely give a boost to attempts by law enforcement to curb the use of encryption by smartphone vendors.Apple is fighting in a New York federal court a similar move by the Department of Justice to get the company's help in unlocking the iPhone 5s smartphone of an alleged methamphetamine dealer. On Friday, it asked the New York court to give a final order as it has received additional similar requests from law enforcement agencies, and was advised that more such requests could come under the same statute.To read this article in full or to leave a comment, please click here

Some notes on Apple decryption San Bernadino phone

Today, a judge ordered Apple to help the FBI decrypt the San Bernadino shooter's iPhone 5C. Specifically:
  1. disable the auto-erase that happens after 10 bad guesses
  2. enable submitting passcodes at a high speed electronically rather than forcing a human to type them one-by-one
  3. likely accomplish this through a fimware update
The text of the court order almost exactly matches that of the "IOS Security Guide". In other words, while it may look fairly technical, actually the entirety of the technical stuff they are asking is described in one short document.

The problem the FBI is trying to solve is that when guessing passcodes is slow. The user has two options. One option is that every bad guess causes the wait between guesses to get longer and longer, slowing down guessing, forcing an hour between guesses. The other option is to have the phone erase itself after 10 bad guesses. Ether way, it makes guessing the passcode impractical. The FBI is demanding the Apple update the software of the phone to prevent either of these things from happening.

The phone is an iPhone 5C, first released in September 2013, so is quite old. This increases the chance that Continue reading

Craigslist fails to flag most scam rental ads, study finds

Craigslist, the popular online listings service, has waged a long fight against scammers, but a new academic study suggests it's been losing the battle.The study focussed on listings for housing rentals, and found that Craigslist failed to remove a majority of those that were fraudulent.The researchers analyzed two million ads over a five-month period in 2014 and determined that Craigslist had flagged and removed fewer than half the listings that likely weren't genuine.Looking for housing can be stressful, and people are vulnerable to schemes that advertise below-market pricing or ways to get ahead of the rental game.To read this article in full or to leave a comment, please click here

Network Simulation – Cisco VIRL Now Available in the Cloud

There has been a lot happening around VIRL the last few weeks. A new release of VIRL just got released and today the VIRL team announced that they are adding support for running VIRL in the cloud.

Cisco has chosen to work together with Packet, a bare metal cloud provider. This is how Packet describes themselves.

At Packet, we're out to build a better internet by supercharging the container revolution with smart, API-driven bare metal. Our platform brings the price and performance benefits of bare metal servers to the cloud, powering highly-available performance workloads through a unique, never-congested network.

The following picture summarizes why Cisco has chosen Packet.

Packet Bare Metal Cloud
Packet Bare Metal Cloud

Compared to Amazon AWS, Packet is a bare metal cloud provider which means that the resources you rent will be dedicated to you. Packet does not run any hypervisors, meaning that the workloads are not virtualized.

If you have an existing install of VIRL, you can use Terraform by Hashicorp to provision your new VIRL server at Packet. I had never heard of Terraform before, this is how Hashicorp describes Terraform.

Today we announce Terraform, a tool for safely and efficiently building, combining, and launching infrastructure. From  Continue reading

Use Linux? Stop what you’re doing and apply this patch

A buffer-overflow vulnerability uncovered Tuesday in the GNU C Library poses a serious threat to countless Linux users.Dating back to the release of glibc 2.9 in 2008, CVE-2015-7547 is a stack-based buffer overflow bug in the glibc DNS client-side resolver that opens the door to remote code execution when a particular library function is used. Software using the function can be exploited with attacker-controlled domain names, attacker-controlled DNS servers or man-in-the-middle attacks.Glibc, which was also at the core of the "Ghost" vulnerability found last year, is a C library that defines system calls and other basic functions on Linux systems. Its maintainers had apparently been alerted of the new problem last July, but it's not clear if any remediation effort was launched at that time.To read this article in full or to leave a comment, please click here

IBM goes all in on blockchain, offers cloud-based service

IBM is betting big on blockchain secure-records technology taking off beyond its traditional use in bitcoin and other financial transactions. The company is now offering a cloud-based service to allow developers to set up blockchain networks and test and deploy related apps.IBM announced a flurry of blockchain-related initiatives Tuesday, including developer services hosted on its Bluemix cloud. Developers can access DevOps tools to create, deploy and monitor blockchain applications on the IBM cloud, the company said.To read this article in full or to leave a comment, please click here

How Shared Spectrum Can Improve In-Building Cellular

BlogImages-SharedSpectrum

 

Juan Santiago By: Juan Santiago, Director of Product Management

You’ve been there before: You popped into a store and wanted to look something up on your smartphone while waiting in line. However, the cell signal shows just one lousy bar. You consider logging on to Wi-Fi but there are multiple inconvenient steps that aren’t worth the hassle while you’re waiting in line. Nope, you’ll just wait to go back outside and go somewhere else next time.

Why can’t Wi-Fi be as simple as pulling the phone out of your pocket, like cellular? Or, better yet, why can’t cellular just be everywhere Wi-Fi is, including deep inside buildings? The answer lies in a little-known fact about cellular: Your phone company owns the right to use the cellular airwaves everywhere, even if, as in the example above, it’s not actually using them where you happen to be. 

You may think that the store, realizing that you may never come back, would be willing to spend a little cash for better cell service, but it can’t. The store doesn’t own the right to use the airwaves inside its walls, thus it must work with each phone company individually to convince them to install a Continue reading

Should Technology Mirror Business?

The essence of SDN is to create a software model of the current data network business. This quantitative model is based on volumes of data: what ‘bandwidth’ resources do I have (i.e. supply), and how can I give different quantities of this ‘bandwidth’ to different users and uses (i.e. demand)? -via circleid

I’ve been in information technology since the early 1990’s, and it’s always been like this: business tells IT what to do, and IT does it. In other words, we make technology mirror business. Which is a fine formula for success, so long as you think business is the engine of innovation. The problem is innovation doesn’t come from one department or place. In fact, innovation most often comes from the intersection of two or more things. Think about it.

When did cars first start being innovative? When they combined the technology that existed in the latest horse drawn carriages with the latest in industrial technology, including internal combustion engines and assembly line production. All three of these came from someplace else—many people don’t know the idea of interchangeable parts came out of the firearms world, rather than the automotive industry. When did innovation come into the Continue reading

Naked judge’s photos used on website to promote nudist resort without his knowledge

Like it or not, you are lawfully free game to be surveilled and photographed when you leave the privacy of your house.If you commit a crime, then you should expect the police to release a surveillance video – although why the police found it important enough to release a video of Victoria Secret underwear thieves is unknown; the fact that the male and female team allegedly stole 80, then 120 sexy pairs of undies valued at $2,500 might have something to do with it.Then there’s photos, which can be taken with or without your consent, that could end up online.To read this article in full or to leave a comment, please click here

Worth Watching: The Economics of the Internet

Old economics explains the new economy well. When we buy something, we spend time and money searching for it, comparing it with other products, negotiating a price, and ensuring that we get what we paid for. This is what economists call ‘transaction costs.’ The internet dramatically reduces these costs, making it cheaper for people, businesses and governments to do business. -via the World Bank

The post Worth Watching: The Economics of the Internet appeared first on 'net work.

Sponsored Post: Swrve, Netflix, Macmillan Learning, Aerospike, TrueSight Pulse, LaunchDarkly, Robinhood, Redis Labs, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7

Who's Hiring?

  • Swrve -- In November we closed a $30m funding round, and we’re now expanding our engineering team based in Dublin (Ireland). Our mobile marketing platform is powered by 8bn+ events a day, processed in real time. We’re hiring intermediate and senior backend software developers to join the existing team of thirty engineers. Sound like fun? Come join us.

  • Macmillan Learning, a premier e-learning institute, is looking for VP of DevOps to manage the DevOps teams based in New York and Austin. This is a very exciting team as the company is committed to fully transitioning to the Cloud, using a DevOps approach, with focus on CI/CD, and using technologies like Chef/Puppet/Docker, etc. Please apply here.

  • DevOps Engineer at Robinhood. We are looking for an Operations Engineer to take responsibility for our development and production environments deployed across multiple AWS regions. Top candidates will have several years experience as a Systems Administrator, Ops Engineer, or SRE at a massive scale. Please apply here.

  • Senior Service Reliability Engineer (SRE): Drive improvements to help reduce both time-to-detect and time-to-resolve while concurrently improving availability through service team engagement.  Ability to analyze and triage production issues on a web-scale system a plus. Continue reading
1 3,076 3,077 3,078 3,079 3,080 3,780