The marathon was really a hard one. 800 meters of total accent (2600ft). ... What a great scenery, it was more a tour then a marathon ;) ...I’ll am working on some new entries to the blog.

Installing Olive 10.4R1 under VMware

It's been a long time since I've taken a run at getting Olive up and working. I wanted to take another stab at it and document how to get a working Olive installation using the latest JUNOS code. I also wanted to document how to get Olive up inside VMware ESXi since I hadn't actually done that before.

Juniper Olive

Olive refers to a regular PC or virtual machine that is running Juniper Networks’ JUNOS software. Juniper created Olive early on so they could perform testing of JUNOS during development. These days Olive is deprecated in favor of cheap, low-end M and J-series routers but is still used by people wanting to evaluate/test JUNOS or those who are studying for Juniper certifications. For the most part Olive is fully functional as a basic router.

Choosing a RAID Card for ESXi

I recently built a VMware ESXi host at home. When I was researching the hardware, I learned there are a number of things to consider when choosing a RAID card for use under ESXi. This article covers those things and offers advice for anyone who is building a similar system.

Preparation Tips for the JNCIE-ER Exam

As many of you know, Juniper is currently undergoing a massive effort to update their certification program.  The previous track in 'Enterprise Routing' is now changing to 'Enterprise Routing and Switching' incorporating elements from the previous certification track in addition to some new elements essential to Enterprise switching such as Spanning-Tree, VLANs, Layer 2 Security, as well as High Availability features like Virtual Chassis.  We can expect that a lot of the topics like Firewalling and NAT will be removed from this exam as these topics will more properly appear in the Security track.

Although the new JNCIE-ENT certification is planned to be released in August 2011, there are many of you who are currently pursuing the existing JNCIE-ER before time runs out.  The good news is that Juniper plans to continue offering the existing JNCIE-ER exam until October 2011 so there is still quite a bit of time for those who are interested in attaining this certification.

There probably isn't a single day that goes by that I don't receive an email inquiry from someone currently pursuing the JNCIE-ER with a request to learn from my experiences and test preparation techniques.  And although this exam Continue reading

Nagios and IPv6 made easy with the mknagconf configuration generator

This article describes how to install Nagios3 and my mknagconf tool and how to use them. It should take about 30 minutes to install nagios3 and mknagconf and set it up to monitor a few hosts. The following has been tested with Ubuntu 10.04, 10.10 and 11.04 on an amd64 platform.

Nagios3 is an excellent monitoring engine, but the stock Nagios has some limitations in regard to dual-stack hosts. In the Nagios universe, one host is one ip address, and a secondary ipv6 address would require an extra host definition.

The Nagios packages which you are about to install have been patched to support this concept "one host = 1 ipv4 address + 1 optional ipv6 address". The mknagconf script makes it easier to maintain your Nagios installation. mknagconf takes small short, and simple definition files, parses them and generate the configuration files for Nagios. This will be explained after installing the required software.

Step 1: Install all dependencies
apt-get install apache2-mpm-prefork apache2-utils apache2.2-bin 
apache2.2-common bsd-mailx libapache2-mod-php5 libapr1
libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap
libgd2-noxpm libjpeg62 libperl5.10 nagios-plugins-basic
php5-common postfix ssl-cert nagios-plugins-standard
nagios-plugins-extra git-core make
Step 2: obtain PGP key, configure apt Continue reading

Common Services VRF MPLS and BGP

One of the most common MPLS VPN topologies is the Common Services simply put, it provides the most control of Branch traffic and filtering. MPLS VPNs are among one of today’s favorite and for good...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

The OSPFv2 Network Summary LSA Type-3

Well, what is the Network Summary LSA? It’s an LSA flooded throughout the backbone area, which describes networks in other areas. Originated only by ABRs (Area Border Routers) and not flooded...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Hitting the PF state table limit

I recently had an issue with an OpenBSD firewall where the number of state table entries was hitting the default limit of 10,000. When this limit is reached, no new state entries can be created. If you're using “keep state”, “modulate state” or “synproxy state” on your rules or if you're running OpenBSD 4.1 or newer (where “keep state” is the default on all rules) this could mean that:

  • You cannot make new connections through the firewall
  • You cannot make new connections to the firewall
  • You cannot make new connections from the firewall

So…. if you hit the state table limit it's kinda bad, mmmkay?

ZFS File Server

Specifications Total storage raw: 10TB Total storage usable: 5TB Case Norco RPC-4220 - 20 hot-swap bay, 4RU chassis PSU Corsair HX 750W Motherboard Supermicro X8STE - single socket 1366; 2x Intel 82574L GigE NIC; Matrox G200 GPU CPU Intel Xeon E5620 Westmere 2.4GHz Quad Core RAM 24GB (6x4GB) Kingston 240-pin DDR SDRAM ECC Unbuffered Controller Cards Intel SASWT4I (LSI SAS1064E chipset) PCIe x4 4-port SAS HBA LSI 9201-16i 6GB/s PCIe 2.

Website Redesign

If you've visited this site before then it's obvious to you the site has undergone a major face lift. All of the content that was on the old site is still here, it's just at a different URL. Some of the more popular pages on the site are now here: Juniper Networks Olive Monitoring BIND9 Monitoring Postfix NetPacket PERL modules for IPv6 and OpenBSD packet filter OpenBSD SNMP MIBs As these pages are updated or when I add new tools or scripts, I plan on posting a blog entry to that affect.

Troubleshooting OSPFv2 Neighbors (Part2)

This will seem very similar to t he last post, again going on simple. Things that can be overlooked if one is not careful, doesn’t look at everything with a magnifying glass, and becomes over...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

IPv6 Tutorial: The overview

I will start from the beginning; two weeks ago I wrote a post claiming that IPv4 is depleting and IPv6 is coming soon; and since we are considering deploying IPv6 soon in our network, I thought it might be useful to write about IPv6 migration and transition strategies. Although, this is important but I think [...] No related posts. Related posts brought to you by Yet Another Related Posts Plugin.