Always Networks Blog

VCP 6 passed - like the new Fault Tolerance features!

Fri 20 January 2017

I recently updated my VMware certification from 5.5 to 6. My 5.5 was expiring so it made sense to do the delta exam and upgrade, rather than recertify the same level. I realise I've done this just as 6.5 is coming out, but I've been using 6 lately so it made sense to me.

A lot of the maximums in VMware have …

Read whole post...

Off-site backups for Synology NAS - using two raspberry pi's, behind dynamic NAT IP's

Tue 08 November 2016

I recently bought a 4 bay synology NAS (DS416 Play), to move away from Dropbox and OneDrive. The main issue I had before choosing to do this, was off-site backups. It's ok having 4 disks for resilience, but if my house burns down or gets burgled, I still lose everything.

So I started to think up ways of doing an offsite backup, without having to …

Read whole post...

Python Scripting on a Cisco Nexus 7k

A few days ago I stumbled upon the python interpreter on the Nexus platform. It got me to tinkering.

In the past, I have had a requirement to grab a list of all of the interfaces on a box, the IP's, and the masks. The interfaces and IP's can easily be obtained from a show ip int br, and using column select to grab the …

Read whole post...

Check Point Certified System Administrator (CCSA) Study Notes - R77

Fri 22 January 2016

I'm now a Check Point Certified System Administrator (CCSA)! I took the R77 exam and passed. I have to say I was a little disappointed with the exam - there were 100 questions in 90 minutes, but I found a lot of the questions were repeated - albeit with a slightly different phrasing.

Below are the notes I made while I was studying. Definitely lab it (download …

Read whole post...

Packet capture, built in to Windows

Thu 14 January 2016

Sometimes when you are working in secure environments, you can't just go installing software. But if you need a packet capture, and it's a windows server, then what? If you can't install Wireshark, then you can use Microsoft Network Monitor.

The capturing is done via a command-line tool. Once you export the file, then you have to use some Microsoft software to analyse it - it's …

Read whole post...

Palo Alto scheduled backups - without Panorama

Fri 08 January 2016

Recently we deployed a Palo Alto VM-200 firewall. It was a stand-alone deployment on a remote site. We were going to deploy a pair, but we didn't see how much value it added as the VM-series firewalls do support HA but not stateful HA.

As it was stand-alone, it wasn't managed by Panorama. And without Panorama management, it is seemingly not very straightforward to enable …

Read whole post...

What is ARP?

Thu 20 August 2015

A number of times in the last few weeks I have been asked by a number of people:

What is ARP?

There is the simple answer - which is simply a definition:

Address Resolution Protocol (ARP) is a mechanism to resolve IP addresses into MAC addresses.

However...that doesn't really explain a lot. It probably doesn't explain anything you didn't already know. To really understand ARP …

Read whole post...

Nexus 7000 Software Bug - Flash RAID Errors - Part 2

Wed 12 August 2015

This is a continuation of a previous post.

The last post finished where we thought all was good, because the flash status code was reading 0xF0, which we were told means both flash drives are healthy. What we noticed though was that the diag tests were still failing for compact flash - test 7 - on some of the sups. Initially Cisco told us that this was …

Read whole post...

Why am I seeing packets on my server that aren't for this server?

While troubleshooting a totally unrelated issue, one of my colleagues noticed that they were seeing packets in a tcpdump that were neither destined for nor sourced from the server. This is odd, when plugged into a switch, so we started digging.

Server 1, was sending a stream of packets to Server 2 - in a different subnet somewhere. Sometimes, although rarely, these packets could be seen …

Read whole post...

Nexus 7000 Software Bug - Flash RAID Errors - 7k Reboot and Failover

It's been a mad couple of weeks with Nexus 7000's. My client hit a software bug on their Nexus 7k, which turned out to be a most impressive bug. It basically causes the flash drives to be erroneously marked as faulty, which then causes them to be remounted in read only. The first symptom was that you could not save the running configuration by running …

Read whole post...