homecomputerlab

Recently I have been been doing quite a bit of reconfiguring of my home network including a subnet change, introducing more vlans and migrating server shares. The manual process of updating host files, IP configs and NFS/SAMBA shares can become rather repetitive after awhile especially when I am forever moving things around on the network. Below is one of the scripts I use to overwrite config files across the network before implementing any network changes.

#!/bin/bash
SERVERS=`cat servers`;
for i in $SERVERS;
do scp /path/to/file root@${i}:/path/to/file/
done

Equally important is appending updates to any config files:

#!/bin/bash
SERVERS=`cat servers`;
for i in $SERVERS;
do
cat /path/to/file | ssh root@${i} "cat >> /path/to/file"
done

I showed my website to my boss last week after I had just launched it, his advise to me with his management hat on of course, was to include a legal disclaimer. I will tidy this up and produce a more official legal disclaimer in the future, but here is the one I will use for now:

While the information on this website is correct and accurate to the best of the authors knowledge, the author is not and can not be held responsible for any problems or errors you may encounter from following any of the advise or tutorials published on this website. If you are offended by any of the content or posts on this website, too bad.

Lets you easily change fonts in your wordpress posts.

http://wordpress.org/extend/plugins/wp-super-edit/

logging trap ?

IOS Commands in global config mode:
logging enable
logging timestamp
logging buffered notifications (set desired level from list above)
logging trap notifications (set desired level from list above)
logging host inside <Server IP>

There are a number of syslogging tools available to choose from in linux, however Rsyslog is the default syslogging tool in Ubuntu since 9.10 (Karmic) which also comes installed by default, so I will be using this. Rsyslog is compatible with both tcp and udp logging.

To setup rsyslog to capture alerts from a remote source:
sudo nano /etc/rsyslog.conf and simply uncomment the protocol you prefer.

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# provides TCP syslog reception
# $ModLoad imtcp
# $InputTCPServerRun 514

You can also use the $AllowedSender directive if you want to setup ACL’s.

You will then need to specify which alerts you would like to listen for:
sudo nano /etc/rsyslog.d/50-default.conf
Add the following line to capture notification alerts including all levels <0-5>
*.notice        -/var/logs/Firewall/Cisco_ASA.log

sudo /etc/init.d/rsyslog restart to restart the syslog service to enable changes.

LOG ROTATION

sudo nano /etc/logrotate.conf

/var/logs/Firewall/Cisco_ASA.log {
daily
rotate 99
nocompress
missingok
create 0640 syslog adm
}

Add to cron
sudo nano /etc/crontab

# Syslog
00 00    * * *    root    /usr/sbin/logrotate -f /etc/logrotate.conf

More to follow here shortly.

Following on from my post below, if you are experiencing problems with your ADSL internet connectivity such as frequent packet loss or regularly being disconnected from the internet altogether there are a couple of things to check first before escalating the issue with your ISP/BT. Even if you are still unable to resolve the issue yourself you will at least be able to rule out the most common issues, saving yourself some time and pointing your ISP/BT in the right direction.

• Check, and if possible, replace your micro-filters. A maximum of four microfilters can be used on a BT phone line. This corresponds to the recommended maximum number of items of telephony equipment you can plug into a standard voice line – known as the maximum Ringing Equivalent Number (REN).
• Try unplugging all non ADSL equipment from the line including fax machines, Sky TV, alarms etc.
• Try plugging your ADSL modem directly into the master socket via the filter with all other devices still unplugged.

Having checked the above first and if you are still continuing to experience problems the next things to check are: the line attenuation and signal to noise ratio. There is an excellent forum sticky post here which I have copied into a pdf document here which explains the basics of line attenuation and noise. Although its written for sky broadbands’ LLU service in the UK the principles should apply to all ADSL services.

Listed below are a few of the main tests BT offer should you find you need to escalate your issue with your ISP:

END TO END TEST (COPPER LINE CHECK)
Tests normal telephony (voice) end to end connectivity. Checks if there is current from another telephone line leaking on to your pair or if there is current leaking from your pair. You will also get an accurate line distance (attenuation) measurement from this test. Should the test come back all OK that’s not to say there isn’t something else affecting your DSL service, this test is designed mainly for voice connections, however any conditions shown here will typically have an effect on your DSL service.

LINE LOSS DEGRADTION TASK
The name says it all really. This test will check your line attenuation again as well as noise and SNR (signal to noise ratio.) If possible BT will shorten your line to reduce the noise and SNR.

BROADBAND SFI
SFI is the Special Faults Investigation engineers – the SAS (Super Army Soldiers) of broadband. They pretty much check everything; wiring and broadband as well as activity beyond the NTE, including the router. I have just recently had a really good experience following an SFI test from BT where a previously undetected issue after 2x end-to-end tests and a line degradation task failed. The problem was diagnosed within an hour which turned out to be a line issue after all. The problem was resolved within a few days after a couple of trips backwards and forwards between the local exchange and our offices. I have heard however that the call out fee is not cheap and they will only spend 2hours on the issue so may well not find an intermittent fault. – If a fault is not found you will be charged which could be something to consider.

CEASE AND RE PROVIDE
Again the name says it all really. Sometimes BT will offer you a cease and re provide if you are experiencing on going issues. I’m not sure if this is something you can request or whether there are costs involved for this but it is worth mentioning. Also worth mentioning is that if this is something you do pursue it might be worth requesting that the re provisioned line is implemented over a different line pair.

Today I had the pleasure of our 4th visit from BT who have been troubleshooting a flapping ADSL circuit we use for one of our remote regional offices. The problems have been on going for approximately 6 months, however this time BT aren’t entirely to blame for once. Let me explain:

MANAGED SERVICE PROVIDERS
We use a single managed ISP who ‘manage’ all of our WAN infrastructure which in theory is a really good idea with numerous advantages and 95% of the time works really well. I believe it is the right solution for my current employer based on the size of our organisation; The business is not dependent on just a single person for their WAN infrastructure and it works out cheaper than employing two network engineers. Anyone with authorisation, so someone managerial who is not necessarily technical, can just as easily pickup the phone, explain to our ISP what they would like to achieve and request a change is made. The ISP handles the change control logs and certified technicians carry out the changes. Nice and easy for us. A monkey could run it and that monkey is me. Indeed there are many benefits to a single managed ISP besides giving monkeys jobs. The problem is, like any corporate ISP, they mainly specialise in managing our larger leased line circuits that typically offer very high SLA’s over the top of them.

DEPLOYING A COST EFFECTIVE SERVICE THAT IS FIT FOR PURPOSE
What happens when the site in question is a small remote regional office that hosts only 3 part time members of staff who do not require massive amounts of bandwidth and the office is based in the middle of nowhere making it economically impractical to install a leased line circuit to this site? The answer is ADSL. ADSL is fit for purpose and the perfect cost effective solution for providing connectivety for small remote offices back to their corporate HQ and the outside world. A BT line is ordered and an ADSL service is provisioned over the line terminating directly into the managed corporate MPLS core or via a site to site vpn.

DILUTED MANAGEMENT RESPONSIBILITY
The problem is how this is implemented and then managed. Our ISP do not provide ADSL as a service, but instead they outsorce their ADSL to a 3rd party company. The 3rd party company now providing the ADSL service to our ISP in turn piggy back their ADSL network of a larger vendors network which in turn has just recently been bought out by an even bigger ISP and im sure you can now see where this is going. I’ll be honest in reality it’s not as bad as it sounds, but its not that great either. The result is really high contention ratio’s and terrible SLA’s – 48hours just to acknowledge a fault. I’m sure you can imagine the escalation/troubleshooting process, but then this is why you pay for the managed service. The problem is the responsibility and urgency of a fault is often shared and lost between several layers of management and service providers in the middle.

THE REALITY OF ADSL AS A MANAGED CORPORATE SERVICE
In reality ADSL as a managed corporate service actually does work very well and the cost savings simply cannot be ignored. We run a couple of sites over an ADSL service and unless there are physical problems with the line the service is completely fit for purpose and reliable enough for a small office team.

MANAGING YOUR MANAGED SERVICE PROVIDER
If however you do run into problems with your ADSL line/service be prepared for nearly non existent SLA’s. My advise is to not sit back and let the managed ISP resolve the faults. Find out when the BT engineers will be on site and make sure you are too, not to police them and to make sure they are working, but rather to find out as much information from them as you can; ask them exactly what they have been able to find out and if they haven’t found anything ask them what they recommend the next steps should be. Its funny how this works but you will often find that the engineers themselves will know alot more and have a much better idea of how to resolve faults than the management layer that you will find yourself dealing with.

So I’ve been running www.homecomputerlab.com for about a 3 days now and as you’d expect I havent had a great deal of traffic to my site as of yet, apart from the odd russian/chinese spam bot. Thankfully however wordpress comes with a built in “detect spam comments” plugin which is easily enabled and doing a good job of filtering out the rubbish. It does however raise the question of what else might be out there probing my outside perimeter, time to check my apache and system logs and enable a syslog server on my firewall..

For CPU-specific virtualization capabilities, you can select Intel® Virtualization Technology or AMD® Virtualization. You must perform this step for supporting Windows® 64-bit operating systems and all guest 64-bit operating systems such as Linux.

a. If you are not in RBSU, boot the server, and then press F9 to enter RBSU.

b. Scroll down to Advanced Options, and then press Enter.

c. Scroll down to Processor Options, and then press Enter.

d. Scroll down to the supported processor (either Intel® Virtualization

Technology or AMD® Virtualization), and then press Enter.

e. At the next screen, select Enable, and then press Enter.

f. Save the configuration changes, and then exit. The server reboots.

Posted here for safe keeping. Thanks to Joe Millett for getting these instructions to me, I will post more on my home ESXi servers in due course.