http://www.galomagazine.com/artculture/accent-pieces-aleksandra-kaniak-on-making-a-place-for-polish-in-hollywood/
Thursday, January 19, 2012
Kaniak interview
http://www.galomagazine.com/artculture/accent-pieces-aleksandra-kaniak-on-making-a-place-for-polish-in-hollywood/
Friday, January 13, 2012
Catalyst 3500XL layer 3 frozen
I'm not sure about the reason (most likely a broadcast storm), but one of our 3500XL switches stopped processing L3 traffic. Layer 2 switching was normal, and since it's our distribution switch (Cisco Modular Campus Design, here we come!), I didn't really want to reload it.
Consoling to the switch provided me with a responsive CLI, so no trouble there, either. CPU utilization was normal too.
After a few show commands, it turned out that it can't even resolve IPs with ARP.
I tried clear arp-cache, clear mac-address table, clear int vlan 10; no joy. I had to delete the entire vlan interface (no interface vlan 10), clear the caches, and re-create the vlan interface to make it work again. Of course it's running the latest IOS out there (12.0(5)WC17).
Wednesday, January 11, 2012
A new kind of sexy: Huawei Quidway S2309
During winter break I managed to acquire a new baby to my collection:
a Huawei Quidway S2309 switch.
It's a layer2, carrier CPE grade box, with a lot of features:
It runs the Huawei VRP software, which is almost like the 3Com Comware, so I can use this baby to practice for my HP ASE exams.
Stay tuned for updates on this baby...
Sunday, November 27, 2011
ESXi 3.5 to 4.1 upgrade
Last year I wrote about my 3.5 to 4.0 upgrade adventures. This weekend we scheduled a 3.5 to 4.1 upgrade, assuming it will be a smooth ride (apart from moving 4TB of data).
The first issue was that 4.1 didn't want to boot from the new pendrive. Assuming I did something wrong with the imagedd.bz2 file, I tried it a few times more, wasting about 3 hours. Turns out the box didn't like the Veritech pendrive somehow. Running from a Silicon Power one went like a charm.
Second issue: the LVM.resignature config option disappeared from the ESXi advanced config. Our new friend is the esxcfg-volume command-line utility.
Use
exscfg-volume -l
to list the volumes, and
esxcfg-volume -r
to resignature (and rename) your volumes.
On a related note, ESXi 5.0 does not use the imagedd.bz2 file anymore, so I didn't even start to experiment with it (I wasted too much time on trivial stuff during the upgrade anyway).
Monday, November 7, 2011
ComWare authentication with Cisco Secure ACS
As I'm writing a presentation on Cisco-HP-3Com interoperability, I realized I forgot to post this config a while ago.
The basic setup: we have 2 Cisco ACS servers as RADIUS/TACACS servers, for network management purposes. Both the network devices and the VPN service on the ASA cluster authenticates with them. Setting up Cisco and HP Procurve to use RADIUS is almost the same, but Comware differs significantly.
After an afternoon well spent, here's what I've come up with:
#
local-server nas-ip 127.0.0.1 key 3com
#
radius scheme system
nas-ip 127.0.0.1
radius scheme ceu
server-type standard
primary authentication 10.0.0.10
secondary authentication 10.0.0.11
accounting optional
key authentication XXXXXXX
user-name-format without-domain
#
domain local
domain system
scheme radius-scheme ceu
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 4
authentication-mode scheme
local-server nas-ip 127.0.0.1 key 3com
#
radius scheme system
nas-ip 127.0.0.1
radius scheme ceu
server-type standard
primary authentication 10.0.0.10
secondary authentication 10.0.0.11
accounting optional
key authentication XXXXXXX
user-name-format without-domain
#
domain local
domain system
scheme radius-scheme ceu
#
user-interface aux 0
authentication-mode scheme
user-interface vty 0 4
authentication-mode scheme
Subscribe to:
Posts (Atom)