FlexFabric 5700 Backup Config to TFTP in MGMT VPN-Instance

Problem: if you separate the management from the normal traffic on a switch you will usually configure the swtich via this mgmt vpn-instance and also backup and restore config files via this mgmt vpn-instance. But if you use the “backup startup-configuration to ..” it always tries to find the tftp server on the normal network Even after changing …

Continue reading ‘FlexFabric 5700 Backup Config to TFTP in MGMT VPN-Instance’ »

NVidia Driver on Linux-4.11.1

Problem: after installing linux kernel 4.11.1, the dkms package of the nvidia driver does not compile. You find some cryptic error message about ./Kbuild in  /var/lib/dkms/nvidia-current/375.39/build/make.log Solution: I uninstalled the debian nvidia package and installed the newer driver from the NVidia homepage: aptitude remove nvidia-installer-cleanup ./NVIDIA-Linux-x86_64-375.66.run After this upgrade nvidia and linux 4.11.1 works again Versions: before upgrade jessie …

Continue reading ‘NVidia Driver on Linux-4.11.1’ »

Ubiquiti UniFi the Next Botnet ?

I tested a Ubiquiti access point today. UAP-AC-Lite seems to be a very good and cheap access-point. When you take it out of the box and connect it to the network it gets an IP address using DHCP and waits for a configuration. In this mode it sends broadcasts to find a controller and listens on port …

Continue reading ‘Ubiquiti UniFi the Next Botnet ?’ »

Firefox Audio is Broken due to PulseAudio Dependency

Problem: Firefox 52 audio does not work without pulseaudio. Discussion: pulseaudio is a bloated audio daemon that often fails. In the last years, when ever audio failed on linux, the quickest solution was to uninstall pulseaudio. But the Firefox developers made the mistake to remove support for the underlying audio driver alsa, and insist on the middle …

Continue reading ‘Firefox Audio is Broken due to PulseAudio Dependency’ »

Sophos UTM BGP Announces 0 Prefixes

Problem: A simple bgp upstream configuration. A small AS with one IP prefix wants to connect to its upstream using BGP. The BGP peerings are up. Sophos receives the expected routes from its upstream, but the upstream router does not receive the expected single prefix. Discussion: an outbound filter list is set to prevent sending other than the …

Continue reading ‘Sophos UTM BGP Announces 0 Prefixes’ »

Check Raid Status for Dell Raids on Linux

Linux support from dell is still very poor. They still support only RedHat$ and SuSE$. But there are ways to check the Raid status of Dell server on debian. http://hwraid.le-vert.net/ is doing a good job in collecting information and building Debian style packages. Example:  A Dell server “PowerEdge T130” with “LSI Logic / Symbios Logic MegaRAID SAS-3 …

Continue reading ‘Check Raid Status for Dell Raids on Linux’ »

PaloAlto Packet Loss of 1% and More

Problem: PaloAlto firewall is dropping packets in small bursts of some seconds, and sometimes it drops TCP connections. It only happens on HA clusters on interfaces in active/passive (fail over) mode. Solution: disable the following check box in the Ethernet interface Advanced – LLDP settings: “Enable in HA Passive State” Discussion: Palo Alto uses only one MAC address …

Continue reading ‘PaloAlto Packet Loss of 1% and More’ »

ARP is not working on Cisco ASR 1001 X

Problem: Cisco ASR router is loosing connectivity to its directly attached Ethernet neighbors. In this situation interface status is still up, packets are going in and out on both ends, even IPv6 was still working. The actual problem was that the Cisco ASR was ignoring all ARP responses from its neighbors and the ARP table to this …

Continue reading ‘ARP is not working on Cisco ASR 1001 X’ »