ASIC’S in Cisco Catalyst switches [Link]

After I started working with Open networking switches, wanted to know more about the Cisco catalyst range I work with every day.

Information on older ASICS is very hard to find, but recently they have started to talk a lot about the new chips like UADP 2.0 with the Catalyst 9k / Nexus launch, This is more likely due to the rise of Desegregated Network Operating Systems DNOS such as Cumulus and PICA8, etc forcing customers to be more aware of what’s under the hood rather than listening and believing shiny PDF files with a laundry list of features.

I've been working on my new blog, finally got it up and running

https://www.multicastbits.com/asics-in-cisco-catalyst-switches/

Install OpenVPN on fireTV (no root required) for NORD (MAC, Windows, Linux)

DISCLAIMER: No copyright infringement intended. This article is for entertainment and educational purposes only,


Alright!! now that's out of the way I'm going to keep this short and simple 


Scope : - 

Install OpenVPN client
import profile with username and password
connect to your preferred VPN server


Use case : - 

• Secure your fireTV traffic using any OpenVPN supported VPN services=

• Connect to your home file server/NAS and stream files when traveling via your FireTV or Firestick using your own VPN server (not covered in this article)

• Watch Streaming services when traveling using your own VPN server (not covered in this article)

Guide :- 

Project Summary 

Hardware - FireTV 4K Latest firmware 

Platform - Windows 10 Enterprise

in this guide im using ADB to install OpenVPN client on my fireTV and use that to connect to the NORDVPN service

All Project files are located on C:\NoRDVPN


Files Needed (Please download these files to your workstation before proceeding)

OpenVPN client APK - http://plai.de/android/

NORDVPN OpenVPN configuration files - https://nordvpn.com/ovpn/

ADBLink - http://jocala.com




01. Enable Developer mode on Fire tv 

http://www.aftvnews.com/how-to-enable-adb-debugging-on-an-amazon-fire-tv-or-fire-tv-stick/

1. From the Fire TV or Fire TV Stick’s home screen, scroll to “Settings”.
   
2. Next, scroll to the right and select “Device”.
   
3. Next, scroll down and select “Developer options”.
   
4. Then select “ADB debugging” to turn the option to “ON”.
   

02. Install OpenVPN client via the network using ADBLInk

Install the ADBlink program

Download URL - http://jocala.com

Create Device profile and connect 

Launch ADBLink and click on "New"

Fill out the information 

Notes - 

Address  - this is the IP assigned to your FireTV you can get this from the fireTV Network status page under 

“Settings”.> “System”.> “About” > “Network”

You can also get this information from your ARP table, DHCP leases on your DHCP server, etc 

Leave everything else with default values and save the profile

Install APK using ADBLINK

Browse to the location you download all files to and select the OpenVPN APk file 

In this guide the location is "C:\NoRDVPN\"

After a successful install, you will be greeted with the following dialog box 

02. Configure and copy(ADB Push) OVPN configuration files

this step is very important

02-01 Create Login configuration files

Under the same folder where you downloaded files Example - C:\NoRDVPN

create a text file with the following name - login.conf

Edit the file with your favorite text editor 

Enter your NORDVPN credentials in two separate lines (Email address and password)

Save Changes

02-02 Edit the VPN configuration file

Open the VPN configuration files in my case, I picked a US server so my filename is 

us226.nordvpn.com.udp1194.ovpn

File the line that reads "auth-user-pass" and replace it with "auth-user-pass login.conf"

Save Changes

02. Push configuration files to the FireTV

• Click on "File Manager" on adbLink

               Notes - By Default, it will connect to the root of the SDcard on your FireTV 

• Create a folder (I'm going to call it NORD_VPN)

Find the created "NORD_VPN" folder and double click on it via the left window pane 

Click on "Push"

Browse to the folder (C:/NoRDVPN) and select the two configuration files 

Note - 

Use Shift to select multiple files

Files will be pushed out to the FireTV as soon as you select Choose

Now we are done with the work from your workstation

By the time you reach this step you will have completed the following 

• Installed OpenVPN on the FireTV system

• Customized the VPN configuration files

• Copied the VPN configuration files to the Root of the SDcard on the FireTV system

Note - Next steps are really simple and you only need the fireTV remote to complete these

03. Import VPN profile on FireTV and connect

Browse to your Apps and Games > See All 

Select and launch OpenVPN Client

Use the + sign to add a profile 

Click Import

Browse and Select the ovpn configuration file using the browser 

Click on the imported VPN profile to initiate the connection 

Under the "Settings" Tab make sure "use System proxy" is enabled

Now your fireTV is routing traffic via the VPN 

This is the only outbound connection from the FireTV connecting to the NORDVPN server IP via openVPN port UDP 1194

You can find this IP in the configuration file or by going to the OpenVPN logs Tab

Until next time....Stay Awesome Internetz : ) 

Server 2012R2 Data Deduplication Report - Powershell

I put together this crude little script to send out a report on a  daily basis

it's not that fancy but its functional 

I'm working on the second revision with an HTML body, lists of corrupted files, Resource usage, more features will be added as I dive further into Dedupe CMDlets.

https://technet.microsoft.com/en-us/library/hh848450.aspx

Link to the Script - Dedupe_report.ps1

https://dl.dropboxusercontent.com/s/bltp675prlz1slo/Dedupe_report_Rev2_pub.txt

If you have any suggestions for improvements please comment and share with everyone

# Malinda Ratnayake | 2016
# Can only be run on Windows Server 2012 R2
#
# Get the date and set the variable
$Now = Get-Date
# Import the cmdlets
Import-Module Deduplication
#
$logFile01 = "C:\_Scripts\Logs\Dedupe_Report.txt"
#
# Get the cluster vip and set to variable
$HostName = (Get-WmiObject win32_computersystem).DNSHostName+"."+(Get-WmiObject win32_computersystem).Domain
#
#$OS = Get-Host {$_.WindowsProductName}
#
# delete previous days check
del $logFile01
#
Out-File "$logFile01" -Encoding ASCII
Add-Content $logFile01 "Dedupication Report for $HostName" -Encoding ASCII
Add-Content $logFile01 "`n$Now" -Encoding ASCII
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Get-DedupJob
Add-Content $logFile01 "Deduplication job Queue" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupJob | Format-Table -AutoSize | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Get-DedupSchedule
Add-Content $logFile01 "Deduplication Schedule" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupSchedule | Format-Table -AutoSize | Out-File -append  -Encoding ASCII $logFile01
#
#Last Optimization Result and time
Add-Content $logFile01 "Last Optimization Result and time" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupStatus | Select-Object  LastOptimizationTime ,LastOptimizationResultMessage | Format-Table -Wrap | Out-File -append  -Encoding ASCII $logFile01
#
#
#Last Garbage Collection Result and Time
Add-Content $logFile01 "Last Garbage Collection Result and Time" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupStatus | Select-Object LastGarbageCollectionTime ,LastGarbageCollectionResultMessage | Format-Table -Wrap | Out-File -append  -Encoding ASCII $logFile01
#
# Get-DedupVolume
$DedupVolumeLetter = Get-DedupVolume | select -ExpandProperty Volume
Add-Content $logFile01 "Deduplication Enabled Volumes" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupVolume | Format-Table -AutoSize | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "Volume $DedupVolumeLetter Details -  " -Encoding ASCII
Get-DedupVolume | FL | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Get-DedupStatus
Add-Content $logFile01 "Deduplication Summary" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupStatus | Format-Table -AutoSize | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "Deduplication Status Details" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-DedupStatus | FL | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Get-DedupMetadata
Add-Content $logFile01 "Deduplication MetaData" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Add-Content $logFile01 "note - details about how deduplication processed the data on volume $DedupVolumeLetter " -Encoding ASCII
Get-DedupMetadata | FL | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Get-Dedupe Events
# Get-Dedupe Events - Resource usage - WIP
Add-Content $logFile01 "Deduplication Events" -Encoding ASCII
Add-Content $logFile01 "__________________________________________________________________________" -Encoding ASCII
Get-WinEvent -MaxEvents 10 -LogName Microsoft-Windows-Deduplication/Diagnostic | where ID -EQ "10243" | FL | Out-File -append  -Encoding ASCII $logFile01
Add-Content $logFile01 "`n" -Encoding ASCII
#
# Change the -To, -From and -SmtpServer values to match your servers.
$Emailbody = Get-Content -Path $logFile01
[string[]]$recipients = "[email protected]"
Send-MailMessage -To $recipients -From [email protected] -subject "File services - Deduplication Report : $HostName " -SmtpServer smtp-relay.gmail.com -Attachments $logFile01

Cisco ASA WAN Failover IP SLA- Guide

We will proceed assuming 

you already configured the ASA with the primary link

Configured the WAN2 on a port with the static IP or DHCP depending on the connection - you should be able to ping the secondary WAN link gateway from the ASA

Note:
Please remove the existing Static Route for the primary WAN link

Configure Route tracking

ASA(config)# route outside 0.0.0.0 0.0.0.0 <ISP 1(WAN1) Gateway> 1 track 1
ASA(config)# route Backup_Wan 0.0.0.0 0.0.0.0 <ISP 2 (WAN2) Gateway> 254

Now lets break it down

Line 01 -  you add the WAN1 route with a administrative distance of 1 and we also include the track 1 statement for the SLA monitor tracking (See below)

Line 02 - with the second line we add the default route for the BackupWan link with a higher administrative distance to make it the secondary link

Examples 

ASA(config)# route outside  0.0.0.0 0.0.0.0 100.100.100.10 1 track 1
ASA(config)# route Backup_Wan  0.0.0.0 0.0.0.0 200.200.200.10 254

Setup SLA monitoring and Route tracking 

ASA(config)# sla monitor 10

Configure the SLA monitor with ID 10

ASA(config-sla-monitor)# type echo protocol ipIcmpEcho 8.8.8.8 interface outside

Configure the monitoring protocol, the target IP for the probe and the interface use

SLA monitor will keep probing the IP we define here and report if its unreachable via the given interface
In this senario im using 8.8.8.8 as the target IP you can use any public IP for monitoring

ASA(config-sla-monitor-echo)# num-packets 4

Number of packets sent to the probe

ASA(config-sla-monitor-echo)# timeout 1000

Timeout value in milliseconds. if you have a slow link as the primary increase the time out accordingly

ASA(config-sla-monitor-echo)# frequency 10

Frequency of the probe in seconds - SLA monitor will probe the IP every 10 seconds

ASA(config)# sla monitor schedule 10 life forever start-time now

Set the ASA to start the SLA monitor now and keep it running for ever

ASA(config)# track 1 rtr 10 reachability

This command will tell the ASA to keep tracking the SLA monitor with the ID:10 and the Default route defined with "Track 1"

if the probe fails to reach the target IP (in this case 8.8.8.8) via the designated interface it will remove the route defined with "Track 1" from the routing table 

The next best possible route in this scenario the backup ISP route with administrative distance of 254 takes its place


Configure dynamic NAT Rules (Important)

nat (inside,<ISP 1(WAN1) Interface Name) source dynamic any interface
nat (inside,<ISP 2(WAN2) Interface Name>) source dynamic any interface

Configure the two NAT statements required so that either interface can provide NATting,

Examples 

nat (inside,outside) source dynamic any interface
nat (inside,Backup_Wan) source dynamic any interface

This method worked well for me personally and keep in mind i'm no Cisco Guru so if i made a mistake or if you feel like there is a better way to do this please leave comment. its all about the community after all

Until next time stay awesome internetz

How To Stress Test CPU and memeory Using Linux (RedHat\Cent OS) System

This can be useful for

• troubleshooting hardware/overheating issues
• Testing new hardware changes, etc

In this case i wanted to stress test my Dell PE 2950 after modding it to reduce the fan noise - link


Details

Model - Dell PE 2950
OS - ESXI 5.5

I cannot get a lot of info from the exsi health monitor and i cannot run any pakages from the esxi shell.

I needed an effective way to test if decreasing the fan speeds have any negative effects on the system under heavy load.

I used a Cent OS 6.5 installed on to an old 8GB USB thumb drive (not live linux. i have it plugged in to the usb port on the server and its just a matter of changing the boot priority in bios to get it up and running)


Sadly there isn't a lot of options for Linux so finally, I ended up running Prime 95 and a few other monitoring tools to perform the task.

 
Packages and programs used

• Prime 95 for Linux (Mprime) - link
• lm_sensors - link
• OpenIPMI-tools - link

Installing and usage of relevant packages

lm_sensors - link

Read sensory data such as – temperature of cpu cores and ram modules

sudo yum install lm_sensors

It is recommended to run the following command after installation

sudo sensors-detect #Carefully follow the prompts to configure the package

to start monitoring temperature

sensors

OpenIPMI-tools - link

yum install OpenIPMI OpenIPMI-tools
chkconfig ipmi on
service ipmi start

# Usage  Examples

# To check firmware version
ipmitool mc info

# Show sensor output
ipmitool sdr list
ipmitool sdr type list
ipmitool sdr type Temperature
ipmitool sdr type Fan
ipmitool sdr type 'Power Supply'

Prime 95 for Linux (Mprime) - link

This will max out all the cores on both sockets and test a lot of ram. This tool is one of my absolute favorites, when over clocking my gaming rig.

# download the package
wget http://mersenneforum.org/gimps/mprime2511.tar.gz

# Extract
tar zxw mprime2511.tar.gz

# run the program 
./mprime

Follow the on screen prompts to initiate the test, I used the “blend test”


Test environment

Room Ambient temp – 78* (AC was switched off)

Windows open for good air flow


TEST



I ran the prime95 blend test for 60 minutes and It was maxing out all 8 cores and pushing the system to the limit. If it goes through this without a hick up, it should hold up under normal use with no problems.

 I used the following commands with multiple ssh sessions


Monitor cpu usage

top

Process running time

watch ps -p "pid" -o etime=  

#"pid" - get the pid for prime95 from the “top“

Monitor the temperatures continuously

watch sensors

lm_sensors_output

Results

I didnt collect any logs but rather monitored the ssh sessions for any issues, but im happy to say that cpus and the ram modules held up pretty well with the fan mod under a lot of stress

Max temperature recorded was 87* and it went down after the fans spooled up. 

So there you go. Leave comment and lets us know if you can add anything or correct anything I will update the post.