Cisco ZBF show commands
A note to self on how to check current sessions on a Cisco router that has Zone Based Firewall configured (ZBF)
Cisco Anyconnect constant reconnection
Deployed a new Cisco ASA Anyconnect gateway. End-users reported constant disconnect/reconnect problems. It was fixed by setting anyconnect mtu to 1200 (in this case). When connection is first established, it builds a SSL tunnel (tcp-443) with a negotiated SSL MTU, after a minute, it tries to switch over to DTLS (udp-443). If the MTU is […]
Esxi thick provisioned vmdk disk to thin conversion
I recently virtualized my desktop PC’s windows 7 ultimate over to my ESXi host using VMware vConverter Tool. During the conversion process, the VMDK for the OS was created as a 175GB thick vmdk hard disk file as my C:\ was of the same size. I have space constraints on ESXi host, therefore I shall […]
Interfacing 16×2 LCD with Raspberry Pi 3 using GPIO
This note is to document how I finally managed to connect a HD44870 (JHD162A) based generic 16×2 LCD with my Raspberry Pi 3. I was at it for two days but the module just wouldn’t display any text, only the back light would stay lit but just won’t display any text. Wiring I followed [this] […]
VNC on a headless Raspberry Pi 3
I’ve had way too many problems trying to run tightvncserver on Rpi3 under Kali that I decided to rip out the tighvncserver and try vnc4derver daemon. The main problem was that it would give me a blank screen with a X cursor randomly. It would work fine one day and wouldn’t work the next time, […]
Embedded Linux on my consumer grade IP CAM
Lately I have been messing around with tiny devices that have a SoC with embedded Linux on them typically equipped with an ARM processor or similar. Such a new toy in my collection to tinker with is a cheap IP Camera that I bought from Thailand. Steps Disassembling the outer case Soldering USB TTL cable […]
An all virtual lab environment
My primary goal is to create an inexpensive lab environment which can run on my desktop. Objectives Create an enterprise like network structure – Simulate L3VPN clouds, internet cloud, some IPSec VPN tunnels DC-DR running some server workloads, few service VMs A remote branch office network Use this infrastructure to practice new technologies Use the […]
BGP aggregation – suppress generation of anchor null0 local routes
A scenario came up when a colleague was working on a project where his router was peering with a 3rd party router over eBGP. The router was performing aggregation for 10.x.x.x subnets, summary-only as 10.x/16. We know that BGP will generate a null0 anchor route automatically for the summary address. Now a situation occurred where […]
Personal IPv6 addresses for individuals?
Been going through IPv6 ATC videos by INE, wondering if an individual can register or apply for a personal IPv6 provider independent (PI) space? You know, since there is so much of it. I’d imagine everyone could pay a small fee and register them, much like we do with domain names. APNIC application form seems […]
BGP backdoor
This topic is about BGP’s ability to prefer another router (kinda de-prefer, actually). The following diagram will make it clear. In this situation, it may be a better choice to traverse from R1 to R2 via the point-to-point link instead of going over the ISP Cloud. Here R1 and R2 are eBGP peers only. The […]