angryciscoguy

After setting up a template for CentOS 6.2, I noticed that when template’d and then later cloned, the NICs would get renamed from eth0 to eth1, eth1 to eth2, etc. This was causing the config  in the template for eth0 to get ignored. This behavior was due to the way Rhel/Cent identifies the hardware with udev (device manager for linux 2.6.x). When vmware clones a template or vm, it changes the mac address. When udev loads, it sees the new mac, thinks it’s new hardware and creates a new device eth1. The old eth0 config persists but is disabled since that is no longer visible to the system.

The simple fix is to delete /etc/udev/rules.d/70-persistent-net.rules, modify /etc/sysconfig/network-scripts/ifcfg-eth0 (remove the hw-address line), and then reboot the vm after you clone. Not very pretty but it works.

An better solution is modify your template vm. This is similar to the above steps, but instead of the final reboot, shut the template vm down and then convert to template at that point. Going forward, machines cloned from this template will now re-create the eth0 device on initial boot when udev loads.

Note that if you run multiple NICs on your vm template and want to make sure they get assigned to specific ethNs, you will still need to modify the ifcfg-ethN files and set the new hw-address that vmware assigns when creating from the template. This shouldnt be an issue to most as usually you are adding teh additional NICs after the VM has been created from the basic template.

So like most geeks in IT, I have a home lab. The problem with mine is… it is loud… and it is HOT… Recently I purchased a mac mini, popped 16GB in it, and attempted to use this to get a quiet, low power, low heat esxi host. Unfortunately the default boot image of esxi did NOT recognize the integrated gige nic.  A little research led me across a program called the esxi customizer. This allows you to modify the esxi iso that you download from vmware to include other drivers. And boom…

Since this was such a success, I’ll  slowly be switching out all my other rack mounts for mini’s. I”ll take a little performance hit (maybe, older cores were core 2 and gen 1 i7′s, this is all sandybridge), and drop the segmented storage network, but with the power, heat and noise savings, it is worth it. I already have compact SANs in the form of a QNAP SS-839 Pro and TS-439 Pro that I use to iscsi attach the esxi hosts so I can play with DRS/FT/Vmotion/Storage Vmotion. What I’ll end up with  is a 3-4 node esxi cluster with 2 iscsi SANs that is quiet, fast, cool, and about 6U in height for less than ~$3,500

Also of note, I was using my thunderbolt attached monitor to set this guy up and saw that esxi recognized the thunderbolt gige nic as well. This makes me think that when Apple releases the thunderbolt gige adapter in September, I should have no problems adding an additional NIC(s) and regain my dedicated storage network for esxi.

If anyone wants a shortcut to creating all this yourselves, I have posted the ISO I used along with a util that can copy this to a thumb drive so that you can USB install esxi.

http://dl.dropbox.com/u/23768/ESXi-macmini-022612-usb.zip

Also many thanks to this post for making this all possible: http://communities.vmware.com/message/1893211

So about 2 years ago I was in need of a new home firewall. I had my fill of the linksys/dlink/netgear devices and being the Cisco bigot I am…  I splurged and bought a ASA 5505 ip base firewall. I paid about $300 for it. It was a great upgrade from the standard retail crap I’d been used to at home. Plus, I was at home with the technology since I put these in for clients all the time.

Fast forward 2 years and I have outgrown the limitations of the 10 inside hosts. (This in itself is stupid to begin with as I can’t tell you what soho of even 1 or 2 user office has < 10 devices on it…) I had accepted it and had hacked together a double nat to hide my lab and other devices such as my various electronics and handhelds. But after two years of this patchwork and inflexible config, I just wanted to simplify my setup and decided to upgrade the license.

The ASA 5505 SEC bundle (includes the hardware AND licensing)  runs about 6-$700 new (after discount). This includes the SEC plus feature set and unlimited hosts. The SEC upgrade runs about $450. So with eager anticipation to enhance my firewall, I turned up the licence…. Come to find out… apparently… the SEC upgrade lic does NOT include unlimited hosts. Why? I don’t know. I can not find anything that states this on Cisco’s website nor through any of my SE friends. Mind you, I work for a Cisco partner… so I should have had a better chance than most in locating this. But… I had already applied the license (now non returnable per Cisco license agreement)… and had now learned the hard fact that I was still stuck at the 10 User limit. (If you are keeping track, I have about $750 in a device that only can support 10 devices…)

After cursing out the dog and slamming some stuff around, I bought the 10-UL lic upgrade… Another… wait for it…. $285.

Cisco, I love you… but… how can this make any sense?

Ctrl + A Beginning Line
Ctrl + B Backward Character
Ctrl + C Clear line
Ctrl + D Delete Character to the Right
Ctrl + E End Line
Ctrl + F Forward Character
Ctrl + H Backspace Character to the Left
Ctrl + I Refresh Line and Goto End
Ctrl + J Return
Ctrl + K Delete everything on the Right of cursor
Ctrl + L Refresh Line
Ctrl + M Return
Ctrl + N Next Command
Ctrl + P Previous Command
Ctrl + R Refresh Line
Ctrl + T Flip Last 2 Characters
Ctrl + U Clear Line and Put in Buffer
Ctrl + V Allows A Control Character To Be Typed
Ctrl + W Delete Word Backwards and Put in Buffer
Ctrl + X Clear Line to the Left and Put in Buffer
Ctrl + Y Paste Buffer Contents

Open regedit and modify the following two keys. This will enable NTP as part of the Windows Time Service.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags

Set the ‘Announce Flags’ registry entry to 5, to indicate a reliable time source.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NTPServer\Enabled

Changing the ‘Enabled’ flag to the value 1 enables the NTP Server.

So I’m back on a MBP. I am liking it. I’ve dug up a few of the app’s I used back before I unswitched and added a few more.  Note many of these I use due to my Linux background. Mainly those under MacPorts.

• VMWare Fusion
• Chrome
• SecureCRT
• Office 2011
• Chicken of the VNC
• Text Wrangler
• XCode
• WireShark
• MacPorts
• wget
• grep
• gawk
• sudo
• man
• watch
• findutils
• gitx
• nmap
• tcpdump
• arping
• tcping
• pwgen
• subversion
• mercurial
• vim
• macvim
• Adium
• Evernote
• gfxCardStatus
• Adobe Reader
• Adobe Flash
• Adobe Air
• Pandora
• Kindle
• Dropbox
• Norton AV

So I ran into a problem where I couldn’t start the Pandora One App. I uninstalled/reinstalled Pandora and Air. Nothing would seem to work. In fact I had a problem will all Air Apps so I started looking closer at that.

The problem ended up being with “automatic graphics switching” feature that the MBP uses to save battery. With this feature disabled, everything worked fine.

Of course this was far from ideal, but it seems may people are having this problem… therefore I think the solution sits with Adobe. In the meantime, I was able to find this app that allows you to manually change between auto/integrated/discrete video card options. It will have to do for now till Adobe can fix this.

Super basic run through of the step involved to turn up a Voice PRI on a Ciso IOS device. This assumes NI2 protocol, with provider sending clock. This was performed on a ISR 3925 with a VWIC3-4MFT.

Set Card Type:

card type t1 0 0

Set clock:

network-clock-participate wic 0
network-clock-select 1 t1 0/0/0

Set ISDN switch type:

isdn switch-type primary-ni

Setup Interface Controller:

controller t1 0/0/0
framing esf
linecode b8zs
pri-group timeslots 1-24

Debug:

show isdn status

ISDN Serial0/0/0:23 interface
dsl 0, interface ISDN Switchtype = primary-ni
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 0, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 0 CCBs = 0
The Free Channel Mask: 0x807FFFFF
Number of L2 Discards = 0, L2 Session ID = 11

debug isdn q931

Dec 22 14:46:21.990: ISDN Se0/1/2:23 Q931: RX <- SETUP pd = 8 callref = 0x019C
Bearer Capability i = 0x8090A2
Standard = CCITT
Transfer Capability = Speech
Transfer Mode = Circuit
Transfer Rate = 64 kbit/s
Channel ID i = 0xA98381
Exclusive, Channel 1
Facility i = 0x9F8B0100A10F02012E06072A8648CE1500040A0100
Protocol Profile = Networking Extensions
0xA10F02012E06072A8648CE1500040A0100
Component = Invoke component
Invoke Id = 46
Operation = InformationFollowing (calling_name)
Name information in subsequent FACILITY message
Progress Ind i = 0×8283 – Origination address is non-ISDN
Calling Party Number i = 0×2183, ‘5557771212‘
Plan:ISDN, Type:National
Called Party Number i = 0xA1, ‘5558881212‘
Plan:ISDN, Type:National
Dec 22 14:46:21.990: ISDN Se0/1/2:23 Q931: Received SETUP callref = 0x819C callID = 0×0033 switch = primary-ni interface = User
Dec 22 14:46:21.994: ISDN Se0/1/2:23 Q931: TX -> CALL_PROC pd = 8 callref = 0x819C
Channel ID i = 0xA98381
Exclusive, Channel 1
Dec 22 14:46:21.994: ISDN Se0/1/2:23 Q931: TX -> DISCONNECT pd = 8 callref = 0x819C
Cause i = 0×8081 – Unallocated/unassigned number
Dec 22 14:46:21.998: ISDN Se0/1/2:23 Q931: RX <- FACILITY pd = 8 callref = 0x019C

As you can see from the debug, “Multiple Frame Established” indicated layer 2 is up. The q931 debug will show us the setup messages in layer3. This is good to verify ani and dnis that the provider is sending. This call ultimately failed because this is only a partial config that was used to test a couple new pri’s and there was no dial-peer assigned to the called number. Ideallly I could have pointed this to CUCM or temporarily turned up CCME to validate in and out.

I may address this in a future post. That is all for now…

Great article on getting trim to work in Lion. Just added a new SSD to my MBP wanted to take advantage of trim support on the drive.

http://digitaldj.net/2011/07/21/trim-enabler-for-lion/

This allows you to change the channel selection order to ascending. I found this necessary when doing a point to point T1 with an Intertel. Initially I had presumed that you could add the voice-port to a trunk group. This is not the case with T1′s and you have to use the cas-custom command.

controller T1 0/0/1
clock source internal
cablelength short 110
ds0-group 0 timeslots 1-24 type e&m-wink-start
cas-custom 0
trunk-group itel timeslots 1-24

trunk group itel
hunt-scheme sequential both up

dial-peer voice 100 pots
trunkgroup itel
destination-pattern ^11…$