Observations in Design of Modern Fabrics

16 Wednesday Sep 2020

Posted by C. M. Stephan in Uncategorized

Eighteen months of planning, identifying candidate solutions, writing business and technology requirements, building test plans and finally testing hardware have transpired. We have successfully proven all fabrics tested have the capabilities we need. All tasks can be accomplished on all platforms, and all features, functions, and protocols required from a modern data center function appropriately for our usecases. This turns out to be quite a conundrum. In every architecture bake off I have previously participated in, there was usually a clear winner. There was a solitary product which clearly solved a majority of the business or technology problems and others that did not. For the first time we had four products, and all four solutions by any any technical measure go above and beyond our requirements.

We found ourselves in an odd place. We have to make and defend our decision. To do that, we need to actually determine how to qualify and quantify why we preferred our choice. And when asked what the differences were, it really came down to the philosophical approach each manufacturer took to solving higher level problems we face in the data center of tomorrow. I use tomorrow–not today–for good reason. Continue reading →

CA Trust in FreeBSD

31 Tuesday Mar 2020

Posted by C. M. Stephan in Uncategorized

≈ Leave a comment

These are my notes on managing Trust in FreeBSD.

Predestined search paths for Trusted CA:

/etc/ssl/cert.pem /usr/local/etc/ssl/cert.pem

If the certificate can’t be found, fall back to OpenSSL’s default location.

And when it comes to your web-browser, fear not for certutil allows you to manage the nssdb:

CA_TRUSTED_CERT=~/MY-CA-CERT certutil -d sql:$HOME/.pki/nssdb -A -t "CP,,CP" -n basename ${CA_TRUSTED_CERT} -i ${CA_TRUSTED_CERT}.pem

Converting p7b Files and Certificate Chains to PEM files: (common with MSAD CA)


View certificate contents:
openssl -pkcs7 -print_certs -in cert.p7b -inform der -text
Convert Certificate:

openssl -pkcs7 -printcerts -in cert.p7b -inform der -out cert.pem

Simple Mail Transfer Protocol

22 Friday Mar 2019

Posted by C. M. Stephan in Uncategorized

≈ Leave a comment

Authenticated Test Message

EHLO <ORIGINATION DOMAIN>
AUTH LOGIN
<BASE64 USERNAME>
<BASE64 PASSWORD>
MAIL FROM:<ORIGINATION EMAIL ADDRESS>
RCPT TO:<DESTINATION EMAIL ADDRESS>
DATA
this is a test message
.

Sizing your Internet/WAN Edge

29 Sunday Jul 2018

Posted by C. M. Stephan in Uncategorized

≈ Leave a comment

The internet is getting faster and faster. I now have Gigabit Fiber delivered to within a foot of my home router. The carrier then is kind enough to provide a smart jack that converts the fiber delivery to a Gigabit Copper handoff.

More bandwidth is better right? Well kinda… Unfortunately, I hadn’t planned on one thing I am now much more vulnerable to denial of service attacks. Why is this an issue? Whats an engineer to do? Read on.. Continue reading →

Cisco Auto-Provisioning Lab

26 Thursday Apr 2018

Posted by C. M. Stephan in Cisco, Networking, Shell Scripting, TCL, Uncategorized

≈ Leave a comment

So I have had need to quickly build a provisioning server for a lab to auto provision devices as they come online. This is the basic steps to accommodate this. Note there are far more complex and secure methods to utilizing something similar in production. Feel free to use this as a learning tool, but understand in a production environment, this is not recommended as critical pieces of information would be sent in clear text.

Continue reading →

fully dynamic fluxbox menu

19 Tuesday Sep 2017

Posted by C. M. Stephan in CodeProject, RootAdmin

≈ Leave a comment

I needed the ability to generate a menu dynamically in Fluxbox for various things that change on a regular basis.

Unfortunately, there doesn’t appear to be a facility built into fluxbox to allow for this. So I spent some time and built a partially dynamic menu that updates with the click of an ‘update’ menu item at the root menu.

I was trying to come up with a good way for the menu to update on the fly. Since fluxbox simply reads a menu file (when you use the [include] function) I needed a file that when read, it returns a dynamic response and begins the process again. It’s not completely in time, but it at least refreshes on the fly. So what is a file that provides these properties?

Continue reading →

Troubleshooting High CPU Utilization on Cisco Routers

15 Tuesday Aug 2017

Posted by C. M. Stephan in RootAdmin, Routing

≈ Leave a comment

I had someone question me as to why the router appears to be misreporting its CPU utilization… So as I haven’t written anything around this topic, I figured I would make a note for any future engineers struggling to understand what is going on in their routers.

Continue reading →

Execution Performance, Linguistics, Totalitarian Elitism, and of course Python: Language as a construct of action

18 Tuesday Jul 2017

Posted by C. M. Stephan in CodeProject, Development, Uncategorized

≈ Leave a comment

I’m an elitist in the worst way sometimes, so this is probably the pot calling the kettle black. But I simply want to pose a question, that no doubt will spark great debate among a very divided culture:

Why does the coding style we use to imply organization of the characters in the document representing code need to be so explicitly tied to the keywords, syntax, semantics, operators, closure, and the most important part… the resulting libraries that make up the development environment we seek to develop within?

It’s always the same argument Braces and Semi’s versus Linguistic command flow.

Continue reading →

Install Ubiquiti Video NVR debian in FreeBSD Jail

15 Thursday Jun 2017

Posted by C. M. Stephan in Uncategorized

≈ 2 Comments

First, if you haven’t already done so, create a debian 7 template jail. See my previous post ‘Debian 7 Wheezy Installation in FreeBSD 10 Jail‘ if you need assistance on doing so…

Continue reading →

Debian 7 Wheezy Installation in FreeBSD 10 Jail

09 Friday Jun 2017

Posted by C. M. Stephan in CodeProject, RootAdmin, Uncategorized, Virtualization

≈ 1 Comment

I decided to collapse the multiple systems I have running various flavours of Linux and BSD into a single system. For a long time I had been using Windows Small Business Server. Well I don’t really want to spend the money to upgrade to 2016 and since it appears Microsoft has abandoned its purist Unix roots by trading the tight and tidy SFU (Interix) for the wildly fat Ubuntu and a Linux ABI. In the advent of this change, I figured I would flip back to FreeBSD, which in my not-so-humble opinion is still the closest thing to Unix you can get. In fact, it actually derives its original sources from none other than Research UNIX, and while it’s wildly more advanced, the distribution holds it’s origin close to it’s heart.

Either way, the task: Support the ever growing number of ‘Appliance’ installs on top of FreeBSD. In this first iteration I have found several guides and worked through getting Debian 7 functional in a FreeBSD 10-STABLE Jail. No guarantees on stability, but I’ll update this if I come across any oddities. This task was performed on FreeBSD 10.3.

Continue reading →

protocolSyntax

~ We put the 'P' in the Internet

Observations in Design of Modern Fabrics

CA Trust in FreeBSD

Predestined search paths for Trusted CA:

View certificate contents:

Convert Certificate:

Simple Mail Transfer Protocol

Sizing your Internet/WAN Edge

Cisco Auto-Provisioning Lab

fully dynamic fluxbox menu

Troubleshooting High CPU Utilization on Cisco Routers

Execution Performance, Linguistics, Totalitarian Elitism, and of course Python: Language as a construct of action

Install Ubiquiti Video NVR debian in FreeBSD Jail

Debian 7 Wheezy Installation in FreeBSD 10 Jail