Category Archives: Uncategorized

Observations in Design of Modern Fabrics

16 Wednesday Sep 2020

Posted by in Uncategorized

Leave a comment

Eighteen months of planning, identifying candidate solutions, writing business and technology requirements, building test plans and finally testing hardware have transpired. We have successfully proven all fabrics tested have the capabilities we need. All tasks can be accomplished on all platforms, and all features, functions, and protocols required from a modern data center function appropriately for our usecases. This turns out to be quite a conundrum. In every architecture bake off I have previously participated in, there was usually a clear winner. There was a solitary product which clearly solved a majority of the business or technology problems and others that did not. For the first time we had four products, and all four solutions by any any technical measure go above and beyond our requirements.

We found ourselves in an odd place. We have to make and defend our decision. To do that, we need to actually determine how to qualify and quantify why we preferred our choice. And when asked what the differences were, it really came down to the philosophical approach each manufacturer took to solving higher level problems we face in the data center of tomorrow. I use tomorrow–not today–for good reason. Continue reading

Advertisement

CA Trust in FreeBSD

31 Tuesday Mar 2020

Posted by in Uncategorized

Leave a comment

These are my notes on managing Trust in FreeBSD.

Predestined search paths for Trusted CA:

/etc/ssl/cert.pem
/usr/local/etc/ssl/cert.pem

If the certificate can’t be found, fall back to OpenSSL’s default location.

And when it comes to your web-browser, fear not for certutil allows you to manage the nssdb:


CA_TRUSTED_CERT=~/MY-CA-CERT
certutil -d sql:$HOME/.pki/nssdb -A -t "CP,,CP" -n basename ${CA_TRUSTED_CERT} -i ${CA_TRUSTED_CERT}.pem

Converting p7b Files and Certificate Chains to PEM files: (common with MSAD CA)

View certificate contents:

openssl -pkcs7 -print_certs -in cert.p7b -inform der -text

Convert Certificate:

openssl -pkcs7 -printcerts -in cert.p7b -inform der -out cert.pem

Sizing your Internet/WAN Edge

29 Sunday Jul 2018

Posted by in Uncategorized

Leave a comment

The internet is getting faster and faster. I now have Gigabit Fiber delivered to within a foot of my home router. The carrier then is kind enough to provide a smart jack that converts the fiber delivery to a Gigabit Copper handoff.

More bandwidth is better right? Well kinda… Unfortunately, I hadn’t planned on one thing I am now much more vulnerable to denial of service attacks. Why is this an issue? Whats an engineer to do? Read on.. Continue reading

Cisco Auto-Provisioning Lab

26 Thursday Apr 2018

Posted by in Cisco, Networking, Shell Scripting, TCL, Uncategorized

Leave a comment

So I have had need to quickly build a provisioning server for a lab to auto provision devices as they come online. This is the basic steps to accommodate this. Note there are far more complex and secure methods to utilizing something similar in production. Feel free to use this as a learning tool, but understand in a production environment, this is not recommended as critical pieces of information would be sent in clear text.

Continue reading

Execution Performance, Linguistics, Totalitarian Elitism, and of course Python: Language as a construct of action

18 Tuesday Jul 2017

Posted by in CodeProject, Development, Uncategorized

Leave a comment

I’m an elitist in the worst way sometimes, so this is probably the pot calling the kettle black. But I simply want to pose a question, that no doubt will spark great debate among a very divided culture:

Why does the coding style we use to imply organization of the characters in the document representing code need to be so explicitly tied to the keywords, syntax, semantics, operators, closure, and the most important part… the resulting libraries that make up the development environment we seek to develop within?

It’s always the same argument Braces and Semi’s versus Linguistic command flow.

Continue reading

Debian 7 Wheezy Installation in FreeBSD 10 Jail

09 Friday Jun 2017

Posted by in CodeProject, RootAdmin, Uncategorized, Virtualization

1 Comment

I decided to collapse the multiple systems I have running various flavours of Linux and BSD into a  single system. For a long time I had been using Windows Small Business Server. Well I don’t really want to spend the money to upgrade to 2016 and since it appears Microsoft has abandoned its purist Unix roots by trading the tight and tidy SFU (Interix) for the wildly fat Ubuntu and a Linux ABI. In the advent of this change, I figured I would flip back to FreeBSD, which in my not-so-humble opinion is still the closest thing to Unix you can get. In fact, it actually derives its original sources from none other than Research UNIX, and while it’s wildly more advanced, the distribution holds it’s origin close to it’s heart.

Either way, the task: Support the ever growing number of ‘Appliance’ installs on top of FreeBSD. In this first iteration I have found several guides and worked through getting Debian 7 functional in a FreeBSD 10-STABLE Jail. No guarantees on stability, but I’ll update this if I come across any oddities. This task was performed on FreeBSD 10.3.

Continue reading

Linux/UNIX Pipes File Descriptors, and Process Substitution

18 Tuesday Oct 2016

Posted by in Uncategorized

Leave a comment

Linux/UNIX Pipes File Descriptors, and Process Substitution

  • POSIX Shell – A logical container providing an environment and a set of commands to interact with a UNIX and/or UNIX-like system.
    Examples include: sh(Bourne shell), bash, ash, csh, etc.
  • Pipe – a unidirectional connection between two processes utilized for inter-process communications.
  • File Descriptor (fd) – A dynamically created, locally significant and non-persistent file representation of a FIFO buffer which can be connected to a pipe, or by default to the parent process’ standard input, output, and error buffers. As an example, a (virtual) terminal’s input device (keyboard, mouse, etc.) and output device (display).
  • Process substitution – Allows the POSIX shell user the ability create scripted constructs that mimic functional and/or imperative programming syntax in-line.

Every interactive process on startup within a POSIX shell is attached dynamically to three pipes local to its memory space. Standard Input(0), Standard Output(1), and Standard Error(2). If the POSIX system supports file descriptors they are then created and attached to the pipes at ‘/dev/fd/’.

Name Abbrev. File Symbols
standard input stdin /dev/fd/0 < or <<
standard output stdout /dev/fd/1 1> or 1>>
standard error stderr /dev/fd/2 2> or 2>>

POSIX Shell Plumbing

The POSIX (Bourne) shell and its derivatives provides the ability to utilize various symbols to plumb processes together by their file descriptors.

Symbol Name _Symbol_Syntax_ ________Function________
pipe { block } | { block } attach stdout of left script block
to  stdin of right script block
success
exec		 cmd && { block } if cmd exits with success (0)
then execute block
failure
exec		 cmd || { block } if cmd exits with error (not 0)
then execute block
write
file		 { block } #>file attach /dev/fd/#
of left script block to file
and overwrite with bytestream
write
fd		 { block } #>&? attach /dev/fd/#
of left script block to /dev/fd/?
and overwrite with bytestream
append { block } #>>file attach /dev/fd/#
of left script block to file
and append bytestream
close
stdout		 #>&- close /dev/fd/#
(no # specified defaults to stdout)
read
file		 { block } <file attach stdin of left script block
to file and read bytestream
read
until		 { block } <&? attach stdin of left script block
to /dev/fd/? and read bytstream
read
until		 { block } <<word attach stdin of left script block
to stdin of proc
and read until word
close stdin <&- close stdin

Process Substitution

The POSIX shell also provides the ability to perform inline substitution utilizing two methods:

_Symbol_
Name		 Symbol_Syntax ________Function________
sub-shell exec ( block ) execute process proc without environment persistance
sub-block exec { block; } execute proc resulting inline at location within script with evnironment persistance

…for examples see below

Continue reading