Develop and Deploy Network Templates Before Automating

Date: 2022-05-26
Subject: Network Templating
Version 1.0

Automation is the number one topic in networking today. Automation allows a team to lean left, moving simple troubleshooting to the NOC, it allows the team to do more with less, and it allows for repeatable deployments. A good place to start is to think about many of the day to day work that gets done, how much of this work is simply applying the same changes over and over. These tasks are a great place to start with templating.

Rename accounts in FreeBSD

pw usermod -n oldname -l newname -d /usr/home/newname

pw groupmod -n oldname -l newname

mv /usr/home/oldname /usr/home/newname

chown -R newname:newname /usr/home/newname

Bhyve on FreeBSD 10.1

I recently started a new series of videos on YouTube about my favorite operating system FreeBSD. Below are the commands used in the video to setup the bhyve hypervisor on FreeBSD 10.1 with a virtualized Ubuntu 15 server.

######## prerequisites for bhyve on FreeBSD ##########

pkg install grub2-bhyve

mkdir /virtual_machines

cd /virtual_machines

mkdir iso

cd iso

fetch http://releases.ubuntu.com/15.04/ubuntu-15.04-server-amd64.iso



######��� Load kernel modules and set sysctl values ######

kldload if_tap

kldload if_bridge

kldload vmm

kldload nmdm

###### set sysctl values� #######3

sysctl net.link.tap.up_on_open=1

sysctl net.inet.ip.forwarding=1

echo "net.link.tap.up_on_open=1" >> /etc/sysctl.conf

echo "vm1:dv=/dev/nmdm1B:br#9600:pa=none:" >> /etc/remote

##### create interfaces needed for the vm� ########



ifconfig tap1 create

ifconfig bridge0 create

ifconfig bridge0 addm tap1 addm em0 up





##### create the config files and virtual disk� ########



truncate -s 10g vm1.img

vi device.map

(hd0) /virtual_machines/ubuntu_server/vm1.img

(cd0) /virtual_machines/iso/ubuntu15server.iso



####### Boot the virtual machines ###########

grub-bhyve -r cd0 -m /virtual_machines/ubuntu_server/device.map -M 1024 vm1



bhyve -c 1 -m 1024M -H -P -A \

-l com1,/dev/nmdm0A \

-s 0:0,hostbridge \

-s 1:0,lpc -s 2:0,virtio-net,tap1 \

-s 3,ahci-cd,/virtual_machines/iso/ubuntu15server.iso \

-s 4,virtio-blk,/virtual_machines/ubuntu_server/vm1.img vm1 &

########### boot into newly installed vm ################333

poem

So live your life that the fear of death can never enter your heart. Trouble no one about their religion Respect others in their view And demand that they respect yours Love your life, perfect your life, beautify all things in your life Seek to make your life long and its purpose in the service of your people Prepare a noble death song for the day when you go over the great divide Always give a word or a sign of salute when meeting or passing a friend Even a stranger when in a lonely place Show respect to all people and grovel to none When you arise in the morning give thanks for the food and for the joy of living If you see no reason for giving thanks, the fault lies only in yourself Abuse no one and nothing For abuse turns the wise ones to fools and robs the spirit of its vision When it comes your time to die Be not like those whose hearts are filled with the fear of death So that when their time comes They weep and pray for a little more time To live their lives over again in a different way Sing your death song And die like a hero going home

Slow Downloads in Itunes

If you are experiencing slow downloads in iTunes try this:

Shut down iTunes

Disable antivirus/internet security suite

Open itunes and resume downloads.

This is most often caused by the internet security suite which is not capable of scanning large files in real time. If this fixes your problem, you can usually make the fix permanent by disabling the piece of the antivirus that filters web traffic.

New route-server available!

New mailing List

I started a new mailing list. this list is for anyone to ask questions about networking design and implimentation. We can help with configuration questions of all gear Juniper, cisco, hp, fortinet…..

Also questions reguarding Linux, Solaris �and BSD are welcome as well

http://lists.techinvasion.net

Found This Funny Banner Today!

MPLS VPN Services

This article with aim to take a in depth look at MPLS and explain how your packets get from one side of the MPLS cloud to another. Hopefully this will give you some perspective that will prove useful in troubleshooting issues in your own MPLS implementations.

Most enterprise engineers MPLS experience goes something like this: The company needs to connect the office in Miami and the office in London with the corporate headquarters office in Chicago. The VPN design needs to be flexible, and most importantly the network connecting all 3 sites needs to be full mesh. By this I mean to say that any office should be able to talk to any other office using this MPLS VPN. At this point you contact your MPLS provider and ask them to provision 3 MPLS links, 1 for each of the above mentioned offices. The MPLS Sales team puts you in contact with their engineering department and they ask you a couple questions that they need answered in order to properly provision your lines. the number one question that they ask is “How do you want to send us routes?” �now depending on the size of your organization and the dynamic or static nature of your network you can opt for several options here are 3 of the most common.

SSH Brute Force Mitigation in Junos

I have several Juniper SRX-210 devices configured in remote offices. One of the biggest problems I have is that there are a lot of people that are constantly running scripts against the ssh daemon. Now I could lock it down to only a specified list of allowed IP addresses. This would be the most secure method but i have a business requirement of being able to connect to this device from many different location. There is a command you can use to mitigate brute force attempts.