Recently I have been working on sharpening my programming skills. I am a Network Engineer by trade but it never hurts to know how to program. I have colleagues that despise programming, but I have always found it to be interesting and fulfilling. Also, it does become very useful when you want to automate and monitor network devices. I am working on starting a new programming project and have been looking at Lua, Ruby, and Java as options for the new project. Each language has its pros and cons, and to make things even more complicated you can embed Lua and Ruby into Java. But embedding opens the door to many exciting possibilities.
Let me start by saying both Juniper and Cisco have excellent publicly available documentation. However, just like with any vendor, documentation on interoperability is always lacking. Making two products work together peacefully is your job as the Network Engineer, and the manufacturer is only going to help you so far. That’s why you have years of experience under your belt!
Both Juniper and Cisco support Policy-based VPNs (more common) and Route-based VPNs (less common, but much more useful). More people know how to set up Policy-based VPNs and they are also more vendor-neutral. But there are plenty of reasons you don’t want a Policy-based VPN (from here on referred to as a PBVPN) and you should use a Route-based VPN.
- For Cisco people: Policy-based VPN uses Access-lists, Route-based VPN uses interface Tunnel0 (virtual tunnel interface aka VTI).
- Juniper: Policy-based VPN uses policies and pair-policy, Route-based VPN uses interface st0 (Secure Tunnel 0).
SonicReader is a config file reader for SonicWall firewalls. Sonicwall config files end in the .exp extension. SonicReader reads the SonicWall config file and produces an HTML report of the contents. The only other way to read these files is to import them into a SonicWall and click through the web interface. The issue is that there are many cases that the config files are incompatible, such as with major differences in firmware or models.
You can get SonicReader v0.5 over at SourceForge.net
I recently bid on a used Juniper SRX100H (high-mem) on eBay. I got it for a decent price and it runs the latest Juniper SRX code. I bought the unit to use in my home testing lab, where I will be testing vendor compatibility (IE between Cisco and Juniper) as well as setting up lab environments. Since the unit is more than 2 years old I can safely assume that it is out of warranty, mostly because the eBay seller said he previously used it in his home lab. So after I made sure it worked properly the first thing I did was open it up!
All of my old Blogger content is now here. It was a lengthy manual import but it worked out well. I had to manually import everything due to the messed up HTML that I had in blogger – the built-in rich text editor was never my friend when I used blogger. It always chewed up my formatting. Anyway, it’s all here now. Enjoy!
If you care to see the old blogger site I will leave the content around for a while. You can get it here: http://andkorn.blogspot.com/ . No guarantees though.
The History of andkorn.org
I have hosted my site at a number of places over the years, and I think I finally found its final place: Amazon’s cloud. I first had part of my friend Dan’s site at transferplant.net (now defunct). He let me put up some source code in zip files, and make some posts, but it was very limited because he did not want me to have full access to everything on the site! He was also quite lazy in giving me more flexibility, and because he wrote all the PHP code himself this was all I was getting on this site.
New things have happened on my site. For one, I found that if you host a static site at Amazon via S3, you can save a ton in hosting fees as well as get a nice bump in speed and reliability. I found that I don’t need a dynamic site (I definitely don’t need a database), so why do I need all the security issues that go along with a dynamic site? All I need is a simple blogging engine that has no security issues. Anyway, I will be documenting everything shortly. Stay tuned!
Really HP? Why did you decide to stray away from the standard Cisco RJ-45 standard console cable? All other switches and routers, including HP Procurve 2500-series switches, Brocade, Juniper, and basically any enterprise network product can use a standard Cisco console cable. But HP 2910al switches are different!
I ran into a small issue recently: I had a stack of two Brocade ICX6610’s and they had two boot images:
- FCXS07300a.bin (Switch Code)
- FCXR07300a.bin (Router Code)
I wanted to swap the two and have the router code be primary. The issue is that I had a stack and the “flash rename” commands did not affect the secondary stack member. With “flash rename” I could move around flash images all I wanted on the primary member, but the secondary stayed the same. If I serial consoled into the secondary I could not modify its boot images to match.
I was having a hell of a time configuring Rancid with the Brocade ICX series switches. As with most things, the solution is very simple – after about 10 attempts of doing it wrong. The right solution is always the last one you try!