January 28, 2008

L4 based Load Balancing @ Software based routers

With IOS version 12.4.11T you can finally utilize not just the per destination (or per packet) based CEF load balancing, but also L4 port based load balancing!

So far you were able to use this feature only at high end switches like Cisco 4500 and Cisco 6500. Now the 12.4.11T brings this feature to standard software based routers as well. Officially (Cisco Doc) Cisco 800, 1700, 1800, 2600, 2800, 3200, 3600, 3700, 3800, 7200, 7301, AS5000, 7200 7301 series Routers, MWR, MWAM series routers are supported.


Voice and Unified Communications - Training Webcasts

Some very good webcasts about voice and unified communications can be found at http://www.cisco.com/web/learning/le31/le46/products/products-voice-ip-communications.html

I definitely recommend to see at least the TAC trainings. They are really excellent!

btw: You may need a CCO account to access some stuff from that page, but it's enough to have the guest level CCO.


January 27, 2008

Web 2.0 - Yet another .com bubble?

Blogging, ajax, facebook, wikipedia, social networking, youtube, myspace, secondlife, rss, voip, podcasts, mashups, and other buzzwords of the Web 2.0 age. But is the Web 2.0 really a new age or is it just a next .com bubble? I guess it all has started about 5 years ago. First with blogs, then continuing with social networking sites where ppl meet ppl (unfortunately only virtually), web developers massively developing Ajax based web applications (putting more of the application logic to the client side), web frameworks have been created, open wiki as a content creating and editing tool, youtube which has became part of our daily life (life where being here means being there), and at the end, Web Operating Systems (or your living spaces?) running in your favorite web browsers.

I think the Web 2.0 is not just a bubble. And even if it is, it has already changed our life, our way of meeting and knowing ppl. It has changed and still changing our way of living.

And what's the recipe of success?  Looks like it's enough to be a student at some fancy university, have an innovative idea, launch it in a web 2.0 interface, make it popular and then sell 1.6% share of your company for at least $240 million. It's so easy to became successful :-)

January 17, 2008

M$ always brings a smile to your face ...

... if not by creating a stable operating system (well, I have to admit that XP and 2k3 are pretty good), then by creating a funny ad. I was browsing around some news sites and found a nice post about a new Microsoft book. This new book was designed for children and their parents to explain and understand why it is not a shame to have a server at your home (Who is the PR manager at M$?). Well, I "think" it's really a matter of life to explain to kids that a home server is nothing wrong, it doesn't make you nerdy and the other kids are making fun of them just because they are jealous and they want to have a home server too. Really, a book about a computer security would be much better and more useful than this :-/ http://tinyurl.com/2yq5u3

January 11, 2008

Xen 3.1 @ Debian 4.0 - VNC domain console does not work


I have installed Xen 3.1 binaries on a Debian 4.0 R2 based server. The server is Intel VT enabled so I was just waiting to see Windows running in Xen. Unfortunately even with a good looking configuration I was not able to connect to a VNC console. After some troubleshooting I found a missing library reference error message in logs:

xeon2:/home# tail -1 /var/log/xen/xend-debug.log
/usr/lib/xen/bin/qemu-dm: error while loading shared libraries: libSDL-1.2.so.0: cannot open shared object file: No such file or directory

After installing the SDL package (apt-get install libsdl1.2debian) the VNC console has finally started to work and I was able to install my first Windows@Xen :-D


January 6, 2008

Putty feature - Putty authentication agent

Using RSA/DSA key pairs (public and private key) for SSH connection authentication has many advantages. It makes the authentication process more secure (especially when someone can see what are you typing on your keyboard), it enables using automated scripts for backup, etc. Under Windows you can generate RSA/DSA key pairs for ssh connection with the PuTTYgen application.

If you already have your RSA/DSA key pair generated, you copy-pasted the public key to the server to ~/.ssh/authorized_keys, then you can use the private key as an authentication mechanism instead of a password. If you have generated your RSA/DSA keys with a passphrase (I recommend to generate it with passphrase enabled) then you will be requested to enter it while authenticating.



Sometimes you have to connect to more servers at once, and have to enter the passphrase or a password as many times as many ssh session are you creating. To overcome the need of entering the passphrase, you can use the Putty authentication agent.

Start pageant.exe. A new Pageant icon will be added to the system tray:


Doubleclick on the Pageant icon and a window similar to the following figure should be displayed:


The Pageant window contains a list of enabled RSA/DSA keys which are automatically provided to putty or scp applications for RSA/DSA keys based authentication of the SSH session.

Click on Add Key and search for your private RSA/DSA key which you are using for SSH. If you are using a passphrase in your private RSA/DSA key (I highly recommend to use it) then just enter the password and the private key will be added to your enabled keys list.



That's all. Now if you try to connect to your ssh enabled host, your ssh connection authentication may look like this:


and a scp file copy may look like this:



Do not forget to lock your computer screen when you are leaving it and you have RSA/DSA keys enabled in Pageant! Otherwise anyone who has physical access to your computer can connect to your servers with ssh without having to know your passphrase.

January 5, 2008

My favorite Windows applications

What are your favorite Windows applications?

January 4, 2008

Print multiple labels per page and use an external data source

Today was somehow a special day. The reason why was it special was an inventory check at CNL. This is always a special event because we usually find on the inventory list some things which we have never seen or even heard about :-)

Anyway, on this year we wanted to put some new labels on your equipment so in the future they could be identified more easily. We bought some A4 pages, each page with 40 stickers. The idea was to print to these stickers with some labels (ID numbers) which will then identify our equipment.

The first problem was finding a software which could be easily used to create these stickers. At the end, the Microsoft Publisher 2007 was used. It's a pretty good piece of software, which can be used to create good looking presentation materials, papers, business cards, labels, etc.

So I started Publisher, created a new project based on some label template. First I changed the size of a label. We had 40 stickers on A4 paper, 10 rows and 4 columns. So one sticker has 5,25cm per 2,97cm size. The I adder our logo figure, some informational text and as last but not least the ID number. Our department uses 8 digits (ID) to identify any equipment and it looked to be a good idea to follow this rule and create these stickers with 8 digits identification code. The year of the equipment acquisition is also important for us, so it has to be visible on a sticker too. So far so simple.

What we needed be then was a dynamic data source with IDs, years of acquisition and other information. This data source was an Excel sheet.

I found on the Microsoft Office web site a great step-by-step guide which describers how to create different labels on the same sheet. Exactly what we needed :-) It's enough just to follow up that guide (the automated method section) and you will be able to create nice labels and stickers with text based on a data source found in XLS file, SQL database, TXT file, or any other Office compatible data source.


January 1, 2008

When are you going to sleep?

I am usually going to sleep very late. While I was in Finland I got used to go to bed at 4:00AM or 5:00AM. Now when I am back at home, I am trying to be in my bed before 2:00AM and usually I am going to sleep at about 1:00AM. How about you? xkcd

Be there as a hologram

WOW! Nice job guys! More

Want a USB sound card? Buy it from Cisco!

Cisco was some years ago commonly known as a network routing and switching company. Actually they started just with a multiprotocol routing. Then they expanded and added switching, firewalls, vpns, voip and telecommunications, storage, video, ... Today I cannot think about any network related thing that Cisco has no solution for. I even have a camera with a Cisco Systems logo on my monitor :-) Just year or 2 years ago they announced a video conferencing solution called Telepresence which brings people together as if they were sitting face2face. You really have to experience it! But the Telepresence has brought something unexpected to Cisco. Cisco now sells also furniture :-D Yeah, really. If you are buying a Telepresence solution then you will get a completely new room equipped and furnished by Cisco (I haven't seen it in real life but I guess that even the chairs have Cisco logo on the back). Anyway, I found a new hardware from Cisco - an USB sound card (MOH-USB-AUDIO=). It is designed to be used with Cisco Unified Communications Manager as a source for Music on Hold feature. From documentation: The Cisco MoH USB audio sound card (MOH-USB-AUDIO=) must be used for connecting a fixed or live audio source to the MoH server. This USB sound card is compatible with all MCS platforms supporting Cisco Unified CM Release 5.x.

Close your frozen ssh session

I am working with Linux quite a lot and sometimes I face this situation: I have a terminal with ssh connected to a remote server and after a while the ssh connection gets frozen on a remote side for some reasons. Now what? I used to find the PID of the ssh process in another terminal and then used kill -9 PID. This method looked a bit too "brute force" just for closing the broken ssh session and I was looking for a more "elegant" solution. Like when I am telnet_ed somewhere, I can use the CRTL+] key sequence as a escape character to break the connection. I found a similar solution for ssh: [enter]~. First press the Enter key, then tilde, and then add a dot and your ssh session will be closed and you can continue your work in back in freed terminal.

Enable ISN dialing on your Linksys IP Phone

Finally I have set up an ISN support on our Sip Express Router @ CNL. After I tried to make my first ISN call to the 1234*256 test number (screaming monkeys :)) from my Linksys SPA962 IP Phone I was a bit disappointed :-( To my big surprise after pressing the dial button, it showed just an "Call ended" message without any additional information. It was weird that it doesn't even showed the called number what it normally does. From my experience, the best thing do in these situation is to turn on some kind of debug on SIP Proxy server or if available on IP phone. I used my favorite "debugger" tool on SER server: ngrep. Dialing from my IP Phone once again, but got nothing. No SIP INVITE messages from my IP phone at all. After further investigation, I found the problem: the default dial plan used in Linksys IP phones does not support the star character "*" in a dialed number: (*xx|[3469]11|0|00|[2-9]xxxxxx|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.) To enable ISN dialing you must add this dial pattern: x.*x. After adding the ISN dial pattern, your dial plan may look like this: (*xx|[3469]11|0|00|[2-9]xxxxxx|1xxx[2-9]xxxxxxS0|xxxxxxxxxxxx.|x.*x.) If you are using some prefix for outbound dialing, like 7*....... and want to use it for ISN calls as well, then you must add a pattern like "7*x.*x.". My dialplan now looks like this: ([1-7]xxxS0|0x.|x.*x.|7*x.*x.) Lines 1xxx - 7xxx are our internal lines, 0x. are outgoing trunks, x.*x. is an ISN pattern as well as 7*x.*x.


pf2008 Happy New Year 2008!