I've seen this happen for a few reasons but had a new one today.
We had a new 3750 that I'd set to DHCP on VLAN1 to plug in. I then changed the native VLAN to 111 and added voice etc VLANs
Then we plugged a phone in and started seeing the Windows DHCP server fill with BAD ADDRESS entries and when you cleared them the came back in seconds.
Hmm.. unplugged the phone and PC on the back of it. Still filled the DHCP table.
Turns out the core switch had VLAN1 decommissioned but it still had a helper and so the new switch's DHCP requests on VLAN 1 were going to the server and turning up as short MAC addresses (8 or 10 characters) and Windows went no, next and so on.
Odd. I would have thought it would have said no range defined and ignored it. So the helper must be doing something bizarre.
Moral of the story: look for stray helpers on your layer 3 devices as another source of BAD ADDRESS problems.
Wednesday, 23 January 2013
Sunday, 13 January 2013
Alfa Romeo 155 handbrake not working
My other love apart from technology is cars. Especially Italian and English ones and for the last decade or so especially Alfa Romeos...
They're a bit quirky but they feel nice, the sound nice, they look nice. They're just a nice place to be :-)
One thing I've run into a couple of times that I want to know so I remember it and other may save some time.
Alfa 155 handbrake: leave it high!
The handbrake if set to low will stop the rears auto adjusting and you'll lose rear braking (and be all nosey when you brake hard) and the handbrake will be next to useless. Leave the hand brake about 45 degrees and you'll be fine.
Any one know where to find exhaust cam follows for a v6 155? I'll pay handsomely for that info!
They're a bit quirky but they feel nice, the sound nice, they look nice. They're just a nice place to be :-)
One thing I've run into a couple of times that I want to know so I remember it and other may save some time.
Alfa 155 handbrake: leave it high!
The handbrake if set to low will stop the rears auto adjusting and you'll lose rear braking (and be all nosey when you brake hard) and the handbrake will be next to useless. Leave the hand brake about 45 degrees and you'll be fine.
Any one know where to find exhaust cam follows for a v6 155? I'll pay handsomely for that info!
Friday, 31 August 2012
Ubuntu grub fix with btrfs
I couldn't find a simple guide for this so here it is...
I have Ubuntu 12.04 with btrfs as my main FS. Once Windows was install Ubuntu vanished as usual. Took some playing but here is my fix.
The guts are..
The key bit is the mount line. If you see in your mount directory @ and @home something has not worked and it's mounted the raw thing not the correct subvolume.
I have Ubuntu 12.04 with btrfs as my main FS. Once Windows was install Ubuntu vanished as usual. Took some playing but here is my fix.
The guts are..
sudo mount -t btrfs -o subvol=@ /dev/sda6 /mnt/
sudo mount --bind /dev /mnt/dev/
sudo mount --bind /proc /mnt/proc
sudo chroot /mnt/
grub-install --recheck /dev/sda
The key bit is the mount line. If you see in your mount directory @ and @home something has not worked and it's mounted the raw thing not the correct subvolume.
Thursday, 19 July 2012
Fortigate error The cmdb add entry failed.
We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall.
So, tried a few things and found we could get a policy on by killing IPS. This may cause all sorts of random results so only use this if you're desperate!
You can try the nice way
and then try adding the policy but I had to go further: in the CLI console type
get sys perf top
Look for ipsengine..
So, tried a few things and found we could get a policy on by killing IPS. This may cause all sorts of random results so only use this if you're desperate!
You can try the nice way
diagnose test application ipsmonitor 99
aand then try adding the policy but I had to go further: in the CLI console type
get sys perf top
Look for ipsengine..
ipsengine 6085 S 0.0 22.6
Then you can kill it..
diagnose sys kill 9 6085
the 9 is the signal and 9 means kill it dead.
It should come back. Check with the get sys perf top again.
Then you should be ok to put in a few commands without the cmdb add entry failed error.
Friday, 19 August 2011
Fibre (Fiber) optics and you
This is a great article on history and how-tos for optic cabling..
Making the switch from 62.5- to 50-micron fiber - Cabling Installation & Maintenance
Making the switch from 62.5- to 50-micron fiber - Cabling Installation & Maintenance
Friday, 29 July 2011
Fortigate MR3 VPN to Cisco
So I'm doing a lot more Fortigate work in a new job. Got to grips with most of the Forti foibles but this is a new one..
We've got a site with a Fortigate at the head office and Ciscos at the remote sites. They're in construction so the Ciscos get kicked, dropped, spiked etc but just keep going.
I was adding a new site after recently updating the Fortigate to MR 3 PL1 and it would not work. The VPN just would not come up. Identical Cisco config (bar IP addresses) and the HO Forti VPN config looked identical too. Until you get to the CLI...
Seems now there is a mode-cfg setting that defaults to enabled and the Cisco's don't like being told what to do. Turn that off in the CLI and the VPN came up. By the way the VPNs on the Cisco end are VTIs using routes as these seem to play better and you don't have to specify and match proxies.
We've got a site with a Fortigate at the head office and Ciscos at the remote sites. They're in construction so the Ciscos get kicked, dropped, spiked etc but just keep going.
I was adding a new site after recently updating the Fortigate to MR 3 PL1 and it would not work. The VPN just would not come up. Identical Cisco config (bar IP addresses) and the HO Forti VPN config looked identical too. Until you get to the CLI...
Seems now there is a mode-cfg setting that defaults to enabled and the Cisco's don't like being told what to do. Turn that off in the CLI and the VPN came up. By the way the VPNs on the Cisco end are VTIs using routes as these seem to play better and you don't have to specify and match proxies.
Monday, 7 March 2011
Reformed Orcon user
This is a New Zealand specific thing so not relevant to most.
I finally had had a guts full of our previous ISP Orcon and changed to Telecom several weeks ago.
Talk about night and day! We can use youtube etc. Even two of us at the same time! This was unheard of on Orcon. It took tens of minutes to load a 30 second clip. Downloads were regularly 2KB per second. Whoever set up their shaping needs castrating.
Speed test shows not quite as dramatic results. Download is up about 30 to 50 per cent depending on the day, and this is on ADSL 1 as I'm still using an old Cisco 1751 router. Ping is usually about half what it was.
To be fair Orcon quite quite good at 5AM. We could watch youtube and download at hundreds of KB per second.So I'm guessing they just not good at the shaping and over subscribed. A shame given they used to be one of the best 5 years ago. Seems change of leadership a while back has led to more flash ('cuse the pun) and less substance.
I finally had had a guts full of our previous ISP Orcon and changed to Telecom several weeks ago.
Talk about night and day! We can use youtube etc. Even two of us at the same time! This was unheard of on Orcon. It took tens of minutes to load a 30 second clip. Downloads were regularly 2KB per second. Whoever set up their shaping needs castrating.
Speed test shows not quite as dramatic results. Download is up about 30 to 50 per cent depending on the day, and this is on ADSL 1 as I'm still using an old Cisco 1751 router. Ping is usually about half what it was.
To be fair Orcon quite quite good at 5AM. We could watch youtube and download at hundreds of KB per second.So I'm guessing they just not good at the shaping and over subscribed. A shame given they used to be one of the best 5 years ago. Seems change of leadership a while back has led to more flash ('cuse the pun) and less substance.
Subscribe to:
Posts (Atom)