Monthly Archives: April 2015

Access Layer – New Switches and Cleanup…Finally!!

In our corporate office, we have a rather large IDF feeding multiple floors. It’s not my ideal setup, but it was here long before I got here, and it’s grown over the years. And it’s become a bit of a mess…a thorn in my side and something I’ve long wanted to clean up…but just never made the time. Well now we have made the time, due mainly to the end-of-life of the existing (8) 3560 switches (three switches in the rack 1, three in rack 2 and two in rack 4). Here is the ugly “before”…

Such an embarrassing mess…

We stayed late Friday evening and ripped everything out…and I mean everything. We installed 8 new Cisco 2960-X switches, all stacked as a single switch. Nice!! We also installed additional vertical and horizontal cable managers, and had all new CAT 6 patch cables in various lengths to reduce clutter. What a difference it makes…

Ahhh…much better!

We started the project right at 5:30 PM, Friday evening, which works well as employees wanted to get home! And we finished at 1 AM. Not bad at all. For verification, we walked almost the entire building, checking that everyone’s Cisco phones were booted up and properly registered. One of us will be at work early Monday morning just in case we missed anything.

Having a clean and organized cabling infrastructure pays off big in terms of easier maintenance and troubleshooting. Trust me!

Royal Canadian Snowbirds TankCam Video – Awesome

One of my many hobbies is flying…in fact, I used to be a flight instructor many years ago. I still love aviation, although I have not flown in about 9 years. Take a look at this video if you have a bit of time…it’s of the Royal Canadian Snowbirds aerial demonstration team (and they are very good). They mounted a camera underneath the lead plane, and the results are incredible…

Novell NetWare – Another Blast From the Past

Yes, I’m still cleaning up my LAB (and office). In addition to the Bay Networks surprise “find” which I posted about yesterday, I found this today…

Novell GroupWise Installation Disks

Ahhhh…Novell…my first love (with apologies to my wife Debbie). My very first job was as a NetWare Administrator, managing NetWare 3.12 servers and the related network devices (UB Networks hubs and Bay Networks routers). What a powerful and solid combination of hardware and software. You may have heard stories of NetWare servers with an uptime of years…yes, those stories are true, I can attest to it. Windows NT servers had uptimes of perhaps a week or two…and I can attest to that too. NetWare was light years ahead of Microsoft. In fact, I am not exaggerating when I say that Novell (and NetWare) ENABLED the PC revolution. PC’s and businesses had a central storage to share files and manage printing and backups, and GroupWise gave the users email and calendaring functionality. And all of this was decades ago!!

So, why is Windows Server everywhere and Novell is history? One word…marketing. Novell marketed their products to us geeks…the people that operated the servers and networks. Microsoft marketed to the suits…the managers and VP’s of IT. So…of those two groups, who controlled the budgets? Yup…it was not us geeks, that’s for sure. Of course, it didn’t help that Novell couldn’t market their way out of a paper bag. But that’s another story.

Summary: Novell rocked. Their products rocked. Their support rocked. Their people rocked.

And I proudly say that I used to be a Novell CNE.

ComputerWorld – Reminder of How Weak Email Really Is

ComputerWorld just posted a great article today on how weak email really is in terms of securing sensitive information, yet so many corporations and users still use it for critical communications. Just ask Sony. Be warned. Check out the article here…

Sony reminds us all what a pathetically weak link email is

On a side note…if you don’t regularly check out ComputerWorld’s website you should. They do a great job of reporting on the IT industry and all it’s various nooks and cranny’s. Plus they publish a monthly magazine in PDF format, which I download on my iPad and read at my leisure. Staying up to date on the IT industry is an important part of a successful IT career, and ComputerWorld will help with that.

Bay Networks – It’s Been A Long Time

I stayed home today, working on my LAB and cleaning up a lot of junk. I came across this…

My attendance “cert” for the Advanced IP class

Wow…this was a long time ago, and I still remember the class and the instructor (great instructors will do that…thank you Johan Van Besouw). This was back when Bay Networks was relatively young…it was a merger between Wellfleet Communications (routers) and SynOptics Communications (Ethernet products). They had some great stuff, and their hardware just worked. Over those early years of my career, I installed many Bay routers and hubs, and some of their early switches. I do remember that router configuration was a bit problematic at times due to their Site Manager software, which we fondly referred to as “Site Mangler”.

At the time I was working for a non-profit company in the San Francisco Bay area, and one of our projects was bringing the Internet into schools all over the Silicon Valley. I spent months installing T1 circuits at various schools, and upgrading their networks (if they even had one) with new Bay equipment. I remember many school principles would just look at me, and ask “So now what?”, after I got the Internet working….too funny, they just didn’t know what to do with it.

In the late 90’s, Bay Networks was purchased by Nortel. Around that time, I was at another company, and was looking at what direction to go for my network hardware needs….Bay or Cisco? I could not get a call back from Nortel…none of my old contacts were around, and the new reps were either too swamped or too clueless. It was an easy decision. About three months later, after my Cisco upgrades were almost completed, I finally got a callback from Nortel. It was a very short phone call.

And that, my friends, is why most of you have never heard of Bay Networks. And that is unfortunate.

Security News – Verizon 2015 DBIR and MS15-034

Some important security news you should be aware of…

Each year, many large organizations publish their annual security report…many are good, some are not. One of the best is Verizon, which has been publishing their annual Data Breach Investigation Reports for many years. Their report for 2015 is out, and is a must-read if you are involved with network security. You can download a copy here. Note…it asks for you to opt-in for other announcements from Verizon, but there is a “Download Only” link available if you prefer.

Microsoft has released a Security Bulletin (MS15-034) for a rather nasty vulnerability with how Windows handles HTTP stack requests. Although most Windows clients would not have any applications running that would handle HTTP requests, that is not the case for Windows Servers (especially IIS). If you manage Windows servers, you need to quickly take a look at this Bulletin…there are active exploits in the wild already.

The Force is With J. J. Abrams

I know, my next post was supposed to be a continuation on DIG and troubleshooting DNS, but something MUCH more important has come up. Yes…the newest trailer for Star Wars: The Force Awakens was just released yesterday!! And it seems that J. J. Abrams is doing a great job on developing the story-line, which really left off way back in 1983 with episode VI, Return of the Jedi. This movie should make for a great December when it comes out!!

“The Force is strong in my family…”

Verifying Proper Email Routing – MX Records

I had an issue come up today in which I needed to verify what mail servers were handling email for a particular domain. (I like having easy problems on a Friday!)

So, how do you answer this question? Simple…you need to look up the MX records associated with the domain in question. MX stands for Mail Exchange…which are DNS records of mail servers sitting on the Internet which handle email for a domain. Quick example using my handy DIG utility (available within Linux, or you can download it from isc.org for Windows)…

MX results for cisco.com

As you can see, the DNS reply gave us 3 MX records for mail servers that handle email for the domain “cisco.com”…

10 alln-mx-01.cisco.com.
30 aer-mx-01.cisco.com.
20 rcdn-mx-01.cisco.com.

The numbers in front of each line are known as “preference numbers” and establish which order the servers are to be used, with the smaller number being more preferred. In this case, mail servers will attempt to contact server alln-mx-01.cisco.com first, and if not successful, will then attempt server rcdn-mx-01.cisco.com….and so on. (And no, Cisco does not have a single server that takes care of all their email…most likely alln-mx-01 simply points to a large server cluster). A common technique you will see is to list several servers all with the same preference number…this allows for load-balancing among the servers (a bit crude, but it does work). HP handles load-balancing a bit differently…

MX results for hp.com

I like HP’s solution…simple and efficient…there is only one MX record, but multiple “A” (Address) records that smtp.hp.com resolves to. How about Apple?….

MX results for apple.com

As you can see, Apple handles load-balancing in a bit more complex manner, but it works very well…(sounds just like Apple, doesn’t it?). There are 5 preference number “10” servers and 5 “20” servers, and I bet they are spread out all over the place…different data centers in America and perhaps other parts of the world. Notice the single “100” preference server, which will only get used if none of the other servers are up and running. Knowing Apple, I’m sure this server is kept up to date and patched. But smaller organizations tend to setup a high number preference server as a last backup, which hardly ever gets used, and they tend to forget about it…maybe not keep up with patches and security updates. As a result, you will tend to see hackers go after the high numbered preference mail servers, as they may be an easier target.

Bonus question: Did you notice that all the host names and domain names ended with a “dot”, such as apple.com. and smtp.hp.com.? Know why? I’ll tell you in my next blog.

Hope this info was helpful…

Easter Celebration 2015 – He is Risen!

It has been a busy weekend, but yet an awesome weekend all at the same time. I’ve been playing my French horn in the orchestra at church as part of the Easter celebration, and had a wonderful time doing it….

“For God so loved the world that he gave his one and only Son, that whoever believes in him shall not perish but have eternal life.” John 3:16 (NIV)

You Just Have to Love Google and Their Humor

You have to admit that Google has a great sense of humor, especially on April Fools day. Go to the following website: https://com.google (Update: The link no longer works…it was just for April 1st.) Too funny!!! Here I searched on Cisco…

Google being funny again!!

And here is another one by Google….very funny: Google Smartbox

As big and sometimes scary as Google is (they REALLY do know all and see all), I do like their sense of humor.

Networks Are Cool — A Network Engineer's Blog

Having fun with networks and encouraging the next generation of network engineers