Dell N3000 – Firmware upgrade breaks BGP

I have 2 stacks of Dell N3048 switches. I upgraded one of them on the weekend from 6.2.7.2 to 6.3.0.56 and found that two of my BGP sessions didn’t come up any more – after establishing and receiving the routes the BGP session would cease with this logged: <191> May  9 07:57:07 level14-stack-5 BGP[BGP Protocol]: bgptcp.c(653) 15582 […]

Blocking WordPress Pingback Verification DDoS

Recently one of the websites I host has come under a few reasonably sized DDoS attacks. The attacker has been (mis)using a WordPress feature, pingback verfications. The attacker sends requests to WordPress sites that have this feature enabled, the WordPress sites then send a HTTP request to the target site to verify the pingback. If […]

pfSense 2.3 – IPSEC + OpenBGPD Dropouts

A while ago I upgraded one of my pfSense servers to 2.3. After I left it running for a while I noticed all of my IPSEC tunnels dropped out and never re-established – restarting the IPSEC service didn’t fix it and the only way I could fix it was rebooting the server. After doing some […]

Barracuda Web Filter and Logstash

I use a Barracuda Web Filter 410 vX. While looking around on the web I couldn’t find any filters that did exactly what I wanted so I created some. The filters will parse both logs from the web interface as well as the access log. Here is an example of the fields that are grok’ed […]

Windows 10 – Group Policy Management Error

After recently applying the latest Windows updates to my PC I started getting an error when using the Group Policy Management tool. You can just click OK for the error to dismiss it but it gets frustrating seeing it every time you go to make a change. The error message looks like this: Resource ‘$(string.RequirePrivateStoreOnly)’ […]

Juniper MX with MS-MIC-16G – IPSEC with PSK

These are the steps to set up IPSEC on a Juniper MX with the MS-MIC-16G (multiservices MIC) – these instructions are for an MX80 but will work with any of the MX family with the multiservices MIC. These instructions will set up a route based VPN – you can then run GRE tunnels over the […]

Juniper EX – LLDP Crash

I ran into an issue with LLDP on a virtual chassis of EX4200 switches. When enabling LLDP and LLDP-MED, the LLDP process would constantly crash and restart. Each time it crashes it was creating a core dump. In the messages log file I could see these errors: Apr 22 12:44:37  router1 init: lldpd-service (PID 69355) […]

ExaBGP – BGP routing with health checks

ExaBGP is an excellent tool for playing around with BGP. It is feature rich, has an API and gives you the option to run scripts which can announce/withdraw routes. In my environment I use ExaBGP for certain services to ensure high availability (and load balancing using equal cost multipath, ECMP). To do this I wrote […]

Dell N3000 Series – RADIUS Auth Bug

I was setting up a couple of stacks of Dell N3048 switches recently and ran into a strange bug when getting authentication working with RADIUS. Both stacks of switches were running version 6.2.0.5 (latest as of writing). The general setup of the two stacks: Both stacks connected to each other About 10 VLAN’s setup. Each […]

PuppetDB: [400 Bad Request] Missing required query parameter ‘payload’

After upgrading the packages on my puppet master server with puppetdb I was getting this error when running the agent: May 23 19:15:45 test puppet-agent[15207]: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit ‘replace facts’ command for test.server.com to PuppetDB at puppet.server.com:8081: [400 Bad Request] Missing required query parameter […]