Category Archives: Misc

Google BBR Algorithm

Google’s BBR algorithm for handling TCP traffic congestion could announce a new Era on the trasnport Control Protocol (TCP). Google announced integration with Google Cloud, a cloud hosting platform offered by Google to thousands of companies and which serves millions of websites on a daily basis.

BBR stands for “Bottleneck Bandwidth and RTT (Round-Trip Time),” and is an algorithm for optimizing how network packets travel through servers in order to avoid jamming certain routes.

If you want test this on your linux box, you can follow this guide here https://patchwork.ozlabs.org/patch/671069/

An draft IETF proposal as been made, you check see it here https://tools.ietf.org/html/draft-cheng-iccrg-delivery-rate-estimation-00

TAP vs TUN Interfaces

What is the TUN ?
The TUN is Virtual Point-to-Point network device.
TUN driver was designed as low level kernel support for
IP tunneling.

What is the TAP ?
The TAP is a Virtual Ethernet network device.
TAP driver was designed as low level kernel support for
Ethernet tunneling.

What is the difference between TUN driver and TAP driver?
TUN works with IP frames. TAP works with Ethernet frames.

These kind of interfaces are supported in Linux

Upgrade Cisco Blade Switch

Applying a major upgrade between 12.x and 15.x code, backup your config first before go ahead!

Checking the actual version

 

SW01#sh ver | i IOS
Cisco IOS Software, CBS30X0 Software (CBS30X0-LANBASEK9-M), Version 12.2(35)SE, RELEASE SOFTWARE (fc2)SW01#show boot
BOOT path-list      : flash:cbs30x0-lanbase-mz.122-35.SE/cbs30x0-lanbase-mz.122-35.SE.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :

Downloading and extracting the TAR file from your TFTP

SW01#download-sw tftp:10.1.0.103/cbs30x0-ipbase-tar.150-2.SE6.tar
Loading cbs30x0-ipbase-tar.150-2.SE6.tar from 10.1.0.103 (via FastEthernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(omitted for brevity)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK – 15073280 bytes]

Loading cbs30x0-ipbase-tar.150-2.SE6.tar from 10.1.0.103 (via FastEthernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(omitted for brevity)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
examining image…
extracting info (107 bytes)
extracting cbs30x0-ipbase-mz.150-2.SE6/info (372 bytes)
extracting info (107 bytes)

Stacking Version Number: 1.49

System Type:             0x00000000
Ios Image File Size:   0x00BEF200
Total Image File Size: 0x00E60200
Minimum Dram required: 0x08000000
Image Suffix:          ipbase-150-2.SE6
Image Directory:       cbs30x0-ipbase-mz.150-2.SE6
Image Name:            cbs30x0-ipbase-mz.150-2.SE6.bin
Image Feature:         IP|LAYER_3|MIN_DRAM_MEG=128

Old image for switch 1: unknown

Extracting images from archive into flash…
cbs30x0-ipbase-mz.150-2.SE6/ (directory)
extracting cbs30x0-ipbase-mz.150-2.SE6/info (372 bytes)
cbs30x0-ipbase-mz.150-2.SE6/html/ (directory)
extracting cbs30x0-ipbase-mz.150-2.SE6/html/frmwrkResource.htm (950 bytes)
extracting cbs30x0-ipbase-mz.150-2.SE6/html/menu.shtml (8324 bytes)
extracting cbs30x0-ipbase-mz.150-2.SE6/html/portstats.js (8142 bytes)
(omitted for brevity)
extracting cbs30x0-ipbase-mz.150-2.SE6/cbs30x0-ipbase-mz.150-2.SE6.bin (12505683 bytes)
extracting info (107 bytes)

Installing (renaming): `flash:update/cbs30x0-ipbase-mz.150-2.SE6′ ->
`flash:cbs30x0-ipbase-mz.150-2.SE6′
New software image installed in flash:cbs30x0-ipbase-mz.150-2.SE6

All software images installed.

Boot updated with the new image & Reboot

SW01#show boot
BOOT path-list      : flash:cbs30x0-ipbase-mz.150-2.SE6/cbs30x0-ipbase-mz.150-2.SE6.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :SW01#reload
Proceed with reload? [confirm]

New code is Live!

SW01#sh ver | i IOS
Cisco IOS Software, CBS30X0 Software (CBS30X0-IPBASE-M), Version 15.0(2)SE6, RELEASE SOFTWARE (fc2)

Compare the running config with the Backup one we did previously zero differences, so another successful upgrade!

How to extend SLR in PAN for more than 7 days

By default the report is only generated for the last 7 days, using the GUI. I will show you next how to extend the time for the report.

You have to identify the start and end date and the export method, TFTP in this case.

[email protected]> tftp export stats-dump start-time equal 2016/10/[email protected]:00:00 end-time equal 2016/10/[email protected]:00:00 to 192.168.169.147

show system info…
Generating Application Report…
Generating HTTP Application Report…
Generating Category Report…
Generating Risk Report…
Generating Threat Report…
Generating Source Country Report…
Generating Destination Country Report…
Generating URL Category Report…
Generating Subcategory Report…
Generating Technology Report…
Generating Data Report…
Generating V2 Application Report…
Generating V2 Threat Report…
Generating V2 Wildfire Report…
Generating V2 Data Report…
Generating V2 URL Category Report…
Generating V2 Application Non-standard port Report…
Generating V2 HTTP Application Report…
show_system_info.txt
reports/
reports/ThreatReport.xml
reports/TechnologyReport.xml
reports/SourceCountryReport.xml
reports/SubcategoryReport.xml
reports/URLCategoryReport.xml
reports/error.log
reports/RiskReport.xml
reports/ApplicationReport.xml
reports/DestinationCountryReport.xml
reports/DataReport.xml
reports/CategoryReport.xml
reports/HTTPApplicationReport.xml
statsv2/reports/
statsv2/reports/ThreatReport.xml
statsv2/reports/WildfireReport.xml
statsv2/reports/URLCategoryReport.xml
statsv2/reports/error.log
statsv2/reports/ApplicationNonStandardPortReport.xml
statsv2/reports/ApplicationReport.xml
statsv2/reports/DataReport.xml
statsv2/reports/HTTPApplicationReport.xmlFinished generating reports. Please press enter to continue…
mode set to octet
Connected to 10.10.10.24 (10.10.10.24), port 69
putting logdbcsv_20161119_2009.tar.gz to 10.10.10.24:logdbcsv_20161119_2009.tar.gz [octet]
Sent 16506 bytes in 0.3 seconds [478106 bit/s]

[email protected]>

Once the report is exported, the Security Lifecycle Review (SLR) can be used for analysis.

Export/Import Putty settings

This method is using registry, so before proceed do a backup of it.

Open command line and type the following command:

regedit /e “%userprofile%\desktop\putty-registry.reg” HKEY_CURRENT_USER\Software\Simontatham

Copy the file generated to the new Windows installation and run it, a prompt window will pop up and click “Yes”. This will merge with config you have for Putty.

export_putty_settings

The following window should appear saying it was imported successfully.

export_putty_settings2