-
Recent Posts
Categories
- Best Practices (9)
- Cisco Networks (15)
- Documentation (9)
- General Maintenance (17)
- HP Networks (1)
- IPv6 (16)
- Linux (4)
- Odin (6)
- Productivity (5)
- Services (57)
- Backbone Network (7)
- DHCP (2)
- DNS (5)
- eduroam (12)
- Firewall (7)
- Mail Relay (6)
- Message Submission (2)
- NTP (1)
- VPN (5)
- Web Cache (1)
- Wireless (17)
- Trend Analysis (1)
- Uncategorized (13)
Budget High Availability ASA testing
The problem We’re looking at setting up a management network behind a couple of ASAs. My requirements and prerequisites are: No L2 end to end VLANs through the core. That is bad and wrong. A total site failure at one … Continue reading
Posted in Cisco Networks, Firewall
Comments Off on Budget High Availability ASA testing
Joe Job Spam Run
The university received two spam run campaigns, the first uses a forged sender to make a university address look like the sender, the second uses forged university addresses (i.e. not accounts) in an outgoing campaign to other sites, resulting in … Continue reading
Posted in Mail Relay
2 Comments
DNS troubleshooting
I thought I’d write a quick reference for support staff not familiar with DNS troubleshooting The basics: DNS requests query a server to ask, for instance, what the IP address of a website is, when all you know is the … Continue reading
Posted in DNS
Comments Off on DNS troubleshooting
MAC Flaps – why are they bad?
What is a MAC Flap? A MAC Flap is caused when a switch receives packets from two different interfaces with the same source MAC address. If this makes no sense, perhaps a quick summary of how switching at layer 2 … Continue reading
Posted in Backbone Network, Best Practices, Cisco Networks
Tagged network cisco mac flaps
6 Comments
IPv6 Stateful Active/Standby Failover with Cisco ASAs
There was some debate on the Cisco ASA failover situation with regard to IPv6. Since we’re potentially about to make a interim firewall purchase for the main university IPv6 traffic (we route IPv6 separately to IPv4 to avoid a limitation … Continue reading
Posted in Cisco Networks, Firewall, IPv6
1 Comment
DNSSEC first steps
DNSSEC is a security extension to the Domain Name System which offers origin authentication of DNS data data integrity authenticated denial of existence This is useful in helping to protect against attacks such as DNS cache poisoning. Information on DNSSEC … Continue reading
Posted in DNS
3 Comments
BBC iPlayer and the University VPN
[edit] Since writing this an iPlayer developer has passed on via informal channels that they’re using the Quova geolocation service. In this database part of our VPN address range was designated an ‘international proxy’ – while this may be regarded … Continue reading
Posted in General Maintenance, VPN, Wireless
Comments Off on BBC iPlayer and the University VPN
AOL mail
Just a minor post about an issue some people might have seen (things are fairly quiet in the runup to Christmas). If you had an issue delivering mail to or from an aol.com address today this post explains why. I … Continue reading
Posted in Mail Relay
Comments Off on AOL mail
Surprise! You have IPv6 connectivity!
I bet you didn’t think you had IPv6 connectivity yet (certainly in any University department). After all we’re still working through our plan to light up IPv6 services in the core. Well, news flash: if you’re running Windows 7 in … Continue reading
Posted in Backbone Network, IPv6
2 Comments
Relaxing the DNS CNAME rules (a little)
In the University we have a web tool which allows IT Staff to update parts of the DNS covering their own unit. It’s a simple tool which we hope one day to replace, but serves well enough for most cases … Continue reading
Posted in DNS, Productivity
Comments Off on Relaxing the DNS CNAME rules (a little)