Blog

We have multiple Opengear console-servers in the field which are using LTE as the primary connectivity for our out-of-band access. Most of the people would use Opengear Lighthouse to manage and administer their fleet of devices. Due to the rather small amount of devices on our end, we decided to use a more lightweight solution. By using the public IPv6 addresses gathered via LTE (thanks Telekom!) and DynDNS, we are able to connect to the console-servers at any time. As DynDNS is not included with the Opengear Operations Manager, we use a Playbook to update the entries at dynv6 through their Update API on a regular basis. ...

As I use Zammad as the helpdesk-system in my company, I was looking for a way to create alerts in PagerDuty for critical tickets in Zammad. I initially just forwarded the tickets by mail to PagerDuty which worked but was a kind of dirty approach. With the new option of using custom webhooks in Zammad, the integration is a little smoother. On the PagerDuty-side, you need to have a service created. In the service itself, you need to enable the “Events API v2” integration. Make sure to take note of the “Integration Key” as this is needed during the setup in Zammad. ...

I use dynv6.com as a DynDNS Service for me an my customers. During the last installation of the service at a client, I ran into a issue with ddclient not sending the update to dynv6.com. root@zoidberg:~# ddclient --force FAILED: updating zoidberg.ddns.level66.network: Could not connect to dynv6.com. I used the configuration values from the dynv6.com site but it seems they did not be enough. root@gw:~# cat /etc/ddclient.conf # Configuration file for ddclient generated by debconf # # /etc/ddclient.conf protocol=dyndns2 use=if, if=eth0 server=dynv6.com login=none password=asdasdasdiiugofiugoisfugj zoidberg.ddns.level66.network root@gw:~# ddclient -debug --force DEBUG: Reply from 'ip -4 -o addr show dev wwan0 scope global' : DEBUG: ------ DEBUG: 6: eth0 inet 37.80.164.188/29 scope global wwan0\ valid_lft forever preferred_lft forever DEBUG: ------ DEBUG: get_ip: using if, eth0 reports 37.80.164.188 DEBUG: DEBUG: nic_dyndns2_update ------------------- DEBUG: proxy = <undefined> DEBUG: protocol = http DEBUG: server = dynv6.com DEBUG: url = nic/update?<redacted> DEBUG: ip ver = FAILED: updating zoidberg.ddns.level66.network: Could not connect to dynv6.com. After some digging into the debug output of ddclient, I enabled SSL/TLS in the update method and it seems to do the trick. ...

As I work for multiple customers, I First, we need to setup the normal Horizon Agent. Make sure to run the setup with the option to skip the registration to the session broker. VMware-Horizon-Agent.exe /s /v "VDM_SKIP_BROKER_REGISTRATION=1 RDP_CHOICE=1 ADDLOCAL=Core,ClientDriveRedirection,VmwVaudio,PrintRedir,USB,RTAV" VMware-viewagent-direct-connection--y.y.y-xxxxxx.exe /s /v "LISTENPORT=443 MODIFYFIREWALL=1 DISABLE_SSLV3=1"

A researcher found that the MIC600T-LX inverter has exactly the same hardware as the larger units such as the MIC2000T-LX inverter. As there were no physical differences in the hardware, they dug into the software and were able to find a register in the Modbus protocol used by the inverter that determines the actual mode/output power limit of the specific unit. Interestingly, this mode is not only readable but also writable by the user. ...

I recently had an issue within the network of a customer who was experiencing a big amount of broadcast, unknown unicast and multicast – short BUM – traffic within one of his layer 2 network segments. My customer is a company which is offering dedicated servers and virtual machines to all sorts of customers and with all sorts of hardware configurations. During the last years, they did not invest much time and money into ther network which is why there are no filters for spoofed/forged traffic and loops in place by now. ...

Due to a software issue on one of our QFX5100 switches, we’ve decided to reinstall the software on the device via the USB reinstallation method. We tried at multiple times to boot the switch from the USB thumb drive without success, even trying multiple different USB thumb drives and different methods to write the installation image onto the switch. The result kept the same: The device showed some cryptic text on the serial interface for a few seconds and then booted once again from the JunOS image residing on the SSDs. ...

Two years ago, I’ve used multiple Intel X710-DA4 NICs to built an EVPN Setup for my company level66.network. Whilst most of the connections to other peers worked quite well, I’ve had a few links which showed some strange issues. Most commonly the links were reported as flapping from the other peers or they just reported packetloss on their end. After quite some time of troubleshooting, switching optics and using different ports we found the solution. With the default configuration of the Linux driver, the NIC seems to sent out some (maybe malformed) LLDP messages causing issues with some specific networking gear. We were not able to narrow it down to a specific vendor, though. These messages are directly generated on the NIC and are therefore not shown in a tcpdump. That’s why we were not aware of them. ...

Some time ago, I built my own Stratux Air Traffic Receiver which I used to show other airplanes on my electronic flight bag. Since a few flights, I am trying the app SafeSky. SafeSky uses multiple datasources from the internet to gather and display other traffic in EFB like ForeFlight and SkyDemon. The app runs on the same device as the navigation software, exporting the data into the local network via messages in the GDL90 format similar to the Stratux. The navigation tools like ForeFlight and SkyDemon are able to decode these messages and to display the traffic information directly on the moving map. ...

During the boot-process of my SG115 appliance with OPNsense I stubled over a issue with the configuration of the BIOS settings of the appliance. During the initialization of USB, the kernel died and moved over to the debug-mode leaving the installation of OPNsense unfinished. usbus0: EHCI version 1.0 usbus0 on ehci0 usbus0: 480Mbps High Speed USB v2.0 isab0: <PCI-ISA bridge> at device 31.0 on pci0 isa0: <ISA bus> on isab0 acpi_button0: <Power Button> on acpi0 acpi_button1: <Sleep Button> on acpi0 acpi_tz0: <Thermal Zone> on acpi0 atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0 atkbd0: <AT Keyboard> irq 1 on atkbdc0 NMI ISA 20, EISA 0 NMI/cpu0 ... going to debugger timeout stopping cpus [ thread pid 0 tid 100000 ] Stopped at send_kbd_command+0x49: movq %r12,%rdi db> While searching through the internet, I stumbeled over a post at reddit of one claiming a similar issue while running pfSense on the SG115 appliance. The trick is to disable the “Port 60/64 Emulation” in the USB settings in the BIOS. Once the emulation is disabled, the boot-process works as desired. ...