Use a Bridge Virtual Interface when you want to have multiple router interfaces act as members of a single Ethernet collision domain, or bridge two separate network segments together. Lots of wireless bridges use this function to attach their wireless clients to a local Ethernet. Start by defining the bridge group:
router(config)#bridge 202 protocol ieee
router(config)#bridge 202 route ip
Then put some interfaces into that group:
Then, create the BVI interface:
router(config-if)#desc new server cluster
router(config-if)#ip addr 18.104.22.168 255.255.255.240
Your BVI interface should be up, and all these formerly “router” ports should now be a transparent bridge.
(Why am I using BVI instead of VLAN on a bunch of Ethernet ports? This particular switch is configured as a router, and it really wants to treat all the interfaces as router interfaces. It insists it doesn’t know how to configure a VLAN. I’m certain that Cisco has a reason for this, but their explanation might put me off my feed.)
My author’s copies of Network Flow Analysis should arrive later this week. While my publisher sends review copies to all of the likely reviewers, I’d also like to give my readers a chance to get in an the free review copy goodness. If you’re willing to write a review for your blog, Amazon, or (preferably) both, I might have a free book for you. Continue reading “Free (for some value of free) Books”
RT offers many ways to manage workflow, but most of them create a separate ticket for each part of the workflow. The tasks at my company are mostly serialized: a request comes in, is worked on by person A, who hands it off to person B, who hands it to person C, who closes the request. Opening a separate ticket for each of these isn’t efficient. (The situation is different for parallelized tasks.) I want a method to easily pass tickets from one person to the next. Continue reading “Request Tracker serialized workflow”
If you have a central auth directory, such as OpenLDAP, everything should authenticate against it, including your Web apps. Here’s how you set up a FreeBSD system to authenticate against your OpenLDAP directory. I did this on FreeBSD/i386 running 8.1-PRERELEASE, with Apache 2.2 and OpenLDAP 2.4. Before starting, make sure your OpenLDAP install is configured correctly. You should be able to successfully run ldapsearch(1) against your directory. If your base OpenLDAP install is busted, go no further. Continue reading “apache22 LDAP auth”
Go to http://www.networkflowanalysis.com/ to read Chapter 4.
While you’re there, order the book. You know you want to.
My story “Wednesday’s Seagulls” just sold to http://short-story.me/. Unlike my previous fiction sales, this is to a Web site. Everyone will be able to view it, for as long as the site keeps it up.
I’ll announce when the story is actually posted there.
Storage is a pain. I can spend lots of money to solve this problem, or I can find less expensive alternatives. I’ve been using diskless servers lately, all served off of a big OpenSolaris machine. (Why OpenSolaris? It has a newer ZFS than FreeBSD.) Performance is mediocre on NFSv2/3, and I want faster. One obvious thing to try is iSCSI.
iSCSI requires targets (servers) and initiators (clients). For this test I’m using OpenSolaris as the target and FreeBSD as the initiator. For testing, both machines are running on ESXi, on older hardware that’s been removed from production.
Continue reading “OpenSolaris iSCSI ZFS COMSTAR target, FreeBSD initiator”
The summary of this post is: you can’t.
I have my Ubuntu servers talking to LDAP for authentication, but I want two other functions: ldap-sudo integration, and SSH with public keys via LDAP. Continue reading “tying ubuntu 10.04 LDAP to sudo and SSH”
Back when machines had 128MB RAM, kernel customization was important. Today, most standalone machines have so much RAM that customizing the kernel is pointless — until you virtualize, that is. If you can assign a virtual machine 128MB of RAM again, reducing kernel size again becomes useful. I have a lot of single-purpose virtual machines with puny memory allocations.
Continue reading “FreeBSD/amd64-current virtual kernel”
Network Flow Analysis is due from the printer on June 21, 2010, or two weeks from today. I’ll get my copies later that week.
No Starch Press is contractually obliged to give me six copies of each book I write. They’re generous folks, though, and I usually get a bunch. The number varies with the book’s size, cost, and how many can be wedged into whatever spare box the printer has on hand, but can be usefully described as “more than I can realistically use.”
Some copies I give to good causes –e.g., the charity auction at BSDCan. Others go to people who help me write the book, who provide valuable feedback or testing, or who feed me. (Especially if they feed me gelato.) That’ll still leave me with most of a box.
This time, I’d like to give away copies to people who will write thoughtful reviews on Amazon. (Reviews on blogs would be OK as well, but Amazon reviews are the most effective.) I’m sure I’ll have more volunteers than books, though. I’d like to find some fair way to hand out these review copies; I’m thinking some sort of small contest. Any suggestions, folks?