Post summary: Get wireshark. Use it. It might not solve your problem, but it will tell you who to blame. Continue reading “debugging iSCSI”
The unexpected risks of ebooks
Yesterday’s biannual royalty statement contained an unexpected surprise: it included ebook royalties for Absolute BSD (published in 2002) and the first edition of Cisco Routers for the Desperate (published in 2004). Both are out of print, and have newer editions. While the royalties for these books played out over several years, I certainly never expected to see any new sales of either of these books.
It turns out that both of these are available through ebook licensing services, such as ebooks.com.
This leaves me with mixed feelings. There’s no real cost to having ebooks available. For all I know, someone has a serious, legitimate need for high-quality documentation on FreeBSD 4. Reliable documentation from that era is hard to find, and you have dig to find answers. I don’t want to forbid people from buying it.
But I suspect that most people who buy these older ebooks made a mistake. They really wanted the newer editions.
In my mind, the obvious thing to do is to have the licensing service put up a warning along the lines of “This ebook is obsolete. You probably want this other book.” That’s what my publisher’s online bookstore does. But licensing services are independent companies. I can’t dictate to them.
I could tell my publisher to rescind all rights to sell these older books, and force ebooks.com to remove them from their catalog, and to heck with people who need documentation for older kit.
What do you think?
Finding a SIP DoS attack via flow analysis
I’m leaving my getting hit in the head lesson when the boss calls. Some unmentionable orifice is firing DOS attacks at a couple of our SIP servers. My mission, should I choose to accept it, is to find and block the attackers. (Should I choose to not accept it, then my mission will be to listen to Fearless Leader whine about it. I can’t stand whining.) Fortunately, I have flow data for one of the servers under attack. Continue reading “Finding a SIP DoS attack via flow analysis”
Richard Beijtlich on NFA
Mr. Beijtlich is bad for my humility. Apparently I have to stop asking him to tech review books, so that he can write actual reviews rather than just announce to all his readers that I’m utterly awesome.
This is the sort of commentary that I keep on hand for when my morale is low.
Automated CARP/HAST Failover
Earlier I discussed using HAST to mirror a ZFS across two machines. I also discussed using devd with CARP interfaces, to run a script when a machine changes between master and backup. Now let’s glue these together to synchronize a ZFS switch with CARP state, and to run scripts when the system becomes the master or the backup. Continue reading “Automated CARP/HAST Failover”
Proposal accepted for NYCBSDCon
NYCBSDCon accepted my talk proposal:
BSD Needs Books
If you wander into any bookstore, brick or virtual, you’ll see books on Linux, Solaris, Macintosh, and even non-Unix-like operating systems. The BSD books are far between. We as a community need to address this if we’re to expand our reach.
This talk covers designing, selling, writing, and promoting your own technical book, with a special emphasis on BSD books. I’ll cover everything that I wished I’d known before I started, common errors, where the “generally accepted wisdom” is wrong, how to actually complete the book, how you can use your publisher to your advantage, post-publication work, and — most important — how to enjoy the process.
I’ve attended NYCBSDCon repeatedly, and have never been disappointed. They always have interesting content and the after-hours events are fabulous. (Yes, I like BSDCan as well, but there is no place in the world like New York City.)
Now to figure out how I do what I do…
part 2 of interview…
…available here.
New podcast interview on NFA
Interview 1 of 2 on Network Flow Analysis for Ron Nutter’s TechBytes.
Ron interviewed me for Network World, and that (longer) interview will also be up before long. We recorded these afterwards for his personal tech news site.
CARP and devd on FreeBSD
In my last post I discussed using HAST with ZFS. That tells you how to replicate a filesystem back and forth between two machines. That’s nice, as far as it goes, but I want automatic failover. Clustering. I want to wake up in the morning to a message that says “machine 1 failed, machine 2 took over, and nobody noticed” instead of a lot of messages from angry customers. The standard FreeBSD failover mechanism is CARP, the Common Access Redundancy Protocol. Here’s the basics of CARP. Continue reading “CARP and devd on FreeBSD”
HAST and ZFS
There’s a nice tutorial on using HAST (Highly Available STorage) with UFS and ucarp. That’s very nice, but in my failover scenario I can’t use UFS; a fsck would take too long, and a background fsck would be most likely to lose the data I’m most likely to need. And FreeBSD comes with a kernel-side CARP implementation; why would I use the userland implementation instead? So: the tutorial is great, except it doesn’t do what I want. I’ll attack this problem in two phases: one, get HAST with ZFS running, and experiment with it. Two, get CARP failover to trigger HAST failover automatically. (I believe I can use devd for CARP-initiated failover, but I’ll need to do further research on that. That’ll be another posting.) Today I’m experimenting with HAST and ZFS. Continue reading “HAST and ZFS”