Recently, I had to build an environment which have a kind of real web application running to test LBaaS site affinity solution,. After a few minutes,I made a decision to install a Jenkins container on my testing Centos 7 virtual machines. Unfortunately, my Centos virtual machines have no Internet access. So I spent a bit …
Install PowerCLI and PowerNSX Offline on RHEL7
With the release of PowerCLI 10.0.0, VMware adds support for Mac OS and Linux! Now you can install PowerCLI and PowerNSX on Linux System including RHEL, Centos, Unbuntu and Mac OS. To complete installation of VMware PowerCLI 10 and PowerNSX, firstly you need to install Powershell Core 6.0. In most of enterprise environments, we won't …
Continue reading Install PowerCLI and PowerNSX Offline on RHEL7
Wireshark Filter for SSL Traffic
Useful Wireshark filter for analysis of SSL Traffic. Client Hello: ssl.handshake.type == 1 Server Hello: ssl.handshake.type == 2 NewSessionTicket: ssl.handshake.type == 4 Certificate: ssl.handshake.type == 11 CertificateRequest ssl.handshake.type == 13 ServerHelloDone: ssl.handshake.type == 14 Note: "ServerHellpDone" means full-handshake TLS session. Cipher Suites: ssl.handshake.ciphersuite I found the below from Wiki. All these SSL handshake message types …
New Ansible F5 HTTPs Health Monitor Module
Just got time this weekend to test the newly released dev version of Ansible F5 HTTPs health monitor. The result of testing looks good: most of common use cases have been covered properly. Below is my first playbook for my testing: After run the playbook, I log in my F5 BIGIP VE and see the …
Automate F5 GSLB with Ansible
F5 BIG-IP Global Traffic Manager (GTM) provides tiered global server load balancing (GSLB). BIG-IP GTM distributes DNS name resolution requests, first to the best available pool in a wide IP, and then to the best available virtual server within that pool. GTM selects the best available resource using either a static or a dynamic load …
Automate F5 LTM with Ansible
Ansible has included F5 as extra network module, which can help to provide LBaaS by use of Infrastructure as Code method. Like normal Ansible modules, Ansible F5 module is installed the /usr/lib/python2.7/site-packages/ansible/modules/extras/network directory. [dzhang@localhost network]$ pwd /usr/lib/python2.7/site-packages/ansible/modules/extras/network [dzhang@localhost network]$ ls -al total 512 drwxr-xr-x. 9 root root 4096 Jan 30 03:17 . drwxr-xr-x. 20 root root …
Using TShark Filter for Packet Capture on Vyatta 5600
Vyatta 5600 provides Tshark as the packet capture tool. To capture your interested traffic and remove unnessary nosiy traffic, you need to use the capture filter when you perform the packet capture. Here I show you a few real world example for tshark capture filter, which hope can save you a bit of time. Capture …
Continue reading Using TShark Filter for Packet Capture on Vyatta 5600
Install Python Paramiko on Centos 7
You need the following packages installed so that the Paramiko module installation can be completed successfully: yum install python-devel yum install libffi-devel yum install -y openssl-devel [root@localhost python2.7]# pip install paramiko Collecting paramiko Using cached paramiko-2.0.2-py2.py3-none-any.whl Collecting cryptography>=1.1 (from paramiko) Using cached cryptography-1.5.tar.gz Requirement already satisfied (use --upgrade to upgrade): pyasn1>=0.1.7 in ./site-packages (from paramiko) …
Packet Analysis for Troubleshooting-SSH server slow response
Symptom: customer complains about slow response to SSH server running on one Centos box Method: perform packet capture on the SSH server. Finding: DNS query fails during establishing SSH session When folllow the TCP session for SSH login packet caoture, see the below: During packet 17 and 24, there is about 10 seconds gap. Go …
Continue reading Packet Analysis for Troubleshooting-SSH server slow response
Packet Analysis for Troubleshooting-Slow response of AD home directory
Symptom: virtual desktop end users complain the performance issue: the end users can access their AD home directory quickly at the first time. After a little while, they have to wait for over 30 seconds before they can reach their home directory. Method: perform packet capture on one of end users and successfully capture the …
Continue reading Packet Analysis for Troubleshooting-Slow response of AD home directory
davidwzhang.com 