Val:~$ whoami

I am Val Glinskiy, network engineer specializing in data center networks. TIME magazine selected me as Person of the Year in 2006.

Search This Blog

Wednesday, February 25, 2009

I worked in environment like this once.

This is what I call really bad cabling.



©AP Photo/Bela Szandelszky

Friday, February 13, 2009

Connect F5 LTM/GTM to Perle IOLAN console server

I personally prefer Cyclades (now part of Avocent) console servers since they run Linux and I can use vi to edit configuration files. The only problem is that Cyclade's console servers come with only one Ethernet port. What if a switch to which Cyclade console server is connected via Ethernet dies and you need to access its console to figure out what is going on? You can always hook up modem to you console server and dial in, but in this case only one person can connect and with proliferation of VoIP analog phone lines in offices are getting hard to come by.
So, after some search I found Perle's IOLAN console server which have 2 Ethernet ports. These ports can be used in Active/Standby configuration, meaning you can assign 1 IP address and when 1st Ethernet port goes down, IOLAN moves this IP address automatically to second port. For this feature alone I am willing to tolerate their Windows configuration client software.

Now I need to connect IOLAN to F5 LTM/GTM console. Since LTM's console is DB9 male connector and IOLAN is RJ45, I need RJ45-DB9 female converter. I buy these converters at pccables.com. The wires in that converter on RJ45 side are connected like this:
1 Blue
2 Orange
3 Black
4 Red
5 Green
6 Yellow
7 Brown
8 White

I need to plug those wires into DB9 side of the converter like this

RJ45 DB9
Blue 6
Orange 8
Black 4
Red 2
Green 3
Yellow 5
Brown 7
White 1

Now, take regular straight network cable, plug one end into RJ45-DB9 converter, another into IOLAN port. Done. Do not forget that by default IOLAN's port speed is 9600 and F5's is 19200.

Wednesday, February 04, 2009

Packetization Layer Path MTU Discovery

A lot of network administrators block all ICMP traffic on the network's edge. Although some ICMP packets can be used in DDoS, ICMP type 3 plays important role in Paht MTU discovery. If ICMP is completely blocked, sending side can not reliably determine MTU and that can lead to re-transmissions and slower data transfer. Sometimes, ICMP blocking network could be outside your control, so you can not change ACL or firewall rules. In this case Packetization Layer Path MTU Discovery can be used. It utilizes TCP for maximum packet size discovery (RFC4821). To enable PLPMTUD on Linux:
echo 2 > /proc/sys/net/ipv4/tcp_mtu_probing
or
in /etc/sysctl.conf net.ipv4.tcp_mtu_probing = 2