Recent posts (paged)
NVidia Driver on Linux-4.11.1
Problem: after installing linux kernel 4.11.1, the dkms package of the nvidia driver does not compile. You find some cryptic error message about ./Kbuild in /var/lib/dkms/nvidia-current/375.39/build/make.log Solution: I uninstalled the debian nvidia package and installed the newer driver from the NVidia homepage: ap...
Ubiquiti UniFi the Next Botnet ?
I tested a Ubiquiti access point today. UAP-AC-Lite seems to be a very good and cheap access-point. When you take it out of the box and connect it to the network it gets an IP address using DHCP and waits for a configuration. In this mode it sends broadcasts to find a controller and listens on port 22 (ssh) with sta...
Firefox Audio is Broken due to PulseAudio Dependency
Problem: Firefox 52 audio does not work without pulseaudio. Discussion: pulseaudio is a bloated audio daemon that often fails. In the last years, when ever audio failed on linux, the quickest solution was to uninstall pulseaudio. But the Firefox developers made the mistake to remove support for the underlying audio ...
Sophos UTM BGP Announces 0 Prefixes
Problem: A simple bgp upstream configuration. A small AS with one IP prefix wants to connect to its upstream using BGP. The BGP peerings are up. Sophos receives the expected routes from its upstream, but the upstream router does not receive the expected single prefix. Discussion: an outbound filter list is set to pr...
Configure F5 TLS (SSL) Cipher String
The list of TLS ciphers is changing quite rapidly, old ciphers are considered insecure, and new ciphers are added. When you configure a virtual server on an F5 you can add a TLS client profile, which means F5 is doing TLS to the client. I think this is a bit misleading because with "SSL client profile" you are actua...
Check Raid Status for Dell Raids on Linux
Linux support from dell is still very poor. They still support only RedHat$ and SuSE$. But there are ways to check the Raid status of Dell server on debian. http://hwraid.le-vert.net/ is doing a good job in collecting information and building Debian style packages. Example: A Dell server "PowerEdge T130" with "LSI L...
PaloAlto Packet Loss of 1% and More
Problem: PaloAlto firewall is dropping packets in small bursts of some seconds, and sometimes it drops TCP connections. It only happens on HA clusters on interfaces in active/passive (fail over) mode. Solution: disable the following check box in the Ethernet interface Advanced - LLDP settings: "Enable in HA Passive ...
ARP is not working on Cisco ASR 1001 X
Problem: Cisco ASR router is loosing connectivity to its directly attached Ethernet neighbors. In this situation interface status is still up, packets are going in and out on both ends, even IPv6 was still working. The actual problem was that the Cisco ASR was ignoring all ARP responses from its neighbors and the AR...
Cups PDF Filter Crashes
Problem: for some PDF files cups does not print the page, the web gui just tells "filter failed" and in the cups logfile you find [Job 528] PID 19521 (gs) crashed on signal 11! Discussion: cups on debian uses ghostscript as pdf renderer. The pdf renderer of ghostsciprt crashes on many files. You can test by simply r...
Autosave for VIM
I believe that it's a good idea that vi does not auto save during editing. Think of config files or src files that should never be in an inconsistent state. The programmer or sysadmin should decide when he wants to save data. But sometime auto save is handy, while typing lists like todo lists or outlines etc. Every ...