Posts

every two (or three, depending how desperate you are) years, in life of every CCIE and CCDE there is this looming deadline called ‘recertification’. panic is usually short lived and ends with ‘push’ - succesful recertification. in variable styles and techniques, but successful nonetheless. i had opportunity recently to execute this dance. and wise words people say, that if you loose daily connection with networking gear and technologies, you very quickly loose and forget expert level skills....

…discussions were already covered on my blog. arstechnica just published A/B/X test of Ethernet cables capable of suspiciously “enriching” sound and as you can imagine… there’s no difference in those priced at 340$ vs those priced at 2.5$. it’s good laughing experience to compare this review and the one provided by this fraud, that’s trying to say over his fake so called ’test’. please read comments as well - there’s interesting one, where one of the commenters mentions that 0=0 and 1=1 in digital processing, while the author (again, fraud) still claims there’s a big difference....

Life is unfair. And the unfairness is distributed unfairly.

interesting blog article how to create truly free way of publishing without fear of censorship. it seems that the last reddit problem restarted discussion about free speech and crypto non-repudiation of published content. in the context of rising pressure from US to build backdoors in every equipment, maybe this is some kind of solution? if you think about it… no, actually you no longer need to do so. it was already thought out....

…this is how you should build lean IT systems. in particular, I like this quote: And the new login system, which MPL launched in February 2015, is remarkable. It is faster and it is cheaper than the old one: The old system responded to requests somewhere between two and 10 long seconds; the new one takes 30 milliseconds, on average. The old login system cost $250 million to build and would have required another $70 million annually to stay online....

…are of course one of the worst and evil habitats in this world. treating passengers like cattle during the entire process of boarding and exiting the plane (let’s not skip the “joyful” stage of buying a ticket, let alone attempting to modify it later) has become - generally - a new standard today. a few months ago I had the opportunity to fly back and forth in Poland on two different days - Monday and Wednesday....

Frank Sinatra

i’m ten pages into an ethernet-phy manual and i’m pretty sure the internet is impossible bike

weekend at countryside kind of suprised me… :) so, Cisco 887VAGW+7-E-K9, a little configuration and here we are. ! chat-script gsm "" "AT!SCACT=1,1" TIMEOUT 15 "OK" ! interface Cellular0 ip address negotiated ip nat outside ip virtual-reassembly in encapsulation slip load-interval 30 dialer in-band dialer idle-timeout 300 dialer string gsm dialer-group 1 async mode interactive ! ip nat translation timeout 60 ip route 0.0.0.0 0.0.0.0 Cellular0 ! dialer-list 1 protocol ip permit !...

it’s interesting to take a look. and then a second look - as a lot of well known networks and hosts appear on those maps: SenderBase malware SenderBase spam and for general SenderBase reports, biggest threat intelligence network go here: SenderBase

dyskusje wokół żerowania z niewiedzy audiofili pojawiają się od czasu do czasu w internecie. znalazłem dzisiaj zupełnie przypadkiem ten otóż patchcord kategorii 6, który zapewnia kierunkowy, zoptymalizowany do transmisji audio, transport zer i jedynek: DIRECTIONALITY: All audio cables are directional. The correct direction is determined by listening to every batch of metal conductors used in every AudioQuest audio cable. Arrows are clearly marked on the connectors to ensure superior sound quality....

twitter and facebook admit, that at least 10 percent of the user base is likely bots. it’s “official” data, but that article shows, that this estimation may be way undersized. it seems that next dot-com bubble slowly grows and should burst soon. we’ve been discussing this for years now, but it seems the valuation of seemingly worthless, virtual companies producing software is growing year by year. 3 billion dollars for company that builds (poor, by the way) headphones - Apple buys Beats Electronics....

failure that Tidal came to be and at the same time success to which Apple Watch is experiencing (the same that has trouble keeping it’s bettery up for ONE day) is troubling. on one side we have market, that is able to verify this poor and blatant run for money organized by multi-billionaires, obviously coupled with lack of any style and market research (which would show there are other, better, faster and with wider selection of artists and capabilities services available already), on the other hand - Apple Watch?...

after stumbling upon Farnam Street blog, i found another one - that of Mark Manson. and i found it thanks to The Subtle Art of Not Giving a Fuck article. after reviewing this short list i realized how many of those advices i could give to myself seven years ago. it’s worth to read. and think.

it’s subject old as world (password-protected world, that is). i had to do some of cleanup on my devices and i hit a problem with 4096 bit keys. so, just as a reference that may be helpful somewhere for someone - you import keys to Cisco IOS without any special problems: router#conf t Enter configuration commands, one per line. End with CNTL/Z. router(config)#ip ssh pubkey-chain router(conf-ssh-pubkey)#username TEST router(conf-ssh-pubkey-user)#key-string router(conf-ssh-pubkey-data)#AAAAB3NzaC1yc2EAAAADAQABAAACAQDCiLBaopUwsFb9YJNhGqVYqBajlrH S/zwD6/yR6N8VcRzrpqMMNCFXe1q5GMGM[...]ANWInd9GHBjTzbJWVwavxy1ooQewii8ErofZuv1l/SXSdXLzfL p0zMoZ0L+BNPS0j4XBS0N3t8Vl8oVixqIeG2BNTCNaDDt6hx2Q== lukasz@bromirski....

google again dropped out of the internet because of failure to filter prefixes. SIDR configuration on Cisco gear is really simple - for IOS-XE, IOS-XR. if you have Juniper it takes like half a second of searching. of course configuring is one thing, visiting RIPE and cerfifying your own resources is another thing. then it’s all done. every prefix signed, and every autonomous system checking for certification data is helping. every single one....

I was taking part of PLNOG for the last two days. i didn’t have opportunity to take part of the last edition and it’s a shame - we created this conference with Andrzej Targosz. a lot changed during last couple of years. but what was always key of the whole PLNOG - community - is only developing. i’m not about the direction, but the sole fact we have a lot of discussions about direction gives hope....

…because of that, for example. contrary to ‘beliefs’ and dogmas, that until being ridiculed are broadcasted widely, only the scientific method works. actually works. it allows us to continously attempt to verify by experiment our theories, build theorems and laws - and realistically predict and describe behavior of the universe around us. i highly recommend using it.

from everything read up to date and noted as worth reading: Think like a freak - great set of anecdotes coming strait from author real experiences. there’s a lot of examples that if you don’t know that something can’t be done - you’ll succeed and amaze people around you. so called “ground truths” are serious problem those days. in most of the cases because people have very shallow knowledge or lack it - so can be easily manipulated....

while looking through recent IETF meeting notes i found interesting idea - splitting OSPF area zero without incurring outage. it’s very interesting idea for flawless, in-service migrations. on the other side, another OSPF concept that I was afraid somebody will bring up is… enabling FlowSpec capabilities. oh my… also, overlay networking effort is gaining grounds, with architectural choices as well as security. it’s interesting how much longer it will take....

quite recently Piotr Jabłoński, one of the best architects and consultants in Polish Cisco Systems office presented session very similar to this post topic during our CCIE club meeting. independently, this topic is often brought back on CCIE.pl forum, and Mirek Burnejko asked for couple of comments with regards to growth of whitebox networking. so… does rise of SDN really mean end of the world for CCIE? yes and no....

as I read a lot of books, at some point I decided to share those worth mentioning here. partly so you can see what I’m reading, partly - to have a good summary about those books. let’s start - over last two weeks I’ve managed to read: How Google tests software - great book for everyone that deals with software development, process optimization or simply building their own company. it demonstrates how important is to get feedback from users, and how hard it is to built whole compliance system right from the beginning....

i’m just finishing upgrading my different servers from FreeBSD 9 to FreeBSD 10.1-STABLE. …and i just realized, that my FreeBSD adventure started around 4.1 (well, i may have got older 3.4 CDs, but didn’t install it then yet). and it was 14 years ago today. it was just after i, like thousands of linux users around the world, tried to upgrade glibc libs on the fly on my beloved (at that time and today) Slackware installation....

it seems that F-35 can’t end it’s failure series. despite GAO audits, model of building military equipment for biggest army in the world didn’t change a bit since end of second world war. they’re still ordering and building things that will bring maximum revenue to military vendors and not what military customers actually need. i immediately got back to one of the articles i’ve read recently in ACM Queue - responsive enterprise: embracing the hacker way....

…on the performance of virtualized network stack different cloud providers. plus - couple of slides and some speculations about how AWS is built.

…people using dialup connections. those poor people stay need them to take advantage of restricted Internet services provided by AOL. a year ago at that time, still around 2.6 million of US citizens were connecting to internet that way. …and you think that your 1Mbps upstream link is not enough? ;P

some time ago I changed my BIND at home to Unbound, due to the change of the default DNS server in FreeBSD (yes, I do have my own DNS server at home, and it serves all local queries). actually, I have four right now ;) back in BIND times, i used a lot of scripts to add zones containing 127.0.0.1 for domains serving ads. after switching to Unbound - i forgot about it completely....