IBM Tealeaf – Gigamon 802.1q Tagged Packets

1388840_47750072-scale

I had an interesting issue this past week when I performed a software upgrade on a Gigamon GigaVUE-420. While the upgrade was fairly straight forward I ran into a problem after the upgrade with the IBM Tealeaf solution. We have multiple SPANs and TAPs feeding data into the Gigmon which then copies the traffic out to a number of solutions, including IBM’s Tealeaf. After the upgrade all the other systems seemed to be working fine with the exception of the Tealeaf Linux capture server. The model of Gigamon we have doesn’t allow for altering the actual data, we can filter the data based on anything in the headers but we can’t alter the data. The SPANs from our Cisco 6509E and 6504E switches were setup as 802.1q tagged trunks so the Gigamon would replicate the frames as 802.1q tagged packets. The issue appears to have been how the IBM Tealeaf Linux server handles 802.1q tagged packets. I was able to connect a Windows 7 laptop to the Gigamon and validate that the Gigamon was working properly. I did need to make a registry tweak to the Windows 7 laptop so it wouldn’t strip the 802.1q headers.

Unfortunately IBM support wasn’t very helpful, they were more interested in placing blame than they were in helping us understand why the Tealeaf capture server wasn’t working. They were completely focused on the fact that it worked before the upgrade so it must have been the upgrade that broke it. While that was technically true there was something else at play since I had already verified that the traffic was being forward properly by the Gigamon.

Ultimately one of the team members reconfigured the Linux NICs to support 802.1q tagging and built sub-interfaces so tcpdump could read the traffic. I never did find out what broke but I’m guessing it has something to-do with the NIC configuration on the Tealeaf Linux capture server.

Cheers!

Image Credit: John

{ 0 comments }

How to enable SSLv3 on Firefox for network management

390532_5932-scale

I recently tried to log into a Gigamon GigaVUE-420 that was running an older software release. I quickly found that I was unable to connect to the web management interface because the Gigamon was utilizing an SSLv3 cipher which has been disabled in almost every browser including, Internet Explorer, Chrome and Firefox. I received the descript error, ssl_error_no_cypher_overlap when I tried to connect to the management interface. Thankfully I found a quick work around in Firefox to allow SSLv3 ciphers which allowed me to continue with my work. If you go to about:config within Firefox you can change the minimum TLS […] Read More

{ 0 comments }

War story from the frontlines of E-Commerce

1435013_92238302

I'm here to report that I survived my first holiday season working in retail. Thankfully my team and I were able to keep the network infrastructure humming along without any majors hiccups or issues which left everyone extremely happy including our customers. Here's a short look behind the scenes of a our first big sale of the holiday leading up to Black Friday 2014. It had all the markings of the Y2K war room, if you were around for that exciting event. There were no fewer than 30 people packed inside a large conference room which held 1 wall mounted […] Read More

{ 4 comments }

Minecraft, what are my kids playing?

MinecraftAudiobook

Like so many other parents my children have taken to playing Minecraft. After observing some of the language and antics on a few of the public servers I decided to setup a private Minecraft server on a Digital Ocean Linux VPS server which they could share with friends and relatives, and hopefully play and enjoy the game in a respectful manner. I recently purchased the Audible audiobook, Minecraft: The Unlikely Tale of Markus 'Notch' Persson and the Game that Changed Everything wanting to know more about how Minecraft came to be. It was interesting to hear about how the Notch Persson […] Read More

{ 0 comments }

Network Autobahn – New Blogger Joining the Ranks!

WordPress

I'm excited to learn that Dominik has decided to join the blogging community, starting a blog called Network Autobahn. I've known Dominik for more than three years now and he's a highly knowledgeable and skilled network engineer. Dominik will be blogging from Berlin, Germany which adds an interesting global perspective. If you're an Avaya customer you'll easily recognize Dominik from the Network Infrastructure Discussion Forums where he contributes his knowledge and experiences as a moderator. You may also recognize him from his appearances on Packet Pushers, where he's discussed Avaya's Shorted Path Bridging (SPB) solutions with Ethan and Greg among others. Dominik is hoping […] Read More

{ 1 comment }