Michael McNamara https://blog.michaelfmcnamara.com technology, networking, virtualization and IP telephony Fri, 05 Nov 2021 13:25:02 +0000 en-US hourly 1 https://wordpress.org/?v=5.8.2 HPE/Aruba Instant Access Points – mixing models on the same virtual controller https://blog.michaelfmcnamara.com/2021/11/hpe-aruba-instant-access-points-mixing-models-on-the-same-virtual-controller/ https://blog.michaelfmcnamara.com/2021/11/hpe-aruba-instant-access-points-mixing-models-on-the-same-virtual-controller/#respond Tue, 02 Nov 2021 23:32:49 +0000 https://blog.michaelfmcnamara.com/?p=7300

In the past if you wanted to mix an Aruba IAP-100 series and an Aruba IAP-200 series in the same network and virtual controller you had to make sure that both APs were running the same software/firmware revision prior to trying to pair them together. If you didn’t you’d end up with one AP becoming the virtual controller and the other one would just continually reboot trying to join the virtual controller because it was unable to upgrade itself as the software image between classes/models is different.

I recently discovered that this is no longer an issue… APs that are not managed by Airwave (AMP) will reach out to the Internet (Aruba Central? or Aruba Activate?) and upgrade themselves without issue to whatever version the virtual controller is running. And APs that are managed by Airwave will also upgrade themselves so long as the upgrade image is downloaded and installed into AMP for the APs to retrieve.

This is a really nice feature, and helps simplify break-fix issues when older APs die and need to be replaced but you don’t have any IAP-135s available. Now you can use IAP-215s or any 200 series APs and whether or not you have Airwave your AP will be upgraded to the correct software to work properly.

You can mix and match APs based on software release…. IAP-135s and IAP-215s running 6.4.x software work well together, as will IAP-215s, IAP-315s and even IAP-515s running 8.6.x software.

Cheers!

Update: Friday November 11, 2021

The is a known issue with older software releases that will break the ability to upgrade from the cloud. The AP in question needs to be on a “newer” release in order to establish an SSL session to the cloud. Additional details can be found in Aruba Support Advisory ARUBA-SA-20191219-PLVL08 titled Aruba Instant Certificate Expiry Issue.

]]>
https://blog.michaelfmcnamara.com/2021/11/hpe-aruba-instant-access-points-mixing-models-on-the-same-virtual-controller/feed/ 0
PA TAP 529 Investment Plan for College https://blog.michaelfmcnamara.com/2021/11/pa-tap-529-investment-plan-for-college/ https://blog.michaelfmcnamara.com/2021/11/pa-tap-529-investment-plan-for-college/#respond Tue, 02 Nov 2021 02:25:08 +0000 https://blog.michaelfmcnamara.com/?p=6948

While this topic is very different from the usual content I write, I feel it will have value for those young adults with children that are sure to be following a similar track in life; “How do I pay for my child’s college education?” I’m not financially savvy by any means, but here’s your call to action if you haven’t yet done anything to start saving.

I’m a Gen Xer and I would consider myself as middle income. I’m not rich or poor by any means, but I don’t want for much either. I buy a car/SUV every 10 years or so, mow my own lawn, pay my monthly mortgage and yearly taxes. I hold a full-time job with a large retailer, I run my own consulting business and I try to volunteer regularly with a number of organizations. With three daughters I wasn’t exactly sure how I was going to save for their college education. After a lot of reading and research I decided that a Pennsylvania TAP 529 plan was the best tool and provided the most benefits for me and my family being a Pennsylvania resident. The biggest benefit is that all my TAP 529 contributions are tax deductible at the state level. In 2020 I believe the max contribution per beneficiary was $14,000. So I could contribute $14,000 to each of my TAP 529 plans and have those contributions deducted from my income on my state taxes. This will generally save me a few thousand dollars in taxes, which I can then re-invest back into the TAP 529 accounts. In addition, the funds I contribute to the TAP 529 are excluded from the FASFA application for student aid.

I ended up selecting the PA 529 Investment Plan, and that’s where the money has been gowning for the past few years. There’s a lot of flexibility in how the funds can be allocated, if you are interested in taking an active part you can select from a myriad of options. Or you can set it and forget it and the plan will automatically re-allocate the funds to less riskier investments the closer your child gets to college age.

My Thoughts

It’s never too late to start saving or investing. Whether you are saving for your child’s college education or for your eventual retirement, there are plenty of ways to start saving and investing today. In 2018 I opened an account with Betterment, a robo advisor. That account has provide a rate of return around 9.7% annually, not a phenomenal number by any stretch but it’s definitely better than 0%.

What are you doing today to save for your child’s college education or your retirement?

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/11/pa-tap-529-investment-plan-for-college/feed/ 0
Cisco Nexus 9300 SSD Firmware Issue https://blog.michaelfmcnamara.com/2021/10/cisco-nexus-9300-ssd-firmware-issue/ https://blog.michaelfmcnamara.com/2021/10/cisco-nexus-9300-ssd-firmware-issue/#respond Sun, 31 Oct 2021 13:48:23 +0000 https://blog.michaelfmcnamara.com/?p=7282 I recently stumbled into yet another interesting issue that turned out to be a bug in the SSD firmware of some Cisco Nexus 9000 Series switches. We had performed an upgrade in two of our Data Centers just over 3 years ago using the Cisco Nexus 9000 Series product line providing a 10/40Gbps network. Within the past week we had several of those switches crash and reboot themselves. Upon further investigation I found some switches that didn’t crash or reboot themselves were running with a read-only file system. It turned out that this was a known bug that had been identified by Cisco earlier this year.

Field Notice: FN – 72150 – Nexus 9000/3000 Will Fail With SSD Read-Only Filesystem – Power Cycle Required – BIOS/Firmware Upgrade Recommended

The issue was further compounded by some sloppy management, with several switches having unsaved configurations or having crashed and rebooted with unsaved configurations and ultimately inconsistent VPC states. In the short term I ended up deploying the SSD firmware update to all the impacted Cisco Nexus 9000 series switches in my network. I’ll look at performing the recommended software upgrades early next year.

You can setup notifications on the Cisco website to help keep you informed of field notices, software releases and security bulletins.

Anyone else run into this problem?

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/10/cisco-nexus-9300-ssd-firmware-issue/feed/ 0
Making the leap to Rocky Linux 8.4 https://blog.michaelfmcnamara.com/2021/10/making-the-leap-to-rocky-linux-8-0/ https://blog.michaelfmcnamara.com/2021/10/making-the-leap-to-rocky-linux-8-0/#respond Sat, 30 Oct 2021 14:09:48 +0000 https://blog.michaelfmcnamara.com/?p=6967
Rocky Linux

You always need to be learning in the technology field, it’s a field that is constantly evolving and to that point you need to be constantly expanding your knowledge and testing out new products, methods, solutions, etc.

I’m not a big fan of Oracle Linux for a number of reasons, which I’m not interesting in diving it here, so today I’m moving this server from CentOS 7.9 to Rocky Linux 8.4.

I’m also also taking the opportunity to downsize my server since my daughters are no longer spending hours upon hours playing Minecraft – life is slowly returning to normal, if only slowly. This will give me an opportunity to test out Rocky Linux and decide which operating system I’ll be using going forward in my personal and professional endeavors.

CentOS Linux release 7.9.2009 (Core)
MariaDB 10.5.12
nginx/1.20.1
PHP 7.4.25

to

Rocky Linux release 8.4 (Green Obsidian)
10.3.28-MariaDB
nginx/1.14.1
PHP 8.0.12

I’m trying to only spend a few hours doing this so I’m going to stick with the standard MariaDB and nginx packages that are available in the repos, although I’m upgrading to PHP 8.0 using the Remi repo. Upgrading to PHP 8.0 is going to cause me some headaches because I’m using some older WordPress plugins that are likely to break and I’ll need to pull them off the site.

If you want to live migrate a server, there’s lots of documentation and tools available to help you.

Have you done any work with Rocky Linux? I’d but curious to hear your take.

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/10/making-the-leap-to-rocky-linux-8-0/feed/ 0
How to troubleshoot Faceook, Instagram, WhatsApp outages? https://blog.michaelfmcnamara.com/2021/10/how-to-troubleshoot-faceook-instagram-whatsapp-outages/ https://blog.michaelfmcnamara.com/2021/10/how-to-troubleshoot-faceook-instagram-whatsapp-outages/#respond Mon, 04 Oct 2021 20:52:27 +0000 https://blog.michaelfmcnamara.com/?p=6955

Things certainly went south for Facebook today in a spectacular way as Reddit and other forums lit up with posts about Facebook, Instagram and WhatsApp being down and unreachable. Someone asked me a simple question? How do you troubleshoot an outage like that? We’re obviously limited as “outsiders” but even as a regular netizen we can do a bit of investigative troubleshooting to get some idea of what’s going on at Facebook.

If you tried to visit Facebook earlier today you would have likely seen this message in your web browser.

This site can’t be reached
www.facebook.com’s server IP address count not be found.

Let’s start with the basics…. DNS resolution.

[root@woodstock ~]# dig facebook.com +short
[root@woodstock ~]#

That’s not good… we can’t get an IP address for facebook.com, let’s try www.facebook.com as well.

[root@woodstock ~]# dig www.facebook.com +short
[root@woodstock ~]#

Ok, equally bad… let’s try to find the authoritative DNS servers for the domain facebook.com. We know from experience that a.gtld-servers.net. is a top level DNS server for the .com TLD, but let’s confirm it’s still in the list of servers. (I’ll edit the output below to help save space and focus our attention)

[root@woodstock ~]# dig ns com

;; ANSWER SECTION:
com. 170780 IN NS b.gtld-servers.net.
com. 170780 IN NS i.gtld-servers.net.
com. 170780 IN NS m.gtld-servers.net.
com. 170780 IN NS j.gtld-servers.net.
com. 170780 IN NS l.gtld-servers.net.
com. 170780 IN NS e.gtld-servers.net.
com. 170780 IN NS k.gtld-servers.net.
com. 170780 IN NS h.gtld-servers.net.
com. 170780 IN NS g.gtld-servers.net.
com. 170780 IN NS d.gtld-servers.net.
com. 170780 IN NS c.gtld-servers.net.
com. 170780 IN NS a.gtld-servers.net.
com. 170780 IN NS f.gtld-servers.net.

;; ADDITIONAL SECTION:
a.gtld-servers.net. 69518 IN A 192.5.6.30
b.gtld-servers.net. 82780 IN A 192.33.14.30
c.gtld-servers.net. 84678 IN A 192.26.92.30
d.gtld-servers.net. 84679 IN A 192.31.80.30
e.gtld-servers.net. 84678 IN A 192.12.94.30
f.gtld-servers.net. 84138 IN A 192.35.51.30
g.gtld-servers.net. 84679 IN A 192.42.93.30
h.gtld-servers.net. 84678 IN A 192.54.112.30
i.gtld-servers.net. 84679 IN A 192.43.172.30
j.gtld-servers.net. 82780 IN A 192.48.79.30
k.gtld-servers.net. 84679 IN A 192.52.178.30
l.gtld-servers.net. 84138 IN A 192.41.162.30
m.gtld-servers.net. 84679 IN A 192.55.83.30
a.gtld-servers.net. 81113 IN AAAA 2001:503:a83e::2:30

Ok, so a.gtld-servers.net is still in there… so let’s ask that DNS server who are the DNS servers for the domain facebook.com.

[root@woodstock ~]# dig @a.gtld-servers.net. ns facebook.com

;; QUESTION SECTION:
;facebook.com. IN NS

;; AUTHORITY SECTION:
facebook.com. 172800 IN NS a.ns.facebook.com.
facebook.com. 172800 IN NS b.ns.facebook.com.
facebook.com. 172800 IN NS c.ns.facebook.com.
facebook.com. 172800 IN NS d.ns.facebook.com.

;; ADDITIONAL SECTION:
a.ns.facebook.com. 172800 IN A 129.134.30.12
a.ns.facebook.com. 172800 IN AAAA 2a03:2880:f0fc:c:face:b00c:0:35
b.ns.facebook.com. 172800 IN A 129.134.31.12
b.ns.facebook.com. 172800 IN AAAA 2a03:2880:f0fd:c:face:b00c:0:35
c.ns.facebook.com. 172800 IN A 185.89.218.12
c.ns.facebook.com. 172800 IN AAAA 2a03:2880:f1fc:c:face:b00c:0:35
d.ns.facebook.com. 172800 IN A 185.89.219.12
d.ns.facebook.com. 172800 IN AAAA 2a03:2880:f1fd:c:face:b00c:0:35

There are the DNS servers for the domain facebook.com, so let’s see if we can communicate with any of them.

Let’s start by pinging the servers (for brevity I’m only going to go through the first server above… but they all were having issues today)

[root@woodstock ~]# ping a.ns.facebook.com -c 5 -q
PING a.ns.facebook.com (129.134.30.12) 56(84) bytes of data.

--- a.ns.facebook.com ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms

That’s not completely unexpected as most networks today block ICMP traffic by default to prevent DoS attacks so let’s try a simple DNS query to that server.

[root@woodstock ~]# dig @a.ns.facebook.com ns facebook.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.5 <<>> @a.ns.facebook.com ns facebook.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

That’s definitely not good, so we can assume at this point that we’re unable to communicate with the DNS servers for the facebook.com domain name, hence the error message we’re gettting in the web browser. But let’s dig a little deeper to see if the IP networks that are associated with those DNS servers are “online” and reachable. We can do that by looking at a BGP looking glass or full BGP routing table and see if that prefix is being advertised, we can also try to traceroute to the IP address in question and see if we can reach the Facebook network.

Let’s use WHOIS to see what network that IP address is a member of (again I’ve cut out some of the output below).

[root@woodstock ~]# whois 129.134.30.12
[Querying whois.arin.net]
[whois.arin.net]

NetRange: 129.134.0.0 - 129.134.255.255
CIDR: 129.134.0.0/16
NetName: THEFA-3
NetHandle: NET-129-134-0-0-1
Parent: NET129 (NET-129-0-0-0-0)
NetType: Direct Assignment
OriginAS:
Organization: Facebook, Inc. (THEFA-3)
RegDate: 2015-05-13
Updated: 2015-05-13
Ref: https://rdap.arin.net/registry/ip/129.134.0.0

Ok, so the original netblock assigned to Facebook from ARIN was 129.134.0.0/16 but Facebook could have subnetted that so we need to mindful that it could be smaller than the /16 we see allocated above.

There was a mention in some of the forums that all BGP peers to Facebook were down, so let’s check there. Let’s look at the Hurricane Electric’s Network Looking Glass using the IP address of 129.134.30.12. That shows us the following (as of 5:00PM EDT Monday October 4, 2021).

core1.mnz1.he.net> show ip bgp routes detail 129.134.30.12
Number of BGP Routes matching display condition : 2
S:SUPPRESSED F:FILTERED s:STALE x:BEST-EXTERNAL
1 Prefix: 129.134.0.0/17, Rx path-id:0x00000000, Tx path-id:0x00000001, rank:0x00000001, Status: BI, Age: 28d7h21m27s
NEXT_HOP: 65.49.109.182, Metric: 1486, Learned from Peer: 216.218.252.172 (6939)
LOCAL_PREF: 100, MED: 0, ORIGIN: igp, Weight: 0, GROUP_BEST: 1
AS_PATH: 3491 32934
COMMUNITIES: 6939:1111 6939:7039 6939:8392 6939:9003
2 Prefix: 129.134.0.0/17, Rx path-id:0x00000000, Tx path-id:0x00040001, rank:0x00000002, Status: Ex, Age: 86d22h8m40s
NEXT_HOP: 62.115.42.144, Metric: 0, Learned from Peer: 62.115.42.144 (1299)
LOCAL_PREF: 70, MED: 48, ORIGIN: igp, Weight: 0, GROUP_BEST: 1
AS_PATH: 1299 32934
COMMUNITIES: 6939:2000 6939:7297 6939:8840 6939:9001
Last update to IP routing table: 2d3h2m25s

Entry cached for another 60 seconds.

So it would appear that the routes are in the Internet BGP tables for that first server… I’m going to guess that Facebook is in recovery mode and slowly restoring their network – assuming it’s not a DoS attack or something similar.

Let’s try a traceroute using ICMP packets, again we need to be mindful that some organizations will block all ICMP traffic to protect themselves against the miscredants and to better conceal their network topology.

[root@woodstock~]# traceroute -I 129.134.30.12
traceroute to 129.134.30.12 (129.134.30.12), 30 hops max, 60 byte packets
1 107.170.19.254 (107.170.19.254) 4.061 ms 4.040 ms 4.037 ms
2 138.197.248.154 (138.197.248.154) 1.545 ms 1.558 ms 1.558 ms
3 157.240.71.232 (157.240.71.232) 41.384 ms 41.345 ms 41.380 ms
4 157.240.42.70 (157.240.42.70) 1.893 ms 1.911 ms 1.913 ms
5 157.240.40.230 (157.240.40.230) 3.552 ms 3.529 ms 3.538 ms
6 129.134.47.188 (129.134.47.188) 8.797 ms 7.276 ms 7.229 ms
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *

Ok, so we’re definitely reaching parts of the Facebook network, as 129.134.47.188 is on the same advertised network as a.ns.facebook.com (129.134.30.12).

Unfortunately that’s about as far as we can take it from here, we’ll need to wait for the news from Facebook itself.

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/10/how-to-troubleshoot-faceook-instagram-whatsapp-outages/feed/ 0
How does latency impact network throughput? https://blog.michaelfmcnamara.com/2021/09/how-does-latency-impact-network-throughput/ https://blog.michaelfmcnamara.com/2021/09/how-does-latency-impact-network-throughput/#respond Tue, 28 Sep 2021 16:49:15 +0000 https://blog.michaelfmcnamara.com/?p=6246 I was recently having a conversation with a DevOps colleague (let’s not jeer too loudly) who was trying to understand why he wasn’t getting more than 350Mbps between two servers over a 1Gbps WAN connection. He thought there must be a problem with the network and suggested that I should open a ticket with the carrier to “fix” the issue. I attempted to explain to him that it was the latency and distance between the two servers (3,000 miles) that was limiting the TCP performance and he could potentially overcome that issue by using multiple TCP sockets with larger TCP window sizes, or potentially switch to UDP instead of TCP.

I used iPerf3 to demonstrate the issue… with a single stream/thread we were able to achieve ~ 350Mbps. With a second stream/thread we were able to hit ~ 600Mbps. With a third stream/thread we were able to hit ~ 789Mbps.

It wasn’t magic…. it’s the well known fact that latency plays a huge role in TCP performance. In order to understand why it impacts TCP performance you need to understand how TCP works. TCP requires that transmitted data sets are acknowledged before the next set of data can be transmitted. The TCP window size determines the size of those data sets, larger TCP window size allows more data to be transmitted before an acknowledgement is required. The delay in getting the acknowledgement back is what limits the performance.

There is a well written blog article from Netbeez written by Stefano Gridelli titled, Impact of Packet Loss and Round-Trip Time on Throughput that covers this topic in great detail. You can even apply a mathematical formula to determine the max potential throughput given a known RTT latency.

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/09/how-does-latency-impact-network-throughput/feed/ 0
Lenovo ThinkPad T14 with Realtek 8852AE Wireless Issues https://blog.michaelfmcnamara.com/2021/08/lenovo-thinkpad-t14-with-realtek-8852ae-wireless-issues/ https://blog.michaelfmcnamara.com/2021/08/lenovo-thinkpad-t14-with-realtek-8852ae-wireless-issues/#respond Sun, 22 Aug 2021 14:16:16 +0000 https://blog.michaelfmcnamara.com/?p=6934 I’m still alive, just super busy these days… here’s a quick one for anyone using the Lenovo ThinkPad T14 (the issue also impacts a bunch of other models).

It turns out there are multiple models of the Lenovo ThinkPad T14, one with an Intel wireless NIC and one with a Realtek wireless NIC. We quickly discovered that the model with a Realtek RTL8852AE WiFi 6 802.11ax PCIe adapter was having a lot of issues staying connected to a number of different Cisco Wireless LAN Controllers in different physical locations. The symptom displayed to the user as an inability to pull a DHCP address, even though the device showed it was connected to the SSID. In the end it turns out that a driver released on August 10, 2021 (6001.0.10.334) that apparently fixes an issue when clients are using a Cisco wireless infrastructure. Unfortunately there’s no mention of what exactly the issue was in the release notes.

You can find the updated driver and release notes at the following link;

https://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t14s-type-20uh-20uj/downloads/driver-list/component?name=Networking%3A%20Wireless%20LAN

I’ve been seeing a lot of issues as we move to WiFi 6 access points – currently rolling out Juniper MIST AP43s. And in the vast majority of these cases older drivers are the problem. A quick upgrade to the latest and greatest driver is solving the majority of issues. So if you are having issues with the WiFi 6 based access point or client, I would strongly suggest you update your driver before you fire up WireShark.

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/08/lenovo-thinkpad-t14-with-realtek-8852ae-wireless-issues/feed/ 0
How to start blogging in 2021? https://blog.michaelfmcnamara.com/2021/03/how-to-start-blogging-in-2021/ Sun, 14 Mar 2021 15:50:44 +0000 https://blog.michaelfmcnamara.com/?p=6798 It’s interesting how many people still ask this basic question, wanting to know how much it costs and what it takes or more specifically “how to do it”. I get the question from college students, colleagues and more often neighbors who stumble upon my not so secret digital identify. While there’s a lot more social media around today than there was back when I started blogging in 2007 and I believe there’s still a space for blogging. You’d be surprised that many of the reasons people start blogs are commonly similar. Whether it’s for professional exposure or experience, personal interests or curiosity there are no shortage of tools or solutions available today to help a budding creator.

I started with Blogger back in 2007 and then in 2008 I migrated to a self-hosted installation of WordPress. While there are a number of great managed solutions available today I’m one of those guys that enjoys the challenges of learning by building it yourself and then managing it day to day. The self-hosted WordPress or WordPress.org as some refer to it, requires a server to run the software stack. In my case I’m using a Linux Virtual Private Server (VPS) rented/leased from a hosting provider in order to run WordPress. This was traditionally done with what is referred to as a LAMP stack, Linux, Apache, MySQL and PHP. These days I’m running a LEMP stack which includes Linux, Nginx, MariaDB and PHP. I’ve gone through a few hosting providers in my days, starting with RimuHosting, then Linode and today I’m using DigitalOcean. I’m also still using GoDaddy as my domain registrar. While I’ve heard a lot of horror stories from GoDaddy customers I haven’t experienced any issues myself. I have heard really good stores from customers of Gandi.net.

You can still find my original site on Blogger today at http://michaelfmcnamara.blogspot.com/.

If you are looking to test out blogging I would strongly suggest you start with Blogger or perhaps WordPress.com – not to be confused with WordPress.org. Whether you decide to try Blogger or WordPress.com both solutions make it incredibly easy to get up and running quickly and easily. If you later find that you enjoy blogging and you want to delve into all the features and options then you can migrate your content to any number of solutions, both commercial and other.

Since I run a self-hosted WordPress site I needed to purchase the following components separately;

Domain Name (michaelfmcnamara.com)GoDaddy$56.32/2 years
Virtual Private Server (Linux CentOS 7.6 x64)DigitalOcean$240/2 years
SSL Certificate (Wildcard)RapidSSL$258.00/2 years
$554.32 Total (2 years)

As you can see the costs quickly add up, on average $23/monthly. I advise anyone just jumping into blogging to start out with a free solution until you are ready to commit your hard earned $$$. I use my server to host multiple websites (and more recently a Minecraft server) so the costs presented above are a little skewed so don’t go postal on me in the comments. There are definitely cheaper alternatives out there, this is just what I’m doing these days and it works for me. As another example if you used a WordPress.com Premium account that would run you $8/monthly or $192 over 2 years.

You can look to use advertising to help offset some of the costs above. For a number of years there I was earning about $130/monthly from Google Adsense and directly contracted banner ads which helped offset the costs. It takes quiet a bit of effort to get beyond anything more than “beer” money so keep that in mind if you think you’ll be able to launch a blog or even a YouTube channel and it will start paying for itself in six months.

In the end it’s not Blogger or WordPress that’s going to make your blog successful, it will be the content that you share!

If you have any questions drop them below and I’ll do my best to answer them.

Cheers!

]]>
LastPass – Internet Upheaval https://blog.michaelfmcnamara.com/2021/03/lastpass-internet-upheaval/ https://blog.michaelfmcnamara.com/2021/03/lastpass-internet-upheaval/#comments Mon, 08 Mar 2021 04:48:54 +0000 https://blog.michaelfmcnamara.com/?p=6903

It seems that everyone and anyone wants to talk about LastPass since their announcement on February 16th that they were going to limit their free tier product offering. The vast majority of videos and articles haven’t been kind to LastPass or their current owners, LogMeIn.

I haven’t really mentioned LastPass since I first talked about them in December of 2014. I’m a paying LastPass customer since 2013. At the time a LastPass premium account was $12/year. A small cost for any IT professional that values their time (and productivity) and security in trying to keep the passwords for every application they use or every system they manage in their head. I currently have 763 passwords in my vault.

It seems that anytime a vendor takes away something that was free the Internet masses take to their media of choice to rail against the injustice. A large number of tech savvy users already scowl at the mention of LogMeIn. The company eliminated it’s free account offering of the popular remote control application by the same name in 2014. In 2016 the company acquired GoToMyPC, the largest competitor to LogMeIn, and subsequently raised the pricing on that service.

I’m no fan of LogMeIn, but I support paying for products that provide a value and service in my day to day life. As an Information Technology professional a Password Manager should be an essential part of your kit. Thankfully there are plenty to choose from and they all have their own strengths and weaknesses.

I believe prior to the LogMeIn acquisition you needed a Premium LastPass account to use the mobile application on either Android or iOS. Someone feel free to correct me in the comments below. I’m not sure where or when that changed was made but somewhere along the line they started allowing non-Premium users to use the mobile app. The timing here is important because it does feel like a potential bait and switch play. Opening the mobile app for a few years and then squeezing that group in hopes of getting some percentage to switch to a Premium account.

If I had to choose a password manager today I wouldn’t necessarily jump at spending $36/year – the current pricing for new LastPass Premium customers. However, I might be convinced to purchase their new LastPass Family for 6 family members at $48/year. That said I’ve been pretty happy with LastPass to date.

What password manager are you using? Hopefully you are using a password manager!

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/03/lastpass-internet-upheaval/feed/ 1
VMware VeloCloud SD-WAN Orchestrator API and Python – Part 3 https://blog.michaelfmcnamara.com/2021/03/vmware-velocloud-sd-wan-orchestrator-api-and-python-part-3/ Tue, 02 Mar 2021 03:31:11 +0000 https://blog.michaelfmcnamara.com/?p=6886 It looks like this project is going to be moving forward again… time to dust off the Python code and finish out the last few pieces to the puzzle.

Interestingly enough I ran into a quick problem testing my original code. It looks like something had changed with the “Profile” that we’re using for each Edge. When I run my original Python script I’m getting a HTTP/400 returned along with the following response code, Interface “CELL1” present in Profile but not in Edge. Looking through some of the JSON data it would appear that something has changed with the Profile that I’m using in the configuration. The error I’m getting when calling rest/configuration/updateConfigurationModule likely means that I’m missing some required data in my Jinja templates that the VMware VeloCloud Orchestrator is now expecting.

There is a Chrome extension called VeloCloud Developer Assistant, that can help you break down the JSON data and make it a little easier to visually consume and troubleshoot. I personally prefer just going into the Chrome developer tools and copying out the entire JSON data block that’s being posted and then running that through some JSON formatting tool to help clean it up for human consumption. If you go through the steps in the web UI with the Chrome developer tools open, can you go back and extract all the JSON data that is being sent to the VeloCloud Orchestrator, and in short you can easily reverse engineering the calls and the JSON data.

In the end I was able to find the missing CELL1 interface under the routedInterfaces element. I added the missing data elements to the Jinja template and everything started working again. I ended up writing a few other supporting scripts to help with the overall project goal. I wrote a Perl script to poll the existing hardware to gather up all the IP configuration details from each VLAN and interface which then can be fed into the Python script to build the configuration within the VeloCloud Orchestrator. There’s also a management IP required, so I used a snippet of Perl code that I wrote back in 2016 to call the Infoblox API to assign the next available IP address in the management subnet.

With the Jinja templates it’s relatively easy to put this code onto a web server and build a simple WebUI around some Python or PHP code to generate new configurations when needed.

Cheers!

]]>
Working from home upgrades https://blog.michaelfmcnamara.com/2021/02/working-from-home-upgrades/ Fri, 19 Feb 2021 01:00:00 +0000 https://blog.michaelfmcnamara.com/?p=6868 I made some purchases over the past few months to help improve my work from home environment and thought I’d share my thoughts on those items. I purchased all the items below from from my local BestBuy using the BestBuy Android mobile app with curbside pickup. As someone who works in retail I was really impressed with how well the checkout and curbside pickup process works at BestBuy and how effortless it was, a real technology win in my honest opinion. Kudos to their team on an incredibly frictionless process and to all their store associates. The pricing for each item was in line with pricing from online resellers so I wasn’t really sacrificing anything by purchasing from a traditional brick-n-mortar business and I was happy to support my local store.

LG – 34WL500-B 34″ IPS LED UltraWide FHD FreeSync Monitor with HDR (HDMI) – Black

When you upgrade to an UltraWide display you won’t ever want to go back. I desperately needed the additional desktop space on my work laptop to help improve my general productivity. I usually have 15-30 windows open at any time and having to switch back and forth, or worse yet go hunting for individual windows can be an incredible productivity drain. This display only has a max resolution of 2560 x 1080 but that’s fine for my aging eyes and provides me all the desktop real estate I need to work efficiently. The included stand isn’t overly large and brightness levels from the display are great. This monitor is currently on-sale at BestBuy for $300, a great price for a 34″ wide monitor. The 29″ version LG 29WL500-B is an even better deal at BestBuy for $200. I would recommend either of these for a work from home environment. I don’t play any games on this display so I can’t comment about game performance.

Logitech – G PRO X Wireless DTS Headphone:X 2.0 Gaming Headset for Windows with Blue VO!CE Mic Filter Tech and LIGHTSPEED Wireless – Black

I’ve traditionally used relatively cheap Plantronics headsets on my home desktop but I decided it was time to cut the cord and go with a premium wireless headset that would allow me to move around on long conference and video calls. Having the ability to move it around between my personal desktop and my corporate laptop was also extremely beneficial. I’m not yet sold on the Blue VOICE feature, I didn’t particularly like how I sounded with that feature enabled so I need to-do some additional testing and validation. I’m still up in the air about this headset, I’ll need a little more time before I decide if it was a good purchase.

Bose – Companion 2 Series III Multimedia Speaker System (2-Piece) – Black

I’ve often opt for the cheap Insignia speakers but this time I wanted a quality set of speakers to use when I wasn’t using my wireless headset and so I chose the Bose Companion 2 Series III speakers. I’m not a high-fidelity guy but these sound incredibly better than any other computer speakers I’ve ever owned and easily rival the sound put out from the Onkyo receiver and speakers in my basement surround sound system. These speakers get a solid buy rating from me. There are likely better options available for the audiophiles out there but I couldn’t justify spending $200 or $300 on desktop speakers.

Have you made any purchases lately? Anything fun?

Cheers!

]]>
The Swedes are coming! https://blog.michaelfmcnamara.com/2021/02/the-swedes-are-coming/ Thu, 18 Feb 2021 03:17:37 +0000 https://blog.michaelfmcnamara.com/?p=6860 No, I was hacked with some stolen user credentials.

I was surprised today when I noticed that someone had posted a new article to this site at 6:36AM this morning titled “3 Reasons to Start Using Dealspaces”. Interestingly enough the user account used to post the article was a test account under my wife’s name that I probably haven’t used in years.

I went looking at the nginx access.log files and found the relevant entires;

213.164.204.89 - - [17/Feb/2021:11:36:17 +0000] "POST //xmlrpc.php HTTP/1.1" 200 141 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
213.164.204.89 - - [17/Feb/2021:11:36:18 +0000] "POST //xmlrpc.php HTTP/1.1" 200 2253 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
213.164.204.89 - - [17/Feb/2021:11:36:19 +0000] "GET /2021/02/3-reasons-to-start-using-dealspaces/ HTTP/1.1" 200 9985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"

The IP address belongs to a Swedish Internet Service Provider named Bahnhof, not particularly helpful as it could have also been a Tor endpoint or exit node. I can tell from the time stamps that the action was likely scripted as there was exactly one second between each request.

Needless to say I immediately deleted the post and the user account that was used to make the post and then changed my own password out of an abundance of caution. I then scoured the entire WordPress filesystem using the recent backup I had to try and make sure that nothing else was changed. I even dumped the database and ran a quick comparision against a recent backup, again looking for any changes or any obfuscated code.

My Thoughts?

Old user accounts are becoming a bigger and bigger problem as the longer they hang around in the wild they will eventually end up being compromised. This is why IT security professionals plead with users to use different passwords on every single website and to frequently change those passwords. Unfortunately in this case I’m going to guess that the password used for this account likely wasn’t very secure (Test123) and that’s likely how the hacker was able to login to WordPress and post the article. So shame on me for yet again falling into the roll of a user.

Are you curious if your user credentials have ever been leaked? Check out have i been pwned?

Cheers!

]]>
School Music Concerts, Copyrights, Live Streaming and Zoom https://blog.michaelfmcnamara.com/2021/02/school-music-concerts-copyrights-live-streaming-and-zoom/ Wed, 17 Feb 2021 03:10:20 +0000 https://blog.michaelfmcnamara.com/?p=6824 I attended a wonderfully orchestrated virtual performance this evening put together by my daughters’ high school music director. The event was streamed using Zoom and it was extremely well done, with the exception that I couldn’t hear the actual music performances.

I could hear other people on the call and I could hear the music director as he spoke but I couldn’t hear any of the audio he was “sharing” from his desktop or laptop. Thankfully it turned out I wasn’t alone as other people quickly reported the same issue in chat… but oddly enough it turned out there were other folks in the meeting that could hear the performance fine so I was stumped.

How is it that some attendees in the meeting could hear the audio but other attendees couldn’t hear the audio?

In the ensuing conversation I heard how one couple had an Apple iPad and they couldn’t hear anything. I learned that even my parents who were using their new Windows desktop that I built for them in January had no issues hearing the performances. I even connected to the meeting from a second Windows device and confirmed that it too had the same problem. I’m not sure if it’s relevant but I did discover that both of my Windows devices were running the same (latest) version of the Zoom client, Version: 5.5.2 (12494.0204). I can only guess that there is a Zoom bug out there that we stumbled into, perhaps it has something to-do with encryption as I noticed that the teacher’s audio stream was alerting as “not encrypted” during the meeting. I felt really bad for the teacher but there wasn’t anything he could do and it definitely wasn’t his fault. Technology had failed him, just like it has failed so many of us so many times. I likely suspect Zoom was the culprit in this specific instance – I actually submitted a support ticket to Zoom from my corporate account so we’ll see where that goes if anywhere. It was just another sign of the times in this new COVID-19 reality that we’re all living in.

Copyright

The teacher did make a comment that while LIVE streaming was allowed for educational use thanks to waivers from the music publishers, recording was still not permitted. I did some quick searching and found some relevant articles from the National Association for Music Education in an article titled, Music Publishers Agree to Allow Educational Use of Copyrighted Music. If you’ve ever tried to upload your child’s school performance to YouTube you’ll quickly run into issues if the recording has copyrighted music in it. I’ve been there done that, fun times getting a copyright strike against a middle school band performance.

My Thoughts?

I’m very disappointed to say that unfortunately technology failed again today, through no fault of the users. I’m usually pretty harsh on users (the word user is a dirty word in my house) but in this case it was the technology itself that failed. I like finding answers to these mysteries and hopefully Zoom will respond and we can fix it so the next concert can go on without any issues.

Cheers!

]]>
Discussion Forums – Closing https://blog.michaelfmcnamara.com/2021/02/discussion-forums-closing/ https://blog.michaelfmcnamara.com/2021/02/discussion-forums-closing/#comments Fri, 12 Feb 2021 02:38:35 +0000 https://blog.michaelfmcnamara.com/?p=6762

It’s hard to believe that the Network Infrastructure Forums have been running for over 11 years. In July of 2009 I installed Simple Machines Forum software on a virtual private server from RimuHosting with the purpose of setting up an open and free discussion forum for network engineers and system administrators. At the time I was extremely frustrated with a number of vendors and manufacturers supporting their users (outside of professional services). I felt that I could help fill the void… and in the case of Bay Networks, Nortel Networks, Avaya and Symbol, Motorola, Zebra I wasn’t far off. I went out and registered the domain networkinfrastructure.info and set out to create a place for IT professionals (including resellers) to share ideas, problems and solutions.

Like most everything in life though, it’s time has come and gone and it is time to more forward. The majority of the information on the forum is now extremely dated and with the rise of other solutions, user traffic has dropped off significantly in the past few years. At it’s peak the forum had a very robust community around Nortel switching and Symbol, Motorola, Zebra wireless equipment serving both end-users and resellers.

If you are interested in some statistics;

  • 49,023 registered members
    • 23,000 legitimate members when you remove all the bots
  • 20,891 posts
  • 4,383 topics
  • 62,621,940 page views

Special thanks to the moderators who helped curate the discussions, I couldn’t have done half as well without your contributions.

  • Dominik
  • Flintstone
  • Paul L
  • Telair

Thank you to everyone who participated in the discussions!

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/02/discussion-forums-closing/feed/ 4
Desktop Remote Control – A new option? https://blog.michaelfmcnamara.com/2021/02/desktop-remote-control-a-new-option/ https://blog.michaelfmcnamara.com/2021/02/desktop-remote-control-a-new-option/#comments Wed, 10 Feb 2021 03:30:00 +0000 https://blog.michaelfmcnamara.com/?p=6772 It can be trying and difficult providing technical support to friends or family members remotely in this COVID-19 reality. A good desktop remote control solution can really make the difference between helping to resolve a problem or everyone walking away extremely frustrated.

I recently had to assist my 75 year old father with an issue he was having and it was a struggle to get through the “Buy Now” banner ad that was popping up from Teamviewer. I probably use Teamviewer 1-2 times a month for 20-30 minutes so I can’t justify dropping $49/monthly on that solution. So I did what any techie would do and I took to Google in search of a new solution.

I stumbled across a solution called AweSun by AweRay. I’ve never heard about AweRay so I dug a little deeper and found the domain name was registered in May 2019 and their first news release was in April 2020. So they are a fairly new player in the space from what I could learn. I also noticed that their infrastructure is housed in Google Cloud Platform.

I’ve spent a few days with the solution and it worked really well. I was able to quickly and easily connect to my parents computer using their Device ID and Passcode very similar to how Teamviewer works. The product also supports copying clipboard data between the local computer and the computer you are remote controlling, so you can cut and paste between computers with ease. When I rebooted my parents computer AweSun properly started itself back up and allowed me to remotely connect after the reboot without any issues or problems.

Looking through their pricing and features list it seems like the “free” version is extremely functional.

The pricing is definitely much better than many of the competing solutions on the market. Obviously you can’t beat free, but even at $9/month – it’s definitely feasible to throw the company some business for a month or two in order to support the product without breaking your wallet.

I’m curious if anyone else has tested AweSun?

Cheers!

]]>
https://blog.michaelfmcnamara.com/2021/02/desktop-remote-control-a-new-option/feed/ 3
Microsoft Windows Server 2019 NPS Firewall Bug? https://blog.michaelfmcnamara.com/2021/02/microsoft-windows-server-2019-nps-firewall-bug/ Sat, 06 Feb 2021 00:10:18 +0000 https://blog.michaelfmcnamara.com/?p=6751 I do some consulting on the side, helping end-users and resellers with technical hurdles or issues in their environments. It’s been a pretty good side hustle for me over the years and it can be a welcome distraction from the daily grind.

A reseller recently asked me for assistance with an issue they were having setting up 802.1X authentication for their wireless users and devices. In the early Windows 95 days you needed to make sure you had the correct patches and drivers to get the built-in WPA supplicant (Wireless Zero Configuration) to work properly but these days this solution is pretty well documented across the net and most client devices work right out of the box.

I had assumed that the problem would be something simple but after 2 hours of troubleshooting I too was stumped by a little but apparently well known issue on Windows Server 2019 with NPS (Network Policy Server) which replaced IAS (Internet Authentication Service) starting back in Windows Server 2008. Apparently the default firewall rules added during the NPS server role installation don’t work!

It turns out that this bug goes all the way back to November of 2018. I found a post written by Richard M. Hicks titled, Always On VPN and Windows Server 2019 NPS Bug. That’s just crazy… that’s more than two years ago and apparently Microsoft still hasn’t decided to correct the issue.

Here’s a tip for all those budding network or system administrators trying to troubleshoot 802.1X wireless authentication requests. Whether you are using Microsoft’s NPS or HPE/Aruba ClearPass or Cisco Identity Services Engine (ISE). I find having a tool to generate some RADIUS authentication requests to validate that your RADIUS server is responding and working properly is invaluable. I personally like NTRadPing as it’s easy to use, just drop it in a folder and launch it on a Windows desktop or laptop. Occasionally you might need to hack the RADIUS dictionary file (raddict.dat) that accompanies the application but that’s pretty easy as well.

Have you got any stories to share?

Cheers!

]]>
I had a screw loose !$%&# https://blog.michaelfmcnamara.com/2021/02/i-had-a-screw-loose/ Wed, 03 Feb 2021 02:27:42 +0000 https://blog.michaelfmcnamara.com/?p=6728

If you live in the Northeastern United States you’re probably still digging out from the massive winter storm that blew through the area over the past three days. Here in my local area of Pennsylvania we managed to get just over 12 inches of snow, although towns not far away managed well over 23 inches and my family in northern New Jersey are estimating that they had around 18 inches of white stuff.

Thankfully I have a 27″ Briggs & Stratton 1227MD Snow Blower to help clean my 2,000 square foot driveway. I bought this unit back in 2017 and while it hasn’t had too much work in the past few years it’s always been reliable and easy to operate. On Monday afternoon my trusty steed stopped working and a bit of panic set in as the second wave of snow starting falling. The engine was fine, but the snow blower would frequently stop moving forward and the wheels would lock up. The snow blower would move in reverse but it would not move forward. Using a 10mm socket and socket wrench I was able to remove the lower panel that covers the drive train and a screw literally fell out. Looking at the bottom panel it was quite clear that the screw was rolling around at the bottom of the panel and was occasionally getting wedged between the drive gear and the external sheet metal causing everything to “lock up”.

I looked around to see if I could determine where the “extra” screw had come from but I wasn’t able to find anything missing or out of place. I put the machine back together and this morning it ran like a champ for 2+ hours clearing my driveway and my neighbors.

My Thoughts?

Thankfully I was able to quickly troubleshoot the problem and determine the issue. While I enjoy the occasional manual labor, I wasn’t looking forward to the thought of having the shovel 12 inches of snow from my long driveway, so I was sufficiently motivated to “figure it out“. Are you handy? If so great! If not, don’t be afraid to branch out and try new things, whether you are a “handy” person or not. It’s not rocket science!

Cheers!

PS: Thanks for the cake Anita, it was delicious!

]]>
Troubleshooting Application Performance and Monitoring with Selenium https://blog.michaelfmcnamara.com/2021/01/troubleshooting-application-performance-and-monitoring-with-selenium/ Fri, 29 Jan 2021 00:27:53 +0000 https://blog.michaelfmcnamara.com/?p=6620 It was yet another exciting week…

When Cloud or SaaS application performance starts impacting user productivity how do you go about troubleshooting? Performance can be extremely subjective… what is fast to some people is slow to others and vice versa. How do you even measure performance? Invariably people want to blame the network because that’s the simplest answer. However, it can take a lot of effort and due diligence to dig down and find the actual culprit.

In this specific case we had ~ 8,000 miles between the users and the server infrastructure. So I’m personally expecting additional challenges due to the extreme round trip times (220ms) and latency that may play some roll in any possible issue or issues.

Let’s try to frame the issue;

  • Is the issue persistent or intermittent? Intermittent
  • Is the issue occurring with any regularity? Yes, 11:00AM – 12:30PM local time daily
  • Is the issue impacting every user or just specific users? Multiple users, not clear if every user is impacted but a majority of users
  • Is there anything common among the impacted users? They are all using the same VPN and proxy server infrastructure, they are all located in the same country.
  • When did the problem start? Users have been working for 3+ months without issue, but this problem is fresh within the past 2 weeks.

The last point is likely key… so what’s changed in the past 2 weeks that’s causing this issue? Let’s get to that later but those simple facts are key in driving your investigation.

We start with the simple baseline network tests;

  • ping – good with minimal pack loss
  • traceroute (mtr) – looks like pathways with multiple ISPs
  • speed tests – generally good
  • packet capture – in general looks good, some out of order packets, some dupe ACKs, these are likely the result of the ~ 8,000 miles between the endpoints.

In the baseline results there are no smoking guns but there are some suspect data points in there, although we need to remember that this isn’t a LAN based application. This is an Internet based application with 8,000 miles between the endpoints so there is going to be some noise in the packet trace.

Note: I’ve seen all sorts of interesting Internet issues since March 2020 when the pandemic lock-down first kicked off here in the US, and again recently at the beginning of September 2020 when the majority of US school students returned to remote learning. I observed a large number of my US users had better latency to our UK VPN gateways than to our local US VPN gateways. Ultimately we found a number of Internet peering points between the different Internet Service Providers (I’m being nice here and not naming names) were getting completely blasted and was adding 75-125ms to every packet. Eventually the providers addressed this problem with additional peering but it was a painful couple of weeks.

Now what we need are some additional data points that can be collected during the issue;

  • HAR (HTTP Archive) from Chrome web browser collected from user experiencing issue – this was a key piece of data that helped move the issue forward
  • packet capture – wasn’t able to be captured due to locked down computers

What can we do to monitor the performance of the cloud application?

  • ping – We setup pings monitors from a number of data centers globally to monitor for basic availability
  • curl – We setup some simple HTTP/HTTPS monitoring using cURL
  • selenium – At the recommendation of the application provider we setup ThousandEyes and a transaction monitor to generate synthetic transactions by logging into the application and working through a few different functions which themselves have dependencies on external REST and SOAP APIs.

The application itself has a number of dependencies from external microservices, so initially we were concerned that these external services might be having performance issues themselves which might be impacting the application itself. So we had to setup additional monitoring to try and validate the performance of those REST and SOAP APIs during the reported timeframes.

This was my first foray into working with Selenium and ThousandEyes but I was able to kludge my way through the solution after about 2 days. I did run into a few problems with the application website using dynamic Class IDs but eventually I got some basic tests working properly. The solution itself worked fairly well… we had some decent “front door” statistics within hours and the synthetic transaction data gave us a good idea that the application was performing properly during the reported timeframes the users were experiencing issues.

The application vendor was extremely helpful in examining the HAR data, and quickly determined from the HAR and their own internal logs that HTTP/HTTPS requests from the clients were being queued up and delayed from reaching their back-end infrastructure (Chrome only allows 6 concurrent connections to a single hostname). Within the HAR data the vendor observed some fairly aggressive custom polling within the application that was making unconditional Javascript calls every 2 seconds that resulted in a 12Kb data set being transferred to the client. The initial theory was that some Internet slowdown was causing the client requests to slowdown and eventually fall behind which then coupled with the unconditional Javascript calls and the six connection limit in Chrome led to an extremely poor user experience.

We eventually learned that the infrastructure the users were riding had recently switched Internet Service Providers two weeks earlier. Hmmm… hadn’t the issues started 2 weeks earlier? Yes they had! Ultimately we determined that there was enough occasionally packet loss and packet retransmissions over this new Internet link that it was impacting this specific application. The infrastructure was switched back to the original Internet link and the issue hasn’t been observed since.

My Thoughts?

In this specific case the intermittent packet loss and retransmissions were causing the application to fall behind in it’s communications with the backend infrastructure which was resulting in an extremely poor user experience. It’s relatively safe to argue that if the application code wasn’t as aggressive in it’s polling that it could potentially “tolerate” a certain amount of packet loss and retransmissions.

I personally believe as a network engineer it’s invaluable to learn why something doesn’t work instead of just accepting that it doesn’t work. Inevitably there will be things that we can’t explain but I’m a huge advocate of spending the effort to make sure you understand the vast majority, it’s really the only way you’ll make the environment around you better and ultimately more resilient.

Cheers!

]]>
Weight Loss and Personal Health https://blog.michaelfmcnamara.com/2021/01/weight-loss-and-personal-health/ Fri, 22 Jan 2021 23:00:00 +0000 https://blog.michaelfmcnamara.com/?p=6698

In 2020 my diet and personal health choices finally caught up to me and I had to make some drastic changes. Since that September day I’ve lost more than 60lbs using a mixed low-carb / keto diet. Unfortunately I’ve also had to account for my gout diagnosis which has left me with some very restricted menu options.

The data in the graph below is from a Withings WiFi Scale and makes it pretty easy to see how quickly the weight can catch up to you, or me I guess I should say, over the years.

In July of 2018 I broke my ankle while playing ice hockey and that literally sidelined me for more than six months. The only good thing during that timeframe? I literally couldn’t get to the kitchen for months so I didn’t put on any weight. I owe that feat to my wonderful wife, she loves telling me “no!“. You can see in the graph above that 2018 was relatively flat, until I got my mobility back and started snacking again. :(

How did I do it?

In my specific case, the hunger wasn’t the big issue. The pain from the gout attack was pretty severe and lasted almost 4 weeks, and it literally masked my general hunger for the first few weeks. I was religious about keeping my fluid levels up, drinking 160oz of water daily trying to flush the uric acid out of my body. I believe the water kept me feeling full, but the numerous trips to the bathroom can be super annoying. However, it promotes getting up from the desk frequently which is a good thing.

My job for the past 7 years required me to commute almost 100 miles each day keeping me in my car for ~ 3 hours each day about 15 hours each week. Thankfully that’s changed dramatically with COVID-19 and I’ve made use of the extra free time to walk my dog, Bucket, twice daily. The Fitbit Versa 2 I wear helps track the 10,000+ steps I try to tally daily. Not surprisingly my resting heart rate has dropped from an average of 63bpm to 53bpm at my current weight.

What’s the future hold?

In December I had another round of blood tests and there was “excellent improvement“, as noted by my physician. I still need to have another round of blood tests again this month, so here’s hoping that things are continuing to improve.

As for my personal goals, I would like to get down to around 240lbs. The trick will be adopting a diet and eating behaviors that I can use to maintain my weight and not start piling it all back on once I hit my goal. Ask me in six months where I am. Don’t be so focused on work, or the family or everyone else around you that you forget to take care of your own health!

Cheers!

]]>
Desktop Build Fails – Time for Upgrade https://blog.michaelfmcnamara.com/2021/01/desktop-build-fails-time-for-upgrade/ Sat, 09 Jan 2021 17:54:15 +0000 https://blog.michaelfmcnamara.com/?p=6687

In November I got a call from my parents that the desktop I built for them back in 2014 was not booting up. After talking my father through opening the case and sending me some video, it appeared that the case and CPU fans would start but then stop, only to start again and then stop again, rinse and repeat over and over. I had seen this symptom before and thought the issue might be with the power supply so I ordered a new EVGA 500W power supply and had it shipped to their house. Kudos to my 70 year old father for replacing the power supply by himself, unfortunately the problem persisted so that likely meant that the motherboard had failed, although the motherboard looked fine and there were no obvious failed capacitors or other damage.

That machine had lasted them six years, so that was a pretty good investment in my honest opinion and I could likely reuse the case, power supply, CPU and memory from that computer on other builds or projects my daughters were working on. In the end I decided to just build them a new machine, swapping the SSD from their old machine, this way there would be minimal change to them. All their email and shortcuts would be there, all the software would be the same, the icons would all be in the “right” place. It would just make things super simple for them as the user, especially since both of my parents are in their 70s.

I went and ordered a bunch of new components to build them a new machine.

With the help of my youngest daughter we assembled the the pieces of the new machine and then tested that everything was working properly using a spare SSD that I had available.

My parents brought the old machine over to my house, I removed the SSD and installed it into the new machine, cleaned up some of the drivers, installed a new Windows 10 license key (OEM version would not re-activate) and they were back up and running with minimal fuss to them.

Let’s see how long that machine lasts them.

Cheers!

]]>
Twelve Days of Cooking and Baking https://blog.michaelfmcnamara.com/2021/01/twelve-days-of-cooking-and-baking/ Mon, 04 Jan 2021 23:00:00 +0000 https://blog.michaelfmcnamara.com/?p=6656 Over the holidays I ended up doing a fair bit of cooking and baking with relatively impressive results even though the family is fairly hard to satisfy as they all have different tastes and preferences. As always I need to give credit to my loving wife and assistant.

Here are a few of the recipes that really stood out….

Smash Burger
Classic Smashed Burgers Recipe from Serious Eats

The kids and wife really like Five Guys and In-N-Out Burger so I often enjoy recreating their favorite burgers here at home… it’s really not that hard, all you need is a decent cast iron pan and a penchant for smashing things. ;) If you want to go all the way, you can even wrap the burger in tinfoil if you want the “soggy” effect.

Dad’s Famous Potato Wedges
Crispy Garlic Baked Potato Wedges by Cafe Delites

There’s nothing famous about them… other than me calling them famous. I like to soak the potatoes in water for an hour after cutting them up, helps make them nice and soft on the inside while crispy on the outside.

Beer Braised Chicken and Bacon
Beer-Braised Chicken by Food Network

This is one of the newer recipes I’ve been cooking and it has been delicious. The inclusion of mustard gives it that little bite… remember to cook the bacon ahead of time, lay it out on parchment paper on a baking tray and let it do it’s thing at 350F, then just add it back into the dish just before you serve.

Chocolate Chip Cookies
Best Chocolate Chip Cookies by allrecipes

Chocolate chip cookies are a staple in any American household, unfortunately they don’t last long in my household so you better get one before they are gone.

Pizza
The Best Pizza Dough Recipe by Sugar Spun Run

I like using bread flour instead of all purpose flour, and the King Arthur brand of bread flour has worked well for me in the past although I need to continue to try and perfect my hoagie rolls. I feel like a good pizza stone is the key to making good home made pizza. The pizza itself was delicious, the problems arose when trying to transfer the pizza to the hot pizza stone in the oven, that first attempt didn’t go so well. I guess I need to pickup a pizza peel.

French Onion Soup
French Onion Soup by Simply Recipes

This recipe takes a little bit of time to get the onions to caramelize. In the end I cheated by using croutons instead of making some Crostini – in my defense I was hungry!

Chicken Parmesan
One-Pan Crispy Parmesan Chicken Cutlets by Kitchn

The family just loves the crispy fried chicken cutlets. I like to quickly fry them in a cast iron skillet and then move them to the oven for ~ 10 minutes at 350F to finish cooking while I get everything else ready. Don’t cover them, else they’ll end up getting soggy. And Margaret doesn’t like soggy chicken cutlets.

Apple Puffs
Apple Cinnamon Pastries by Entertaining with Beth

I like to peel the apples and fry them ahead of time in some butter – I want super soft apples in my apple pie and apple puffs. I would suggest you roll out the puff pastry a bit, else it will be very thick. The next time around I think I’ll try to make an Apple Strudel instead of Apple Puffs or Apple Turnovers.

Cinnamon Rolls
The Best Cinnamon Rolls You’ll Ever Eat by Ambitious Kitchen

These weren’t as big a hit as I thought they would be with the daughters. The wife loved them and I thought they were pretty good as well. The second time around I skipped the cream cheese and definitely preferred the all sugar glaze/icing.

Let me know what your cooking!

Cheers!

]]>
Merry Christmas and Happy New Year 2021 https://blog.michaelfmcnamara.com/2020/12/merry-christmas-and-happy-new-year-2021/ Thu, 24 Dec 2020 23:40:37 +0000 https://blog.michaelfmcnamara.com/?p=6649 I’m sure many of you, like myself, are eager to put this year behind us…. and likely many more are missing loved ones that are no longer with us. There’s no doubting that 2020 will be remembered along with all those that have left us too soon.

Wishing you and your family a Merry Christmas and Happy New Year!

Cheers!

]]>
Herman Miller Aeron Office Chair at Home? https://blog.michaelfmcnamara.com/2020/10/herman-miller-aeron-office-chair-at-home/ https://blog.michaelfmcnamara.com/2020/10/herman-miller-aeron-office-chair-at-home/#comments Sun, 04 Oct 2020 13:33:13 +0000 https://blog.michaelfmcnamara.com/?p=6629 How many of us gave in and bought a new office or desk chair in 2020?

Like so many others, I was extremely fortunate to be able to work from home during a time when so many others were out of work and financially struggling. Unfortunately working from home has brought it’s own set of challenges and hurdles.

I’ve had back and neck issues in the past so I generally need to be extremely thoughtful of my posture and how square I am when sitting at a desk or I’ll end up paying the price. Unfortunately I started having pain in my lower back from spending so much time in my relatively cheap Staples office chair in May and so I re-purposed an old wood workbench I built almost a dozen years ago from 2×4 lumber and some Oak plywood sheets. It happened to be just the right height for a standing desk and allowed my back time to recover.

Ultimately I broke down and ordered a Herman Miller Aeron office chair which I finally received on July 3rd. While it was relatively expensive at $1,200 – I felt like it was an investment in my health and well being. I would guess that I probably spend at least 60 hours a week in this chair. It’s been almost three months and thankfully my back hasn’t bothered me at all since I started using the Herman Miller. I continue to be mindful of my posture at the desk, and I try to take more frequent breaks to get up from the desk itself.

It seems there’s been a rush on desks, chairs and webcams in this new COVID-19 era. I’m curious what everyone else is seeing in their area. Stay safe everyone!

Cheers!

]]>
https://blog.michaelfmcnamara.com/2020/10/herman-miller-aeron-office-chair-at-home/feed/ 2
Epson Printer Firmware Update Restricts Third-Party Ink Cartridges https://blog.michaelfmcnamara.com/2020/09/epson-printer-firmware-update-restricts-third-party-ink-cartridges/ Wed, 02 Sep 2020 22:50:24 +0000 https://blog.michaelfmcnamara.com/?p=6601 I was recently working with an Epson XP-15000 I had lying around the office, cleaning it up so I could send it off with my daughter as she heads back to college and her off-campus apartment (even though all classes are now via remote learning thanks to COVID-19). I had everything working perfectly but the printer kept prompting about some firmware update, so I eventually relented because I knew the firmware update prompt would likely cause confusion and questions down the road from the “user”.

Well I got more than I bargained for in that firmware update. !@$# %e

Let me just point out that this is no $100 printer, but instead sells for $350 – $450 retail. After the firmware update the XP-1500 printer would no longer recognize the third-party ink cartridges that I had installed in the printer no matter what I would do. Likely needless to mention at this point, but I quickly found I wasn’t alone as there were dozens if not hundreds of posts all over the Internet reporting the same issue. Here’s one, another, another and another… you get the idea.

It seems there was a class action lawsuit filled last October in California against Epson for this exact behavior as mentioned in an article on TheRegister titled, US customers kick up class-action stink over Epson’s kyboshing of third-party ink. Although it appears that case was dismissed back in February 2020.

I did briefly entertained the possibility of using InkChip, a third-party located in Hong Kong that provides a firmware for the printer that removes the “ink cartridge” check from the printer’s software. Although in the end I went out to my local Staples and spend over $130 in Epson ink cartridges, this printer has six ink cartridges.

Interestingly enough I couldn’t find any clean reviews of InkChip – I can only imagine that the printer manufacturers have a plethora of lawyers just ready to pounce one any mention of this company on the Internet – I wouldn’t be surprised if I was contacted – remember it’s 2020 and anything can happen this year!

I’ve been an Epson customer for almost 15+ years, I’ve probably bought more than 7 Epson printers in those past 15 years easy. I’m not sure I’ll be buying another Epson printer in the future.

The moral of the story… don’t upgrade the firmware in your printer if you use third-party ink cartridges.

Cheers!

]]>
CenturyLink/Level 3 Internet meltdown followed by Reddit moderator madness https://blog.michaelfmcnamara.com/2020/08/centurylink-level-3-internet-meltdown-followed-by-reddit-moderator-madness/ Sun, 30 Aug 2020 20:05:56 +0000 https://blog.michaelfmcnamara.com/?p=6602 It was another exciting morning around the Internet. Seems that CenturyLink(Level 3) had a meltdown that caused all sorts of issues for ~ 5 hours this morning starting around 6:04AM EDT and lasting until around 11:12AM EDT.

It started as it always does with reports of DNS issues, then CDN issues (Cloudflare) and eventually CenturyLink was identified as the culprit, or to be more precise any packets traversing the CenturyLink (Level3) network.

Thankfully Reddit was a great community resource and reports quickly started rolling in on these two threads;

For reasons that still aren’t 100% clear the moderators for r/networking decided to delete the first thread. So the refugees from r/networking went to r/sysadmin to escape the persecution only to have the moderators of r/networking admit their mistake sometime later and un-delete the post.

I’ll admit I was floored when I found the original thread was deleted. There were hundreds of us struggling to source what was actually going on and trying to understand how we could mitigate the impact to our employers and some moderator deletes the thread?!? @$%#

The refugees eventually made their feelings known in a thread titled, META: I guess major news-worthy outages are off topic here?

Cheers!

]]>