Archive for March, 2009

medias

Posted: March 29, 2009 in travel
Tags: , , ,

…sau cum am reusit sa scap cu viata din mainile lui monsieur

anume: mers la piscina (in lenjerie intima, caci pauza costum de baie, iar in Medias mai toate magazinele sunt inchise sambata), balacit, inotat, jucat cu mingea in apa si tot asa; toate bune si frumoase pana intra sin in apa si vine spre mine; cele mai intalnite metode sunt sa ma tina de mijloc si sa se bage la fund; sa ma arunce in apa, sa ma traga de picioare sub apa sau sa tina de picioare si sa-mi tina capul sub apa…niciuna nu a reusit, insa am re-invatat o lectie zdravana: trebuie sa ma pun la punct cu tinutul respiratiei sub apa…ca nu mai tine jucaria 🙂

Partea frumoasa din toata calatoria se gaseste pe blogul lui sin, anume: vizita la manastirea-cetate Biertan si motocross-ul din Copsa Mica. Restul a fost mers la piscina, plimbat prin oras, vazut film si dat task lui monsieur sa citeasca 30 de articole din Catavencu.

Mi-a placut evadarea asta neprevazuta in Medias, iar calatoria cu trenul inapoi spre Bucuresti a fost fructificata prin multe telefoane catre monsieur sa-mi explice cum sta treaba cu policy-based VPN, route-based VPN, failover routes, dynamic-peer policy-based VPN si tot numa’ jucarele haioase de la Juniper.

Ce bine e sa fii pitic si sa ai pe cine sa intrebi 😡 !!!

start wearing purple!

Posted: March 27, 2009 in media-culture
Tags: ,

Start wearing purple wearing purple
Start wearing purple for me now
All your sanity and wits they will all vanish
I promise, it’s just a matter of time…

Youtube link

Vin din nou in Romania, pe 17 iunie, iar de data asta sper sa nu-i mai ratez ;))

help – networking

Posted: March 25, 2009 in technical
Tags: ,

pentru ca am intrat in criza de timp si, ori nu sunt eu prietena cu Google, ori nu am cautat suficient si cu destula atentie, dar nu pot rezolva problema de mai jos, therefore I would appreciate any help 🙂

…luat cu copy-paste din mailurile trimise pe rlug-offtopic

*** singura “descoperire” so far este modul de lucru al switchului in 2 feluri: campus-mode si isp-mode; campus-mode, dupa autentificare (pe un vlan – temporar) arunca userul intr-un alt vlan – permanent — eu nu am gasit cum anume se face asta si cum se trece/daca se poate trece _cumva_ intre campus-mode si isp-mode

————–

Salut

De cateva zile ma chinui sa fac un scenariu de 802.1x – MultiAuth unicast. Clientul
e o aplicatie proprietara care genereaza trafic EAPoL – 802.1x, authenticatorul este Summit48si ExtremeWare Version 7.3.0.49 [non-ssh], iar serverul de autentificare este un ACS 4.1.

1.
Aplicatia-client este cea pe care o testez ca face ok generarea de trafic EAP; ce vine peste EAP e irelevant – problema se pune atunci in ACS;
2. Switchul – Summit a fost ales pentru ca stie sa faca 802.1x (netlogin) si pe porturi taggate (trunk) – ideea este ca traficul pe care eu il trimit sa fie incapsulat EAP, dar si cu tag de vlan – asta e testul;
3. ACS-ul are un set de useri si politici de acces (care sunt configurate si pe client).

Problema: autentificarea da cu Fail, Summit-ul imi inchide porturile si raporteaza Auth failed, desi ACS-ul inregistreaza in loguri ca userii au fost autentificati.

Nu’s Summit guru, si nici nu am cautat pana mi-au iesit peri albi pe Google; oricum, informatiile referitoare la switch-ul asta sunt destul de sumare, chiar si in UserGuide-ul lor 😦

Multumesc,
Cristina

—————————————————————————
Config Summit:

configure sys-health-check alarm-level Log
create vlan “vlan10”
create vlan “vlan20”
create vlan “st10”
create vlan “st6”
create vlan “st7”
create vlan “st8”
create vlan “st9”

#
# Route Map Configuration.
#

#
# Config information for VLAN Default.
configure vlan “Default” tag 1    # VLAN-ID=0x1  Global Tag 1
configure stpd s0 add vlan “Default”
configure vlan “Default” ipaddress 60.60.60.3 255.255.255.0
configure vlan “Default” add port 1 untagged
configure vlan “Default” add port 2 untagged
configure vlan “Default” add port 3 untagged
configure vlan “Default” add port 4 untagged
configure vlan “Default” add port 5 untagged
configure vlan “Default” add port 49 untagged
configure vlan “Default” add port 50 untagged
#
# Config information for VLAN vlan10.
configure vlan “vlan10” tag 10    # VLAN-ID=0xa  Global Tag 4
configure vlan “vlan10” add port 17 untagged
configure vlan “vlan10” add port 21 tagged
configure vlan “vlan10” add port 22 tagged
configure vlan “vlan10” add port 23 tagged
configure vlan “vlan10” add port 24 tagged
configure vlan “vlan10” add port 25 tagged
configure vlan “vlan10” add port 26 tagged
configure vlan “vlan10” add port 27 tagged
configure vlan “vlan10” add port 28 tagged
configure vlan “vlan10” add port 29 tagged
#
# Config information for VLAN vlan20.
configure vlan “vlan20” tag 20    # VLAN-ID=0x14  Global Tag 5
configure vlan “vlan20” add port 18 untagged
configure vlan “vlan20” add port 30 tagged
configure vlan “vlan20” add port 31 tagged
configure vlan “vlan20” add port 32 tagged
configure vlan “vlan20” add port 33 tagged
configure vlan “vlan20” add port 34 tagged
configure vlan “vlan20” add port 35 tagged
configure vlan “vlan20” add port 36 tagged
configure vlan “vlan20” add port 37 tagged
configure vlan “vlan20” add port 38 tagged
#
# Config information for VLAN st10.
configure vlan “st10” tag 510    # VLAN-ID=0x1fe  Global Tag 6
configure vlan “st10” add port 16 untagged
configure vlan “st10” add port 5 tagged
configure vlan “st10” add port 6 tagged
configure vlan “st10” add port 7 tagged
configure vlan “st10” add port 8 tagged
configure vlan “st10” add port 9 tagged
configure vlan “st10” add port 10 tagged
configure vlan “st10” add port 11 tagged
#
# Config information for VLAN st6.
configure vlan “st6” tag 506    # VLAN-ID=0x1fa  Global Tag 34
configure vlan “st6” add port 12 untagged
configure vlan “st6” add port 5 tagged
configure vlan “st6” add port 6 tagged
configure vlan “st6” add port 7 tagged
configure vlan “st6” add port 8 tagged
configure vlan “st6” add port 9 tagged
configure vlan “st6” add port 10 tagged
configure vlan “st6” add port 11 tagged
#
# Config information for VLAN st7.
configure vlan “st7” tag 507    # VLAN-ID=0x1fb  Global Tag 35
configure vlan “st7” add port 13 untagged
configure vlan “st7” add port 5 tagged
configure vlan “st7” add port 6 tagged
configure vlan “st7” add port 7 tagged
configure vlan “st7” add port 8 tagged
configure vlan “st7” add port 9 tagged
configure vlan “st7” add port 10 tagged
configure vlan “st7” add port 11 tagged
#
# Config information for VLAN st8.
configure vlan “st8” tag 508    # VLAN-ID=0x1fc  Global Tag 36
configure vlan “st8” add port 14 untagged
configure vlan “st8” add port 5 tagged
configure vlan “st8” add port 6 tagged
configure vlan “st8” add port 7 tagged
configure vlan “st8” add port 8 tagged
configure vlan “st8” add port 9 tagged
configure vlan “st8” add port 10 tagged
configure vlan “st8” add port 11 tagged
#
# Config information for VLAN st9.
configure vlan “st9” tag 509    # VLAN-ID=0x1fd  Global Tag 37
configure vlan “st9” add port 15 untagged
configure vlan “st9” add port 5 tagged
configure vlan “st9” add port 6 tagged
configure vlan “st9” add port 7 tagged
configure vlan “st9” add port 8 tagged
configure vlan “st9” add port 9 tagged
configure vlan “st9” add port 10 tagged
configure vlan “st9” add port 11 tagged
disable telnet
enable web http
disable web https
# SNMP Configuration

enable cli-prompt-number

# Load Sharing Configuration
configure lacp keep-alive 10

# Protocol definitions

# Spanning tree information

# GVRP configuration

# MAC FDB configuration and static entries

configure ipfdb agingtime 0

# — IP Interface[0] = “Default”

# Global IP settings.
#
# IP ARP Configuration
configure iparp max-entries 8192
#
# IP Route Configuration
configure iproute add default 60.60.60.1 1
# Multicast configuration
disable igmp snooping
enable igmp snooping vlan “Default”
enable igmp snooping vlan “MacVlanDiscover”
enable igmp snooping vlan “vlan10”
enable igmp snooping vlan “vlan20”
enable igmp snooping vlan “st10”
enable igmp snooping vlan “st6”
enable igmp snooping vlan “st7”
enable igmp snooping vlan “st8”
enable igmp snooping vlan “st9”
# RIP interface configuration
# RIP global parameter configuration

enable radius
configure radius primary shared-secret encrypted “TMH”
configure radius timeout 30
configure radius primary server 60.60.60.1 1645 client-ip 60.60.60.3
configure radius primary server 60.60.60.1 timeout 30

# Network Login Configuration
enable netlogin port 5 vlan st6
enable netlogin port 6 vlan st6
enable netlogin port 7 vlan st6
enable netlogin port 8 vlan st6
enable netlogin port 9 vlan st6
enable netlogin port 10 vlan st6
enable netlogin port 11 vlan st6
enable netlogin port 5 vlan st9
enable netlogin port 6 vlan st9
enable netlogin port 7 vlan st9
enable netlogin port 8 vlan st9
enable netlogin port 9 vlan st9
enable netlogin port 10 vlan st9
enable netlogin port 11 vlan st9
enable netlogin port 5 vlan st10
enable netlogin port 6 vlan st10
enable netlogin port 7 vlan st10
enable netlogin port 8 vlan st10
enable netlogin port 9 vlan st10
enable netlogin port 10 vlan st10
enable netlogin port 11 vlan st10
enable netlogin Session-Refresh 1

——————————————————————-
Erori pe care le vad pe Summit cand rulez testul:

03/25/2009 00:39:10.56 <Info:SYST> Authentication failed for DOT1X user fast-nac Mac 00:3d:ca:78:01:01 Port 9
03/25/2009
00:39:11.03 <Info:USER> Network Login 802.1x User fast-nac logged
in (0.0.0.0) Mac 00:3d:ca:78:01:05 Port 9 Vlan st9
03/25/2009 00:39:11.03 <Info:USER> Network Login 802.1x User fast-nac Logged into VLAN st9
03/25/2009
00:39:11.03 <Info:SYST> Network Login failed for CAMPUS-MODE user
fast-nac mac 00:3d:ca:78:01:05 (Dest. vlan st9) : port 9 is a tagged
port for Vlan st9
03/25/2009 00:39:11.03 <Info:SYST> Authentication failed for DOT1X user fast-nac Mac 00:3d:ca:78:01:05 Port 9
03/25/2009
00:39:11.06 <Info:USER> Network Login 802.1x User fast-nac logged
in (0.0.0.0) Mac 00:3d:ca:78:01:04 Port 9 Vlan st9
03/25/2009 00:39:11.06 <Info:USER> Network Login 802.1x User fast-nac Logged into VLAN st9
03/25/2009
00:39:11.06 <Info:SYST> Network Login failed for CAMPUS-MODE user
fast-nac mac 00:3d:ca:78:01:04 (Dest. vlan st9) : port 9 is a tagged
port for Vlan st9
03/25/2009 00:39:11.06 <Info:SYST> Authentication failed for DOT1X user fast-nac Mac 00:3d:ca:78:01:04 Port 9
03/25/2009
00:39:11.18 <Info:USER> Network Login 802.1x User fast-nac logged
in (0.0.0.0) Mac 00:3d:ca:78:01:03 Port 9 Vlan st9
03/25/2009 00:39:11.18 <Info:USER> Network Login 802.1x User fast-nac Logged into VLAN st9
03/25/2009
00:39:11.19 <Info:SYST> Network Login failed for CAMPUS-MODE user
fast-nac mac 00:3d:ca:78:01:03 (Dest. vlan st9) : port 9 is a tagged
port for Vlan st9
03/25/2009 00:39:11.19 <Info:SYST> Authentication failed for DOT1X user fast-nac Mac 00:3d:ca:78:01:03 Port 9

————————————————————–

ACS imi da pe toti userii folositi in acest test authentication successful.

—————————————————————-

Shtrumphii in Bucuresti!!!

Posted: March 20, 2009 in media-culture
Tags:

Caty  mi-a dat azi super-veste: la BCU este o expozitie cu creatiile belgianului Peyo, mai exact (si care ma privesc in mod direct): STRUMFII.

Sper sa pot ajunge si eu cat mai curand 8->

smurfs

Un articol detaliat am gasit in frontpress

muzica buna

Posted: March 19, 2009 in media-culture
Tags:

pe care o voi rata, din nou;

este vorba despre concert Byron, diseara:

http://www.sofresh.ro/2009/03/18/byron-the-silver-church-19-martie/

despre summit

Posted: March 18, 2009 in technical
Tags: ,

Este vorba de Summit48-ExtremeWare, jucaria celor de la Extreme Networks. Numai daca te uiti pe datasheet iti vine sa sari pe primul geam care-ti iese in cale (iar eu sunt la etajul 6 acum :p ) 

In afara lipsei de documentatie pusa la punct, am orbecait cateva ore prin filosofia lor de switching, de tagging de vlan-uri si de alte nebunii legate de diffserv. 

Sunt curioasa cum oi face si dot1x – multi auth pe el, ca se lauda ca stie, si ca stie inca mai bine si mai performant decat Cisco.

duminica dimineata

Posted: March 15, 2009 in thoughts
Tags: , , ,

Pentru ca au venit ai mei parinti pe la mine si au luat-o si pe bunica. Si, cu toata bucuria de a-i vedea, nebunia care se isca de fiecare data cand ne vedem ma scoate din ritmul meu de duminica dimineata.

“Ti-am adus lenjerie de pat cu Formula 1, ca stiam ca-ti place” ->”Da, mersi, o sa o pun pe pat data viitoare” ->”Hai, mami, desfa-o sa vezi cum e” -> “Nu acum, ca nu e loc, hai sa aducem fotoliile”

meantime: “Vreti cafea??!!” -> noi, tare, in cor: “DAAA!!!”

“De ce tipa?…Hai, mami, ca desfac eu lenjeria. Sa vedeti ce frumoasa e, o am de la fina ..” -> “Nu o mai desface acum, ti-am zis” -> conversatie care dureaza, sisific, inca vreo 5-6 replici, iar rezultatul este o lenjerie de pat imensa, intinsa pe covorul din camera.

Apoi cafea, zahar, frisca, la ibric sau la filtru sau la expresor, fotoliile din piele noi, unde le asezam, cum le asezam, aruncam sau nu biroul actual, luam altul sau nu, ne mai place sau nu frigiderul sau luam altul, “ar trebui sa renovati si voi baia”. Iar ceea ce ma calca pe nervi de fiecare data este faptul ca mama atenteaza la pinguinul si la pisica si mai nou la perna cu Mickey&Minnie de la monsieur.

Nebunie, forfota, agitatie, nervi intr-o dimineata frumoasa de duminica, dimineata in care as fi vrut sa dorm mai mult de 7 jumate …ca in restul saptamanii si sa ma plimb prin Herastrau.

personality disorder

Posted: March 13, 2009 in thoughts
Tags: , , , , ,

“Ma indrept voios spre puscarie…pentru pedofilie”…ca sa-i citez pe clasicii in viata

La sugestia colegilor de munca, dupa vreo cateva crize de Juniper, Stoke, Sonicwall si xTreme si alte cateva aspecte de tip NDA, imi fac si eu test de personality disorder. Rezultatele (pe care nu le public aici) arata ca le pot spune lejer “medicilor” care m-au consultat pana acum : “v-am facut, fraierilor”.

Pentru a mentine o lista consecventa a preferintelor, pe toate domeniile, azi avem

Children of Bodom – Funny as Hell

si 

Carla Bruni – Tout le Monde

Orpheus aux Enfers

Posted: March 12, 2009 in media-culture
Tags: ,

Cred ca am ramas cu sechele de la Watchmen, mai exact de la The Comedian. Cred ca solutia la multe probleme care defapt nu au solutie, sau aceasta nu se gaseste la persoana in cauza…este sa treci peste, sa iei situatia in gluma, ca oricum nu ai ce face.

Asa se face ca am revenit incet-incet la Offenbach si ale lui opere “buffe”, precum Orpheus aux Enfers. Prefer varianta in franceza, pentru ca imi place Natalie Dessay.

Am gasit pe youtube finalul de la Orpheus aux Enfers, cu soprana de mai sus. Enjoy 😉

In sfarsit am pus si eu mana pe albumul celor de la Interitus Dei…si il ascult in continuu de 2 zile:

acov_tid76123

01. In Motion
02. When the Metal Meets the Flesh
03. Pagan and Proud
04. Rain of Fire
05. The Portrait of Pain
06. Lord of Flies
07. Arabia
08. Strained
09. The Memories of the Snake
10. Deny Denial
11. Hasta Siempre Comandante Che Guevara