Category Archives: maintenance - Page 2

Cisco MDS “fabric merge” and “switch add” prerequisites

Cisco MDS

Prerequisites when adding a new SAN switch to an existing SAN fabric

When using enhanced device aliases, make sure you enable this on the new switch as well:

device-alias mode enhanced
device-alias commit

You can verify if this is enabled on an existing switch by this command:

sh run | grep “device-alias mode”

Read more »

Uptime defined, or what is uptime exactly?

Five nines

You often hear vendors mentioning their system has five 9s of uptime, but what exactly is uptime?

Some define uptime only for their own specific piece of technology. For example, a storage array with five 9s uptime, can only tolerate 5 minutes and 15 seconds of downtime per year, but if your network vendor also has a five 9 uptime specification and your power company and your data center and your internet provider and a whole lot of other components…. do the math!

Read more »

Troubleshooting connectivity issues on a Brocade SAN

Fog

I recently had the “pleasure” to figure out what was wrong with a Brocade based SAN environment. Servers were loosing connectivity on one of the HBAs, but all links were online and further investigation was necessary.

Going through all the error counters on each of the long wave SFPs finally revealed one of the SFPs’ health as marginal (hence it was still online, but very buggy indeed). The webtools GUI showed this particular SFP als orange instead of green. Disabling and re-enabling this SFP didn’t help and I decided to shut this SFP for good. And guess what: all my troubles went away. The trunk this SFP was in went back to a non-redundant, but healthy state and all servers got back to normal operations and got their redundant paths back.

So to summarize the story: look for marginal or even faulted SFPs when vague connectivity issues arise. If links are redundant, shutting the faulty one might help.

How to get started setting up ESRS on the latest OE for Block and MCx codes

It’s just another short post on a single command again. This time I was looking for an easy way to get started on ESRS on the latest OE for Block code or the newer MCx code (33.071 or newer).

First of all you need to set up DNS in your VNX machine. In Unisphere, go to settings and click on “configure DNS”.

Also, if there’s a firewall blocking internet traffic, you need to make sure the storage processors can reach *.emc.com over tcp ports 443 and 8443.

After this you can use the following command on the CLI:

naviseccli -h [SPx ip#] esrsconfig -agentProvision -user [Online Support logon name] –password [Online Support super secret password]

Repeat this for the other SP as well.

Read more »

Tracking the FREAK Attack

Now what? Yet another vulnerability exposed?

On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. This site is dedicated to tracking the impact of the attack and helping users test whether they’re vulnerable.

At the moment it seems that only Firefox is safe to use! And needlessly to say that you should ALWAYS be aware of unsafe content. Try not to click anywhere unless you really trust the website!!!

The FREAK attack was discovered by Karthikeyan Bhargavan at INRIA in Paris and the miTLS team. Further disclosure was coordinated by Matthew Green. This report is maintained by computer scientists at the University of Michigan, including Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman. The team can be contacted at [email protected].

For additional details about the attack and its implications, see this post by Matt Green, this site by the discoverers, this Washington Post article, and this post by Ed Felten.

Please visit this website to find out more about the vulnerability of your browser or website: https://freakattack.com/

 

Source: https://freakattack.com/