weblog home :: tech

Tue, 24 Nov 2009

Running RANCID on top of BZR and with multihop
Long time, no write. Been busy moving countries, as you do.

Started a new job too. Been setting up RANCID and wanted to pull together all the pieces here:

RANCID

Let's start in the obvious place, www.shrubbery.net/rancid/. I prefer my own, slightly different, expansion of the acronym. Really Awesome Network ConfIg Differ. If you are not backing up or versioning the configuration of your networking equipment you really should take a look at it.

Patches for RANCID to use BZR

RANCID only offers CVS and SVN support out of the box. I've been using BZR for a while and strongly prefer it. Thankfully someone has provided patches to add BZR support.

Patches for RANCID to do multihop

One of the other things I needed to add was support to reach a device via another device. I used the instructions from here and the updated patch from here. My config looks a little something like

add user HOSTNAME {USER}
add password HOSTNAME {PASSWORD}
add autoenable HOSTNAME 1
add method HOSTNAME usercmd
add usercmd HOSTNAME {/usr/local/rancid/bin/clogin} {VIA_HOSTNAME}
add usercmd_chat HOSTNAME {#} {telnet IP_ADDRESS\r} {User Access Verification} {}

Note that the host we are going via is already defined so we can reuse it's clogin details to reach it (though I did need to provide the full path to clogin).

Loggerhead

To serve the BZR repo via a web interface I turned to Loggerhead. The only issue I have is trying to hide the RANCID log directory because I am serving it as a "directory of branches" straight out of rancid/var.

[2009/11/24 / tech / software permanent link]

Mon, 20 Apr 2009

Series of Scalability Articles by Haytham El-fadeel
As the title says...
Art of scalability (1) - Scalability principles
Art of scalability (2) - Scalability guidelines part 1
Art of scalability (3) - Scalability guidelines part 2
Art of scalability (4) - Scalability guidelines part 3

[2009/04/20 / tech / internet permanent link]

Thu, 05 Feb 2009

Bernadette McMenamin applying the spin, again...
Australian IT is carrying a blog post by Bernadette McMenamin which is just full of mis-representation and spin.
One of the most horrendous developments that we have experienced in the last 15 years is the dramatic explosion in the global trade of child sexual abuse images on the internet.
No one really knows the true quantities because it is mostly traded via peer to peer and over encrypted networks. And none of these channels will be addressed by the proposed filter. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_stats
76 per cent would change to an ISP that blocked child pornography
There are ISPs that provide filtered access already, yet their market share is not overly large so while the polls track the sentiment it doesn't appear to flow through to action. Markets respond to demand, it's clearly not there. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_10
Law enforcement and education are also key strategies and prominent in the Federal Government's Safe internet Policy.
So why is the AFP budget for this going down and not up? Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_38
Hundreds of millions of dollars is already being spent on law enforcement which is commendable but this only addresses the problem after the abuse has occurred.
ISP filtering has the same problem.
Critics of this new scheme have argued that ISP filtering of child sexual abuse images simply will not work. However these filters are actually working very effectively in Scandinavian countries and in the UK as well as in recent trials in New Zealand.
None of these examples is representative of what the ALP is proposing. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_6
Critics have also argued that ISP filtering will be costly and slow down the internet. Again based on overseas experience this is not the case.
The New Zealand trial is not equivalent to what the ALP is proposing. Nor does it refute the view that the filtering will slow access speeds.
My argument is that how can blocking illegal material (which should not be produced or stored in the first place) be censorship?
And many, if not all, would agree with you. But the ALP is proposing to block prohibited material not all of which is illegal. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_21
Having said that I remain open minded as I hope the critics of the scheme will wait until the trials have been independently conducted to decide on whether Australia should take this leap into ISP filtering.
I think we're all keen to see the results of the trials. Just have to wait till they are completed... ...any minute now...

[2009/02/05 / tech / internet permanent link]

Tue, 17 Jun 2008

Firefox 3 Download Day


"Set a Guinness World Record, Enjoy a Better Web. Sounds like a good deal, right? All you have to do is get Firefox 3 during Download Day to help set the record for most software downloads in 24 hours - it's that easy."

[2008/06/17 / tech / software permanent link]

Virtualisation Buzzwords
So I was thinking a bit more about virtualisation buzzwords after my discovery the other day.

"Virtualisation 1.0" appears to be the concept of virtualising physical hosts onto a defined set of infrastructure. Whether the VM farm is in-house or outsourced is largely irrelevent. What is important for buzzword compliance is that there is still a farm with limits, location etc.etc.

"Virtualisation 2.0" appears to be the concept of virtualising physical hosts onto "clouds". The VM farm is provided by infrastructure-as-a-service and it's implied that limits, location etc.etc. are non-issues because they are "someone else's problem".

The problem is that the possibilities in this space are not easily pigeon-holed into only two catergories. It just does a disservice to whatever you are trying to describe to fall back on these kinds of buzzwords.

[2008/06/17 / tech permanent link]