I recently had the opportunity to provide Internet connectivity to the first Airsoft Arms Fair so the Stall operators could show YouTube videos, Retailers could utilise Paypal and so media outlets could do Live blogging or upload high resolution pictures throughout the day. The core of this setup was a series of 3G Modems linked up with 3G to ethernet devices such as the Solwise NET-3G-3GWIFIMRW. These were backed off onto a server running Squid and BIND with DHCP containing all the relevant proxy auto config data (plus some IPTables magic for those that didn't play nice). Couple ...

One of the common issues that appears when integrating a hybrid vision of Hosted Exchange with someones existing infrastructure (so not really Hosted Exchange at all!) is synchronising credentials between the Exchange Server and the local machines or for the more tech savvy the 'hackiness' of having disparate forests. Cross Forest trusts are a possibility and merging one with the other (i.e having the Hosted Exchange solution bound to the existing domain) is another but there are many issues with that (mostly political). What I intend to do is utilise the 'Branch office' concept that ...

With the initial tests over it was time to actually move over to 'real' IPv6 addresses. After applying for a tunnel from SixXS it was time to set it up. Unfortunately none of my JUNOS or Cisco IOS images have IPv6 support so rather than buying another 2600XM I decided to use the Windows Server 2008 server that performs IPv6 DHCP as the router. The advice for setting up a tunnel on the Wiki only covers up to Windows Server 2003 and is below: netsh interface ipv6 install netsh interface ipv6 add v6v4tunnel SixXS [Your IPv4 Endpoint] [PoP IPv4 Endpoint] netsh interface ipv6 add ...

We already know that disabling IPv6 on a 2008 & Exchange 2007 server breaks things but what if we go IPv6 only? IPv6 Only Domain Controllers: The installation didn't cause any trouble but after initially logging on and running a DCDiag we see this: It turns out that the install of the DNS Server had set the NIC's properties to be ::1 but the DNS Server was only listening on the Static Site Local address FEC0::2 and its self assigned Link Local. This of course caused all DNS reliant checks to fail and cause a whole world of pain.           Changing the ...

IPv6 is coming and I'm trying to stay ahead of the curve on this one so I'm moving the NAMOS LAN over to an IPv6 network [public services such as DNS, Web and mail are already running on IPv6] which means in the meantime I'm going to have to go through some of the transitional pains. Armed with a [now depreciated] netblock I set about the practise run for the Plan O' Doom. Configuring the scopes is easy and so doesn't really need to be covered but in order to split my /48 [SixXS subnets are /48] into more usable subnets I cheated on the calculations and used Rhys Koedijk's IPv6 Subnet ...

Well I'm back from my trip to New York and I've brought back a couple of things. With the most tracks HOPE has ever had I was truly spoilt for choice but I spent most of my time [when I wasn't showing our US friends how drinking should be done] visiting talks that had potential datacenter impact. Kevin Figueroa, Marco Figueroa and Anthony L. Williams reminded me that VLAN's and other layer 2 stuff is still vulnerable to many attacks. Most are just Denial of Service stuff that would be detected almost instantly and very easily fixed (although not easily preventable) but the cross VLAN ...

The new version of Fedora is upon us, Rejoice! Feature List Where to get it Update - 22/11/2007 In little under 2 weeks I've seeded nearly 40Gb! Ubuntu 7.10 has only seeded 33Gb and has been out for twice as long. Read into that what you will! ...

This months updates have meant that a lot of my servers now have outdated packages. Bandwidth isn't really too much of problem when it comes to my RHEL servers as they sit on 100mbit connections in Telehouse and Texas, however all my home and office based CentOS servers sit on a mixture of 2Mbit SDSL, 20Mbit Cable and 8Mb ADSL connections. Thats not really a lot of bandwidth for what could be a couple of gigs of data, especially when you consider that most of these lines sit at around 80% capacity (I know I know, don't ask....). For those SysAdmins with hundreds of servers in a datacenter ...

Anyone travelling through Reading may have at some point seen the unsecured wireless network called NAMOS. Well thats me. The Network isn't totally insecure, the Access Points sit behind a Juniper NS5GT and all web / IM / mail is piped through a BlueCoat Security Appliance. I noticed that the client stats were increasing and I was wondering what people were doing with the system. As indicated earlier a Firewall and Security appliance sits between the wireless and my Internet router, the Firewall only allows Web, IM and IMAP/POP3 through. So I was thinking what would these people would ...