Pancakes’s HOWTO for newbies

Dear readers,

It is not usual to have a cook blog post here. I am not aware of cooking things, but to please my daughter I test this one and it was a success.

Here it is a HOWTO to make pancakes. I am a newbie in cooking, so it is easy.

Recipe for 6-8 pancakes
Preparation time : 10 minutes
Cooking time : 20 minutes
Total time of the recipe : 30 minutes

ingredients:

  • 4 eggs
  • 1 packet baking powder
  • 200 g flour
  • 2 tablespoons sugar
  • 1 pinch of cinnamon
  • 50 g butter (not that it attaches ) so it equals to 3 x 1/2 tablespoons
  • 15 cl of milk
  • 3 soup spoons of oil (sunflower-type)
  • 1 teaspoon salt

 

HOW TO :

  • Beat eggs
  • Mix the milk with the eggs
  • Add sugar
  • In a bowl, put the yeast , flour , cinnamon and salt
  • Add the eggs with the milk and sugar
  • Add oil
  • mix
  • Heat a frying pan (for induction cooking : level 5)
  • Put a little butter
  • Once the simmering butter, pour a ladle of batter
  • When you see small bubbles up over the entire surface of the pancake : turn
  • Let the other side cook for 1 to 2 minutes
  • Well put butter between each pancake
photo-3
photo-2

 

SFR, Numericable, Bouygues Telecom, Free et les autres

Sorry for english readers, it will be a french article today.

Cet article n’est juste que ma réflexion et n’engage que moi. Ceci n’est peut-être pas votre vision. Si mes arguments ne sont pas fondés, je suis ouvert à la discussion.

Dans le feuilleton du mois de Mars qu’est le rachat de SFR, où les protagonistes sont Bouygues Telecom et Altice/Numericable, l’état en la représentation par M. MONTEBOURG se positionne et participe au choix économique. Je trouve que l’état va au devant d’une catastrophe ou de catastrophes.

Un exemple simple : on va tous dans les centres commerciaux. Généralement les boutiques Orange, SFR et BouyguesTelecom y sont présentes. D’un point de vue pragmatique comment M. MONTEBOURG peut croire que le futur groupe BouyguesTelecom/SFR maintiendra partout en france des doubles boutiques (avec les salariés associés) ? Si franchement l’état croit cela, on est franchement mal engagés dans le monde d’aujourd’hui…

Néanmoins, cela n’enlève rien au fait qu’avec la pression médiatique/lobbyiste/financière de la part de Bouygues Telecom, ce dernier va racheter SFR. Les trois seules choses auxquelles je crois via cet état de fait :

  • Free n’augmentera pas ses prix suite à l’obtention de ce réseau mobile
  • Orange et BouyguesTelecom/SFR vont s’entendrent comme larrons en foire…
  • Cela va en effet réduire le nombre d’acteurs et consolider Orange et BT/SFR

Une fois le réseau mobile de Bouygues revendu à Free, l’ensemble Bouygues ne sera rien d’autre que SFR en somme. Les salariés Bouygues Telecom en charge du réseau mobile feront quoi ? Travailleront sur le réseau SFR ? Euh, il n’y a pas double emplois ? Non mais bien sûr 😉 Vous croyez vraiment que cela sera le monde des bisounours lorsque les actionnaires demanderont leur dividende ? Que ce nouveau numéro 2 des télécoms vous écoutera lorsque le pôle comptable donnera la note à la direction générale ?
La variable d’ajustement pour sortir ces dividendes ne sera pas les emplois ?
Les mensonges n’engagent que ceux qui les écoutent M. MOUTEBOURG. Une simple lettre de M. Martin BOUYGUES vaut certitudes ? Que ferez-vous le jour où les nécessités économiques (dans un futur proche) généreront des pertes d’emplois. Tous les salariés ne pourront pas être reconvertis…
Ah bah oui comme tout bon homme politique, vous nous ferez une belle posture d’indignation, mais vous ne nous remettrez pas en cause.

Bref, nous le bas peuple, on ne comprend rien aux grand enjeux qui se jouent à Paris dans les cercles restreints du pouvoir et lobbyistes 😉

Ah oui, dans l’histoire la revente de certaines fréquences du dividende numérique (prévision de 3 milliards d’euros de recette) n’aura sans doute aucun intérêt, vu que le seul nécessitant ces fréquences en disposera une fois avoir racheter pour une bouchée de pain celles Bouygues Telecom.
J’espère sincèrement que l’argent qui devait rentrer au sein de l’état sur cette vente n’est pas déjà dilapider ?!
Le seul intérêt que je vois à cela, sera que ces fréquences seront (et je l’espère) soit libérées, soit accordées (sous gestion arcep) à certains opérateurs pour aménager le territoire avec des technologies alternatives. Ceci aura au moins l’intérêt de générer de la croissance pour ces TPE, PME qui travaillent dans ce domaine.

Ne dressons pas un tableau idyllique de l’autre protagoniste de ce feuilleton : Numericable n’est pas non plus un amant parfait. Le rachat de SFR générerait un groupe ultra endetté, dont le siège Ceci engendre généralement une gestion ultra serrée et parfois des drames sociaux. En revanche, si on reprend les premiers arguments :

  • Numericable ne dispose pas d’un réseau mobile : pas de double emplois
  • Numericable ne dispose pas d’un réseau de boutique à large échelle et encore moins dans le domaine du mobile

Ce que je pense : Bouygues Telecom va racheter SFR, dans un futur à moyen terme cela va générer des pertes d’emplois certains dans les boutiques et sur le réseau, mais encore une recette sur le dividende numérique qui ne sera pas là.
Bref que du bonheur dans le monde des télécoms. J’espère me tromper.

Equivalent to CEF on Redback router

This a question which I ask for a long time : is this e Cisco CEF equivalent on Redback router ?

A friend gives me the answer :

[VRF_FOOBAR]75TOTO-SE400-01#sh ip route 172.16.116.98      
    Longest match Routing entry for 172.16.116.98/32 is 172.16.116.98/32 , version 20
    Route Uptime 38w6d
    Paths: total 1, best path count 1 

    Route has been downloaded to following slots
      iPPA: 01 
    Skipped? No

    Path information : 

      Active path : 
      Known via adjacency, type-hidden route, distance 254, metric 0,
      Tag 0, Next-hop 172.16.116.98, NH-ID 0x3450014E, Adj ID: 0x160, Interface 1/5.13717
      Circuit 1/5:1023:63/1/2/440
[VRF_FOOBAR]75TOTO-SE400-01#

 

You can see there that the packet will live the router by port 1/5. You can confirm this by :

[VRF_FOOBAR]75TOTO-SE400-01#show card all fib 172.16.116.98
Slot 1:
Prefix             Next Hop        Interface                Next Hop Grid
172.16.116.98/32   172.16.116.98   1/5.13717                0x3450014e
[VRF_FOOBAR]75TOTO-SE400-01#

Now, you can see as “sh ip cef … adjacency” :

[VRF_FOOBAR]75TOTO-SE400-01#sh card 1 adjacency | begin 0x3450014e
    NH-Grid 0x3450014e 
    Encap type dot1q, function ether_dot1q_adj_ip_resolved
    e05fb9a6 693c0030 88147df0 81000e85  encap_len 18

 

05fb9a6 693c : destination MAC address
0030 88147df0 : source MAC address
8100 : ethernet encapsulation
0e85 : vlan ID : here 3717
18 : length

For VLAN ID here :

[VRF_FOOBAR]75TOTO-SE400-01#sh bindings 
1/5 vlan-id 3717                 Up    dot1q            interface  1/5.13717@VRF_FOOBAR
[VRF_FOOBAR]75TOTO-SE400-01#

xconnect, wireshark and cie

I have already make tiny lab with xconnect, but my curiosity has been recently exacerbated so that I can see exactly how it works…

sc

 

 

 

 

 

 

 

 

 

What occurs behind the scene when you press ENTER (the reflexive command has already been pushed on R4) ?

R6(config-if)# xconnect 4.4.4.4 1111 encapsulation mpls

 

You can see on R4 :

R4#debug mpls ldp targeted-neighbors
LDP Directed Adjacency changes debugging is on
R4#debug mpls ldp transport connections 
LDP transport connection events debugging is on
R4#debug mpls ldp transport events 
LDP transport events debugging is on
[...]
*Aug 17 22:22:17.663: ldp: Peer LDP Id set to 6.6.6.6:0 for trgt 6.6.6.6, lcl addr = 4.4.4.4
*Aug 17 22:22:17.667: ldp: Rcvd ldp dir hello to 4.4.4.4 from 6.6.6.6 (6.6.6.6:0); FastEthernet0/1; opt 0xF
*Aug 17 22:22:17.671: ldp: ldp Hello from 6.6.6.6 (6.6.6.6:0) to 4.4.4.4, opt 0xF
*Aug 17 22:22:17.671: ldp: New directed adjacency 0x67A32E68 to 4.4.4.4 from 6.6.6.6 (6.6.6.6:0)
*Aug 17 22:22:17.675: ldp: Immediately request dhcb send hello back from 4.4.4.4 to 6.6.6.6
*Aug 17 22:22:17.675: ldp: local idb = targeted, holdtime = 90000, peer 6.6.6.6 holdtime = 90000
*Aug 17 22:22:17.675: ldp: dhcb intvl mbr cnt = 1, intvl = 10000, target = 6.6.6.6
*Aug 17 22:22:17.679: ldp: Opening listen port 646 for 6.6.6.6, 6.6.6.6
*Aug 17 22:22:17.683: ldp: No MD5 password protection for peer 6.6.6.6:0
*Aug 17 22:22:17.683: ldp: Registered TCB with LDP TCB database tcb 0x66BB49A0 [key
R4# 1779], total 2
*Aug 17 22:22:17.683: ldp: Open LDP listen TCB 0x66BB49A0; lport = 646; fhost = 6.6.6.6; with normal priority
*Aug 17 22:22:17.683: ldp: Add listen TCB to list; tcb 0x66BB49A0 [key 1779]; addr 6.6.6.6
*Aug 17 22:22:17.683: ldp: Send ldp dir hello; no idb, src/dst 4.4.4.4/6.6.6.6, inst_id 0
*Aug 17 22:22:18.027: ldp: Rcvd ldp dir hello to 4.4.4.4 from 6.6.6.6 (6.6.6.6:0); FastEthernet0/1; opt 0xF
*Aug 17 22:22:18.027: ldp: ldp Hello from 6.6.6.6 (6.6.6.6:0) to 4.4.4.4, opt 0xF
*Aug 17 22:22:18.027: ldp: local idb = targeted, holdtime = 90000, peer 6.6.6.6 holdtime = 90000
*Aug 17 22:22:18.027: ldp: dhcb intvl mbr cnt = 1, intvl = 10000, target = 6.6.6.6
*Aug 17 22:22:18.043: ldp: Registered TCB with LDP TCB database tcb 0x66BB4FDC [key 1780], total 3
*Aug 17 22:22:18.047: ldp: Incoming ldp conn 4.4.4.4:646  6.6.6.6:38742; with normal priority
*Aug 17 22:22:18.051: ldp: Found adj 0x67A32E68 for 6.6.6.6 (Hello xport addr opt)
*Aug 17 22:22:18.051: ldp: New t
R4#emporary adj 0x66BB5618 from 6.6.6.6
*Aug 17 22:22:18.055: ldp: Real adj 0x67A32E68 bound to 6.6.6.6:0, replacing temp adj 0x66BB5618
*Aug 17 22:22:18.059: ldp: Adj 0x66BB5618; state set to closed
*Aug 17 22:22:18.183: ldp: Data received!
*Aug 17 22:22:18.187: ldp: : peer 6.6.6.6:0 down reason reset to None
*Aug 17 22:22:18.187: %LDP-5-NBRCHG: LDP Neighbor 6.6.6.6:0 (2) is UP
*Aug 17 22:22:18.191: ldp-trgtnbr: 6.6.6.6 Received address addition notif start; flags 0x13
*Aug 17 22:22:18.195: ldp-trgtnbr: 6.6.6.6 Set peer start; flags 0x13
*Aug 17 22:22:18.195: ldp-trgtnbr: 6.6.6.6 Set peer finished; flags 0x1F
*Aug 17 22:22:18.195: ldp-trgtnbr: 6.6.6.6 Received address addition notif finish; flags 0x1

 

One LDP targeted session is build to establish the xconnect session. This targeted session is possible thanks to IGP (here OSPF).

You could read the pcap beetween R6 and R3 I have recorded. Really interesting.

http://www.cloudshark.org/captures/6e68003ead16

You can see the double MPLS tag, one for the xconnect P2P link established with R4 for the VC-ID 1111 and one to route the label through the MPLS cloud.

I hope this can help someone. For my part, I have had fun to do this tiny lab.

Welcome to world v2.0

Just to welcome my little son : Clément who was born on 15th april 2013.

IMG_14362

 

 

 

 

 

 

 

 

 

 

 

 

 

I think CCIE studies will be delayed for some time, but my desire is already there… Proof : some 2611, 3550, 1841 are here : ready to study at home 😉 So I will be back to game really nearly.

Sting concert in Rouen

For the first time of  life I have seen Sting in concert and it was in rouen : my city. It was great ! It was really great ! Thank you Sting for this awful moment ! This concert will remain etched in my memory. Ok I’m a fan!

THANK YOU !

MPLS RD, RT, label : where is the truth ?!

I was reading all my RSS feeds and I am subscribed to http://mellowd.co.uk/ccie/ . I have noticed this post for you : http://mellowd.co.uk/ccie/?p=2923 It talks about RD, RT and label about MPLS. I found this post really clear about this terms and concepts.

To sum-up :

  • RD = marks routes with an ‘id’. This ‘id’ is composed by two terms (IP_ASN:number)
    • IP_ASN : IP address or ASN
    • Number : which identify the VPN

I recommand to use IP in IP_ASN. I understand it is really easy to read : 3215:100 and not 81.252.160.88:100. The last one is less easy, but when you deploy a large MPLS cloud and you must supply some load-balancing or fail-over on different PE, the RR(Route Reflector) will choice the best route in the two : 3215:100:192.168.1.0 which is received). With IP1:100:192.168.1.0 and IP2:100:192.168.1.0 the two routes will be used, so you will be able to load balance trafic over two links.

  • RT = has for job to tell to PE in which VPN the route belongs to.

A route in a VPN is named a VPNv4 route. This route contains :

  • RD (see above)
  • RT : RT is a special extended community which flag the route such as ASN:300
  • Label = 2 labels (outer=per hop label ; inner label : identify the VPN)

In MPLS transit, IP packets are routed by label. No existence for P router of RD, RT. So the VPN existence is carried by inner tag. inner tag <=> 1 VPN.

A simple MPLS lab :

  • MP-iBGP between R3 and R5
  • OSPF Area 0 includes : R3, R4, R5
  • MPLS enabled on R3, R4 and R5

I think I don’t have to give the topology for a so easy topology.

To go further, you can see the pcap trace here : http://www.cloudshark.org/captures/44b14366b515

So : you exchange vpnv4 routes by means of MP-iBGP and access to nexthop by the corresponding tag and route to mpls nexthop MPLS friend (here R4).
Also, to access 10.0.0.0/8 from 2 : R5 must push tag 20 (vpnv4 route to this subnet) and push label 16 (to 3.3.3.3 loopback of R3).

Linux : Remote desktop && Hamachi

For those of you which need to access by means of “Remote Desktop” you can use :

  • Nomachine NX
  • Teamviewer
  • VNC

And you can use both LogmeIn Hamachi and VNC. Hamachi is a software which can make network betweeen devices. Against logmein product which lot of you know, here it is at ~~Level2~~ (OSI).

 

How you create your VPN ?

For Linux users, you must install vnc4server and hamachi (supplied by LogmeIn) package (dpkg is your friend). Then you launch your vnc server :

root@plop# vncserver 
New 'plop:1 (clucas)' desktop is plop:1

Starting applications specified in /home/clucas/.vnc/xstartup
Log file is /home/clucas/.vnc/plop:1.log

Now the VNC server is reacheable by means of 5901 (5900 + 1) port.

Then you can create your VPN network by using hamachi :

root@neptune:~# hamachi -h
LogMeIn Hamachi, a zero-config virtual private networking utility, ver 2.1.0.76

  usage: hamachi [command]

  command    specifies an action. Can be one of the following -

             #  set-nick 
                login
                logon
                logout
                logoff
             #  list
                peer 
                network 
             #  create  []
                set-pass  []
                set-access  [lock|unlock] [manual|auto]
                delete 
                evict  
             #  approve  
                reject  
             #  join  []
                do-join  []
                leave 
             #  go-online 
                go-offline 
             #  attach 
                attach-net 
                cancel
             #  gw-config 
                    [dhcp|static [net    ]
                                 [domain ]
                                 [dns  []]]
                    [del  ...]
                    [add  ...]
             #  set-ip-mode ipv4 | ipv6 | both
             #  check-update
                vpn-alias  |0
  If no command is specified, hamachi displays its status including version,
  pid, client id, online status, nickname and the LogMeIn account
root@neptune~# hamachi attach clucas@altern.org
root@neptune~# hamachi join network password
root@neptune~# hamachi go-online network

You have now access to your Linux server/desktop from anywhere by means of hamachi’s device :

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

For mac users (such as me : not a really experimented user), you have a built-in VNC client in MAC from 10.5 MAC OS X.

Go in your finder window > Go > Connect to server >
Now you can access to your device by means of :
vnc://x.y.z.w:5901 (where 5900 + X display : here :1)

Password recovery on PIX515

For those of you, which need to reset password on PIX515, you will not find somthing like other cisco devices (button to push, BREAK+conf-reg). You must hit ESC when it is asked to you, then :

monitor>interface 0
0: i8255X @ PCI(bus:0 dev:13 irq:10)
1: i8255X @ PCI(bus:0 dev:14 irq:7 )

Using 0: i82559 @ PCI(bus:0 dev:13 irq:10), MAC: 0050.54ff.82b9
monitor>address 10.21.1.99
address 10.21.1.99
monitor>server 172.18.125.3
server 172.18.125.3
monitor>file np52.bin
file np52.bin
monitor>gateway 10.21.1.1
gateway 10.21.1.1
monitor>ping 172.18.125.3
Sending 5, 100-byte 0xf8d3 ICMP Echoes to 172.18.125.3, timeout is 4 seconds:
!!!!!
Success rate is 100 percent (5/5)
monitor>tftp
tftp np52.bin@172.18.125.3 via 10.21.1.1...................................
Received 73728 bytes

Cisco Secure PIX Firewall password tool (3.0) #0: Tue Aug 22 23:22:19 PDT 2000
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xd8000

Do you wish to erase the passwords? [yn] y
Passwords have been erased.

Rebooting....

You will find np70.bin on the page : http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_password_recovery09186a008009478b.shtml