MTR is an excellent tool for identifying packet-loss or latency suspects when troubleshooting networking path issues. However, I’ve seen many who don’t really understand what MTR is doing (or even engineers) act on false positives produced from this tool. I’ve learned these lessons the hard way about MTR and iperf…
Comments closedvolatile space Posts
MTU and MSS for IPsec Overhead
A Deep Dive and Byte-for-Byte breakdown of IPsec overhead to aid in calculating MSS Clamping, understanding why it’s needed, and its effects. Whats the difference between MTU and MSS? MTU or Maximum Transmission Unit is the largest IP Payload an interface can accept. It applies to the whole IP Packet.…
Comments closedUpdate aws WAFv2 with all PubIps in Account
Quick POC here, I may update later… But probably not. The idea here is that I might want a WAF rule to auto-permit public IPs from my own account, and I might want this to dynamically update. This Python code can be leveraged in a Lambda function that can be…
Comments closedLeveraging Global Accelerator for a self managed VPN in AWS.
First off, I have to address the fact that it’s been a long long time since I’ve posted anything here. Second and related statement: Any views or information expressed here do not reflect that of AWS. This site is a personal project and should be treated as that. Just a…
Comments closedHigh Level AWS & Azure Networking Comparison
I’ve been comparing the two platforms recently and wanted to lay out key differences so I can consolidate my thoughts and summarize key points. This is an active scratchpad. New Networks When creating a new network or VNET in Azure, a default subnet is created as part of the processes…
Comments closedMac/Apple iOS devices on 802.11x with NPS
I was having a conversation on reddit about setting up apple devices on certificate based 802.11x over a year ago and since then, I’ve received quite a few PM’s asking for details or instructions. I’ve been meaning to throw the internal instructions I wrote up into a sanitized blog post…
Comments closedBuilding an Azure Function App with Python
This is a followup to a recent post where I wanted to break free of a little dependency on iron servers for simple tasks. The project has been a great fit for my goals. The original post can be found below. Find the up-to date project at https://github.com/mtz4718/ecobee-circulate/tree/master This post…
2 Commentsipv6 prefix delegation and other 6ish considerations
ipv6 is one of my interests and while I did have it previously on my lab network I had to let it go when I got rid of my edgerouter in lieu of an ASA. I felt obligated to switch to the ASA because of work, I grabbed a 5520…
Comments closedBasic API logic app
I’ve been trying to find a good project to really leverage some API’s and even go a step further and implement some server-less functions. I really thought the best application for this would be at work, I mean where else am I going to find a project that needs this…
Comments closedPushing Emerging Threats to ASA
Nothing too crazy, but maybe useful to someone else. I’ve been getting more alerts regarding IP’s coming from the Emerging Threats list, found here. https://rules.emergingthreats.net/ There’s some resources there for automating block rules for some platforms like linux hosts, but nothing like an ASA. Choices for automating an ASA are…
Comments closed