I just thought about this topic which we had brainstormed some time back, say a network is running on DHCP which serves ip address 10.205.205.0/24, now how do I introduce fail over into the system ?
Put in 2 DHCP servers with the same range ? Well, that would be nice, since there are chances of duplication of addresses. Say DHCP Srv1 gives out address 10.205.205.x and the next time, DHCP Srv2 gives out the same ip, you have fun then 
So the best way to come around would be to;
1. Put 2 DHCP Servers in the network.
2. DHCP Srv1 – Make the scope from 10.205.205.1-10.205.205.100
3. DHCP Srv2 – Make the scope from 10.205.205.101-10.205.205.254
That would solve the problem, isn’t it ?
Technorati Tags:
dhcp,
failover
One nice piece of article, by that I mean short and sweet or to the point about PERT. Nicely written by Tom at Techrepublic. By the way, if you wanna know more about such stuff Tech Republic is a good place to have its place in your bookmarks.
Regardless of the technique you use, the tendency in project estimation is to provide one number for each estimate. In other words, if you have 100 activities on your schedule, each activity would have one estimate associated with it. This is generally viewed as the ?most likely? estimate.In many cases you can be more accurate by applying a simple PERT (Program Evaluation and Review Technique) model. PERT is an estimating technique that uses a weighted average of three numbers (see below) to come up with a final estimate.
The most pessimistic (P) case when everything goes wrong
The most optimistic (O) case where everything goes right
The most likely (M) case given normal problems and opportunities
The resulting PERT estimate is calculated as (O + 4M + P)/6. This is called a ?weighted average? since the most likely estimate is weighted four times as much as the other two values. You?ll notice that the final PERT estimate is moved slightly toward either the optimistic or pessimistic value – depending on which one is furthest from the most likely. Generally this ends up moving the final estimate toward the worst case, since the worst case value tends to be further out from the most likely that the optimistic number.
For example, let?s say you estimate a piece of work to most likely take 10 hours. The best case (everything goes right) is six hours. The worst case (everything goes wrong) is 26 hours. The PERT estimate is (6 + 4(10) + 26)/6. The answer is 72/6, or 12 hours. Notice that the number was pulled a little toward the far extreme of the pessimistic estimate, but not by much, since the result is still weighted heavily toward the most likely value.
You can use the PERT estimates two ways. You can provide these three estimates for all activities in your schedule or you can only use the PERT formula for those activities that are of high risk. These are the ones where you?re not really sure of the estimate so there?s a wide variation between the optimistic and pessimistic values.
Speaking of variation – if you subtract your pessimistic value from the optimistic value and divide the result by six, you would have the standard deviation, which is a measure of the volatility of the estimate. In our example above, the standard deviation would be 3.34 ((26 – 6) / 6). The larger this standard deviation is, the less confidence you have in your estimate, since it would mean you have a large range between the optimistic and pessimistic estimates. If the standard deviation was small, it would mean you were pretty confident in your estimate, since the optimistic and pessimistic estimates would be close.
Remember the PERT formula and use it to make estimates when you have a high level of uncertainly.
Track back : PERT Explained
Another last working day for me, after being employed at Juniper Networks India finally I decided to pursue something more challenging. The way I visualize things is what was told to me today 
“It is difficult to keep me challenged and interested”.
I believe it is much more than to those words!
I decided to take off a small vacation and am going on a visit to Mysore, a nearby historical place. Will have more updates about that as well in couple of days.
Since the last post was on unusual tcp connection tear down, it is also important to understand different actions a typical firewalls can take;
Drop -> The packet is dropped and never informed about the sender.
Reset -> A RST is sent to the sender to let him know that the port is not open.
Reject -> Reject is rather interesting, it is almost TCP reset but also sends an ICMP prohibited message saying that the port might be open but you’re not allowed to talk
So if you’re tasked to configure a mode (any of the above), what will you choose for tearing down a connection ?
It depends on the requirement but I’d rather go with drop since “If I want to tear down the connection any ways, why send a message saying that I teared it down ?” Doesn’t it add additional processing on the box which is doing rather other important IO
del.icio.us Tags:
RST,
REJECT,
DROP,
TCP,
Firewall
Rather an unusual question is this! At EE, somebody asked this question. Seems that he has a application (Client-Server) which ends the tcp/ip connection using a ‘RST’ flag instead of the standard ‘Fin’ Sequence.
There is no way to tell PIX (for that matter any good firewall I would say) to let the RST flagged packet to come back through the outside interface.
So how does a standard tcp/ip connection teardown happen ? Everywhere it is discussed about how a tcp/ip connection is INITIATED but the connection tear down is equally important as well.
- Host 1 – The sender sends a FIN packet and waits for a reply
- Host 2 – The receiver send and ACK packet
- Host 1 – The receiver also sends a FIN packet
- Host 2 – The sender sends an ACK packet and the session is closed.
So the the tcp connection teardown is a 4 step process where as connection initiation is a 3 step process.
del.icio.us Tags:
PIX,
TCP,
RST,
FIN
Couldn’t stop blogging this;
Intelligence is a two edged sword. Too little and you can’t cope with the corporate paper work. Too much and you are out of touch with reality.
I never tire of telling the story of Dean Eisenhower (no relative of President Eisenhower) of Harvard Business School, many years ago. He had a commencement meeting of the faculty with the Deans address where he spelt out his vision for the School and the expectations from the faculty. He then ended the talk with an appeal to these teachers. ’Take care of our outstanding students,’ he said ‘please nurture them. For, from among them will come the future faculty of Harvard.’ After a pause, he continued ‘And take greater care of the average students. Also nurture them. From among them, will come the future funding for Harvard.’ [More…]
Natively Windows XP doesn’t support partitions greater than 32GB of the size for FAT32 partitions. The age we live in, it is not quite a surprise that PC’s have hard disk sizes of 120GB and more!
So here is the solution for creating a FAT32 partition in Windows XP which is greater than 32GB.
Thanks to Tom@RidgeCrop who created a tool for the community to do this;
So how to you proceed doing this;
1. Install XP on a partition of your choice.
2. Go to DiskManagement snap-in, and create a Primary or Extended partition of the size you want (but do not format it there).
3. Then download the tool at link [ Tom@RidgeCrop ], open command prompt and just run the tool as ‘fat32format <driveletter>;
Voila, there you go!
del.icio.us Tags:
Windows XP,
FAT32
If you’re a video/photo junkie, you’d have always played with resizing partitions, extend it/shrink it would’ve been a regular practice for the reason that captured videos are pretty big in size until it gets compressed to another format.
Now, I like the part being included in Vista (no more partition magic!), You can just launch the disk management snap-in, extend the partition or shrink the partition. Cool Stuff.
From Vista onwards the flash.ocx is no more shipped I guess, so any standalone application that has to do with flash wouldn’t work unless the ocx is installed.
Unfortunately, Adobe seems to be providing only browser based plugins! So I downloaded flash player from here (standalone version)
I installed it and that seems to have taken care of the problem.
del.icio.us Tags:
Vista,
flash.ocx
May be not often but still you may need to configure static nat for some purpose like this;
Say; You want to map;
1.1.1.1 -> 10.20.30.40
2.2.2.2 -> 10.20.30.40
On a PIX/ASA firewall this would not be allowed to be configured, so how do you overcome this restriction ?
Assuming that 10.20.30.40 is a windows machine, you could assign more than 1 ip address (upto 5) on a same interface card. So assign one more ip address on the NIC, call it 10.20.30.50 and map it to the other public ip address.
How to add this into a windows machine ? Read Here….
Then go on to the PIX, add these;
static (inside,outside) 1.1.1.1 10.20.30.40 netmask 255.255.255.255
static (inside,outside) 2.2.2.2 10.20.30.50 netmask 255.255.255.255
