Seylan Bank loan scheme SUCKS !!!!! Do not ever go for that...

My Odyssey
Don't ever go for seylan bank loan scheme. Its not what it looks like as lower interest. The fix interest remain only for 2 years and there after it floats upwards only, When the interest going down, it doesn't go down. I took a loan on 2011 for 12% interests. I expected its fix but as everybody I did signed ...

Server Resources Provisioning

My Odyssey
Any of the IT company may spend huge amount of money for IT infrastructure, majorly on servers. Its obvious that number of servers [cost] and keep everything up and running [availability] is a trade-off factor. More you distribute the services, higher the availability but lesser the ROI. If you host everything in one single server in order to minimize the ...

How to let internal users to direct HTTP access and outsiders to LDAP auth

My Odyssey
If you need to allow direct http access from internal network but outsiders to authenticate through LDAP, following apache example would do the job. Assume your internal subnet is 192.168.0.0/16 . and Require valid-user Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 Allow from 192.168.0.0/16 Satisfy any AuthBasicProvider ldap AuthBasicAuthoritative on AuthzLDAPAuthoritative on AuthType Basic AuthName "Example" AuthLDAPBindDN "uid=userid,ou=dpt,dc=crew,dc=example,dc=com" ...

How to Optimize SVN Mirror

My Odyssey
Subversion mirroring is a headache for sysadmins. People have been moved proprietary replication systems due to lack of replication capability in native subversion system. Its really challenging task to keep the svn mirrors up and running 24 X 7 without any issue. Following are some of the problems with svnsync [1] due to its architecture. Master/slave model means a single ...

Before Configuring Mailman

My Odyssey
DEFAULT_URL_HOST is need to first properly set with your server host name (eg: lists.example.com) before you create any mailing list. If not welcome mails or mail-footer will not have proper links to mailing interface. Even if you change the above variable after creating the list will not effect as message template does not change accordingly.In case if you have changed ...

How to install PgeoDNS [ GEODNS ]

My Odyssey
There was a problem since the early begin of the internet how to reach to clostest servers from any area. Some one can point out "anycast" as a solution. Most of IPV4 implemetations any case is used as advertising same BGP prefixes from different locations of the world and it store in the global BGP table with different metrics. When ...

SPF SOFTFAIL vs FAIL

My Odyssey
When you are configuring SPF records in DNS servers you have to clearly define the mail server policy to prevent unauthorized users sending mails to using your domain. Following is the SOFTFAIL vs FAIL comparison on SPF records.~all ==> Defines the SOFTFAIL-all ==> defines the FAILSOFTFAIL will mark e-mails as spam and forward to the sender while "FAIL" will drop ...

Routing in Dual Interface Linux Servers

My Odyssey
If you have a two interface eth0 and eth1 in a Linux servers. Incoming traffic of eth0 send reply through eth1. Some times this may caused problem. Eg: mail-servers may receive mails through one interface and send through some other interface. There fore its a good practice to keep separate routing table for each interface in a Linux box. And ...

Comprehensive SVN Mirror

My Odyssey
Subversion is critical for any software development company. Most importantly you might want to have separate mirror in local premises and other one is public place. Also users should not be able to detect whether either he is using local mirror or public repository. Unless it become annoying. You can redirect users to local mirror using local DNS . Assume ...

SVN path based authorization with LDAP authuntication

My Odyssey
We can use LDAP for authentication and "AuthzSVNAccessFile" directive with config file for authorizing.Configuration as follows#----------------Apache Config ------------------------#< Location /repo > DAV svn SSLRequireSSL SVNPath /path/to/repo/ SVNListParentPath On SVNAutoversioning On SVNReposName "User Repo" SVNPathAuthz off AuthBasicProvider ldap AuthBasicAuthoritative on AuthzLDAPAuthoritative off AuthType Basic AuthName "User Login" AuthLDAPBindDN "" AuthLDAPBindPassword password AuthLDAPURL "" Authz

How to backup Cisco configurations without a TFTP

My Odyssey
"expect" is a nice linux program that can be used to automate interactive applications. There fore you can used it to execute cisco commands through a linux machine. Best way to backup the cisco config is using "show run" command but the problem was how to save running config into a separate machine. You can use "expect" program to do ...

Python script for Birthday Paradox

My Odyssey
Probablity of two people have same birthday is .5 . More information checkout http://en.wikipedia.org/wiki/Birthday_problem#!/usr/bin/python# Function to calculate the birthday paradoxdef calParadox(in_noOfdates,in_noOfBdaysPerYear): avg =float(1) avgnext =float(0) count =1 curNoOfdates =noOfdates=in_noOfdates noOfBdaysPerYear=in_noOfBdaysPerYear avgList = [] # probablity of two people having same birthday should be equel to .5 for more information # check wikipedia about birthday problem while avg >float(.

How setup a BGP multihome network without your own public AS & IP prefix list

My Odyssey
One of the best ways of doing traffic load-balancing and fail-over together is BGP multi-homing. Because BGP always have to best path to a particular destination and one link failure automatically transfer into other link.But main blocker of implementing BGP in small companies is inability of having their own AS number and IP address list. If you need your own ...

GNS3 Lab for TSHOOT

My Odyssey
If you need to pass the tshoot exam you should have done hands on with the topology. Cisco have come up with new exam scenario that you will not be able to pass this only cramming. Main advantage is they have given the exact exam topology that you can practice before facing the exam. You can download from Cisco site ...

Configuration Similarities between Cisco and Huawei/H3c Products

My Odyssey
I was happen to use a Huawei product and saw lots of similarities between Cisco and Huawei configuration. Most of commands seems synonyms of cisco commands :). Following are some of commands comparison.Cisco Huawei / H3Cenable system-view show displayshow running-config display current-configurationhostname < Name > sysname < Name > Ip route 0.0.0.0 0.0.0.0 192.168.0.1 ip route-static 0.0.0.0 0.0.0.0 192.168.0.1 interface ...

Squid Cache proxy with Cisco WCCP

My Odyssey
WCCP is a nice protocol to use caching with Cisco, Main reason is you don't have to route traffic through the caching PC. You can keep the caching server as a PC running on the LAN. WCCP will find the caching server and route the web traffic through the caching server. Advantage is If your caching server is down still ...

Trip to Wasgamuwa Sanctuary and returning through reverstain.

My Odyssey
Wasgamuwa sanctuary, located in Central and North-Central Provinces and east bounded with mahawali river. Its is a marvelous place to watch animals including wild Elephants, peacocks, deers, birds. You have to enter the sanctuary early in the morning to watch animals. Better around 5.30 - 6.00 a.m. If you are traveling from colombo The recomened root is Colombo, kandy, through ...

Simple Nagios NRPE bash plugin to check a URL or image existance.

My Odyssey
Copy and paste the following Bash script and name the file as check_url.#!/bin/bashVAR=`wget --spider $1 2>&1`CHECK=`echo $VAR | grep '200 OK'`if [ "$CHECK" != "" ]; then echo "LOGO OK - Site Logo exist site is up" exit 0 else echo "LOGO CRITICAL - Site logo missing site is down" exit 2 fiSave it on /usr/lib/nagios/plugins/ and make it a ...

Configure JIRA 4.0 with SSL/HTTPS and proxy with apache or nginx

My Odyssey
When you do SSL and enabling https proxy together Its recommended to configure the SSL on proxy gateway. If not you may have seen JIRA gadgets are not loading and giving following error.Error-------------------------------------------------------------------------------------------------We've detected a potential problem with JIRA's Dashboard configuration that your administrator can correct. HideDashboard Diagnostics: Mismatched URL SchemeJIRA is reporting that it is using the URL scheme ...

How to import pem type certificate and key to java key store

My Odyssey
We tried lots of ways to do above but works only following for me.PEM is the default format for OpenSSL.First convert the PEM format key and certificate in to DER format as followingopenssl rsa -in input.key -inform PEM -out output.key -outform DERopenssl x509 -in input.crt -inform PEM -out output.crt -outform DERDownload KeyTool IUI toolThis tool let easily import the key ...