Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

rev.dennis

Moderators
  • Joined

  • Last visited

Everything posted by rev.dennis

  1. So you are in BIG-IQ and for some reason or another BIG-IQ is asking for you to remove the device and add it back in to re-establish trust but wait.. you can’t because Applications are linked to that device. Here are some steps to follow to remove an application. So say you are trying to remove the LTM service from a device and its saying you can’t remove the device because this application is linked to it t_10.47.32.9_openpagescc-dev.int.thezah.com._app So you need to find the configSetName so you can search on BIG-IQ restcurl /cm/global/config-sets | jq '.items[] | {configSetName,selfLink}' Once you find the ConfigSetName you can force remove it by running the following command restcurl /cm/global/tasks/force-delete -X POST -d '{"configSetName":"t_10.47.32.9_openpagescc-dev.int.thezah.com._app"}' Now if you have multiple to do you can cheat a little bit but its still a pain in the ass… setname=t_10.47.32.9_openpagescc-dev.int.thezah.com._app restcurl /cm/global/tasks/force-delete -X POST -d "{"configSetName":"${setname}"}" So when it completes and you get the next one that has an issue you just update setname=t_103841_dev1_abms_pdev3_int_thezah_com_https_app and up arrow to run the following again: restcurl /cm/global/tasks/force-delete -X POST -d “{“configSetName”:”${setname}”}” Did you know that every F5 has a unique code which can be found when you run the following cat f5-rest-device-id Sometimes its helpful to know what the UUID is for the F5 device
  2. rev.dennis posted a blog entry in F5 Blog
    Trying to upload a file that got aborted previously either because of a loss of connection or navigating away from the page while uploading (it happens). So when you try and upload again you get an error message like this What is the answer? What can you do? Well just ssh to the BIG-IQ CM device and navigate to /shared/images/tmp There you will, more than likely, find the partial image that was trying to upload. Just delete it and go back to the GUI and try again. AND if that doesn’t work, no worries.. just manually upload the .iso file to /shared/images and check in the GUI later to see if it shows up.
  3. rev.dennis posted a blog entry in F5 Blog
    Here are some commands you can use to troubleshoot connections on your F5 With the following command it will help you see how many Active connections to the F5 total and break it out by Client and Server. tmsh show sys performance connections Sys::Performance Connections --------------------------------------------------------------------------- Active Connections Current Average Max(since 03/02/14 08:13:41) --------------------------------------------------------------------------- Connections 11.9K 12.4K 15.0K --------------------------------------------------------------------------- Total New Connections(/sec) Current Average Max(since 03/02/14 08:13:41) --------------------------------------------------------------------------- Client Connections 648 617 770 Server Connections 599 570 729 --------------------------------------------------------------------------- HTTP Requests(/sec) Current Average Max(since 03/02/14 08:13:41) --------------------------------------------------------------------------- HTTP Requests 156 633 1.4K Below are some more helpful commands MAX Connections per VS: tmsh show sys connection | egrep -v ‘T|S’ | awk ‘{print $2}’ | sort -n | uniq -c | sort -n MAX Connections per VIP: tmsh show sys connection | egrep -v ‘T|S’ | awk ‘{print $2}’ | cut -d: -f 1 |sort -n | uniq -c | sort -n If you run the following command you get a large list of connections tmsh show sys connection Really display 1000 connections? (y/n) y Sys::Connections 10.47.194.102:41570 10.47.44.6:8 10.47.194.102:41570 10.47.44.6:8 icmp 201 (slot/tmm: 1/2) none none 10.47.197.70:33222 10.47.37.138:8 10.47.197.70:33222 10.47.37.138:8 icmp 11 (slot/tmm: 1/2) none none 10.46.129.142:13725 10.47.32.217:443 10.47.34.22:49598 10.46.129.142:7020 tcp 3 (slot/tmm: 1/2) none none So what does each column represent [cs-client-addr:cs-client-port] [cs-server-addr:cs-server-port] [ss-client-addr:ss-client-port] [ss-server-addr:[ss-server-port] [Protocol [Age] [Slot/TMM] [PVA Acceleration] cs-client-addr:cs-client-port | cs-server-addr:cs-server-port | ss-client-addr:ss-client-port | ss-server-addr:ss-server-port Computer IP & PORT | Virtual Server IP & PORT | SNAT IP & PORT | Server IP & PORT Client Side cs-client-addr:cs-client-port Computer IP:Computer Port cs-server-addr:cs-server-port F5 VirtualIP:F5 VirtualPort Server Side ss-client-addr:ss-client-port F5 SNATip:F5 SNATport ss-server-addr:ss-server-port F5 POOLmember:F5 POOLmemberPORT Show connections from User (10.34.168.176) to Virtual Server (10.47.196.154) tmsh show sys connection cs-server-addr 10.47.196.154 cs-server-port 80 | grep 10.34.168.176 Delete Connections on Virtual Server (10.47.196.154) tmsh delete sys conn cs-server-addr 10.47.196.154 This is what I use if I want to find the addresses that are using a certain SNAT IP address because I can’t count on how many times we get a call from our help desk that say, we need have an issue and it shows the source IP is the F5 and they provide us an IP address from the SNAT Pool. EXAMPLE: They provide us SNAT address 10.46.66.57 so I will run tmsh show sys connection ss-client-addr 10.46.66.57 You can also try and do a tcpdump but it doesn’t seem to ever work tcpdump -nni 0.0 host 10.46.66.57
  4. rev.dennis posted a blog entry in F5 Blog
    So Health Monitors are a big deal to ensure your pool members are up and working. Obviously a health monitor tells whether a pool member is up or down and when its down the pool won’t send any traffic to that pool member. Now you can assign health monitors two different ways. The right way and the wrong way but sometimes the wrong way is the right way but not the majority of the time… its more of a custom thing. Let me explain further Example of a pool health monitor ltm pool /Integration/pool.cs-inspire-batch-cap.int.thezahcom.ssh { load-balancing-mode least-connections-member members { /Integration/10.45.89.242:22 { address 10.45.89.242 session monitor-enabled state up } /Integration/10.45.89.243:22 { address 10.45.89.243 session monitor-enabled state up } } monitor monitor_22 partition Integration } Here is an example of the “custom” or incorrect way ltm pool /Integration/pool.iwarranty-iwnacap.int.thezah.com.22 { members { /Integration/sat1svmap140:22 { address 10.45.88.103 monitor tcp session monitor-enabled state down } /Integration/sat1svmap141:22 { address 10.45.88.106 monitor tcp session monitor-enabled state down } /Integration/sat1svmap142:22 { address 10.45.88.109 monitor tcp session monitor-enabled state down } /Integration/sat1svmap143:22 { address 10.45.88.112 monitor tcp session monitor-enabled state down } } monitor monitor_22 partition Integration } Can you see the difference? Unlike the first one, this has a monitor set at the pool level and then they trump that pool monitor with a health monitor set on each pool member. In this case you never ever want a tcp health monitor on ssh box… it will cause lots and lots of errors. So to remove those monitors assigned to each pool member you would run a command like this tmsh modify ltm pool /Integration/pool.iwarranty-iwnacap.int.thezah.com.22 members modify { /Integration/sat1svmap140:22 /Integration/sat1svmap141:22 /Integration/sat1svmap142:22 /Integration/sat1svmap143:22 { monitor default } }
  5. Here are some useful commands I use to troubleshoot the Viprion chassis Check the state of all the vCMP Guests [root@txsat1slbcov02-ch:/S1-green-P::Active:Standalone] config # tmsh show /vcmp health prompt ------------------------------------------------- Vcmp::Guest Prompt Name Slot ID Prompt ------------------------------------------------- txsat1slbco02 1 /S1-green-P::Standby txsat1slbco12 3 /S3-yellow-P::avrd DOWN txsat1slbco14 4 /S4-red-P::INOPERATIVE txsat1slbco16 2 /S2-red-P::INOPERATIVE txsat1slbco22 3 /S3-yellow-P::INOPERATIVE txsat1slbco24 4 /S4-green-P::avrd DOWN txsat1slbco26 2 /S2-yellow-P::INOPERATIVE txsat1slbco32 3 /S3-yellow-P::INOPERATIVE txsat1slbco34 4 /S4-yellow-P::INOPERATIVE txsat1slbco36 4 /S4-red-P::INOPERATIVE txsat1slbdv04 1 /S1-green-P::Standby When you need to bring down all the vCMP Guests (helpful when you need to upgrade the Viprion chassis) tmsh modify vcmp guest all state configured And when the Viprion chassis is restored and you want to bring all vCMP Guests back online you can run tmsh modify vcmp guest all state deployed You can do individual vCMP Guests in the event you don’t want all of your Guests tmsh modify /vcmp guest txsat1slbco11 state configured tmsh modify /vcmp guest txsat1slbco11 state deployed At times, you may need to reboot the slots tmsh reboot slot all more aggessive way to reboot the chassis and slots clsh shutdown -r now if you need to just reboot one slot you can run the following to identify what slot you are on bladectl -g slot Then to reboot individual slots/blades you run the following to reboot blade 1 bladectl -b 1 -r REF: https://devcentral.f5.com/questions/right-procedure-to-shutdown-a-viprion-system-with-vcmp Identify large files on the Viprion by running this command find /var/log -xdev -type f -exec du {} \; | sort -rn | head -10 To release files you need to restart services tmsh stop /sys service avrd monpd tmsh start /sys service avrd monpd tmsh start /sys service vcmpd And to verify everything is back up and running [root@txsat1slbcov02-ch:/S1-green-P::Active:Standalone] config # tmsh show sys cluster ----------------------------------------- Sys::Cluster: default ----------------------------------------- Address 10.46.136.190/23 Alt-Address :: Availability available State enabled Reason Cluster Enabled Primary Slot ID 1 Primary Selection Time 03/04/21 20:58:51 ------------------------------------------------------------------------------------------- | Sys::Cluster Members | ID Address Alt-Address Availability State Licensed HA Clusterd Reason ------------------------------------------------------------------------------------------- | 1 10.46.136.191 :: available enabled true active running Run | 2 10.46.136.192 :: available enabled true active running Run | 3 10.46.136.193 :: available enabled true active running Run | 4 10.46.136.194 :: available enabled true active running Run more to come
  6. Solarwinds is Windows based. The need is to leverage F5 to load balance Solarwinds across two different data centers and this topic is to discuss how we could do this with either GTM using a WideIP or LTM or both. We have a main polling/web engine and have 2 additional Web Engines. We are currently balancing over the 2 additional Web Engines with F5 BigIP-DNS (aka: GTM). The GTM WideIP has a single pool containing the two additional Web Engines as its pool members. Note that I don’t include the main poller/web engine in the webGui pool but leave it with as many resources as possible for its polling. We use the Static Persist LB method on the pool to ensure users maintain the same resolved IP address and do not resolve the other pool member. This is necessary if you want to avoid having to re-login mid session because you ‘landed’ on the alternate pool member. The Web Engines are not clustered and are unique entities so there is no persistence across the Web Engines. The Static Persist LB method means that when a DNS server resolves an IP, that same IP will be resolved indefinitely when requested by that same DNS server. Since the majority of our users utilize the same DNS server, we have found that we don’t get much of a balance and one of our Web Engines sits mostly idle. We have learned that 25 concurrent sessions is suggested max for connections to any particular Web Engine. That does not mean 25 users but 25 open tabs/sessions (at least that was my interpretation). With better LB methodology, this will increase to 50 concurrent connections balanced over the 2 Web Engines. Our solution will be to create an LTM Virtual Server that listens on a vIP and proxies, via round-robin LB method, the client browsers to the Web Engines and gives a better balance as the LB would be per client (LTM method) and not per DNS server (GTM method). The LTM method would use cookie persistence to ensure any particular session is sticky/persisted to the same Web Engine. With either method (GTM or LTM LB), if clients new the true IP/hostname of the Web Engines, they could still pick a specific one to connect to and would (obviously) persist to the one they choose. Of course, your corporate FW would have to allow traffic to the Web Engines and not limit to only the LTM vIP. The NetScalar can be setup in a similar fashion to the LTM method. A vIP on the NetScalar could balance client browsers with cookie persistence across any number of Web Engine hosts.
  7. In the environment I work in we have Infobox being the master, serving all records and is the owner of the domains but we have a secondary server(s) which are F5 GTMs or F5 BIG DNS, that hold a copy of the records but you must create the domain on the GTM manually using a command like this tmsh create ltm dns zone dev.hosangit.com dns-express-server dns-server-0 dns-express-notify-tsig-verify no Now you can verify it got created by running the command tmsh list ltm dns zone dev.hosangit.com It's also a good idea to check the status of the new zone to see its Availability, State and Reason by running the show command like this tmsh show ltm dns zone dev.hosangit.com Of course if you determine that creating the zone was a mistake you can always delete it tmsh delete ltm dns zone dev.hosangit.com Now if you made a mistake and queried the entry and then you are trying to fix it but it just keeps responding with the mistake then more than likely its cached and you'll need to delete the cache by running tmsh delete ltm dns cache records rrset cache non-wideip-transparent-cache
  8. It's quite difficult to troubleshoot traffic issues when a SNAT is assigned from a pool since its random and changes every time a new connection is established. Below are some hints on how to IDENTIFY what SNAT is assigned to the traffic using tmsh show sys connection SNAT stands for Source Network Address Translation. IDENTIFY what SNAT is assigned to the traffic from user source IP 74.32.5.21 (typically you don't want to specify source port since its random generated) tmsh show sys connection cs-client-addr 74.32.5.21 IDENTIFY what SNAT is assigned to the traffic on virtual server 10.47.196.154 on port 80 tmsh show sys connection cs-server-addr 10.47.196.154 cs-server-port 80 IDENTIFY what SNAT is assigned to traffic destined for pool member 10.40.144.18 over port 443 tmsh show sys connection ss-server-addr 10.40.144.18 ss-server-port 443 Explaination of columns when running tmsh show sys connection cs-client-addr:cs-client-port | cs-server-addr:cs-server-port | ss-client-addr:ss-client-port | ss-server-addr:ss-server-port Computer IP & PORT | Virtual Server IP & PORT | SNAT IP & PORT | Server IP & PORT
  9. rev.dennis posted a blog entry in F5 Blog
    I got this request that stated Increase the tcp timeout client to 7 mins. This is out of the norm for requests so I figured I would share my findings in the event anyone else might run into this same thing. So if you don't do anything and just apply the standard tcp protocol profile the timeout is 5 minutes. Do I trust that the user knows that they need exactly 7 minutes for a timeout? No so I utilize an existing tcp protocol profile called tcp.15.minutes which just increases the timeout to 900 seconds (or 15min) Now you apply it to your Virtual Server.. if its not standard you probably won't be able to apply the profile Set persistence timeout to slightly higher than the tcp timeout (if tcp timeout = 15 min, set LB persistence timeout to 20 minutes). This will ensure that user requests are pinned to the same app server for the duration of the session.
  10. Here is a great intro video on how to use BIG-IQ to run bash scripts on F5 devices that BIG-IQ manages
  11. rev.dennis posted a blog entry in MAF
    This short article is helping explain how User Management works for the EventGuyZ system used for Mid-America Festivals. MAIN SITE is this site (https://eventguyz.com) which is where users should all be registered. Once the EventGuyZ staff is made aware of the new MAF user, they get added to a group on this website called MAF_Staff or MAF_Managers What's the difference? MAF_Staff will allow access to the Mid-America Festivals Staff Service/Group that provides visibility into how to perform certain functions from a Count Room and/or Box Office stand point. MAF_Managers are typically from headquarters and/or Manager of Box Office or Count Room. So they needs access to Mid-America Festivals Mgmt Service/Group which helps them with there duties. Now that you have all the users registered on https://EventGuyZ.com and you informed EventGuyZ staff there role with MAF so the staff knows how to properly assign them to the necessary Service/Group. They are ready for the next step of authentication. EventGuyZ is broken up into two main type of websites Main Website that handles all the users in one place as well as provides helpful information to do the job at a general level Child Websites that are assigned to each show/festival. They utilize the authentication from the main website which means that the password and email you have configured on the main website is what you use on the child sites. BaRF (https://barf.eventguyz.com) KCRF (https://kcrf.eventguyz.com) MiRF (https://mirf.eventguyz.com) MnRF (https://mnrf.eventguyz.com) StRF (https://strf.eventguyz.com) When someone from the Main Website logs into a Child Website, a EvenGuyZ staff will need to log into that website and approve the user (just the first time) and assign them access to the area they need which below are the Groups you will find on every one of Mid-Americas Child Websites MAF_BO_mgr (this is where you put your Box Office Managers and Assistant Managers that require elevated access to the Box Office system) MAF_CR_member (this is your money counters, they are processing the envelopes that are coming in to be entered into the Money Tracker app) MAF_CR_mgr (this is the Count Room manager that needs more access than a CR member since they will need to edit incorrectly entered transactions, run reports, etc) MAF_Managers (this is for Headquarters and people that travel to the shows like Ryan that could be coming into a show to back up a BO mgr or CR mgr so they need access to everything) MAF_Office (this is for office staff that needs the ability to add items into the Box Office system like Will Call or add tickets, discounts, coupons) So never do you need to create a user on the Child Websites.. it will happen automatically as long as they have an account on the main website (https://eventguyz.com)
  12. So when a change is done on an F5 that is part of a device group (making it HA) the box will display Changes Pending until sync'd You can use tmsh to show the most recent changes to a device group by running the following command. You can identify the device-group by simply typing tmsh show /cm sync-status tmsh show cm device-group <device_group> these are the two entries to pay attention to CID Time (UTC) 2019-Mar-27 10:07:21 LSS Time (UTC) 2019-Mar-27 09:30:41 You can check logs for what changes may have been made. Using the output from the previous procedure, search the log file for changes that occurred between 09:30:41 and 10:07:21 on March 27 2019. If the device is a standalone and not part of a pair and you know the time of the last approved change, then use that time. cat /var/log/audit | sed -n -e '/Mar 27 10:01:02/,$p'
  13. With the F5 BIG-IQ tool you can update the admin and root passwords for all your devices you manage or just a select few and its fast and very easy to do. When you manage BIG-IP device from BIG-IQ Centralized Management, it is good practice to change the default admin and root passwords on a regular basis. From BIG-IQ, you can change the passwords for several BIG-IP devices at one time. Note: You can change the passwords for several BIG-IP devices simultaneously only if they have the same password. Important: The passwords for the BIG-IP devices you select must all be identical. On the top of the BIG-IQ GUI, click Devices tab. On the left, click PASSWORD MANAGEMENT > Change Device Passwords . Near the top of the screen, click the Create button. In the Name and Descriptions fields, type a name and optional description to help you identify this task. From the Available list, select devices and move them to the Selected list. Select an option for the Change Password setting. Provide the old and new passwords, as required. Click the Run button at the bottom of the screen. BIG-IQ will apply the new password to all of the selected BIG-IP devices. You can view the status of this task from the Change Device Passwords screen. REFERENCE: https://support.f5.com/csp/article/K25546160
  14. this will be the description of the different modes Topology Load Balancing Mode Topology is a proximity based load balancing mode that allows you to direct traffic by defining topology records and selecting the Topology load-balancing mode for the wide IP or pool. The Topology mode bases the distribution of requests on the topology records and the weighted scores configured for each record. The topology records direct DNS queries to the closest virtual server, based on geographical information. The BIG-IP DNS system is designed to support an unlimited number of topology records. The only limit is the amount of memory available to the gtmd process. When planning topology load balancing, you should consider the following factor: The BIG-IP DNS system looks up topology records in the order they appear in the Configuration utility and the configuration file. As a result, you should place more-specific topology records toward the top of the topology statement and less-specific records toward the end of the topology statement. You can change the order of existing topology records by clicking Change Order on the Topology Records page. Topology record format Topology records are stored in the bigip_gtm.conf file on the BIG-IP DNS system and are used to match a Local Domain Name System (LDNS) request with a specific destination object. A topology record has the following fields: an LDNS request source statement, a destination statement, an operator, and a weight. LDNS Request Source. The LDNS request source statement defines the origin of a name resolution request. For example, the topology statement can be defined to direct an LDNS request from a particular source to a desired destination. The LDNS source can be any of the following elements: Continent Country ISP IP subnet (CIDR format) Region (user-defined) State Geolocation ISP (12.0.0 and later) Destination A destination statement defines the resource to which the BIG-IP DNS system directs the incoming DNS request. For example, the topology statement can be defined to direct an LDNS request that originates from a particular source to any of the following destination elements: Continent Country Data center * ISP IP subnet (CDIR format) Pool of virtual servers Region (User-defined) State Geolocation ISP (12.0.0 and later) Operator An operator statement indicates whether the name resolution request matches the statement. You can select an operator for both a request source and a destination statement. For example, an operator statement can be one of the following: is is not Weight (score) The weight specifies the score that will be given to a destination object which matches the topology record. In the event that a name resolution request matches more than one topology record, the BIG-IP DNS system uses the destination object with the highest weight to determine which statement it uses to load balance the request. Understanding topology records matching modes and the importance of order The BIG-IP DNS system orders topology records based on how the records are created and whether Longest Match is enabled. Topology records are passed through in order looking for the first matching record for each possible destination. Each matching record is then evaluated to determine which destination has the highest weight. This means that if a pool contains four pool members there may be up to four matching records (one for each possible destination), at which point the weight of each is evaluated to determine which record to use. Longest Match (enabled) The Longest Match option, which is enabled by default, instructs the BIG-IP DNS system to use the topology statement that most completely matches the source IP address of the name resolution request. The Longest Match option ensures that the BIG-IP DNS system processes topology records as fast as possible. The system achieves this by automatically sorting the topology records so that the records that more specifically match the LDNS IP appear first in the topology list. When the Longest Match option is enabled, the BIG-IP DNS system evaluates all records in the topology statement and uses the record that most completely matches the source IP address of the name resolution request. In the event that a name resolution request matches more than one topology record, the BIG-IP DNS system uses the destination object with the highest weight (score) to determine which statement it uses to load balance the request. Longest Match (disabled) If the Longest Match option is not selected, the topology records can be manually ordered, but the method used to evaluate the topology records when choosing a match does not change.
  15. Our friends need help to build a privacy fence since they are getting crazy high quotes of tens of thousands of dollars to build a simple privacy fence. Here are the basics on how I attack building a privacy fence Getting Started Preparation mark out where your fence is going call miss dig to make sure you aren't going to hit any under ground wiring get a building permit from your city measure the total area (length of each leg) to help price out material Gather tools and material To dig a post hole and set a post in concrete, you’ll need some tools: Post hole digger or power auger (the towable auger at home depot is roughly $124/day and can be operated by one person and saves your back) Cordless drill Screws (2" deck screws for a 5lb box around $30/box and the 1-1/4" deck screws for a 5lb box run around $30) Hammer Box Level Tape Measure Flat Shovel Bucket/wheel barrow to mix concrete in Heavy String (500ft is around $10) Quick-set concrete (an 80lb bag should cover 2-3 posts on avg and costs around $5/bag) Access to water Wooden Stakes (used to mark out the fence line, todays cost for a 12pack of 1 in. x 2 in. x 2 ft runs around $7) 4x4 8' pressure treated boards 2x4 8' pressure treated boards 6" x 6' Dog Ear fence boards Mark your fence run The first step to any fence project is marking the exact location of your fence run. To do this, drive stakes into the ground at the corners and ends of your fence run. Stretch heavy string between the stakes and pull tight. This string line will help you set your fence posts in a straight line. Mark your post hole locations Next, you’ll want to mark your post hole locations along the string line. Post hole spacing is dependent on the width of your fence panels and the method by which you are attaching them to the posts. Typical post spacing is 6-7 feet, but can vary depending on the width of the fence panel. I don't like going past 7' since you'll start noticing over time fence sagging. There are two main methods for attaching the fence panels to the posts – Face Mount or Between the Posts, for our fence we are going with Between the posts since it incorporates the 4x4 posts and makes the fence look good from either side. Start digging Now that we’ve marked our post locations, it’s time to start digging. In general, the post hole should be one third as deep as the fence is tall. So, if you’re installing a 6-foot tall fence, your 8' post hole should be at least two feet deep. You’ll also want to be sure the bottom of the post sits below the frost line. Hole is typically 6" wide by 2' deep. You can use a post hole digger or power auger to dig the hole. A post hole digger is a manual tool and will get the job done in average soil. If you have hard, rocky soil or a lot of roots – you may want to opt for a power auger. Many home improvement stores have them available for rent. Set posts in holes Set your post in the hole. Check for plumb and make sure the front of the post is just touching the string line. This will help you set your fence posts in a straight line. Having a friend help you will make this much easier. Pour the quick-setting concrete mix directly into the hole and pour water on top. Mix it up with a shovel in the hole, which will simultaneously remove air pockets. Once the concrete is thoroughly mixed, push some soil back on top of it. Re-check that your post is plum. NOTE: I will use a wheelbarrow to mix my concrete to a peanut butter consistency. With a hose I'll wet the bottom sides of the 4x4 that is in the hole and then start shoveling with my flat shovel the concrete from the wheel barrow into the hole using a stick or the handle end of the shovel to stab the concrete in attempt to remove any air pockets. Then once I verify the post is plum/level on the two sides, I'll pack the concrete by using my hand (with a glove) and then covering it with dirt. Pause for concrete to set Typically I like to wait for 12 hours after pouring concrete in the holes to let the concrete set and harden. Its no good to have done all that work to have your posts move on you while you are trying to install the dog ears. Mark 4x4's On each 4x4, from the ground up, measure 12" and mark. Measure 38" from bottom of 4x4 and mark. Measure 64" from bottom and mark. You'll want to see these marks on each of the inside of the 4x4's (the side that is facing the next 4x4) Install Rail Brackets Since we are going Between the posts for a cleaner look, we utilize Galvanized Rail Brackets that we attach to the inside of the 4x4's (bottom of rail bracket on the lines you marked at 12, 38 and 64" from the ground). Place rail bracket with bottom of bracket touching the marked line and put one screw in at the top of the rail bracket. Using a level measure vertically to make sure its straight up and down and run another 2" wood deck screw in the bottom of the rail bracket. Continue this until you have three rail brackets on each side of every 4x4. Again, you should be using 2" Wood Deck Galvanized Screws (they don't rust). Attach Pressure Treated 2x4s in Rail Brackets Measure length between 4x4 to 4x4 and cut three 2x4s to length and slide into Rail Brackets and fasten 2x4 to rail bracket using 1-1/4" Wood Deck Screws. Run Guide String 4x4 to 4x4 Using that heavy duty string. Run from top of 4x4 to top of 4x4 so you know how high your dog ear boards go (never higher and never lower). To attached string you can put a screw in the top of the 4x4 and wrap string around screw then tighten screw. Attach dog ear boards There are two major kinds of dog ear boards. The inexpensive pine at todays prices in Michigan is around $2.50 a board but typically when you see a privacy fence that looks dirty its typically the pine since it doesn't weather well but looks great for the first year. Another choice is to use the more expensive cedar at around $4/board here in Michigan at todays prices. Using your 1-1/4" Wood Deck Screws you attach the dog ear board to the 2x4's keeping a small gap between dog ear boards for expansion.
  16. Having an issue with a user trying to authenticate with ssh to F5 LTM and failing but they can log into F5 LTM via GUI with no issues. Start with running a tcpdump (obviously replace <client ip address> with the IP address of the device attempting to login with SSH) tcpdump -s0 -ni eth0 host <client ip address> -w /var/tmp/sshdeny.pcap -v Then evaluate your capture.
  17. After upgrade to 8.0 I am unable to get any stats which means Applications tab doesn't work and just kicks out an error and same thing for most everything under the Monitoring tab. What did I try? I removed the BIG-IP device and readded it with same results I removed DCD and readded it back in which took about an hour each because it would hang on ES_ service What worked? These steps will only affect the configuration between the Big-IQ and the DCDs, none of the Big-IP data should be affected: From bash on the CM: reset-data-collection-cluster From bash on each of the DCDs: reset-data-collection-cluster -es Re-add the DCD devices It is important that we use the -es flag on the DCDs and NOT on the CM. This is because we want the DCDs to control the data that the CM knows about, rather than having the CM determine what data it remembers. After completing steps 1 and 2, try adding the DCDs back to the CM. If this doesn't resolve the issue, isn't anything more we can do to preserve the previous data and we'll need to go through these same steps without the -es flag on the DCDs. If there is no value in retaining the historic data, we can remove the -es flag from the second step the first time.
  18. If you are leveraging the BIG-IQ tool (version 7.x or newer) to import devices using a CSV there are a few things you should know. It would probably help to know the columns needed (note you do not include the column headers in the csv) So when you Save your CSV it MUST NOT be in UTF-8 mode or it will fail when you try and import it with incorrect Management IP Address which is the first column since the CSV import can not read a CSV saved in UTF-8 mode. Anyhow, your CSV should look something like this when your done When you click begin you will see a very boring box while it tries to import the devices
  19. We upgraded to 15.1.2.1 and now we seem to have a bunch of issues authenticating using either AD or TACACS. It requires multiple tries and then it eventually works. Our first attempt is to fix the F5 devices that are using AD only vi /etc/openldap/ldap.conf You have to add a new line Then you need to run tmsh list auth ldap system-auth referrals auth ldap system-auth { referrals yes } If its yes, then change it to no by running tmsh modify auth ldap system-auth referrals no And confirm its set by doing another list command like the one above tmsh list auth ldap system-auth referrals auth ldap system-auth { referrals no } And finally before you start testing, save the configuration tmsh save sys config Saving running configuration... /config/bigip.conf /config/bigip_base.conf /config/bigip_script.conf /config/bigip_user.conf /config/partitions/Citrix/bigip.conf /config/partitions/DNS/bigip.conf /config/partitions/Disaster.Recovery/bigip.conf /config/partitions/Integration/bigip.conf /config/partitions/Messaging/bigip.conf Now do some testing of your user account that utilizes AD to see if it works.
  20. When this coronavirus is over and life returns to what we call normal, may we never, ever take for granted again..... A handshake or a kind word from a stranger A hug from a friend Worshipping with other believers in a crowded church service A boring night at home Full shelves at the grocery store A Friday night out with the wife or husband at your favorite restaurant Looking for a parking space at your kid's ballgame Coffee with a long-time friend Kisses on the cheek by your grandchild Conversations with neighbors Long walks with the dog Wedding ceremonies for someone special in your life A busy day at the office Saying goodbye in a funeral service to a loved one you won't see until you get to Heaven Each and every breath on earth When this coronavirus ends, may we find that we have become more like the person we wanted to be and were called to be and may we stay that way until God calls us home. Lord, forgive us for taking so many of your simple blessings in life for granted.
  21. Count Room receives all credit card terminals. They will split up the terminals for what is assigned to Box Office and what is assigned to Count Room / Food Booths. Once Box Office recieves the credit card terminals from Count Room, take a note of the last 4 numbers of the serial number of the credit card terminal and where it will be assigned for the run of the that season. Example: CC SALES These terminals use CELL service so no need to worry if it's connected to the internet or not. They sit on charge stations. Power button is on the side, click and hold to turn on. You should get a screen like the one below... Tellers just click Quick Access to make a sale, if a refund is needed, at this point the mgr will enter the pin mentioned below under REFUNDS. For now we are going to continue on as a teller to make a sale so just click Quick Access You will now see a screen like the one below. Click on Sale to begin NOTE: No printer so not able to do paper receipts but we allow TEXT messages only. EMAILS take way to long for them to type out. enter the dollar amount and click Charge you may see a screen like the one below briefly Some reason this screen shows up, just click Got it to continue. Here if the customer wants a receipt, click Text Message and send to them. CC REFUNDs, Identify the terminal then if you are not prompted for a pin, push the button on the side which will force terminal to sleep then click again to wake it up and pin prompt. When prompted do not click on QUICK ACCESS and instead type 6041 as your PIN to be able to do REFUNDS END OF DAY CC REPORTS go to https://clover.com and click on Login user: [email protected] pwd: ShowMeTheM0ney! Next Click on the Festival you want to obtain Credit Card report(s) as shown below Next step is to click Reporting - Payments and then Filter by the Credit Card Machine (they should be labeled for where they are being used) Make sure you have the correct date (typically I am just clicking Today to get CC report for that day, then you scroll down and get the number that the line starts with Net which will include refunds and payments in that total. It's that simple CLOVER CREDIT CARD SUPPORT Clover Support provided From Ryan 1-800-622-0842 MID: 483225020997 Phone: 952-445-7341 When prompted on where you want the passcode delivered to, DO NOT PICK TEXT but pick email then a code will be sent to Ryan's email. Text Ryan asking for the code to gain access to support. When you get this horrible message on your clover that says: Unfortunately, Launcher has stopped then you need to do a factory reset which includes powering off 10 times as soon as you see the clover icon appear so you get prompted to do a factory reset NOTE: this will require an activation code that will be displayed when you login from your laptop on clover.com (reference the last 4 of serial#) Hope that helps you get though the error
  22. I would like to implement NTP in our environment and would like some advice.
  23. I would like to implement NTP in our environment and would like some advice.
  24. Running Linux in a VM and not sure which of the installed interfaces are active. Does anyone know how to check?
  25. Running Linux in a VM and not sure which of the installed interfaces are active. Does anyone know how to check?

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.