Welcome!

It's not the Network! Ok, maybe it's the network...

Jason Rahm

Subscribe to Jason Rahm: eMailAlertsEmail Alerts
Get Jason Rahm via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Jason Rahm

F5 has been in the DNS business for quite some time, beginning with the 3-DNS GSLB product introduced in 1998. While steadily growing the GSLB market through product advances, the platform is incredibly feature rich now, offering far more than GSLB services. Some of the other services added over the years (articles written on services in parentheses): Standard name services via BIND, as a fallback or as primary domain auth Local SLB for DNS DNSSEC (Configuring GTM’s DNS Security Extensions) Quova geolocation data (New Geolocation Capabilities, Heatmaps) DNS Express (DNS Express Part 1, DNS Express Part 2) IP Anycast DNS 64 As the service offering has grown, the underlying architecture supporting DNS has changed as well to improve performance and scale. Through versions 10.2.x, GTM services were handled outside of TMM in Linux. That means that GTM prior to version 11 ... (more)

Mitigate Java Vulnerability with iRules

I got a request yesterday morning to asking if there was a way to drop HTTP requests if a certain number was referenced in the Accept-Language header.  The user referenced this post on Exploring Binary.  The number, 2.2250738585072012e-308, causes the Java runtime and compiler to go into an infinite loop when converting it to double-precision binary floating-point.  Not good.  Twitter is ablaze on the issue, and there is a good discussion thread on Hacker News as well.  So how do you stop it?  At first, this appeared to be a no-brainer, just copy that string and drop if found in that... (more)

v11: RDP Access via BIG-IP APM–Part 1

I wrote an article several months back on auto-launching Remote Desktop sessions with APM.  With the introduction of BIG-IP APM v11, there is a new built-in capability to support a full webtop.  This means that server, desktop, or other resources can be placed on the webtop for users to select once logging in.  In this first example, I’ll set up a static internal resource for users to connect to after logging in. Create the Webtop After logging in to the BIG-IP, open up the Access Policy tab and select Webtops->Webtop List and then click Create (or you can hit the “+” circled to... (more)

Host that Sorry Page on your BIG-IP!

It's not an uncommon problem trying to figure out where to plant that sorry page in the event your farm is down.  It's also not an uncommon solution to just use your BIG-IP to issue a text-only HTTP::respond.  It works, but it's not, how do you say, visually appealing?  You want to say sorry and mean it.  With pictures.  If you take a stroll through the iRules codeshare, you'll notice several solutions to this problem.  All of them work, with a variety of methods, but user kirkbauer's entry takes it to another level.  Kirk's sorry page irule generator (written in perl) takes all ... (more)

The ABCs of NSM - W is for Wireshark & Webmin

Welcome back for another episode of the ABC's of NSM.  What's NSM you say?  We'll go with Network and System Management, but you c ould throw Security in there as well.  We'll work our way through the alphabet over  the next several weeks looking at  tools and concepts along the way for all the administrators out     there.   By the way, you can thank Joe for the format & Don for the title  (I  couldn't for the life of me come up with one.) Today's letter W is a two-for-one special: Wireshark & Webmin. I'll start with Wireshark (formerly Ethereal), which is a cross-platform open... (more)