Windows Subsystem for Linux / Bash on Ubuntu on Windows

Installing Bash on Ubuntu on Windows while behind a proxy server doesn’t work.

I’m reinstalling Bash on Ubuntu on Windows on my work laptop at home, where I’m not behind the work firewall and the need for the work proxy server.
WSL happily activates and downloads Ubuntu from the Windows store while at work, but once it fires up Ubuntu and starts running Apt to install updates, it chokes, as Ubuntu, and Apt, aren’t configured to use the proxy server. This means I have to cancel the install, which results in a working system, but it doesn’t complete its setup. I can fire up Bash, but it always logs in as root (doesn’t get to the user setup step). Once logged in I can configure Apt to use the proxy, and set the proxy environment and run the apt updates, but it still hasn’t gone through the full install process cleanly. This is a weakness in Microsoft / Canonical’s design. Ubuntu should either inherit the proxy config from Windows, or have a way to configure it in the setup, so it can perform a clean install.
I figured I’d give it a try from home, where it doesn’t need to go through a proxy, and see if it will properly complete the install. This worked perfectly on my personal laptop.

Edited: We have success! The prompt for a username means we got past the blocker seen at work.
Bash on Ubuntu on Windows install username prompt

Bad SSL security

I see GNS3 Academy still hasn’t fixed their SSL certificate.

For a site teaching about networking, which includes network security, this is head-shakingly bad.

Minor Home Network Rewiring

After some minor home network rewiring (2 additional Cat6 cables from network rack to desk, re-tipped all Ethernet cables with keystone jacks, installed in a 4-gang surface mount box, patch cable from the computers to the new keystone jacks. Unfortunately one of the original cables I had running between the rack and my desk is only 20′, so it is now too short for the new path, so only 4 actual connections to the desk. I’ll replace that later.) I’m rather pleased with my Internet performance today:

23 ms ping, 49.45 Mbps Download, 5.44 Mbps Upload, AT&T Internet, Keller, TX, < 50 mi

To Do: Install patch panel in the network rack, re-tip these cables into the back of the patch panel, install patch cables from panel to switch. Re-tip the cables going from the network rack to the Cisco lab bench the same way. Install some split loom or spiral conduit around these cable runs to keep them dressed neatly.

Keystone Jacks
4-gang surface mount box
25′ cat-6 Ethernet cables
5′ split loom. I should have ordered longer.

Uverse speed throttling

Large uploads on Uverse kill download bandwidth.

So it turns out if you’re uploading something on a Uverse connection, they kill your download bandwidth.

I had been poking around in iTunes, looking at the section of the store that shows what other members of your Apple Family have “purchased” (in quotes, because even “free” apps and music show up as “purchases”). The Wife had purchased several albums (or at least songs) that I would not have purchased myself, but wouldn’t mind having a copy, since we’d already paid for it. I clicked to download them (mostly songs from our high school days), then went to watch some YouTube videos. Normally we have enough bandwidth to handle this just fine, but the video kept stuttering (play for two seconds, pause for four seconds to download the next two seconds worth of video, play for two, pause for four for the next two seconds of playback download). I switched back to iTunes and saw that what should have taken about 3 seconds per song was predicting six MINUTES or more.
The Cisco ASA showed a lot of OUTGOING bandwidth being used, and very little incoming. Well that was odd. I wasn’t uploading anything that I knew of.

Speediest showed my download speed to be 5Mbps and upload of about 77Kbps. WELL below normal.

So, drop to terminal, do a tcpdump and low and behold lots of packets going out to Apple IP addresses (I’m sure I could have found this out from ASDM, but I don’t know the interface well enough yet and I do know tcpdump.)

Turns out when I stuck the SD card from my camera into the iMac and told Photos to download 10GB worth of video I shot today, it dutifully did so, then began uploading that to iCloud. There doesn’t seem to be a setting to permit uploading photos, but not video. With a 12Mbps down / 1.5Mbps up Uverse connection, 10+GB is going to take a WHILE to upload (especially since it was only uploading at about 500Kbps).

It would seem Uverse will only let you use either upload or download at any given time, but not both. If they’re going to screw you like that, they could at least give you a reach around and let you do it at the same SPEED in either direction.

(Of course it’s possible the throttling of download speed is due to the TCP/HTTPS “ACK”s coming back from Apple signaling receipt of the upload packets and readiness for the next upload packet, but those shouldn’t take much bandwidth at all. Barely more than the TCP/IP header and a few bits of payload, I would think.)

Edit: As soon as I stopped (really, paused for one day) the “Photos” upload, my download bandwidth came roaring back: 15Mbps down (from a connection that is technically only supposed to be 12Mbps…) / 1.5Mbps up on and my iTunes downloads were completing in seconds.

How not to “describe” your products on web sites

In which I go off on people who use the same item description on multiple online sales listings, each with a variety of features.

Cisco ASA5505-UL-BUN-K9 ASA 5505 Security Appliance vs Cisco ASA5505-50-BUN-K9 Asa 5505 Security Appliance vs Cisco ASA5505-SEC-BUN-K9 ASA 5500 Series Adaptive Security Router Appliance
Yeah, because I enjoy digging through Cisco’s web site to figure out which features are activated by a “UL-BUN-K9” vs a “50-BUN-K9” vs a “SEC-BUN-K9” license. I already have to know a little bit about Cisco to identify that string of characters refers to the IOS license version in the first place.

Seriously, if you’re going to sell this stuff on Amazon, don’t use the same description (of the hardware) for every one of them. That’s like putting up 5 different Toyota Corollas on a web site, each with a different VIN and price, but the same stock photo and describing them all as “A popular compact car” and leaving it to the potential buyer to decipher the VIN to find out what options each one has. “Let’s see, a ‘C’ in the 10th digit means it’s a 2012 model year, or maybe a 1982…”

Yes, I know. Someone will probably point out that if you’re shopping for Cisco equipment, you should probably be able to decipher the Cisco IOS license codes.

When default allow rules… don’t.

Now that I have a power supply for the Cisco ASA, I’m trying to get it up and running to sit at the edge of my home network, so I can pull the router to be part of my Cisco lab and it’s driving me crazy.
It’s default config as set up by the ASDM setup wizard is supposed to permit all traffic from the “inside” (high security zone) to the “outside” (low security zone). That’s all fine and dandy, until the default NAT/PAT config, which LOOKS like it says “NAT / PAT all traffic from ‘inside’ to the ‘outside’ IP address” doesn’t.

I don’t want to spend a lot of time learning the intricacies of the ASA OS right now. I’d rather spend it on IOS and working toward the CCENT / CCNA…

Adding my network to Cacti

Geeking with Cacti.

So, geeking out this evening, adding my entire home network infrastructure to Cacti, to track how it’s doing.
I’d already set up all my VM’s, the Cisco router and Uverse gateway, and my two hosted servers at Rackspace and Linode months ago.
Tonight I added my ESXi server and both Cisco switches. Of course, not much to see on most of the switch ports, since the only port in use on one of them is the uplink to the other switch (which means the only traffic on that port is Cacti polling it’s SNMP daemon). But it’s interesting, none the less.
I’ll probably do the same on the Cisco lab I build for CCNA study.

IPv6 has come to Uverse

More than a year after my 3800HGV-B Uverse modem actually acknowledged that such a thing as “IPv6” existed, it appears it is actually making it available for use.
Now to see if I can get my Cisco router to play nice…

Uverse modem IPv6 configuration