always remember

Nothing is foolproof to a sufficiently talented fool... Make something
idiot proof, and the world will simply make a bigger idiot.

Fix Windows 10 Remote Desktop Mouse “Bump” Glitch w/Multiple Monitors

If you have multiple monitors, and are running Windows 10 v1903 on your local (host) computer, and are connecting to other Windows 10 machines (regardless of version) via Remote Desktop, you may well have experienced the rather annoying mouse “jump” or “bump” as you pass your cursor across the boundaries of the 2, 3, 4 monitors. This problem also manifests itself on occasion as a black box that “sticks” to your cursor and follows it around the screen, blocking out whatever it is you hover over, making it incredibly difficult to continue using.

This is caused by the change v1903 to RDP’s default Graphics Driver used for RDP sessions wo WDDM, prior to 1903 this was XDDM (thanks for the upgrade Microsoft)

To work around this issue, set the following GPO to Disabled on your local (host), and reboot. A gpupdate /force was not sufficient to apply this setting.

“Use WDDM graphics display driver for Remote Desktop Connections” > DISABLED

Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment

As a side note, you may receive a protocol error if you try to open any previously saved RDP files that have the dispaly setting “Visual Styles” ticked. This is a WDDM feature, and needs to be un-ticked for the RDP file to be used.

dave / August 20, 2020 / Guide

How To: Fix “Packet to client reached max retries, removing the client” – Cisco Aironet AP 1142

During a recent deployment of Cisco Aironet LAP1142’s I came across a rather annoying handling of low signal client devices by the default config of Maximum Data Packet Retries when configured via the WebGUI.

The Problem:
Clients in low signal areas or at great distances from the AP would experience constant disconnects and WPA2 rekeys, when they should have been able to persist on the wireless network, just with greater latency and packet loss at low signal strength. This is evidenced in the Cisco AP log with the following lines (that will often repeat many many times)

May 19 13:31:01.885: %DOT11-4-MAXRETRIES: Packet to client aabb.ccdd.eeff reached max retries, removing the client
May 19 13:31:01.886: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station aabb.ccdd.eeff Reason: Previous authentication no longer valid
May 19 13:31:05.213: %DOT11-6-ASSOC: Interface Dot11Radio0, Station aabb.ccdd.eeff Associated KEY_MGMT[WPAv2 PSK]

Why This Happens:
It turns out, that although you can control the Max Data Packet Retries variable in the WebGUI, you do not get given any contextual information, or the ability to set the additional parameter of “drop-packet”

Without settng “drop-packet”, the AP resorts to it default behaviour of dealing with a MAXRETRIES event by outright disconnecting the client and forcing a rekey.

The Fix:
Via CLI (either SSH/Telnet or serial console), modify the interface config for the Radio in question (or all of them), set the packet retries setting to 128 and enable drop-packet:

en
conf t
int Dot11Radio0
packet retries 128 drop-packet
int Dot11Radio1
packet retries 128 drop-packet
do write mem

This resolved my issue, low signal clients and clients at great distances from the AP now have low signal, lower speed and increased latency, but they DO stay connected to the network. In my opinion, this is far more typical behaviour for a WiFi network, and in most cases, general public users excuse the speed and latency when they notice they have poor WiFi signal. They DO NOT excuse being constantly booted from the network over and over again.

To be clear, the correct fix for this would be to ensure good signal coverage in all service areas, and avoid Radio band interference. However, this is not possible in this scenario, and the fix above works.

This is a working fix on an AIR1142, but will work on all 1140 series, 1200 series, 2800 series and 3800 series (And probably more IOS based access points of the same era)

dave / May 19, 2020 / Cisco

F5 BigIP LTM – iRule Accept Only UserAgent to Hostname

The following code snippet assumes you have a wildcard virtual host within the F5 LTM device, and that you wish to only allow traffic into that virtual host if a specific user agent string is matched and that the hostname is matched.

when HTTP_REQUEST {
    if {{ [class match [HTTP::header "User-Agent"] = "Browser 2.1.0"] } and { ([string tolower [HTTP::host]] starts_with "subdomain.domain.com") }} {
        return
    } else {
        drop
    }
}

It should be modified to suit your specific requirements.

dave / April 14, 2020 / Code, F5 BigIP

F5 BigIP LTM – iRule Unblock Violation Name

In the event you need to unblock a triggered ASM block event within F5’s BigIP LTM/ASM appliances, the following iRule may be of use. The one shown below specifically unblocks illegal redirection attempts that match a URI partial string.

when ASM_REQUEST_DONE {
    if {{[ASM::violation names] contains "VIOL_REDIRECT"} and 
    {[string tolower [HTTP::uri]] contains "/string1/" || 
    [string tolower [HTTP::uri]] contains "/xyz-location/" ||
    [string tolower [HTTP::uri]] contains "/abc/"}}
    {
        ASM::unblock
        log local0. "ASM unblocking [HTTP::uri] - (XYZ Manual iRule Unblock)"
    }
}

Additional Violation Names can be found under: Security -> Options -> Application Security -> Advanced Configuration -> Violations List -> Built-In Violations. You must use the internal ASM Violation Name in the iRule, not the friendly name shown in the event logs or the rest of the GUI.

The above is tested/working within F5 BipIP LTM VE v15.0.1

dave / March 18, 2020 / Code, F5 BigIP

Using LogDump & RBA’s to Reposition a REPLICAT Process

When a REPLICAT process ABEND’s it can be dificult to pinpoint why, and trying to get over the error and allow the REPLICAT to continue can be tricky.

In this example, my source is an Oracle Linux 12c machine running EXTRACT, my target is a Windows Server 2016 machine running MSSQL/REPLICAT.

The Error:

In this example, we are presented with the following errors in the REPLCIAT report after it has ABENDED

2019-08-15 18:21:20  WARNING OGG-03014  Source column COLUMN_NAME has more characters than target column COLUMN_NAME can hold. Some source characters will not be mapped during conversion from source character set UTF-8 to target character set UTF-16.

2019-08-16 09:28:56  ERROR   OGG-01163  Bad column length (357) specified for column COLUMN_NAME in table TABLE.X, maximum allowable length is 255.

From the same report, we need to garner what RBA the fault occured at, you can see this here:

Last log location read:
     FILE:      C:GoldenGatedirdat/1p000003921
     SEQNO:     3921
     RBA:       4982061
     TIMESTAMP: 2019-08-16 09:28:53.053432
     EOF:       NO
     READERR:   0

With this information, open LogDump, prepare the application, and move to your RBA:

Logdump 1 > open C:GoldenGatedirdat/1p000003921 (use your filename here)
Logdump 2 > ghdr on
logdump 3 > detail on
logdump 4 > detail data
logdump 5 > ggstoken on
logdump 6 > ggstoken detail
logdump 7 > pos 4982061 (use your RBA here)

Read On… ->

dave / September 3, 2019 / Code, Oracle

How To: Configure multiple VLAN interfaces in SolusVM

There may be times when you wish to give VM’s on one of your SolusVM nodes access to IP resrouces that are segmented into discrete VLAN’s at network level. If this is the case, you need to create network bridge interfaces on the node, and suply them with your VLAN interfaces. This is explained below.

  1. Configure the base interface, in this example, we ahve trunked eno2 with vlan’s 220 and 221, as we have group of VM’s that require to bind IP’s within this VLAN.
  2. [root@solus-node01]# cat ifcfg-eno2
    DEVICE=eno2
    BOOTPROTO=none
    UUID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    ONBOOT=yes
    TYPE=Ethernet
    NM_CONTROLLED=no
  3. Configure your VLAN sub interfaces, note that we designate each interface to its own new bridge interface, this is required.
  4. Read On… ->

dave / October 24, 2018 / Code, Guide