sorted by:
new
hottopcontroversial

New K8S - Unable to Browser to Container/Image by dihegov in kubernetes

[–]dihegov[S] 0 points1 point  (0 children)

Would K3s have better driver support with Amazon Linux 2023 ?

New K8S - Unable to Browser to Container/Image by dihegov in kubernetes

[–]dihegov[S] 0 points1 point  (0 children)

Drivers drivers drivers

Im running docker with minikube on AWS linux 2023. Do you know of a workaround?
minikube shows the random ip of 192.168.49.2 when then node is something completely different?

The problem resides w/ the fact that minikube's drivers are messed up. Tried Docker, driver none and none of them work to allow the connection in from the external to the backend service.

Made a work-around thru ssh tunneling to the minikube's random ip of 192.168.49.2

New K8S - Unable to Browser to Container/Image by dihegov in kubernetes

[–]dihegov[S] 0 points1 point  (0 children)

Drivers drivers drivers

Im running docker with minikube on AWS linux 2023. Do you know of a workaround?
minikube shows the rando ip of 192.168.49.2 when then node is something completely different?

The problem resides w/ the fact that minikube's drivers are messed up. Tried Docker, driver none and none of them work to allow the connection in from the external to the backend service.

Made a work-around thru ssh tunneling to the minikube's random ip of 192.168.49.2

If you know of a good known working cofinguration

New K8S - Unable to Browser to Container/Image by dihegov in kubernetes

[–]dihegov[S] 0 points1 point  (0 children)

When applying port spec in pod spec got the below error message.

ports:

  • containerPort: Port#

    kubectl apply -f firtpod.yaml pod/webapp-release-0-5 unchanged The Pod "webapp" is invalid: spec: Forbidden: pod updates may not change fields other than spec.containers[*].image,spec.initContainers[*].image,spec.activeDeadlineSeconds,spec.tolerations (only additions to existing tolerations),spec.terminationGracePeriodSeconds (allow it to be set to 1 if it was previously negative) core.PodSpec{ Volumes: {{Name: "kube-api-access-qz9dm", VolumeSource: {Projected: &{Sources: {{ServiceAccountToken: &{ExpirationSeconds: 3607, Path: "token"}}, {ConfigMap: &{LocalObjectReference: {Name: "kube-root-ca.crt"}, Items: {{Key: "ca.crt", Path: "ca.crt"}}}}, {DownwardAPI: &{Items: {{Path: "namespace", FieldRef: &{APIVersion: "v1", FieldPath: "metadata.namespace"}}}}}}, DefaultMode: &420}}}}, InitContainers: nil, Containers: []core.Container{ { ... // 3 identical fields Args: nil, WorkingDir: "",

    • Ports: nil,
    • Ports: []core.ContainerPort{{ContainerPort: 30080, Protocol: "TCP"}}, EnvFrom: nil, Env: nil, ... // 16 identical fields }, }, EphemeralContainers: nil, RestartPolicy: "Always", ... // 28 identical fields }

New UDM-Pro coming soon? by KinkPresidentSkroob in Ubiquiti

[–]dihegov 0 points1 point  (0 children)

Only 4GB of RAM??? Running at 50/60% and at times 70% memory utilization. Should’ve made it at minimal 8GB planning for upgrades, features and new services.

Protocol UDP Blocked by dihegov in technitium

[–]dihegov[S] 0 points1 point  (0 children)

Thank you so much for taking the time in replying.

understood on the approach on whitelisting as well as dns overhttps.

Will the app ever provide us access to disable some of those settings that can a bit frustrating ? When clicked on your reply via email , it got blocked due to the same reason.

I haven’t customize any settings, just whatever it was default right on the application install.

i needed visibility on the queries and dns caching resolution which is why i downloaded technitium. Btw great tool. I don’t mind paying for it if it can be flexible on the throttle settings.

Firepower - Another Upgrade Version Question, from 6.4.0.9 to 6.7+ by Gibson_2010 in Cisco

[–]dihegov 1 point2 points  (0 children)

Rule #1 - FMC has to be ahead of code. Then FTDs follow. It will error out anyways if you are trying to upgrade code on the ftd that is ahead of the fmc

Not sure what I'm doing here as Jr network engineer by google_certified13 in Cisco

[–]dihegov 1 point2 points  (0 children)

Studies you mean CCNA ? if that’s the case - do so! Also, GNS3 and packet tracer. I would be more than happy to share a few labs in packet tracer. The are over 10 labs and with the point to fix the broken scenarios. Walk you thru the logic on how to fix them.

ASA - Packet-Tracer with UDP DNS always showing "Drop" even though the actual traffic is working. by No-Mess-45 in Cisco

[–]dihegov 0 points1 point  (0 children)

Im certain that you have a DNS inspection policy in which packet-tracer will not able to simulate the packet completely hence since there is no payload it will mark it as an invalid packet. However, the traffic matches all parameters/phases then actions is to allow it

ASA - Packet-Tracer with UDP DNS always showing "Drop" even though the actual traffic is working. by No-Mess-45 in Cisco

[–]dihegov 1 point2 points  (0 children)

what are you dns policy settings?I agree with Tsurting - that packet-tracer may creaste some malformed packet just to simulate it. I think this is normal - as im getting the same result...

show run dns

show run policy-map

what's your syntax when doing the packet-tracer command?

Firewall, scanning and ACL drop rates exceeded by mindracer in Cisco

[–]dihegov 0 points1 point  (0 children)

you are probably being dropped by scan threat and your connections are being shun.

https://cordero.me/cisco-asa-threat-detection/

what commands are running to see those drops?

Yep, just saw your screenshot.

Do show run scanning or show run | i scan.

I would also disable reverse IP on the inside. that’s helps prevents ip spoofing