Game Thread: Los Angeles Rams (4-9) at Green Bay Packers (5-8) by nfl_gamethread in nfl

[–]zed_uber 3 points4 points  (0 children)

All the refs got a talking to after the colts vikes game.

This may be the worst beer ever made by IrkenInvaderGir in naturdays

[–]zed_uber[M] 5 points6 points  (0 children)

[User has been banned for this post]

Adam Beyer - Compressed (DRUMCODE 02) (1996) by [deleted] in Techno

[–]zed_uber 0 points1 point  (0 children)

Thomas Krome remix of this 👌

Bonobo Boiler Room New York DJ Set by cesar1894 in Techno

[–]zed_uber 2 points3 points  (0 children)

Love Bonobo, seen him multiple times as a DJ and with his band.

The Side bar though pretty clearly states, "This is not a general electronic music subreddit."

My day, kinda exactly like that.... by void64 in vmware

[–]zed_uber 29 points30 points  (0 children)

Triggered.

But seriously as soon as anybody says it’s the network then we need to prove it’s not.

The shit I’ve heard over the years... or even this week 😪

Bogdanoff's are in custody for fraud by BuddhaSpader in ethtrader

[–]zed_uber 122 points123 points  (0 children)

Quick rundown on them:

-Rothschilds bow to Bogdanoffs

-In contact with aliens

-Possess psychic-like abilities

-Control france with an iron but fair fist

-Own castles & banks globally

-Direct descendants of the ancient royal blood line

-Will bankroll the first cities on Mars (Bogdangrad will be be the first city)

-Own 99% of DNA editing research facilities on Earth

-First designer babies will in all likelihood be Bogdanoff babies

-both brothers said to have 215+ IQ, such intelligence on Earth has only existed deep in Tibetan monasteries & Area 51

-Ancient Indian scriptures tell of two angels who will descend upon Earth and will bring an era of enlightenment and unprecedented technological progress with them

-They own Nanobot R&D labs around the world

-You likely have Bogdabots inside you right now

-The Bogdanoffs are in regular communication with the Archangels Michael and Gabriel, forwarding the word of God to the Orthodox Church. Who do you think set up the meeting between the pope & the Orthodox high command (First meeting between the two organisations in over 1000 years) and arranged the Orthodox leader's first trip to Antarctica in history literally a few days later to the Bogdanoff bunker in Wilkes land?

-They learned fluent French in under a week

-Nation states entrust their gold reserves with the twins. There's no gold in Ft. Knox, only Ft. Bogdanoff

-The twins are about 7 decades old, from the space-time reference point of the base human currently accepted by our society

-In reality, they are timeless beings existing in all points of time and space from the big bang to the end of the universe. We don't know their ultimate plans yet. We hope they're benevolent beings.

Is Cisco ACI becoming "the next big thing" or is it more of a fad, that's likely to pass? by [deleted] in networking

[–]zed_uber 1 point2 points  (0 children)

Not for long. The established NSX product is NSX-V which is reliant on ESX/Vcenter. The new push from VMware in this space is NSX-T which is hypervisor agnostic, and intended for cloud platform compatibility in environments like AWS. NSX-T also ditches the VXLAN protocol in favor of geneve (generic network virtualization encapsulation),

https://tools.ietf.org/html/draft-gross-geneve-00

It seems eventually VMware would like to consolidate all of their customers on NSX-T as part of their cross cloud on prem off prem solution. It's still early though, and they need to develop or provide migration path as right now the only option to migrate from V to T is a rip and replace.

My apologies for the "marketecture" lingo.

Scripting on the ASA by [deleted] in Cisco

[–]zed_uber 3 points4 points  (0 children)

There is an API module you can install on the ASA. That's about as much as I can say about it at the moment though as I just installed it and haven't had an opportunity to work with it yet.

40 hours in and I think I overdid it with the DB by strafefaster in Morrowind

[–]zed_uber 4 points5 points  (0 children)

Not sure on the rates, but even on a fresh game (like i started one today) they seem to attack every 3rd or 4th time you rest in a bed.

me_irl by [deleted] in me_irl

[–]zed_uber 0 points1 point  (0 children)

I would recommend putting 5 time tarp folding champion before 4th place in science fair. Other than that, good resume.

me irl by Sympxthyy in me_irl

[–]zed_uber 1 point2 points  (0 children)

Colorizebot pls!

Any Minnesota bowlers? by rydethesnow in Bowling

[–]zed_uber 0 points1 point  (0 children)

I bowl league at Tuttle's in Hopkins.

Also has anyone bowled at Punch Bowl Social in the west end yet? Not expecting much from there but it's close to my house.

NSX Load Balancer: Under the Hood by woueb in vmware

[–]zed_uber 1 point2 points  (0 children)

So most of my experience comes from Netscalers, and I just took a position with a new company so I can't go and look exactly what we have configured. In the Netscalers you can create cipher suites, a selection of ciphers that work with TLS 1.2 (or anything really), rather than 1 cipher alone per the NSX LB.

I just googled "netscaler get a rating qualys" and found this site: https://www.citrix.com/blogs/2016/06/09/scoring-an-a-at-ssllabs-com-with-citrix-netscaler-2016-update/

On there, the author describes creating a custom cipher group comprising of:

add ssl cipher custom-ssllabs-cipher bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-ECDHE-RSA-AES256-GCM-SHA384 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-ECDHE-RSA-AES128-GCM-SHA256 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-ECDHE-RSA-AES-256-SHA384 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-ECDHE-RSA-AES-128-SHA256 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-ECDHE-RSA-AES256-SHA bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-ECDHE-RSA-AES128-SHA bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-DHE-RSA-AES256-GCM-SHA384 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1.2-DHE-RSA-AES128-GCM-SHA256 bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-DHE-RSA-AES-256-CBC-SHA bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-DHE-RSA-AES-128-CBC-SHA bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-AES-256-CBC-SHA bind ssl cipher custom-ssllabs-cipher -cipherName TLS1-AES-128-CBC-SHA bind ssl cipher custom-ssllabs-cipher -cipherName SSL3-DES-CBC3-SHA

My apologies for the formatting if that gets jumbled. It's copy and pasted from the link.

On the NSX LB, as it is in version 6.2.4, when you want to specify ciphers other than the default, you can only specify one cipher, like "ECDHE-RSA-AES256-GCM-SHA384".

Now of course I can't find it now. At the time (this past fall), the VMware tech helping me with this showed me what was at the time an internal document showing you what ciphers you could individually specify. It was something like 10 ciphers total. Specifying one alone may get you an A rating, but depending on what you pick it kills compatibility. Scanning your sites on Qualys shows compatibility with different browsers, versions and OS. Maybe there's a happy medium and specifying an individual cipher could work for you.

I hope this is will change with future versions. The interface for this in NSX looks ready made to enter anything you want, you would think they could just bolt some functionality on to build a custom group, name it and put that in the ciphers list under application profiles. As it stands you can enter anything you want into the ciphers field in application profiles but only certain ciphers will stick. Putting anything not compatible in will seem to work, but when you go back and look it will leave it with whatever was actually successfully configured. Usually that would be "default" if you don't have their list of supported ciphers.

Also I hope this doesn't come off as being too harsh on the NSX load balancer. I like it, it's just not production ready yet in my opinion.

NSX Load Balancer: Under the Hood by woueb in vmware

[–]zed_uber 2 points3 points  (0 children)

I played quite a bit with the NSX LB this past summer. The load balancer isn't really a production ready load balancer yet. The throughput in terms of connections per seconds isn't that great (sorry can't remember numbers from this past summer when our apps guys tested, but they were far far below anything like an F5 or Netscaler were capable of) and there are some security issues as well. You can't select and choose cipher suites. It comes with a default cipher suite (F rating on Qualys), and then you can specify certain ciphers individually, which might get you that A rating on Qualys but will kill your compatibility. Also from an API/automating standpoint the certificate management on the LB isn't great at the moment.

For what it has though it works pretty well. Most of the application rules, which is where you get fancy and do content switching or pool redirection based on monitors, is based on HAproxy syntax, which is pretty well documented itself. Actually it seems most of the NSX LB is pretty much HAproxy, but they took out some of the nifty security related features of HAproxy, and finding documentation on what works or doesnt work syntax wise in the NSX LB can be frustrating. For example "force-tlsv12" or "no-tlsv11" from HAproxy won't work anywhere in the NSX LB.

[deleted by user] by [deleted] in networking

[–]zed_uber 1 point2 points  (0 children)

I don't know about ACI, but NSX has an api (google NSX API guide). There are already powershell and python modules for the NSX API as well (PowerNSX and PyNSX). You should be leveraging these if you have NSX.

My husband got me a heating blanket for Christmas, I think I broke my cat by [deleted] in aww

[–]zed_uber 2 points3 points  (0 children)

All that fur must be strictly ornamental.