When working with networks, you have to deal with different devices from different vendors. When it comes to SFP tranceivers, you often need vendor specific transceivers because vendors tend to apply some sort of vendor locks. Despite SFP beeing a standard, you need SFP transceivers from your device's vendor. I found a nice solution to circumvent these requirements.
Over time, jumpNet's VPN servers became bottlenecks regarding bandwidth. Currently, the best VPN server in jumpNet offers 20MBit/s upstream, which is okay but not sufficient for large file transfers like backups. In this article, I describe how to build a L2TP/IPSec VPN server with OSPF routing capability.
jumpNet is fine - no question. But it's small and some how I got used to it. There is little new to discover (maybe I'm going to realize a point-to-point radio link this summer, but that's another story) and so I decided to follow up an old plan: Connecting the jumpNet to dn42.
Some time ago I moved from Zähringe Straße to Merzhauser Straße. What a lucky coincidence, that I moved into the appartment of one of the jumpNet participants. Time to change the topology of the jumpNet a bit.
The jumpNet grows, so do the logs. A little tired of grepping and tailing and lessing it came handy that I needed a solution for a customer with similar needs. After doing some research in the internet, I came across the so called ESK stack. Elasticsearch, syslog-ng and Kibana. Sure, I heared about Elasticsearch and Kibana, but till then I thought this is some hipster IT crap and - I never was so wrong. (Yeah, there is some prejudice coming with age and experience...)
As you propably know, the jumpNet has a redundant VPN infrastructure and is using OSPF. To improve the network design futher, I investigated the possibility of equal-cost multi-pathing. Doing so I needed to tackle a little with the stateful firewall.