Transit Update! Out with Global Crossing and in with Hurricane Electric

As Global Crossing were purchased by Level3 some time ago, and Gconnect were using both Global Crossing and Level3 as two of our four transit providers, we decided to use Hurricane Electric as a new provider to replace Global Crossing. Hurricane Electric have been long time IPv6 advocates and have a global peering network which is almost unmatched. We have connected from our Telecity Reynolds POP and so far the results have been excellent. This now restores our 4 independent ‘Tier 1′ transit provider policy leaving our AS33941 object showing:

aut-num:        AS33941
as-name:        GCONNECT
org:            ORG-CTL6-RIPE
descr:          Challenger Technology Ltd
descr:          Gconnect Autonomous System
remarks:        ------------------------------------------
remarks:        -- TRANSIT: Level 3 Communications --
remarks:        ------------------------------------------
import:         from AS3356 accept ANY
export:         to AS3356 announce AS-GCONNECT
mp-import:      afi ipv6.unicast from AS3356 accept ANY
mp-export:      afi ipv6.unicast to AS3356 announce AS-GCONNECT
remarks:        ------------------------------------------
remarks:        -- TRANSIT: Hurricane Electric --
remarks:        ------------------------------------------
import:         from AS6939 accept ANY
export:         to AS6939 announce AS-GCONNECT
mp-import:      afi ipv6.unicast from AS6939 accept ANY
mp-export:      afi ipv6.unicast to AS6939 announce AS-GCONNECT
remarks:        ------------------------------------------
remarks:        -- TRANSIT: Cogent Communications --
remarks:        ------------------------------------------
import:         from AS174 accept ANY
export:         to AS174 announce AS-GCONNECT
mp-import:      afi ipv6.unicast from AS174 accept ANY
mp-export:      afi ipv6.unicast to AS174 announce AS-GCONNECT
remarks:        ------------------------------------------
remarks:        -- TRANSIT: Tiscali International --
remarks:        ------------------------------------------
import:         from AS3257 accept ANY
export:         to AS3257 announce AS-GCONNECT
mp-import:      afi ipv6.unicast from AS3257 accept ANY
mp-export:      afi ipv6.unicast to AS3257 announce AS-GCONNECT

Managed Services Update




We’re starting on our new marketing campaign this week and the subject matter is our 3 core managed service offerings:

Its all go with website updates, new printed literature and technical specs and PDF data sheets brought up to date. The products themselves are not something new for Gconnect but its nice to have it formalised. Our management services utilise our many years of industry experience, ITIL compliant support system, vendor accreditations and certified engineers to provide a reliable, polished experience. So if you need some help with managing those non-mainstream applications and operating systems, let us know!

MySQL Replication with ZFS

After a meeting with a customer this week, we were posed with the question of how to backup  a MySQL database, off site with the ability to recover records that have been deleted in error. To make the job more interesting, there are some ‘caveats’ which include, not buying Terrabytes of storage, not requiring enormous amounts of bandwidth and not using a massive overhead on te production server. Currently the end user is using a well know replication product which rhymes with ‘Trouble Bake’ but this is using 1GB of RAM on the 32Bit OS so is causing some issues. MySQL is running on Windows for that extra RAM overhead and can only have 4GB RAM (see 32Bit).

As fairly long time users of ZFS with FreeBSD, we are now testing a box which is replicating MySQL using the built in replication feature (in real time) and the snapshots the data every hour. Our Lab is using a ‘production database which is quite small and the data does not change much. The results are very good, so good in fact we are now using it to take backups of web servers in parallel to the normal backups. With great features like de-duplication, on the fly compression and quotas the ZFS system is really worth looking at. The new version of FreeBSD has the system installed out of the box as of course does Solaris and Linux even has a package called ZFS on Linux.

If you are motivated to have a look, here are some links:

FreeBSD Project
ZFS on Linux
Or if you would like some help from Gconnect click here

Work Diary: VPN, VPN and more VPN

This last week has been a week of many VPNs. We started with encrypting our L2TPv3 VPN over  a tunnel based IPSec VPN between two Cisco IOS routers – now my preferred method of site to site VPN. The next configuration was a Cisco ASA to Cisco IOS router which, unfortunately, does not support the tunnel method so a ‘traditional’ style was needed on the router to match up with ASA. Site-to-site VPNs are fairly straightforward but we have  had several requests this week for modifications and changes to Remote Access VPN setups.

The RA VPN can have a lot of configuration to include split tunnelling, split DNS, Active directory Authentication and the list goes on, and on, and on. The requirements this week were for data hair-pinning and reaching other site to site destinations from a remote access user. At Gconnect we have traditionally deployed the Cisco IPSec VPN client mainly due to licensing constraints but recently have bee using the SSL VPN, both client-less and with the AnyConnect client – but as one client found out this week, there is a significant RAM requirement for some of these features.

Gconnect can manage your Cisco IOS and security devices – for more information see here


Work Diary: Layer2 VPNs

We had an enquiry this week from somebody who had found us on the Cisco website (Thanks Cisco!) who needed a layer2 VPN setting up. As the story unfolded, he wanted a layer2 VPN to run over a couple of broadband lines. This type of VPN solves a lot of problems in certain situations, in his case, there are 2 devices which have only MAC addresses and need to communicate over ethernet. Other uses include, extending the company LAN back to remote sites or home offices – meaning the remote users can use telephone systems, DHCP servers and the like over the link. Normally we would have delivered it over our MPLS network but as we are not the connectivity provider here we had to come up with a new solution. We used a technique using the open standard L2TPv3 (Layer 2 Tunneling Protocol v 3) which supports Layer 2 VPN and pseudo wires and ended up with a fully configured Lab setup deployed on 2 Cisco routers and 2 Gconnect broadband lines.

Gconnect Cisco Consultancy
L2TPv3 Layer 2 Tunneling Protocol v3
Cisco Cloud and Managed Services Partners



Work Diary: A bit of BGP (Border Gateway Protocol)

We manage a couple of BGP Autonomous Systems (AS) for a service provider client. Today we have been advertising some new prefixes out of  1 autonomous system, ensuring that we have multiple connections announcing the same ranges for resiliency and diversity. Gconnect , as Cisco Cloud and Managed Service Partners, can leverage our experience in managing large Cisco networks whilst maintaining controls, checks and balances. Although we use a formal change control process, stringent backup and configuration archiving we are still agile enough to perform an update like this in a couple of hours, rather than days. You can find out more about how the internet is glued together with BGP (Border gateway Protocol) here.

Gconnect Cisco Consultancy
Cisco Cloud and Managed Services Partners


Work Diary: Making sense of NFSen

We recently took on new client who was hosting a SOAP server on the end of 2mbps leased line. The line was being completely flat-lined and the service was all but unavailable. Unfortunately, the networking hardware on site was pretty ‘basic’ so it was not possible to see what the issues were. The client had decided that as this service was mission critical they would move the 2 servers into the cloud, and then the extra bandwidth available would probably solve the issue. After the  initial install and server setup, we were able to analyse the data going to and from the server using a Netflow collector. This analysis identified the issue and the customer was able resolve the issue by speaking to the owner of the offending server. By using proprietary Cisco networking equipment and firewalls we are able to export Netflow data to our collectors which run on FreeBSD and NFSen, giving customers access to a wealth of data to help keep their businesses running at their best.

The NFSen Project at Sourceforge
The FreeBSD Project
Gconnect Hosting

Connecting to Gconnect Hosted Exchange from a Linux Desktop

If you are looking to connect to the Gconnect Hosted Exchange platform from an open source desktop such as Ubuntu, Mint or CentOS then try Exquilla with Mozilla Thunderbird. From the Mozilla Thunderbird ‘Tools’ menu, Exquilla can be installed as an add-on. After that a menu item called ‘ExQuilla for Microsoft Exchange’ appears in the ‘Tools’ menu, from which you can configure the account. In addition to the email, ExQuilla also synchronises the address book, making the solution even better! Open-source is great, but sometimes we need to combine it with enterprise applications that businesses use, and at Gconnect we are always looking to offer the most appropriate solutions.

The ExQuilla project 
Gconnect Hosted Exchange details
Ubuntu Desktop  :  CentOS  :  Linux Mint


Work Diary: Redhat and CentOS

This week we’re working on a project for a customer to replace their very old, very poorly Linux Redhat 4 server with a sparkling new server running the latest Redhat 6. During the transition the customer has a temporary cloud backup solution for protecting critical data as the tape drive has failed. We have built a new CentOS based storage appliance on the customer site to keep 7 days worth of full backups using rsync over SSH and will change the Cloud Backup solution over when the new server is commissioned. Another requirement is to provide an CIFS share for the windows network using Samba – this if for the MS Exchange server to write backup jobs to. Its an interesting project combining open source software, proprietary software and cloud technology, yet still keeping backup data where the customer can ‘see’ it.

Gconnect Cloud Backup products
Gconnect UNIX/Linux Consultancy
Linux Redhat
CentOS Linux

Gconnect are “Cisco Powered”!

Gconnect have now achieved Cisco Cloud and  Managed Services Express Partner with ‘Cisco Powered’ MPLS-VPN status. What does that mean? Well, Cisco sent down some auditors to check out our processes and procedures along with our technical setup to ensure we are operating in a manner that meets their standards. In order to start the process we also had to meet other pre-requisites such as certified engineers and a proven track record in delivering Cisco based services. Gconnect are the smallest Cisco Cloud and  Managed Services Express Partner in the UK making us the ideal partner for companies wanting the assurance of third party audit and the responsiveness of  small dynamic ISP.

Gconnect MPLS and connectivity products
‘Cisco-Powered’ Information
Cisco Cloud and  Managed Services Information