Booches.nl

Barracuda User Creation

I have a customer running a Barracuda SPAM firewall 300. The customer has the specific request that only the administrator can look at Quarantine messages and users shouldn’t get their own Quarantine inbox. To accomplish this I have configured the Quarantine Type: Global.

I see that all Quarantine messages are delivered in the globally configured mailbox. But sometimes the Barracadu still automatically creates an Account Address under the Users tab. The user from that Account has than the ability to look at their own quarantine messages. I thought it would help to configure the option New User Quarantine State to No, but this has no affect.

Does somebody know who to disable the function to automatically create User Accounts on the Barracuda SPAM firewall 300…??

relays.ordb.org

Since the day before yesterday, some of our customers complained having problems with receiving e-mail. The senders from the e-mail noticed that their mail had been blocked by relays.ordb.org. This RBL is offline, according to this article, at least everybody thought. Seems to me, the RBL came online yesterday and blocked everything. I have heard some rumours about the RBL coming online and blocking everything, so postmaster become aware of false configuration of the RBL lists in the mail components. Our customers were using Microsoft Exchange servers and were still using relays.ordb.org in their Connection Filtering rules. After deleting the URL the mail began to flows like nothing happend.

ProCurve excessive STP topology changes

Recently a colleque of mine noticed something strange in the STP configuration from a couple of HP ProCurve switches. He had a network, which was configured by another party, with switches running MST en RSTP mode spanning-tree. He noticed a lot of topology changes in the configuration, but couldn’t find out where they were coming from.

Yesterday I came in another native HP ProCurve environment with two 5412zl switches en multiple 3500yl switches. All the switches have MST configured and I noticed the same strange behavior. One switch had an uptime from 29 days, but had more than 700.000 topology changes. The last change was 11 hours ago. I checked the logging and noticed that ports going up and down, aren’t counted as a topology change. I have looked at different forums, but cannot find a reason for the topology changes.

My colleque and I will try to investigate the problem further, when we have some time left ;-). I hope we can come back on this issue, but maybe some of you already noticed the same problems and know the cause of it….

NTP Configuration

The right time synchronization is very important while troubleshooting different kind of problems. Most network components have the option to synchronize their time with a time server on the internal network or the internet. This post shows how to configure NTP with the right time zone on Cisco and HP ProCurve components. The example configurations use the NTP servers from pool.ntp.org.

Cisco

clock timezone MET 1
clock summer-time MEST recurring last Sun Mar 2:00 last Sun Oct 3:00
!
ntp server 141.40.103.102
ntp server 213.239.211.122

HP ProCurve

time timezone 60
time daylight-time-rule Western-Europe
sntp server 141.40.103.102
sntp server 213.239.211.122
timesync sntp
sntp unicast
sntp 720

HP ProCurve licenses

During an check-up on a network, I looked at the configuration of two HP ProCurve 5400zl switches. One of these switches functions as the core switch and default gateway for the various VLANs. To improve the availability and redundancy of the default gateway, I mentioned the configuration of VRRP (Virtual Router Redundancy Protocol).

On of the two core switches had the opportunity to enable VRRP with the command: router vrrp. The other core switch didn’t had the option to enable VRRP. I found this a bit strange, because both switches have the same hardware properties and firmware version. I spent some time looking at the HP Procure website.There I noticed that theHP ProCurve 5400zl switches require a Premium License to enable VRRP. I didn’t even knew that HP ProCurve switches had different kind of licenses, but after contacting the supplier and obtaining the license, I could enable VRRP and improve the availability of the network.