Having Problems With OVH Blocking Valid IPSEC Traffic?

Submitted by gpmidi on Tue, 04/21/2020 - 15:04

OVH's DDOS Mitigation System was constantly blocking my IPSEC traffic when I had it encapsulated in UDP. Once I switched it back to native IPSEC (the IP protocol, not in a UDP wrapper for NAT traversal) it stopped blocking it. Repeated tickets to OVH resulted in no changes or fixes. They just ignored the tickets or were useless. Hope you don't need IPSEC with NAT traversal for them!

Tags

xmlsec/xmlsec1 In Heroku Python gpmidi Thu, 02/27/2020 - 21:24

Need xmlsec (aka xmlsec1) working in Heroku's Python? Try this: 

  1. Install buildpack: heroku buildpacks:add --index 1 heroku-community/apt
    1. This needs to be before the Python buildpack. You can validate that in the settings tab now days. 
  2. Create an Aptfile in the root of your project and add:
    1. libxml2-dev
      libxml2
      libxmlsec1-dev
      libxmlsec1
      libxmlsec1-openssl
      build-essential
      libxml2-utils
      xmlsec1
  3. Commit & Push!
Diagram Of Planned Network gpmidi Sun, 02/16/2020 - 11:33
Network Gear In Place gpmidi Fri, 02/14/2020 - 22:15

The network side of my rack redo is almost done. Once the two SRX650s on top are removed it'll be good to go. 

Gear

  • 4x SRX650s w/ 10GbE
  • 2x RackSwitch G8264
  • 2x RackSwitch G8000 w/ 10GbE
  • 1x Digi console serve
  • 1x Avocent KVM
  • 2x Voltaire Infiniband 4036 - 4xQDR (aka 40Gbps)

 

IB Network

The IB network will be used for Lustre

Two NDS-4600-JD-05

Submitted by gpmidi on Tue, 02/04/2020 - 08:41

These two NDS-4600-JD-05 units each have space for 60 3.5" drives with four 6 Gbps SAS ports on each of the two controllers. The plan is to connect two R610s (eventually R620s) to each of them with the DAS units partitioned so that each of the R610s/R620s has 30 disks (well, 15-disks on each of a pair of redundant 6 Gbps SAS lines). There will be a Ceph OSD per disk on each of the 30 disks. Half of the 30 disks will be 8TB and half will be either 3TB or 2TB disks.