blog Uncategorized

2017 Goals

You are under no obligation to be the same person you were 5 minutes ago.

This quote hit a cord with me late in the year.  I knew something had to change. Politics, Facebook, job, hobbies, kids, wife, family, were all fighting each other for a time slot.  My sleep schedule oddly wasn’t very picky and for quite some time my wife considered me to be on the the sleepless elite but from around November to now, I’m just tired. My body needs to rest and reset.

Like most people, I suppose, I set some goals for myself this year.  Some of them I had and failed in 2016 but want to dedicate some time to them nonetheless.

Here they are (in no particular order):

  • Read 1 book a month for entertainment, not specifically work related.
  • Learn to code in python.
  • Become an AWS Certified Solutions Architect Professional.
  • Ditch Facebook.
  • Lose 50 pounds.
  • Implement retirement savings plan.
  • Learn to be patient with my kids.

Laying these out in such a pubic fashion will hopefully keep me honest about them, however, I’ll take it one step further and lay out my current plan of attack for each of them.


This should be easier than it ends up being.  In 2016 I read a total of 5 books.  My favorite was Elon Musk’s biography by Ashlee Vance which I read on the beach in Mexico while on vacation with my wife and parents.  I have a pretty broad range of interests from science and engineering to philosophy and even economics.  As long as it isn’t a romance novel, I’m probably OK but I’ll likely read books that will still benefit me in some way.  Feel free to comment below on recommendations.  My first book will be: Our Revolution by Bernie Sanders


I’ve enrolled in an Introduction to Computer Science course through EDX which is presented by MIT as well as picked up the Udemy class for Automate the Boring stuff.  I begin the EDX course today and will follow it for the next 12 weeks.  Shortly following and depending on where my next goal is, I’ll start the Udemy course.

AWS (Amazon Web Services)

The first time I learned about “cloud”, I think I was hooked.  Not having to worry about specific underlying hardware and other resources and just focusing on the “thing” that you want to do was really intriguing to me.  I’ve been a longtime fanboy of Google Apps (G Suite) as a cloud based email and document handling service as well as Microsoft Office 365 but the real 800 pound gorilla in the cloud computing space is Amazon.  Amazon Web Services has a true vision for how “cloud” should be accomplished and have laid out certification courses for various aspects of these services.  My end goal is AWS Certified Solutions Architect Professional, I’ll be taking a few stepping stones along the way and using A Cloud Guru’s courses on the associate level certifications to get started.  This is actually a carry over from 2016 and am more than 75% through the initial learning process.

Facebook and other Distractions

Between Facebook and Reddit, my time in front of a screen was getting a little out of control.  I am reducing the time I’m on Reddit for “bathroom” breaks but Facebook is going away from my daily habit completely.  I figured I could use this time more wisely with the rest of my 2017 goals.  Over the past few years my mailing lists and email subscriptions got a little out of control as well.  As a result, I’ve unsubscribed from around 45 publications and will only seek out the information I desire on an adhoc basis.

Weight Loss

Keto is my plan and my plan tastes like bacon 🙂  Super low carb, high fat, adequate protein.  I’m going through some sweet tooth cravings right now but able to quince those with some sugar free options and lots of water (no room for other stuff).  In addition to diet, I’ll be breaking out the bikes this year and have a goal of 2000 total miles.  This will be tracked with Strava and my progress will be available on this site after a while.


I read an article last month about retirement savings and how much I need to be putting away into investment accounts every month and determined that if I don’t do this now, I simply won’t be able to afford to retire when the time comes.  I’ve read enough personal finance books to have a fairly well rounded foundation but will be leaning towards simplifying rather than being overly aggressive which is loosely based off of I Will Teach You to be Rich by Ramit Sethi.


I have no idea what I’m doing here just that I  know I lose my patience too quickly.  My daughters both stubborn and I need to do better to remember this.  I’ll start off by counting to 5 instead of just 3.

Cisco Microsoft Uncategorized Windows

Troubleshooting Network Performance Issues

This won’t be a tutorial, however, the purpose of this post is to highlight some common TCP/IP issues that degrade network performance.

Network Congestion – If your firewall/router graphs your network usage, use that or obtain your current throughput (up/down) to your ISP. Use the current usage and then run a few speed tests in order to determine if your hardware is capable of hitting your maximum download/upload speeds you currently pay for. So if you have a 100 meg fiber circuit and your firewall is showing you are currently using about 60 megs at any given time, you should be able to get somewhere close to 40 megs on a download test from If not, either your provider is not giving you the bandwidth you are paying for or you have a hardware issue. If you have SNMP capable devices, a really simple tool is STG

Maximum Segment Size (MSS) – I’ve run into this issue a number of time, mostly when dealing with GRE/DMVPN tunnels. It’s usually fixed on Cisco routers by issuing ip tcp mss 1400. You can read more here: TCP MSS Adjustment

High TCP Retransmissions – This one you’ll probably have to take out Wireshark and start a packet capture from the device that is having issues in your network or use a network tap or even a span port on a switch. If TCP retransmissions are high, you have a problem somewhere in your network. Most commonly on wireless.

TCP Window Scaling – I’ve seen this most commonly on modern firewalls that use Deep Packet Inspection (DPI). Please read more here.

Slow DNS Responses – in most enterprise environments, PC’s will have a local DNS server to query from which would cut down on this problem, however if the server were having CPU/Memory/Disk issues, it can still happen. Likewise, if you do not have a local DNS resolver, and use a remote DNS server, this can also be a problem. I’ve used a tool from Google in the past to help troubleshoot and to point me to the best DNS server based on my network/location called Namebench.

Path MTU Discovery (PMTUD) – This is where the “secure by default” methodology of most firewall’s today may kick you in the butt. By disabling ICMP, you also disable Path MTU Discovery. It’s a simple fix but Cisco has the best explanation I’ve been able to find on it. You can read that here. Then someone felt very strongly about the subject and created a website dedicated to it here.

Routing Issues – In this case it would be poorly configured asymmetrical routing. Traffic goes out on a nice 100 meg connection but comes back to you on your backup 20 meg connection, likely due to a BGP configuration problem.

TCP Offload – Depending on how your servers are configured, this could be a blessing or a curse. I’ve most commonly had a problem with this on virtualized servers where the host/virtual NIC weren’t on the same page. Disabling it helped.

SMB 3.0 Multichannel – Read here for details on it, but simply put, add more network interfaces to your file server and you’ll have better performance.

I have re-created the wheel here somewhat but if you want a single source for some good information on most of these issues, please visit this site.

Also, learn Wireshark. It will become your best friend.


Faster XenServer VM Exports

I am migrating a few XenServer VM’s between AMD and Intel pools for a customer and stumbled across a faster way to do the export than through XenCenter.

From the Windows host where XenCenter is installed, run the following command:

C:\Program Files (x86)\Citrix\XenCenter\xe.exe -s x.x.x.x -u root -pw xxx vm-export vm=SERVERNAME filename=C:\users\user\folder\SERVERNAME.xva --nossl

The trick here is that part of the slowness of the export is SSL encoding/decoding happening within XenCenter. By using the –nossl option, you are bypassing that abstraction? application layer. Also making it less secure but let’s not dwell on the facts.


Process Automation with IFTTT

I’ve used this tool for quite some time but after talking with a number of people, have discovered that most have never heard of it.  It’s a web service that automatically does tasks for you based on whatever rules you give it (they call them recipes).  Here are some examples of processes you can automate with

The recipes follow the simple IF…Then methodology.

  • Download Facebook photos that you’re tagged in, upload them to a Google Drive.
  • Download gMail attachments, upload them to Dropbox.
  • Search Craigslist for keywords, notify you via email when a new listing is posted.
  • You can check out sample recipes or create your own at


    OpenDNS Alternative, SafeDNS

    I had once been a longtime user of OpenDNS for my home and some small businesses that I worked with. It served as a forward lookup DNS server and as a web filter for those networks. OpenDNS performed quite well. I don’t know why but I eventually drifted away from OpenDNS as a web filter and implemented Barracuda Web Filters or spun up Squid/Squidguard on pfSense if the need were to arise. Recently though, with my personal company, CloudFirst Technologies, I needed a reliable and AFFORDABLE web filter for my customers. I stumbled across SafeDNS. It seemed to have the same features as OpenDNS but until I tried it, I didn’t know how effective it was. I’m happy to report that it is a great alternative to OpenDNS. It blocks sites as expected, gives you control over the networks that belong to you, allows for custom profiles per network, etc. The price was not overly attractive initially, however, but they have recently reworked their K-12 pricing which made it the most cost effective filtering solution available.

    In order to utilize the service you simply point your computer or DNS forwarder to SafeDNS’s servers & then configure the network (source IP address) in SafeDNS’s dashboard/control panel. You create a profile (site categories you want blocked) and assign a network to that profile. That’s it, you are done.

    Give them a try at