Understanding Technology One at a Time!!!

simple steps to follow ..

* those who want to install ubuntu linux can order their copy for free at

http://www.ubuntu.com/getubuntu

you can either download or request it .. i would ask you to do both of them ….

* check the compatability with your system most of the desktops should not have problems what so ever .. even all of the laptops are covered well except some of the wifi part

* as linux ships with many of the non commercial softwares you cant even play mp3 files .. for that you need enable repositories .. you can find the entire guide here

http://ubuntuguide.org/wiki/Ubuntu:Hardy

* downloading and installing is straight foreward for gns3 … it should work well other wise browse any of the docs or blindhog ..

after you could install gns3 its all same from there on …. there is a package called compiz fusion which is rocking for eyes .. the guis effects are to bee seen by everyone who hadnt

any help let me know via mail

regards
raaki

Share on Facebook

my health is not supporting me these days as there is a climate change .. neverthless .. i have made some advancements …

i have got craze for linux and installed a red hat 9 in my school days on a old compaq computer .. from then on there was some thing or other which was poking at me .. coming back ..

as i have already told you that i would increase my ram for gns3 soft run . but now i have changed my mind to postpone it .. the reason is linux

beleive me or not .. linux has a better management of ram and memory than windows which i used to use for previous labs ..

i have installed ubuntu 8.04 64 bit edition .. had some problems with wifi and vga stuff fixed all of the issues in these two days .. installed gns3 .. obviously not successful in my first attempt due to some of the mistakes but saw it now and posting it immediately ..

i could start upto 17 routers in gns3 with linux in hand .. dint done any lab on it though … and observed memory …

firstly the memory was at 919mb out of total 1.7gb availabe ram memory .. and swap memory was around 3.8 which is double the ram ofcourse ..

now i have installed 4 of routers and ram increased to 1100mb and from there on it stopped increasing even though i have increased the number of routers .. the reason being swap memory is taking over it now .

yes the ram memory increase stopped at 1100 mb and virtual memory began to increase . virtual memory = swap memory and so i could increase number of routers to greater extend without any system hang .

so i would recommend ubuntu for users who has a memory hang experiences with their pc’s . also tried with dynamips .. but i couldnt do it for long … as i am used to gns3 ..

so all in all instruments are sharper again for me …

guday

Share on Facebook

today as mentioned went to prometric partner for the scheduled exam 70-113 which was offered free by microsoft and discovered that information cannot be retrieved from the server for this exam . i am dissapointed as i had put some quality time for the past 4 days and effort .. ne ways got to get down with cisco … my apologies for giving you the advise to take the exam .. meet you redistribution lab

regards
rakesh

Share on Facebook

few updates from my side my university exams for this sem have been completed by today and still 3 more sems to go … ;( and i have paused cisco side a little bit just because of one reasoni got a mail from microsoft website stating that there is a free exam on 70-113 if passed and present in first 3000 would walk away with 3 vouchers .. of course iam not that lucky nor in need of microsoft certs .. but just to attempt a international cert for free .. i have installed windows server 2008 and i must agree its rocking fast .. yes, it is running like dream … superb effort from microsoft i should say .. i have scheculed from microsoft exam this monday so as i would prepare these two days and leave it off instead of wasting holidays as i need to concentrate on cisco stuff … and also from the hardware part iam trying to upgrade my ram to 4gb for smooth gns3 run … this is it . i will let you know how exam went .. i would recommend any one having free time to take this exam as it is of free of cost .. just a small advice .. for further details you can search for 70-113 and you will get to know everything .. guday

Share on Facebook

you can reach Mr.darby Weaver at darbylogs.blogspot.com

Share on Facebook

Setting the Clock and Timezone
————————————

Given the last tip this one goes without saying. Set it as close to real time as possible and use GMT if you have multiple timezones for devices you manage or use the local timezone otherwise.

Very helpful.

Darby# clock set 1:18:00 November 18 2008
Darby# conf t
Darby# clock timezone EST -5
Darby# clock summer-time EDT recurring

Use show clock to verify.

Display an Interface Config
——————————-

sh run int f0/0

Now you can do even more:

sh run section router

Erasing an Interface Config
——————————-

Simple one but that may not be known about or easily forgotten in a pinch:

default interface f0/0

Works great it just wiped all configuration from that interace. Ready to start again. Kinda like Play-Do or Silly Putty but in a Router or Switch.

Setting the Terminal Length of a Router, Switch, or Firewall.
——————————————————————–

24 lines ain’t enough sometimes.

I backup configs a lot before and after I am doing things so… I don’t like the page breaks that are arbitrarily assumed.

So…

term length 0 works on a router or switch and pager length 0 works on a PIX/ASA.

The default is 24, so…

“term len 24″ sets it back to normal on a router/switch or pager length 24 on a PIX/ASA.

I find that a full screen is about 36 lines… but it may vary based on your screen’s resolution.

Filtering the Output of commands
————————————–

This is cool but gets even cooler once you begin to master regular expressions.

Here’s some simple examples:

sh run begin route eigrp

sh run include ip route

sh ip interface brief exclude Down

I also use it alot when I’m hunting down a mac or ip address… Kewl stuff.

You can use regular expressions to get make if more grep-like…

Also remember show run section XXX works great too.

Do Command
—————-

This command allows us to “execute” commands while we are in configuration mode.

Darby(config-if) do sh run interface f0/0

We can use aliases and emulate the “Do Command’s” functionality as well.

Alias Commands
——————-

We can use this command feature to create our own commands.

alias exec s sh ip interface brief
alias configure s sh ip int brief (note this is so the same shortcuts will work in other modes on the device as well).

Only cause I find myself typing do out of context after I’ve been using it for a while.

Privilege Levels
——————

This is a very useful tool for network management. By default all commands are either privilege level 0 or 15.

You are either poor or rich…

The privilege level command allows us the ability to create a few middle classes….

privilege level <0-15>

Darby(config)# privilege exec level 2 show
Darby(config)# privilege exec level 2 show ip route

line vty 0 15
privilege level 2

Assigns the default privilege level of 2 to vty sessions 0-15 for an example.

username Darby privilege level 2 password Darby

line vty 0 15
login local

Assigns the user Darby with a privilege level of 2 for another example. We also ensure that vty logins use the local database in this case.

Stopping “The Runaway Debug”

Plenty of ways to help solve this issue.

1. undebug all – make an alias for it like this

alias exec u undebug all

2. Use conditional debugging

debug interface f0/0

3. Filter the debug

access-list 1 permit ip 10.1.1.1 0.0.0.0

debug ip packet 1

Editing Access-lists
———————-

Alway try to document when possible – use descriptions and remarks and names that are self-documenting.

Extended Access-lists permit us to edit the acl by line number.

No Service Configuration
—————————–

Speaks for itself.

Sometimes you’ll find a device that is booting really slow and later find it is trying to boot from tftp somewhere…

Maybe you don’t want your device to do this.

This can slow you down a lot. Really. A whole lot.

Hope these tips help you a bit.

Share on Facebook

This is not my work . The entire credit goes to Mr.Darby Weaver . you can reach him at darbylogs.blogspot.com

Cisco IOS Tips and Tricks..

You probably know these by now but jus in case you don’t:

- Auto-completing commands
- Disabling DNS server lookup
- Limiting EXEC interruptions
- Setting console speed
- Deprecated commands
- Time-stamping messages
- Setting the clock and time zone
- Displaying the interface of a config
- Filtering the output of commands
- Erasing an interface config
- Setting the Terminal Length of a Router, Switch, or Firewall
- The DO command
- Alias Commands
- Privilege levels
- Changing the TCP timeout
- Stopping “The Runaway Debug”
- Editing access-lists
- No service config

Auto-Completion of commands
———————————–

It’s only necessary to type enough letters of any given command to make the command unique at the current configuration mode.

Then use the key to autocomplete.

I normally use this method daily and accompany it with the character to help me remember options or to learn whatever options are available to me just beyond the prompt.

Note: The ? is very helpful since you are probably like me and work with a wide array of devices and IOS versions.

Disable DNS Server Lookups
——————————–

When you type something at the prompt that is not a command the IOS tries to telnet to it. It’s a smart tool like that and I really appreciate it on my Access Server, example R1, R2, R3, etc.

I do not like what it does to my day to day typos and if you read my posts I make a lot of typos.

“no ip domain lookup” in global configuration mode and this little pesky time-consuming issue is resolved.

Limit EXEC Interruptions
—————————-

This is a great little tool for me. I love it and use it everywhere. Basically it ensures that no matter how many messages I receive at the prompt while I’m typing I never lose my place. So I do not get “interrupted”. Put it in your toolbag. It’s very helpful.

conf t
line vty 0 15
no logging synchronous

Setting the Console Speed
——————————

This is great just to get access to a Cisco device. But did you ever consider using it as a security tool? I mean if you have junior admins and who doesn’t or “helpful peeps” from other departments…

This is priceless. BTW – It has saved me on some otherwise priceless pieces of gear bought on ebay. Note: I always look for the sh ver on “junk” that is sold to be non-working… Some folks never heard of a config register before.

Hah!

Anyway here you go:

line console 0
speed 115200

This also saved me in a pinch when I needed to transfer IOS over the Serial line… It’s happened to me and could happen to you. 115200 may not be speeding in some countries, but it beats 9600 bps.

Deprecated Commands
—————————

Some very helpful commands are no longer supported by Cisco, but I love em anyway.

OLD Command New Command
wr (write) copy run start
wr er (write erase) erase start
who show users
whe (where) show users

Oh yes… who = “w” for those who don’t like to type much.

show alias will show you others…

“p” = ping

How about that for a time saver.

Timestamping Messages
—————————-

I once worked with a hot-shot Security guy… who… started configuring his Mars and other Logging devices and did not seem to recognize the importance of setting and synchonizing his time servers first…

I even took the time to draw it out in Visio. But since it was his job to make me look like the village idiot… it fell of deaf ears…

True story by the way…

So I did not both finishing my tail about Timestamping with our super-star.

For the rest of the world…

Ever get timestamps with the wrong date or time?
How about debugs too?

Yep… I hate non-timestamped logs…

I love time-stamped logs and debugs.
I love time-stampted loge and debugs with sequence numbers even better.

service timestamps (log|debug) datetime localtime
service sequence-numbers

Use them to your heart’s content.

Look like a hero to your boss and coworkers.

My best advice is use them everywhere. Then you can track things when they happen even across an entire enterprise.

Cool huh?

Share on Facebook

* this completed the eigrp revision and i will be back on redistribution lab 2 very soon ..or may start of with the revision of ospf or bgp depending upon my time availability .. after 24 th i will be surely after redistribution and will knock it off in two days

Share on Facebook

Eigrp Authentication:

* 3 parts to remember while configuring Authentication

* key creation and management

* Authentication mode

* assigning key to an interface

* key chain should be configured first and this is done under global configuration mode

* Create key

* Create key string , send lifetime , accept lifetime

* Info configured can be seen by issuing the command SHOW KEY CHAIN

* Next step is to apply it to an interface

* ip authentication eigrp 1 mode md5 —> this is the authentication mode

* all constructed elements should be relevant and also they must and should be case sensitive with key strings and authentication modes being equal

Default Information originate and How to avoid it :

* In order to suppress the default routes , we can go into the router config mode of eigrp and issue the command as follows

* ROUTER EIGRP 1 —> NO DEFAULT-INFORMATION IN

CREATION OF DEFAULT ROTUE:

* If we want to have a default route , we have more than one way to do it

* If we have a static route configured , redistribute the static route with a some of the default metric value

* Another way is to use the summary address in the interface level config mode to accomplish this task

* INT FA0/0 —> IP SUMMARY-ADDRESS 0.0.0.0 0.0.0.0

Eigrp Load Balancing:

* By default eigrp loadbalances across 4 equal cost paths

* We can change the number of paths any where between 0-6 with the issue of MAXIMUM PATH command in router config mode

* For unequal load balancing we can use the VARIANCE COMMAND which ranges from 0-128

* This is done under router config mode
VARIANCE X —>it load balances between the routes which are x times more than the best one

* This is cost based load balancing sharing 1:x(will be done based on the variance level ) ratio of packet traffic

* If we want to alter this , this can be done under router configuration mode

* ROUTER EIGRP 1 —> TRAFFIC SHARE MIN

* In this way the minimum cost will be preffered

* If we want to revert back to normal behaviour it should be done again in the router config mode
ROUTER EIGRP 1 —-> TRAFFIC SHARE BALANCED —-> defaults will be applied

* As a side note route tagging can also be used to acheive this task

EIGRP TIMERS :

* Update timer : rate at which updates are being sent

* Invalid timer: the time interval after which a route is declared as invalid

* Hold timer: how long the route is holded on depending on the other routes received

* Flush timer: the time after which the route is removed from the routing table

* Hello timer: hello interval defines how often hello packets are sentout which are used to establish neighbouring relationships

* On t1 or faster interfaces the dafault value being 5 secs and on nbma or slower links the timer value being 60 seconds

* If we want to change the timers , it should be done both ends and also this behaviour also applies to bandwidth command

* SHOW IP PROTOCOLS can be used to check the values

* The change should be done across the interface level
IP HELLO-INTERVAL EIGRP 100 15 –> this sets the interval to 15

* The same confiuration can be done for the HOLD time changes

* By default the hold time will be 3 times more than the hello timer

* Changing one timer will not change the other timer

* ACTIVE TIMER : this is used to minimize the effect of STUCK IN ACTIVE problem

* THIS CAN BE DONE —> ROUTER CONFIG MODE —> ROUTER EIGRP 1 —> TIMERS ACTIVE TIME 180

SPLIT HORIZON:

* May arise with secondary/multipoint situations

* can be closed down under interface level configuration mode

* INT FA0/0 —> NO IP SPLIT HORIZON EIGRP 100 —> this disable split horizon

* We can also use VALIDATE UPDATE SOURCE command mostly done with secondary address in place

* ROUTER EIGRP 1 —> NO VALIDATE UPADTE SOURCE

* you may land up with an error in times “ROUTER NOT ON COMMON SUBNET”

EIGRP STUB ROUTING:

* CONFIGURATION IS DONE UNDER ROUTER MODE

* EIGRP STUB —> can have different parameters

* receive-only , connected , static , summary all of them being obvious and the point is to redistribute

* also not all the config commands are from console line so of them may have hifuns (-) between them or not i just used them

regards
rakesh

Share on Facebook

Offset lists:

* Another way to adjust metrics

* No need to modify K-values

* Can be used to manipulate metric for one of the multiple routes pointing to the same destination

Configuration:

* Create an access-list

* Create an offset-list

* ACCESS-LIST 10 PERMIT X.X.X.X Y.Y.Y.Y

* ROUTER EIGRP 4
OFFSET-LIST 13 IN 160000 FA0/0

A metric of 16000 would be added and will replace the old metric which is calculated
Route-summaraisation:

* Turn-off summaraisation with no auto-summary command

* Done under the router eigrp process ROUTER EIGRP 1 —> NO AUTO

* Interface level summaraisation (this is what we do when we go for manual summaraisation and should be done at interface level)

* INT FA0/0 IP –> IP SUMMARY-ADDRESS EIGRP 1 NETWORK MASK

* Immediately a routing update is sent out

* On local router a summary-address for null0 interface will be generated

* In newer ios images a D route will be generated

Bandwidth:

* Eigrp uses 50% of bandwidth by default

* This may lead to some of the miscalculations which are to be considered crucial in qos and traffic-shaping

* Serial-interface which is t1 line or greater will be considered as 1.5megs as default

* This should be modified with the help of the bandwidth command in the interface level

* Also bandwidth percentage can be controlled with the interface level ip bandwidth-percent command

* ip bandwidth percent eigrp 1 10 to modify the percentage to 10% under as 1

Share on Facebook