Archive for November, 2009

Studying For The CCDA

Nov 30th

Posted by Colby in Personal

4 comments

I’ve decided to get the CCDP seeing as it’s only two more exams for me (DESGN and ARCH). I’ve already finished BSCI and BCMSN for the CCNP. I’ve always had interest in design and I figure this couldn’t hurt on my resume. I’ll do my best to write some design-related articles as I get ideas.

I’m hoping to get the CCDA completed in the next few weeks. I’d like to get the CCDP done by February, but that might be a tad ambitious with my current workload.

, , ,

Show Run Variations

Nov 28th

Posted by Colby in Commands

4 comments

A recent thread on TechExams gave me the idea for a post on all the variations of the “show run” command. In this article I’ll go through the variations that I use the most, and some others that I don’t use much, but are pretty helpful.

Let’s take a look:

First we’ll look at all the options provided by IOS help:

EDGE#sh run ?
  all            Configuration with defaults
  brief          configuration without certificate data
  class-map      Show class-map information
  control-plane  Show Control-Plane information
  flow           Global Flow configuration subcommands
  full           full configuration
  interface      Show interface configuration
  linenum        Display line numbers in output
  map-class      Show map class information
  policy-map     Show policy-map information
  ssid           Show Dot11 SSID information
  view           View options
  vlan           Show L2 VLAN information
  vrf            Show VRF aware configuration
  |              Output modifiers

I’m sure everyone reading this has used good old “sh run” many times. What about the other options? I use “sh run interface” quite a bit:

EDGE#sh run int fa0/0
...
interface FastEthernet0/0
 description OUTSIDE
 ip address xx.xx.xx.xx 255.255.255.248
 ip access-group OUTSIDE_IN in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip accounting access-violations
 ip nbar protocol-discovery
 ip nat outside
 ip virtual-reassembly
 load-interval 30
 duplex auto
 speed auto
 no cdp enable
 service-policy input QoS_IN
 service-policy output SHAPER
end

That and “sh run | section” are probably the variations I use most:

EDGE#sh run | sec ephone-dn
ephone-dn  1  dual-line
 number 5001 no-reg primary
 label Colby
 name Colby
ephone-dn  3
 number 5003 no-reg primary
 label Laptop
 name Colby-Laptop
ephone-dn  4
 number 5004 no-reg primary
 name Wireless
ephone-dn  5
 number 5005 no-reg primary
ephone-dn  6
 number 5006 no-reg primary
 name Katie
ephone-dn  11  dual-line
 number 555-555-5555
 label 555-555-5555
 name Colby

That one is perfect for times when you are looking for specific parts of the config, without having to wade through everything.

A new one I just learned from Networking-Forum:

EDGE#sh run
Building configuration...
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
/ospf <--- I typed this
filtering...
router ospf 200
 router-id 192.168.254.254
 log-adjacency-changes
 network 192.168.5.0 0.0.0.255 area 1
 network 192.168.13.0 0.0.0.3 area 0
 network 192.168.254.254 0.0.0.0 area 0
Read more...

, , , ,

Policy-Based Routing Tutorial

Nov 18th

Posted by Colby in Tutorials

1 comment

A friend asked me how to implement Policy-Based Routing (PBR) yesterday, after explaining it to him I thought it’d be nice to write a quick tutorial on here. PBR allows you to change a packet’s path based on different criteria. In this post I will use my friend’s scenario. We have a business with two internet connections, the powers that be have decided to use ISP B for all outbound SMTP traffic. Here’s our topology:

PBR Topology

Let’s go through the config:

R1

hostname R1
!
ip access-list ext MATCH_SMTP
 10 permit tcp 192.168.1.0 0.0.0.255 any eq 25
 20 deny ip any any
!
route-map SMTP_ISPB permit 10
 match ip address MATCH_SMTP
 set ip next-hop 67.92.18.1
!
interface fa0/1
 ip add 192.168.1.1 255.255.255.0
 ip policy route-map SMTP_ISPB

First we create our ACL that matches outgoing SMTP traffic, then we match the ACL in a route-map. After we match the traffic, we enter our action statement, “set ip next hop”. This route-map changes the next hope of all outgoing SMTP traffic. Finally we configure it on the LAN interface.

Read more...

, , , , ,

Free Cisco Lab

Nov 14th

Posted by Colby in Informational

1 comment

Strech, the owner of PacketLife is now offering lab time for free. From his site:

Lab gear is broken into multiple “device blocks” to allow for multiple users to use independent portions of the lab simultaneously. Users can reserve one, several, or all of these blocks at once (however, a user may only have one unexpired reservation at any given time).
Block A
* 1x Cisco 2811 (with 2x WIC-2T)
* 2x Cisco 1841 (with 1x WIC-2T)
* 1x Cisco Catalyst 3550-24
* 1x Cisco Catalyst 3550-24 (with Inline Power)
* 1x Cisco ASA 5505

Block B
* 1x Cisco 2811 (with 2x WIC-2T)
* 2x Cisco 1841 (with 1x WIC-2T)
* 1x Cisco Catalyst 3550-24
* 1x Cisco Catalyst 3550-24 (with Inline Power)
Read more...

, , , , , ,

BGP Backdoor Lab

Nov 12th

Posted by Colby in Labs

1 comment

In this article we’ll be going over the BGP Backdoor feature. This is used in cases where two systems are connected via an IGP, but also receiving routes to the same system through BGP. I stumbled across this feature while checking out one of the labs on Darren’s Blog. The only way I could think of to complete one of his criteria was changing the Administrative Distance of either BGP or the IGP. That is essentially what this feature does, but on a route-by-route basis instead of changing the AD of an entire protocol. I asked Darren if that was the only solution and he pointed me to “BGP Backdoor”. As usual, I will be including my Dynagen/GNS3 .net file at the end of this post. Here is our topology:

BGP_BD Topology

Let’s go through the config:

R1

hostname R1
!
interface Serial0/0
 ip address 10.1.1.1 255.255.255.0
!
interface Serial0/1
 ip address 10.1.3.1 255.255.255.0
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.1.1.2 remote-as 65525
 neighbor 10.1.3.2 remote-as 65535
 no auto-summary
Read more...

, , , , , , , , , , , ,

New Dynamips Server

Nov 7th

Posted by Colby in Personal

4 comments

Dell was running a deal on the PowerEdge T110 a couple weeks ago, so I decided to grab one as an upgrade to the T100 I was currently using for Dynamips on ESX.

Server specs:
X3430 Xeon Processor, 2.4 GHz 8M Cache
4GB DDR3 1333 RAM
500GB HDD

The T110 doesn’t support ESX (yet?), so I just did a straight install of Ubuntu 9.10. This thing is a beast, I brought up the completed MPLS and BGP lab I posted awhile back. Running at full steam it’s only using ~25% of the CPU. I’m pretty excited. This should be able to handle anything I can throw at it. Now I just need to find some more CCIE labs…

Update: ESXi is now supported on the T110 as of the ESXi4 U1 release.

, , , ,
12»