Archive for the ‘General info’ Category

« Newer Entries
Older Entries »
h1

CPU and Memory Thresholding

November 2, 2009

It is never nice when devices on a network go belly-up, but to know why or what happened right before they went belly-up, is crucial.

By enabling CPU and Memory thresholding, you can be sure to get those vital notifications when it happen allowing you to respond a lot quicker.

When a router is overloaded by processes, the amount of available memory might fall to levels insufficient for it to issue critical notifications, so the first step is to reserve some memory:
memory reserve critical {kilobytes}

Read the rest of this entry ?

Posted in General info | Leave a Comment »

h1

Cisco IOS v15.0

October 21, 2009

Cisco finally took the long awaited leap, and released a new Major Release. The latest Cisco IOS version was 12.4 until  Cisco released IOS version 15.0.

Version 15.0? Surely that is a typo a mistake?

iosv15

According to a forum or two, rumors is that Cisco avoided using 13 and 14 because 13 is considered unlucky in the Western Culture and 14 is also considered unlucky in the Asian culture !!

And I thought believing in superstition was bad luck! LOL

Release Notes are here.
New Features are here.

Posted in General info, Humour | Leave a Comment »

h1

BFD – Bidirectional Forwarding Detection

October 20, 2009

What is one pain-in-the-butt thing with wireless links connected to a Ethernet port on a Cisco router?
You don’t know when the wireless link goes down?

Since Ethernet technology does not provide for end-to-end connectivity checks, like ATM OAM F5, Frame-Relay EEK, or PPP LCP Keepalive, you need a similar method to know when the wireless link or the remote site is unreachable.

There are varies workarounds, eg using IP SLA monitor, or using BGP with reduced timers. A better solution is to use Bidirectional Forwarding Detection (BFD), to quickly identify the failing wireless VLANs and route your retraffic quickly and efficiently.

Read the rest of this entry ?

Posted in General info | Tagged | Leave a Comment »

h1

Cisco Data Centre Design and Deploy Workshop

October 16, 2009

DATA-CENTRE-CONF.

I attended the Cisco Data Centre workshop the past two days at Monte Casino. With a huge attendance and both local and international speakers, one thing is for sure,  the focus of technology and cabling around Data Centres are evolving and Cisco is leading the way as usual with Data Centre 3.0.

Key concepts discussed:

  • Cabling Reduction
  • No STP
  • Unify, Simplify, Amplify
  • Virtualization
  • Unified Fabric Advantages
  • Cloud Computing
  • Unified Computing

Some of the biggest issues with data centres today, besides hitting scalability constraints, are the excess cabling, the power required per-port, the overall cost and unwanted complexity. According to Cisco by redesigning the Data Centre architecture from the ground (the cabling) up, utilizing 10 Gigabyte cabling options, doing ‘away’ with Spanning-tree in order to utilize ALL uplinks simultaneously, using Top-of-Rack fabric extenders, Middle-of-Row aggregation points, and with the power of Cisco’s UCS implementation, you will be enabled to streamline the layout, cost, power-demands,  sustainability and scalability.

Obviously it wont be a Cisco event if there we no hardware talk, err I mean sales-talk. The guests of the conference were the Cisco Nexus Range of Data Centre Switches (the Nexus 1000V Switch, Nexus 2000 Series Fabric Extenders and Nexus 5000 and 7000 Series Switches) and lastly UCS (Unified Computing System).

Here are some of the links with more info:

Cisco Data Centre Info

Unified Computing

Cisco IP Data Centre Design

Posted in General info, Switching | Leave a Comment »

h1

IOS upgrade tip

October 11, 2009

So it is sunday morning, the change window just kicked in, you copied the new IOS image to the router, used the ‘boot system’ command as per my previous post, you save your config and reload. All looking good for an early night, but when the router reloads you get a bunch of errors during bootup along the lines of:

% Invalid input detected at '^' marker.
% Incomplete command.

Oh no, you didn’t do you homework, did you check for command differences between the IOS versions? Did you test the current config on the new IOS in a lab prior to the upgrade (yes not always possible), do you have a config backup?

If you don’t have a full config backup you have BIGGER problems. If you remove the first ‘boot system’ command to boot of the working IOS, and write your config, usually all commands that gave errors during that boot-up, will now be LOST since you saved the config and overwrote the startup-config.

So what now?

Appose to freaking out and start dancing like a banshee doing some tribal dance, do the following. ‘Rename’ the NEWLY installed IOS image in Flash, the image specified in the first ‘boot system’ command to something else, and ‘Reload’ WITHOUT SAVING the config. When the router reboots it will attempt to locate the first specified boot system image, but because you renamed it, it can not be loaded. The router will then attempt to boot off the second specified boot system image, the old working IOS image. And happiness is restored.

Posted in General info | Tagged | Leave a Comment »

h1

Boot System command

October 11, 2009

Whenever doing IOS upgrades on production devices, it is always best to have a fail-back plan. With most platforms, the best way to archieve this is with the ‘boot system’ command and altough not a new command, still good to cover.

The  ‘boot system’ command is non-exclusive, and if multiple entries exist, the commands are tried top down. If the first is unsuccessful, the second will be tried. If the first is successful it is loaded. This is very handy, since it provides IOS-image redundancy, and a fail-back option.

What do I mean by IOS-image redundancy?
If you are using a bigger platform that has 2x Compact Flash Slots, by loading the same IOS image on both disks you can have image redundancy, incase one of the Compact Flash Cards bombs out, with the following config:

boot system flash disk0:s72033-adventerprisek9_wan-mz.122-33.SXI2.bin
boot system flash disk1:s72033-adventerprisek9_wan-mz.122-33.SXI2.bin

The same redundancy could be achieved by using a remote FTP/TFTP location as the second command.
.

This command however becomes most useful when doing IOS upgrades. Provided you have enough space to store a second IOS image, load the NEW IOS Image on that same disk, then by using the ‘boot system’ command, specify the path to the NEW IOS Image first and then the path to the current IOS Image:

boot system flash disk0:s72033-adventerprisek9_wan-mz.122-33.SXI2.bin
boot system flash disk0:s72033-adventerprisek9_wan-mz.122-18.SXF6.bin

Now looking at the example above, when the router reboots, the router will try to load 122-33.SXI2 first, if unsuccessful, then it will load the current (122-18.SXF6).

Posted in General info | Tagged | Leave a Comment »

h1

Telnet Response Messages

September 29, 2009

Knowing the difference in telnet responses could easily point you in the right direction when a telnet to a host on a particular port in unsuccessful.

There are a distinct differences in getting  ‘refused’ or ‘timeout’ responses.

You will get a connection refused message for one of the following reasons:

  • The application you are trying to test hasn’t been started/installed on the remote server.
  • There is a firewall rejecting the connection attempt by terminating the connection setup.

Example output from a linux box:

telnet-refused Read the rest of this entry ?

Posted in General info | Tagged | Leave a Comment »

h1

Top Talkers

September 27, 2009

Every quickly wanted to see the current top-talkers on a link?
Who that culprit is, that is using all the bandwidth?

Although you can use normal netflow output to work that out using the packet count or by using some external cache-flow interpreter, it is much easier to just enable netflow top-talkers.

To enable and enter top-talkers configuration mode:
(config)#ip flow-top-talkers

Read the rest of this entry ?

Posted in General info | Tagged | 2 Comments »

h1

OUTPUT 101- Interface states

September 7, 2009

Sometimes it is necessary to go back to the basics that we have already forgotten. You can identify six possible states in the interface status line of the show interfaces serial output:

  1. Serial x/y is up, line protocol is up
  2. Serial x/y is down, line protocol is down
  3. Serial x/y is up, line protocol is down
  4. Serial x/y is up, line protocol is up (looped)
  5. Serial x/y is up, line protocol is down (disabled)
  6. Serial x/y is administratively down, line protocol is down

Read the rest of this entry ?

Posted in General info, OUTPUT-101 | Tagged | Leave a Comment »

h1

Using the Track Statement

July 24, 2009

Assume you have the following hypothetical scenario, R2 and R7 on one site, connected to a WAN infrastructure via multiple links (omitted here), where there are two gateways R5 & R6:

track

Client requests the following:

  • R2 should be the active HRSP router if R2 has connectivity to BOTH R5 and R6 loopbacks.
  • R7 should be the active HSRP router if R2 has connectivity to only ONE of the 2 gateways.
  • R2 should be the active HSRP router if R2 has NO connectivity to either R5 or R6.

Read the rest of this entry ?

Posted in General info | Tagged | Leave a Comment »

h1

Using Netflow’s verbose output with QOS

July 15, 2009

In the previous article I showed how useful Netflow can be, but that is only the beginning. The “verbose” output provides even more useful information, specifically the TOS-Byte. That field is necessary when you want to verify if QOS marking is correctly applied to traffic classes.

But first you have to understand a little about QOS (Quality of Service) and the TOS-byte/DS-Field in the IP header.

The IP header is defined in RFC 791, includes a 1-byte field called the Type of Service (ToS) byte. The ToS byte was intended to be used as a field to mark a packet for treatment with QoS tools. The ToS byte itself was initially further subdivided, with the high-order 3 bits defined as the IP Precedence (IPP) field. Bits 3 through 6 were not used very often, and bit 7 was never defined, so over time the entire ToS byte’s purpose was to hold the 3-bit IPP field. 3 bits (23 = 8 ) allowed 8 possible markings.

Tos-Byte

Read the rest of this entry ?

Posted in General info, OUTPUT-101, QOS | Tagged , | Leave a Comment »

h1

Using Netflow

July 14, 2009

Ever needed to track specific flow of information or find out what ports a application is using, or verify if your QOS is working correctly? Cisco Netflow is the answer.

NetFlow is a Cisco IOS application that provides a rich set of traffic statistics on packets flowing through the router, both ingress and egress. A NetFlow network flow is defined as a unidirectional stream of packets between a given source and destination. These key fields/statistics define a unique flow:

  • Source IP address
  • Destination IP address
  • Source port number
  • Destination port number
  • Layer 3 protocol type
  • Type of service (ToS)
  • Input logical interface

If a packet has one key field different from another packet, it is considered to belong to another flow. Flows are stored in the NetFlow cache and does does consumes additional memory, but generally this is not to much of a problem. Netflow data could be exported, but here I’ll show how to use it on CLI and how to interpret it.

Read the rest of this entry ?

Posted in General info, OUTPUT-101 | Tagged , | Leave a Comment »

h1

Load-Sharing on the SAME router

June 15, 2009

Load-balance-1router-2Assume you have either of the following setups. A single router (R3) with multiple links, either to the same upstream router (R2) or to 2 different upstream routers(R2+R4). And you want to load-share traffic across both links outbound (direction from left to right). Obviously the routing table needs multiple outgoing links as next-hops to perform the desired balancing. The command maximum-paths specifies how many paths or next hops are allowed per prefix in the routing table for a specific routing protocol, else default behavior dictates only the best route from each routing protocol which are candidate for insertion into the routing table.

Since the links terminate on the same router (R3) you have the following options:

  1. Per-Destination Load-Sharing using Fast Switching
  2. Per-Source-Destination Load-Sharing using CEF
  3. Per-Packet Load-Balancing using Process Switching
  4. Per-Packet Load-Balancing using CEF

You need to be aware that IOS makes switching decisions based on the configuration of the inbound interface first. If CEF is configured on an inbound interface, the packets will be CEF switched regardless of the configuration on the outbound interface. CEF is ONLY used if  enabled on the inbound interface. If CEF is not configured on the inbound interface, the configuration of the exit interface determines the switching method. The following table illustrates the different behaviors:

Inbound Configuration Outbound Configuration Switching Method Used
CEF CEF CEF
CEF Process CEF
CEF Fast CEF
Fast Fast Fast
Fast CEF Fast
Fast Process Process
Process Process Process
Process CEF Fast
Process Fast Fast

Refer to the following article, for more info about the Switching Types and how to enable each.

Read the rest of this entry ?

Posted in General info | Tagged , | Leave a Comment »

h1

Load-sharing vs Load-balancing

June 3, 2009

Load-sharing and Load-Balancing is easily one of the most misunderstood topics in networks.  Those knowledgable usually understand the difference and is aware of the concept of load-sharing.

So what is Load-Balancing?

Definition: Load balancing is a mechanism that helps to make networks more efficient. It distributes the processing of traffic evenly across a network with multiple-paths, in order to get optimal resource utilization, maximize throughput, and minimize response time.

In short Load-Balancing will split the traffic sent, in a equal fashion using multiple paths to a destination when forwarding packets. So if one has 2x 512k links, with 800k traffic at any point, conceptually with Load-Balancing, each path should have 400k worth of traffic! Although that is the idea, in the networking world that is not always true or in some cases even possible.

How does Load-Sharing differ?

Definition: It is inherent in the forwarding process of a router to share the forwarding of traffic, if the routing table has multiple paths to a destination. If equal paths, the forwarding process will decide the manner of forwarding, still with the possibility of unbalanced forwarding. If unequal paths, the traffic is distributed inversely proportionally to the cost of the routes. That is, paths with lower costs (metrics) are assigned more traffic, and paths with higher costs are assigned less traffic.

Read the rest of this entry ?

Posted in General info | Tagged | Leave a Comment »

h1

Understanding CEF

June 2, 2009

What is CEF?

Definition from Cisco.com :

Cisco Express Forwarding (CEF) is advanced, Layer 3 IP switching technology. CEF optimizes network performance and scalability for networks with large and dynamic traffic patterns, such as the Internet, on networks characterized by intensive Web-based applications, or interactive sessions.

To understand this better, one has to understand why and how CEF came about.  With Cisco IOS  there are different Switching Methods, that define how packets are forwarded through a router. The first method, which happens to be the oldest and slowest is Process-Switching. Alternatively when  packets arrive, the interface processor can interrupt the central CPU and asks it to switch the packet according to a route cache or switching table. That cache or table can be built in several ways, the two of interest here are Fast-Switching and CEF.

Read the rest of this entry ?

Posted in General info | Tagged | Leave a Comment »

« Newer Entries
Older Entries »