Posted on Monday, 25th January 2010 by sean
This is the biggest change I’ve seen in the CCNP:
BSCI becomes ROUTE
BCMSN becomes SWITCH
ISCW and ONT become TSHOOT
Looks like more IPv6 content, multicast and IS-IS are gone, and more focus on simulations and troubleshooting.
The old exams are phased out on July 31, so if you have can make it by that date, get cracking!
Exams are [...]
Posted in General | Comments (4)
Posted on Thursday, 19th February 2009 by sean
As I dig into flow-tools a bit more, I’m finding easier ways of doing things. For example, the same command line variable substitution that I’ve used to filter IP addresses with flow-nfilter can be used to generate different reports with flow-report.
In /etc/flow-tools/cfg/stat.cfg the default report is:
stat-report default
type @{TYPE:-summary-detail}
output
[...]
Posted in Network Management | Comments (1)
Posted on Monday, 29th December 2008 by sean
The last article used flow-nfilter and some variable substitution to pull out all flows to a particular address.
The next useful thing would be to pull out all flows to or from a particular network. To do so, we’ll have to define a new primitive that is a variable network/netmask, and then a filter specifying a [...]
Posted in Network Management | Comments (0)
Posted on Tuesday, 23rd December 2008 by sean
Yesterday, we had a web site crash. I was curious if it had to do with load or something else was going on. This is a great opportunity to show how to analyze NetFlow data.
First, I should mention that there may be easier ways of doing this. The flow-tools package includes a lot of [...]
Posted in Network Management | Comments (0)
Posted on Monday, 22nd December 2008 by sean
In the NetFlow world, a NetFlow exporter sends flow data to a NetFlow collector. The exporter is usually a router, the collector is usually a Unix server of some sort.
First, set up your router to export flow information:
ip flow-cache timeout active 2
mls flow ip full
mls flow ipx destination
mls nde sender
mls nde interface
mls nde flow include [...]
Posted in Network Management | Comments (1)
Posted on Saturday, 20th December 2008 by sean
NetFlow is a technology that lets a router export information about current traffic to a collector for analysis. The analysis might be real time, such as to detect a denial of service attack, or not real time, such as to view trending information.
NetFlow is concerned with flows, which are a one way session between [...]
Posted in Network Management | Comments (0)
Posted on Friday, 2nd May 2008 by sean
The other day I ran into some problems with a default route, which prompted a discussion with co-workers, which led me to look up the behavior of redistributing a static default route into a dynamic routing protocol.
Take, for example, the following
! default route
ip route 0.0.0.0 0.0.0.0 1.1.1.1
! pick your routing protocol
router [...]
Tags: bgp, eigrp, isis, ospf
Posted in Routing | Comments (1)
Posted on Tuesday, 25th December 2007 by sean
(cross posted from my blog)
I’m giving 2 talks on using Wireshark to expose VoIP problems at Sharkfest ‘08 (schedule). Details are sketchy, I think one of the talks is more of a hands on lab, the other is me talking. I’ve expanded on my techniques from the Linux Journal article I wrote [...]
Posted in General | Comments (0)
Posted on Friday, 21st December 2007 by sean
The 3750 (and it would appear, the 3560s, 4500s, and 6500s) have an integrated Time Domain Reflector which is used to test cables associated with a port.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_25_see/command/reference/cli3.html#wp2168243
Today I was troubleshooting a problem at a newly renovated remote office with an IP phone that would power up but not boot. After swapping cables and phones, [...]
Posted in Switching | Comments (1)
Posted on Friday, 24th August 2007 by sean
When an EIGRP enabled router loses a neighbour, all routes through that neighbour need to be re-evaluated. Any feasible successors are immediately promoted to successors, and any other routes go active.
“go active” means that the EIGRP router asks all its neighbours if they have a route to the destination. Each router that is [...]
Posted in Routing | Comments (0)
I'm a happy Linode customer. This is a Linode 540 VPS.