$ whois -h whois.ripe.net POEM-RIPE55-SONG [...] % Information related to 'POEM-RIPE55-SONG' poem: POEM-RIPE55-SONG form: FORM-PROSE descr: At his first RIPE meeting, Gary wrote this and performed at descr: the closing plenary. It was truly awesome. descr: http://www.youtube.com/watch?v=_y36fG2Oba0 descr: text: A long long time ago text: I can still remember text: when my laptop could connect elsewhere. text: text: And I tell you all there was a day text: the network card I threw away text: had a purpose - and it worked for you and me. text: text: But 18 years completely wasted text: with each address we've aggregated text: the tables overflowing text: the traffic just stopped flowing... text: text: And now we're bearing all the scars text: and all my traceroutes showing stars. text: The packets would travel faster in cars text: the day the routers died. [... continued ...]
Cisco
BFD between IOSXE and IOS XR
I don’t really easily documentary to configure BFD (RFC5880 and you could read precedent blog-post :Â BFD : Bidirectional Forwarding Detection (RFC5880)) between IOSXE and IOSXR boxes.
Here it comes 🙂
IOSXE :Â
R0# show run | sec bfd bfd fast-timers-on-slow-interface bfd-template single-hop BFD interval min-tx 200 min-rx 200 multiplier 3 [...] R0#show run int port-ch 14 Building configuration... Current configuration : 373 bytes ! interface Port-channel14 description *** Vers R1_Be10000 *** mtu 9202 ip address 172.18.255.29 255.255.255.252 ip ospf authentication message-digest ip ospf message-digest-key 10 md5 7 XXXXXXXXXXXXXXXXXX ip ospf network point-to-point ip ospf bfd ip ospf cost 20000 no negotiation auto mpls ip port-channel bfd destination ipv4 172.18.255.30 BFD end R0#
IOS XR :Â
RP/0/RSP0/CPU0:R1#show conf run int be10000 Tue Feb 14 14:49:35.026 CET interface Bundle-Ether10000 description *** Vers R0_Po14 *** bfd mode ietf bfd address-family ipv4 multiplier 3 bfd address-family ipv4 destination 172.18.255.29 bfd address-family ipv4 fast-detect bfd address-family ipv4 minimum-interval 200 mtu 9216 ipv4 address 172.18.255.30 255.255.255.252 ! RP/0/RSP0/CPU0:R1#
[FR] — Parce qu’on a tjs des bonnes intentions en dĂ©but d’annĂ©e…
J’ai eu de bonnes intentions en dĂ©but d’annĂ©es de produire du contenu en Français sur diffĂ©rents sujets rĂ©seaux et tĂ©lĂ©coms de niveau basiques, mais j’avoue que cela s’est vite arrĂŞtĂ©.
Le but Ă©tait de fournir tout en un :
- Video explicative ;
- Une fiche d’Ă©tude rapide au format cheatsheet ;
- Un guide de travail ;
- Un accès à un lab guidé
Bon j’avoue cela prend Ă©normĂ©ment de temps et d’autres projets personnels sont venus s’intercalĂ©s.
Bref autant partagĂ© ce qu’il en reste et amusez-vous bien :
- http://www.ip-expert.fr/documents/VTP/
- http://www.ip-expert.fr/documents/OSI-Niveau2/Vlan_Trunking_DTP/
Soyez pas trop durs …
L’accès Ă la partie Lab est bien Ă©videmment depuis pĂ©rimĂ© (on peut donner des durĂ©es d’utilisation avec pnetlab :)).
A plus,
Christophe
xrv9k-full, qemu, AMD Ryzen
If as me you have EVE-NG (2.0.3) and lab some Cisco XRV9K-Full on a virtualized box running AMD Ryzen processor, you have probably encountered problem to start the image. After reading lot of website, it seems the answer is change the command line.
My original command line is :
-enable-kvm -smbios type=1,manufacturer="cisco",product=\"Cisco IOS XRv 9000\",uuid=[...] -cpu host
I correct to :
-enable-kvm -smbios type=1,manufacturer="cisco",product="Cisco IOS XRv 9000",uuid=[...] -cpu qemu64,+ssse3,+sse4.1,+sse4.2
snmpb : 2 cents tip
If you are newbie snmpb user. I used snmpb mib brower to check accros some SNMPv3 IOS XR config, you can be faced to :
![](https://blog.clucas.fr/wp-content/uploads/2022/01/image-1.png)
![](https://blog.clucas.fr/wp-content/uploads/2022/01/image-2.png)
You must only right click to white window such as :
![](https://blog.clucas.fr/wp-content/uploads/2022/01/image.png)
That’s it ! Have fun…
IOS, IOS XE and configure … revert timer X
If you are familiar with IOS XR and JunOS, it lacks a rollback to IOS and IOS XE. You can do it with “archive” such as :
- Configure where your archive will be stored.
- Say to your OS to “archive” at a point
- Configure your router with a “revert timer”
- Confirm if it is ok for you
Here we go in details now :
- Configure where your archive will be stored.
Router# conf t Router(conf)# archive Router(conf-archive)# path bootflash:myconfig Router(conf-archive)# maximum 10 Router(conf-archive)# end Router# wr
2. Say to your OS to “archive” at a point
Router# archive config Router# Router# show archive The maximum archive configurations allowed is 10. There are currently 1 archive configurations saved. The next archive file will be named bootflash:myconfig-<timestamp>-1 Archive # Name 1 bootflash:myconfig-Jan--3-2022-08-34-34.348-CET-0 <- Most Recent 2 3 4 5 6 7 8 9 10 Router#
3. Configure your router with a “revert timer”
Router# configure terminal revert timer 1 Router(conf)# Rollback Confirmed Change: Backing up current running config to bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 Enter configuration commands, one per line. End with CNTL/Z. Router(config)#Rollback Confirmed Change: Rollback will begin in one minute. Enter "configure confirm" if you wish to keep what you've configured *Jan 3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_BACKUP: Backing up current running config to bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 *Jan 3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_START_ABSTIMER: User: console(Priv: 15, View: 0): Scheduled to rollback to config bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 in 1 minutes *Jan 3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_WARNING_ABSTIMER: System will rollback to config bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 in one minute. Enter "configure confirm" if you wish to keep what you've configured Router(conf)# hostname BLAH BLAH(conf)# [................... WAITING FOR A MINUTE ........................] Rollback Confirmed Change: rolling to:bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 !Pass 1 !List of Rollback Commands: no hostname BLAH hostname Router end Total number of passes: 1 Rollback Done *Jan 3 2022 08:36:01.669 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_ROLLBACK_START: Start rolling to: bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 *Jan 3 07:36:01.722: Rollback:Acquired Configuration lock. Router(conf) # end
4. Confirm if it is ok for you
If between your “conf t revert time X” and t0+X, you are ok with the configuration you have made, so you can confirm your changes.
Router# configure confirm
That’s it ! Have fun.
Long long time ago, blog and FreeBSD…
It was a long long timeago I wrote here. ot of things happens to me but I don’t think it is the time and place to explain it.
This post is about a new experience to me : hosting this blog on FreeBSD machine. I am in love with BSD but don’t use it everyday. Networking&Telco is not an professional area where you can use it or your employer allow you to use it. Damn Windows, Teams, … and his egemony.
I will move this blog from Debian to FreeBSD server. I think it will lot of fun. If I have FreeBSD’s tips or remarks I will post it here. By the way I am currently studying for Cisco’s CCNP SPCOR (350-501) exam. Either I will try to give me a kick in the ass to post more technical posts.
Have fun 🙂
CCIE v5.1 self assessment spreadsheet.
Now, I go to CCIE and need to begin by first of all : CCIE Written. And to know where to start, you begin with a __real__ self assessment on your knowledge and where to work hard to.
Cisco & IP NAT
Hi,
It’s been a while I have posted a blog entry. A simple tip from IOS 12.4(20) to 12.4(24) and above to use OID “.1.3.6.1.4.1.9.10.77.1.2.3.0” to graph your NAT translations :
R(conf)# ip nat service enable-mib
%NAT: Old NAT-MIB support enabled
R(conf)#
HTH
++Christophe
Site to site IKEv2 tunnel
Hello guys,
Here it is a tips / reminder how to implement an site-ot-site IKEv2 tunnel :
crypto ikev2 proposal aes-cbc-256-proposal encryption aes-cbc-256 integrity sha1 group 2 crypto ikev2 policy policy1 match address local x.x.x.x proposal aes-cbc-256-proposal crypto ikev2 keyring v2-kr1 peer abc address y.y.y.y pre-shared-key somesecretpass ! crypto ikev2 profile profile1 description IKEv2 profile match address local x.x.x.x match identity remote address y.y.y.y 255.255.255.255 authentication local pre-share authentication remote pre-share keyring v2-kr1 crypto ipsec transform-set myset esp-des esp-md5-hmac crypto map mymap 20 ipsec-isakmp set peer y.y.y.y set security-association lifetime seconds 27000 set transform-set ESP-AES-SHA set ikev2-profile profile1 match address 120
With ACL 120 is your flows / SA and your implement your crypto map on your WAN interface.