Because I love oldies. Sad it is always true.

Posted on July 16, 2024 by clucas

$ whois -h whois.ripe.net POEM-RIPE55-SONG
[...]


% Information related to 'POEM-RIPE55-SONG'

poem: POEM-RIPE55-SONG
form: FORM-PROSE
descr: At his first RIPE meeting, Gary wrote this and performed at
descr: the closing plenary. It was truly awesome.
descr: http://www.youtube.com/watch?v=_y36fG2Oba0
descr:
text: A long long time ago
text: I can still remember
text: when my laptop could connect elsewhere.
text:
text: And I tell you all there was a day
text: the network card I threw away
text: had a purpose - and it worked for you and me.
text:
text: But 18 years completely wasted
text: with each address we've aggregated
text: the tables overflowing
text: the traffic just stopped flowing...
text:
text: And now we're bearing all the scars
text: and all my traceroutes showing stars.
text: The packets would travel faster in cars
text: the day the routers died.
[... continued ...]

BFD between IOSXE and IOS XR

Posted on February 14, 2023February 14, 2023 by clucas

I don’t really easily documentary to configure BFD (RFC5880 and you could read precedent blog-post : BFD : Bidirectional Forwarding Detection (RFC5880)) between IOSXE and IOSXR boxes.

Here it comes 🙂

IOSXE :

R0# show run | sec bfd 
bfd fast-timers-on-slow-interface
bfd-template single-hop BFD
   interval min-tx 200 min-rx 200 multiplier 3
[...]
R0#show run int port-ch 14
Building configuration...

Current configuration : 373 bytes
!
interface Port-channel14
description *** Vers R1_Be10000 ***
mtu 9202
ip address 172.18.255.29 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 10 md5 7 XXXXXXXXXXXXXXXXXX
ip ospf network point-to-point
ip ospf bfd
ip ospf cost 20000
no negotiation auto
mpls ip
port-channel bfd destination ipv4 172.18.255.30 BFD
end

R0#

IOS XR :

RP/0/RSP0/CPU0:R1#show conf run int be10000
Tue Feb 14 14:49:35.026 CET
interface Bundle-Ether10000
description *** Vers R0_Po14 *** 
bfd mode ietf
bfd address-family ipv4 multiplier 3
bfd address-family ipv4 destination 172.18.255.29
bfd address-family ipv4 fast-detect
bfd address-family ipv4 minimum-interval 200
mtu 9216
ipv4 address 172.18.255.30 255.255.255.252
!

RP/0/RSP0/CPU0:R1#

[FR] — Parce qu’on a tjs des bonnes intentions en début d’année…

Posted on September 14, 2022September 14, 2022 by clucas

J’ai eu de bonnes intentions en début d’années de produire du contenu en Français sur différents sujets réseaux et télécoms de niveau basiques, mais j’avoue que cela s’est vite arrêté.

Le but était de fournir tout en un :

Video explicative ;
Une fiche d’étude rapide au format cheatsheet ;
Un guide de travail ;
Un accès à un lab guidé

Bon j’avoue cela prend énormément de temps et d’autres projets personnels sont venus s’intercalés.

Bref autant partagé ce qu’il en reste et amusez-vous bien :

Soyez pas trop durs …

L’accès à la partie Lab est bien évidemment depuis périmé (on peut donner des durées d’utilisation avec pnetlab :)).

A plus,

Christophe

xrv9k-full, qemu, AMD Ryzen

Posted on September 6, 2022 by clucas

If as me you have EVE-NG (2.0.3) and lab some Cisco XRV9K-Full on a virtualized box running AMD Ryzen processor, you have probably encountered problem to start the image. After reading lot of website, it seems the answer is change the command line.

My original command line is :

-enable-kvm -smbios type=1,manufacturer="cisco",product=\"Cisco IOS XRv 9000\",uuid=[...] -cpu host

I correct to :

-enable-kvm -smbios type=1,manufacturer="cisco",product="Cisco IOS XRv 9000",uuid=[...] -cpu qemu64,+ssse3,+sse4.1,+sse4.2

snmpb : 2 cents tip

Posted on January 10, 2022 by clucas

If you are newbie snmpb user. I used snmpb mib brower to check accros some SNMPv3 IOS XR config, you can be faced to :

You must only right click to white window such as :

That’s it ! Have fun…

IOS, IOS XE and configure … revert timer X

Posted on January 3, 2022January 3, 2022 by clucas

If you are familiar with IOS XR and JunOS, it lacks a rollback to IOS and IOS XE. You can do it with “archive” such as :

Configure where your archive will be stored.
Say to your OS to “archive” at a point
Configure your router with a “revert timer”
Confirm if it is ok for you

Here we go in details now :

Configure where your archive will be stored.

Router# conf t
Router(conf)# archive
Router(conf-archive)# path bootflash:myconfig
Router(conf-archive)# maximum 10
Router(conf-archive)# end
Router# wr

2. Say to your OS to “archive” at a point

Router# archive config 
Router# 
Router# show archive
The maximum archive configurations allowed is 10.
There are currently 1 archive configurations saved.
The next archive file will be named bootflash:myconfig-<timestamp>-1
 Archive #  Name
   1        bootflash:myconfig-Jan--3-2022-08-34-34.348-CET-0 <- Most Recent
   2         
   3         
   4         
   5         
   6         
   7         
   8         
   9         
   10   
Router#

3. Configure your router with a “revert timer”

Router# configure terminal revert timer 1
Router(conf)# Rollback Confirmed Change: Backing up current running config to bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1

Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#Rollback Confirmed Change: Rollback will begin in one minute.
Enter "configure confirm" if you wish to keep what you've configured

*Jan  3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_BACKUP: Backing up current running config to bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1
*Jan  3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_START_ABSTIMER: User: console(Priv: 15, View: 0): Scheduled to rollback to config bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 in 1 minutes
*Jan  3 2022 08:35:01.670 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_WARNING_ABSTIMER: System will rollback to config bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1 in one minute. Enter "configure confirm" if you wish to keep what you've configured
Router(conf)# hostname BLAH
BLAH(conf)#
[................... WAITING FOR A MINUTE ........................]
Rollback Confirmed Change: rolling to:bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1

!Pass 1
!List of Rollback Commands:
no hostname BLAH
hostname Router
end


Total number of passes: 1
Rollback Done

*Jan  3 2022 08:36:01.669 CET: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_ROLLBACK_START: Start rolling to: bootflash:myconfig-Jan--3-2022-08-35-01.511-CET-1
*Jan  3 07:36:01.722: Rollback:Acquired Configuration lock.


Router(conf) # end

4. Confirm if it is ok for you

If between your “conf t revert time X” and t0+X, you are ok with the configuration you have made, so you can confirm your changes.

Router# configure confirm

That’s it ! Have fun.

Long long time ago, blog and FreeBSD…

Posted on July 14, 2021July 14, 2021 by clucas

It was a long long timeago I wrote here. ot of things happens to me but I don’t think it is the time and place to explain it.

This post is about a new experience to me : hosting this blog on FreeBSD machine. I am in love with BSD but don’t use it everyday. Networking&Telco is not an professional area where you can use it or your employer allow you to use it. Damn Windows, Teams, … and his egemony.

I will move this blog from Debian to FreeBSD server. I think it will lot of fun. If I have FreeBSD’s tips or remarks I will post it here. By the way I am currently studying for Cisco’s CCNP SPCOR (350-501) exam. Either I will try to give me a kick in the ass to post more technical posts.

Have fun 🙂

CCIE v5.1 self assessment spreadsheet.

Posted on June 11, 2019 by clucas

Now, I go to CCIE and need to begin by first of all : CCIE Written. And to know where to start, you begin with a __real__ self assessment on your knowledge and where to work hard to.

blueprint-ccie-written-assement-v5.1 Download

Cisco & IP NAT

Posted on January 16, 2018July 14, 2021 by clucas

Hi,

It’s been a while I have posted a blog entry. A simple tip from IOS 12.4(20) to 12.4(24) and above to use OID “.1.3.6.1.4.1.9.10.77.1.2.3.0” to graph your NAT translations :

R(conf)# ip nat service enable-mib %NAT: Old NAT-MIB support enabled R(conf)#

HTH
++Christophe

Site to site IKEv2 tunnel

Posted on May 19, 2017July 24, 2017 by clucas

Hello guys,

Here it is a tips / reminder how to implement an site-ot-site IKEv2 tunnel :

crypto ikev2 proposal aes-cbc-256-proposal 
 encryption aes-cbc-256
 integrity sha1
 group 2
crypto ikev2 policy policy1 
 match address local x.x.x.x
 proposal aes-cbc-256-proposal
crypto ikev2 keyring v2-kr1
 peer abc
  address y.y.y.y
  pre-shared-key somesecretpass
 !
crypto ikev2 profile profile1
 description IKEv2 profile
 match address local x.x.x.x
 match identity remote address y.y.y.y 255.255.255.255 
 authentication local pre-share
 authentication remote pre-share
 keyring v2-kr1

crypto ipsec transform-set myset esp-des esp-md5-hmac 

crypto map mymap 20 ipsec-isakmp 
 set peer y.y.y.y
 set security-association lifetime seconds 27000
 set transform-set ESP-AES-SHA 
 set ikev2-profile profile1
 match address 120

With ACL 120 is your flows / SA and your implement your crypto map on your WAN interface.