Answer to Gandi BGP problem stuff

Posted on June 20, 2011 by clucas

To answer to BGP problem about BGP and static route (big subnet) to Null 0 : http://lacuisinedegandi.net/post/2011/06/20/Quand-Null0-et-BGP-peuvent-causer-probleme.

A solution can be :

R2#sh run | inc track
track 10 ip route 217.169.255.1 255.255.255.255 reachability
ip route 217.169.240.0 255.255.240.0 Null0 track 10

Where 217.169.255.1 would be IP of loopback IP address of an iBGP/Transit eBGP router. So that, if it is unreachable, static route to 217.169.240.0/20 will be removed and announcement to an eBGP neighbor will not be sent.

Blog deserted : some news

Posted on June 4, 2011 by clucas

This blog seems deserted since one or two months. There are some reasons about this. First of all :

The death of my mother. 14 months after my father, she is gone… I don’t have enought words and want to talk about it here.
God bless them and gives us a little happiness in these dark times of life (The grandfather of my wife also died in the last two weeks).

Second, I have passed 642-691(BGP+MPLS) in these two last months. So I have hard studied on it. Next : Qos (642-642) and I will be CCIP certified.

Cisco Learning Labs

Posted on April 13, 2011 by clucas

There’s some new stuff in Cisco world. We are now able to access Cisco-Labs directly there. These labs are planned to fill the pratice in certification.
The official page is here.

I think I will use it when MPLS Cert time will be there…

Lab 2-1 Establishing the Service Provider IGP Routing Environment
Lab 3-1 Establishing the Core MPLSEnvironment
Lab 5-1 Initial MPLS VPN Setup
Lab 5-2 Running EIGRP Between PE and CE Routers
Lab 5-3 Running OSPF Between PE and CE Routers
Lab 5-4 Running BGP Between PE and CE Routers
Lab 6-1 Overlapping VPNs
Lab 6-2 Merging Service Providers
Lab 6-3 Common Services VPN
Lab 7-1 Establishing Central Site Internet Connectivity with and MPLS VPN
Lab 8-1 Implementing Basic MPLS TE

Real interesting labs, aren’t it ?

You can access/read an interesting point of view on @etherealmind website here.

2 cents OSPF tips

Posted on April 11, 2011 by clucas

To keep it in mind :
OSPF adjacencies only form over primary networks, not secondary networks.

Source : http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094050.shtml

Preparing to @packetlife lab

Posted on April 4, 2011 by clucas

To take a @packetlife lab (community lab), I prepare a little scenario about BGP and other features such as :

Route reflectors
BGP confederations
BGP dampening
ORF (Outbound Route Filter)
…

My lab looks like :
Level 2 :

Level 3:

BGP :

Astuce : ping et fragmentation

Posted on March 9, 2011 by clucas

Voici une petite astuce (ok à deux balles) afin de faire avec votre Linux préféré la même chose que vous faîtes avec votre IOS (Cisco) via la commande :

R# ping your_host size 1520 df-bit

Vous devrez faire avec votre linux :

LinuxBox:~# ping -M do -s 1520 your_host
[...]
LinuxBox:~#

Et avec un OpenBSD :

OpenBSDBox# ping -D -s 1520 your_host

Cisco : EPC (Embedded Packet Capture)

Posted on February 14, 2011 by clucas

An interesting useful tool available in IOS 12.4(20)T and prior : Embedded Packet Capture (EPC). This tool is useful to avoid configure SPAN and RSPAN to be able to capture and analyze trafic.
You can now do it by means of defining a capture buffer, then a capture point, link them and start the capture.
Then you can upload this capture (in pcap) and read analyze it with wireshark 🙂

R1#monitor capture buffer TEST_BUFFER size 512 max-size 128 circular

R1#sh monitor capture buffer all parameters
Capture buffer TEST_BUFFER (circular buffer)
Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0
Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0
Associated Capture Points:
Configuration:
monitor capture buffer TEST_BUFFER size 512 max-size 128 circular

Then configure the capture point :

R1#monitor capture point ip cef TEST_CP-1 fa 1/0 both
*Feb 13 18:32:36.039: %BUFCAP-6-CREATE: Capture Point TEST_CP-1 created.

R1#monitor capture point ip process-switched TEST_CP-2 from-us
*Feb 13 18:32:41.535: %BUFCAP-6-CREATE: Capture Point TEST_CP-2 created.

R1#sh monitor capture point all
Status Information for Capture Point TEST_CP-2
IPv4 Process
Switch Path: IPv4 Process        , Capture Buffer: None
Status : Inactive

Configuration:
monitor capture point ip process-switched TEST_CP-2 from-us

Status Information for Capture Point TEST_CP-1
IPv4 CEF
Switch Path: IPv4 CEF            , Capture Buffer: None
Status : Inactive

Configuration:
monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both

Then, we associate buffer to capture point :

R1#monitor capture point associate TEST_CP-1 TEST_BUFFER

R1#sh monitor capture point all
Status Information for Capture Point TEST_CP-2
IPv4 Process
Switch Path: IPv4 Process        , Capture Buffer: TEST_BUFFER
Status : Inactive

Configuration:
monitor capture point ip process-switched TEST_CP-2 from-us

Status Information for Capture Point TEST_CP-1
IPv4 CEF
Switch Path: IPv4 CEF            , Capture Buffer: TEST_BUFFER
Status : Inactive

Configuration:
monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both

R1#sh monitor capture buffer all parameters
Capture buffer TEST_BUFFER (circular buffer)
Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0
Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0
Associated Capture Points:
Name : TEST_CP-1, Status : Inactive
Name : TEST_CP-2, Status : Inactive
Configuration:
monitor capture buffer TEST_BUFFER size 512 max-size 128 circular
monitor capture point associate TEST_CP-1 TEST_BUFFER
monitor capture point associate TEST_CP-2 TEST_BUFFER

Then:

R1#monitor capture point start TEST_CP-2
R1#
*Feb 13 18:45:48.495: %BUFCAP-6-ENABLE: Capture Point TEST_CP-1 enabled.
*Feb 13 18:45:49.495: %BUFCAP-6-ENABLE: Capture Point TEST_CP-2 enabled.

R1#sh monitor capture point all
Status Information for Capture Point TEST_CP-2
IPv4 Process
Switch Path: IPv4 Process        , Capture Buffer: TEST_BUFFER
Status : Active

Configuration:
monitor capture point ip process-switched TEST_CP-2 from-us

Status Information for Capture Point TEST_CP-1
IPv4 CEF
Switch Path: IPv4 CEF            , Capture Buffer: TEST_BUFFER
Status : Active

Configuration:
monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both

R1#sh monitor capture buffer all parameters
Capture buffer TEST_BUFFER (circular buffer)
Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0
Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0
Associated Capture Points:
Name : TEST_CP-1, Status : Active
Name : TEST_CP-2, Status : Active
Configuration:
monitor capture buffer TEST_BUFFER size 512 max-size 128 circular
monitor capture point associate TEST_CP-1 TEST_BUFFER
monitor capture point associate TEST_CP-2 TEST_BUFFER

Do some stuff and wait for traffic :

R1#ping 10.0.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

R1#sh monitor capture buffer TEST_BUFFER
18:51:47.483 UTC Feb 13 2011 : IPv4 Process    : None Fa1/0
18:51:47.491 UTC Feb 13 2011 : IPv4 CEF Turbo  : Fa1/0 None
18:51:47.491 UTC Feb 13 2011 : IPv4 LES CEF    : Fa1/0 None
18:51:47.499 UTC Feb 13 2011 : IPv4 Process    : None Fa1/0
18:51:47.503 UTC Feb 13 2011 : IPv4 CEF Turbo  : Fa1/0 None
18:51:47.503 UTC Feb 13 2011 : IPv4 LES CEF    : Fa1/0 None
18:51:47.503 UTC Feb 13 2011 : IPv4 Process    : None Fa1/0

R1#sh monitor capture buffer TEST_BUFFER dump

18:51:50.023 UTC Feb 13 2011 : IPv4 CEF Turbo  : Fa1/0 None

672C4650:          CA003713 001CCA01 3713001C      J.7...J.7...
672C4660: 08004500 00640009 0000FE01 A68D0A00  ..E..d....~.&...
672C4670: 01020A00 01010000 DCA70001 00040000  ........'......
672C4680: 0000002D A970ABCD ABCDABCD ABCDABCD  ...-)p+M+M+M+M+M
672C4690: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46A0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46B0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46C0: ABCDABCD ABCD00                      +M+M+M.

18:51:50.023 UTC Feb 13 2011 : IPv4 LES CEF    : Fa1/0 None

672C4650:          CA003713 001CCA01 3713001C      J.7...J.7...
672C4660: 08004500 00640009 0000FE01 A68D0A00  ..E..d....~.&...
672C4670: 01020A00 01010000 DCA70001 00040000  ........'......
672C4680: 0000002D A970ABCD ABCDABCD ABCDABCD  ...-)p+M+M+M+M+M
672C4690: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46A0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46B0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD  +M+M+M+M+M+M+M+M
672C46C0: ABCDABCD ABCD00                      +M+M+M.

You can now export this capture by means of lot of remote transfert protocol :

R1#monitor capture buffer TEST_BUFFER export ?
  ftp:    Location to dump buffer
  http:   Location to dump buffer
  https:  Location to dump buffer
  pram:   Location to dump buffer
  rcp:    Location to dump buffer
  scp:    Location to dump buffer
  tftp:   Location to dump buffer

Source : http://routerjockey.com/2011/02/14/ios-embedded-packet-capture/ from @tonhe

Cisco, Telecom

0

For fun : ‘ena’ C program

Posted on January 18, 2011 by clucas

I think it has been really often done in the past, but for fun :

For those of you whom use a lot of xterm, I think it have happen you mistake tape an ‘ena’ command in your sh friend shell program 🙂
It can be funny to have a result on your stdout other than :

Commande « ena » non trouvée, vouliez-vous dire : La commande « enna » issue du paquet « enna » (universe) La commande « eva » issue du paquet « eva » (universe) La commande « enca » issue du paquet « enca » (universe) La commande « ent » issue du paquet « ent » (universe) La commande « env » issue du paquet « coreutils » (main) ena : commande introuvable

It can be funny to have :

clucas@pluton:~$ ena Password: Building configuration... [OK] Proceed with reload? [confirm] Connection closed by foreign host. Be quiet, you are on a Unix based system and I will not disclose your password ;)

You can have the full source code of this here.

It could be really funny to send it by a socket, but I don’t have written it in the code.

Cisco, Code, Linux, Telecom

4

ME-C3750-24-TE and IOS memory problem

Posted on January 11, 2011 by clucas

If you meet a IOS crash bug such as :

Pool: Processor Free: 164996 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool -Process= "HQM Stack Process", ipl= 0, pid= 112 -Traceback= 26C41C 31CB0C 3222C8 B1FDF0 B08F50 35B764 351D2C %SYS-2-MALLOCFAIL: Memory allocation of 36688 bytes failed from 0xB1FDEC, alignment 8 Pool: Processor Free: 164996 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool -Process= "HQM Stack Process", ipl= 0, pid= 112 -Traceback= 26C41C 31CB0C 3222C8 B1FDF0 B08F50 35B764 351D2C

And your environnment is MPLS/OSPF on this kind of hardware, you can be aware of that : When you add a new OSPF neighbor to mesh your network, you can meet memory problem and crash.

For my side, a ‘no mpls ip‘ resolv my problem, before an upgrade of IOS.

Cisco

0

Cisco Press > CCIP : Internet Routing (2nd Ed.)

Posted on December 23, 2010 by clucas

I have been received today this book in my mailbox 🙂
This one plus those for MPLS/VPN will be my companion for the next year.

Hope to be CCIP at the end of 2011 🙂

Cisco, Telecom

0

«
1
…
5
6
7
8
9
»