For those of you who search for a good trafic generator, I recommend you : Mausezahn aka ‘mz’. It is built-in in good linux distro.
The website is : http://www.perihel.at/sec/mz/index.html.
Source: the GCU-Squad!
For those of you who search for a good trafic generator, I recommend you : Mausezahn aka ‘mz’. It is built-in in good linux distro.
The website is : http://www.perihel.at/sec/mz/index.html.
Source: the GCU-Squad!
There’s some new stuff in Cisco world. We are now able to access Cisco-Labs directly there. These labs are planned to fill the pratice in certification. The official page is here. I think I will use it when MPLS Cert time will be there… | |
Lab 2-1 Establishing the Service Provider IGP Routing Environment Lab 3-1 Establishing the Core MPLSEnvironment Lab 5-1 Initial MPLS VPN Setup Lab 5-2 Running EIGRP Between PE and CE Routers Lab 5-3 Running OSPF Between PE and CE Routers Lab 5-4 Running BGP Between PE and CE Routers Lab 6-1 Overlapping VPNs Lab 6-2 Merging Service Providers Lab 6-3 Common Services VPN Lab 7-1 Establishing Central Site Internet Connectivity with and MPLS VPN Lab 8-1 Implementing Basic MPLS TE Real interesting labs, aren’t it ? You can access/read an interesting point of view on @etherealmind website here. |
To keep it in mind :
OSPF adjacencies only form over primary networks, not secondary networks.
Source : http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094050.shtml
To take a @packetlife lab (community lab), I prepare a little scenario about BGP and other features such as :
Voici une petite astuce (ok à deux balles) afin de faire avec votre Linux préféré la même chose que vous faîtes avec votre IOS (Cisco) via la commande :
R# ping your_host size 1520 df-bit
Vous devrez faire avec votre linux :
LinuxBox:~# ping -M do -s 1520 your_host [...] LinuxBox:~#
Et avec un OpenBSD :
OpenBSDBox# ping -D -s 1520 your_host
An interesting useful tool available in IOS 12.4(20)T and prior : Embedded Packet Capture (EPC). This tool is useful to avoid configure SPAN and RSPAN to be able to capture and analyze trafic.
You can now do it by means of defining a capture buffer, then a capture point, link them and start the capture.
Then you can upload this capture (in pcap) and read analyze it with wireshark 🙂
R1#monitor capture buffer TEST_BUFFER size 512 max-size 128 circular R1#sh monitor capture buffer all parameters Capture buffer TEST_BUFFER (circular buffer) Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0 Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0 Associated Capture Points: Configuration: monitor capture buffer TEST_BUFFER size 512 max-size 128 circular
Then configure the capture point :
R1#monitor capture point ip cef TEST_CP-1 fa 1/0 both *Feb 13 18:32:36.039: %BUFCAP-6-CREATE: Capture Point TEST_CP-1 created. R1#monitor capture point ip process-switched TEST_CP-2 from-us *Feb 13 18:32:41.535: %BUFCAP-6-CREATE: Capture Point TEST_CP-2 created. R1#sh monitor capture point all Status Information for Capture Point TEST_CP-2 IPv4 Process Switch Path: IPv4 Process , Capture Buffer: None Status : Inactive Configuration: monitor capture point ip process-switched TEST_CP-2 from-us Status Information for Capture Point TEST_CP-1 IPv4 CEF Switch Path: IPv4 CEF , Capture Buffer: None Status : Inactive Configuration: monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both
Then, we associate buffer to capture point :
R1#monitor capture point associate TEST_CP-1 TEST_BUFFER R1#sh monitor capture point all Status Information for Capture Point TEST_CP-2 IPv4 Process Switch Path: IPv4 Process , Capture Buffer: TEST_BUFFER Status : Inactive Configuration: monitor capture point ip process-switched TEST_CP-2 from-us Status Information for Capture Point TEST_CP-1 IPv4 CEF Switch Path: IPv4 CEF , Capture Buffer: TEST_BUFFER Status : Inactive Configuration: monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both R1#sh monitor capture buffer all parameters Capture buffer TEST_BUFFER (circular buffer) Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0 Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0 Associated Capture Points: Name : TEST_CP-1, Status : Inactive Name : TEST_CP-2, Status : Inactive Configuration: monitor capture buffer TEST_BUFFER size 512 max-size 128 circular monitor capture point associate TEST_CP-1 TEST_BUFFER monitor capture point associate TEST_CP-2 TEST_BUFFER
Then:
R1#monitor capture point start TEST_CP-2 R1# *Feb 13 18:45:48.495: %BUFCAP-6-ENABLE: Capture Point TEST_CP-1 enabled. *Feb 13 18:45:49.495: %BUFCAP-6-ENABLE: Capture Point TEST_CP-2 enabled. R1#sh monitor capture point all Status Information for Capture Point TEST_CP-2 IPv4 Process Switch Path: IPv4 Process , Capture Buffer: TEST_BUFFER Status : Active Configuration: monitor capture point ip process-switched TEST_CP-2 from-us Status Information for Capture Point TEST_CP-1 IPv4 CEF Switch Path: IPv4 CEF , Capture Buffer: TEST_BUFFER Status : Active Configuration: monitor capture point ip cef TEST_CP-1 FastEthernet1/0 both R1#sh monitor capture buffer all parameters Capture buffer TEST_BUFFER (circular buffer) Buffer Size : 524288 bytes, Max Element Size : 128 bytes, Packets : 0 Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0 Associated Capture Points: Name : TEST_CP-1, Status : Active Name : TEST_CP-2, Status : Active Configuration: monitor capture buffer TEST_BUFFER size 512 max-size 128 circular monitor capture point associate TEST_CP-1 TEST_BUFFER monitor capture point associate TEST_CP-2 TEST_BUFFER
Do some stuff and wait for traffic :
R1#ping 10.0.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms R1#sh monitor capture buffer TEST_BUFFER 18:51:47.483 UTC Feb 13 2011 : IPv4 Process : None Fa1/0 18:51:47.491 UTC Feb 13 2011 : IPv4 CEF Turbo : Fa1/0 None 18:51:47.491 UTC Feb 13 2011 : IPv4 LES CEF : Fa1/0 None 18:51:47.499 UTC Feb 13 2011 : IPv4 Process : None Fa1/0 18:51:47.503 UTC Feb 13 2011 : IPv4 CEF Turbo : Fa1/0 None 18:51:47.503 UTC Feb 13 2011 : IPv4 LES CEF : Fa1/0 None 18:51:47.503 UTC Feb 13 2011 : IPv4 Process : None Fa1/0 R1#sh monitor capture buffer TEST_BUFFER dump 18:51:50.023 UTC Feb 13 2011 : IPv4 CEF Turbo : Fa1/0 None 672C4650: CA003713 001CCA01 3713001C J.7...J.7... 672C4660: 08004500 00640009 0000FE01 A68D0A00 ..E..d....~.&... 672C4670: 01020A00 01010000 DCA70001 00040000 ........'...... 672C4680: 0000002D A970ABCD ABCDABCD ABCDABCD ...-)p+M+M+M+M+M 672C4690: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46A0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46B0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46C0: ABCDABCD ABCD00 +M+M+M. 18:51:50.023 UTC Feb 13 2011 : IPv4 LES CEF : Fa1/0 None 672C4650: CA003713 001CCA01 3713001C J.7...J.7... 672C4660: 08004500 00640009 0000FE01 A68D0A00 ..E..d....~.&... 672C4670: 01020A00 01010000 DCA70001 00040000 ........'...... 672C4680: 0000002D A970ABCD ABCDABCD ABCDABCD ...-)p+M+M+M+M+M 672C4690: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46A0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46B0: ABCDABCD ABCDABCD ABCDABCD ABCDABCD +M+M+M+M+M+M+M+M 672C46C0: ABCDABCD ABCD00 +M+M+M.
You can now export this capture by means of lot of remote transfert protocol :
R1#monitor capture buffer TEST_BUFFER export ? ftp: Location to dump buffer http: Location to dump buffer https: Location to dump buffer pram: Location to dump buffer rcp: Location to dump buffer scp: Location to dump buffer tftp: Location to dump buffer
Source : http://routerjockey.com/2011/02/14/ios-embedded-packet-capture/ from @tonhe
La version 6.0 est sortie en ce dimanche 🙂
De nombreux dist-upgrade vont être effectués durant la semaine…
I think it has been really often done in the past, but for fun :
For those of you whom use a lot of xterm, I think it have happen you mistake tape an ‘ena’ command in your sh friend shell program 🙂
It can be funny to have a result on your stdout other than :
Commande « ena » non trouvée, vouliez-vous dire : La commande « enna » issue du paquet « enna » (universe) La commande « eva » issue du paquet « eva » (universe) La commande « enca » issue du paquet « enca » (universe) La commande « ent » issue du paquet « ent » (universe) La commande « env » issue du paquet « coreutils » (main) ena : commande introuvable
It can be funny to have :
clucas@pluton:~$ ena Password: Building configuration... [OK] Proceed with reload? [confirm] Connection closed by foreign host. Be quiet, you are on a Unix based system and I will not disclose your password ;)
You can have the full source code of this here.
It could be really funny to send it by a socket, but I don’t have written it in the code.
Reading @holmahenkel tweets, I found there another really interesting information :
More information than a ‘cat /etc/services‘.