Archive

Archive for the ‘Other’ Category

Some interesting RFCs

March 13, 2013 2 comments

To stay updated what’s happening in the network industry it doesn’t hurt to
read some RFCs and IETF drafts. Here are two I recommend that you read.

A comparison of IPv6 tunneling mechanisms- draft-steffann-tunnels-00

It describes different ways of tunneling v6. Could be very useful for a
CCIE candidate as well if you want to experiment with deploying v6 and can’t
dual stack yet.

Evolution of the IP Model

This one describes how IP has evolved and some of the “networking truths” that
may not be true.

I recommend you read both of them.

Advertisements
Categories: Other Tags: , ,

Staying updated as a network engineer

January 17, 2013 1 comment

When you work in IT, you need to stay updated. It’s not one of those jobs where you get
an education and then you are fully learned and can stop reading. To stay updated you
need to keep an eye on what’s going on in the industry and read about new technologies.

Here are some of the things I do to stay updated:

Subscribe to mailing lists:

  • Subscribe to Cisco-NSP – It’s the best list for anything Cisco related
  • Subscribe to Juniper-NSP – I’m not on this but if you work with Juniper you should be
  • Subscribe to NANOG – It’s a list for North America but it’s still interesting even if you are in Europe. You will know about major issues in NA and other interesting things.

NANOG also has meetings where they do presentations. You can find a lot of interesting
things in many different areas like DNS, BGP and development of 100GE.

Cisco has several conferences every year called Cisco Live. You can access all the
presentations at no cost.
Although it is focused on Cisco products you can find out a lot what is going on in
the industry.

RIPE also has meetings where you can find information on BGP, IPv6, updates from different Internet exchanges and a lot more. It’s a really nice resource.

If you want to really get technical or get involved in developing existing or new protocols then
you should check out the IETF working groups. There are working groups for OSPF, ISIS, BFD, LISP etc. Generally you subscribe to a mailing list. You can just listen in if you want to hear what is coming or you can try to be active yourself.

Another resource that should not be neglected is Twitter. It is very noisy but you can find a lot of great people here.
You can find a lot of great network engineers and old timers like Scott Morris, Ivan Pepelnjak,
Brian Dennis etc. Being able to communicate with guys like this is great.

Besides this I also check some forums and blogs of course. I hope you found some new good
resources to stay updated as a network engineer.

Categories: Other Tags: , , , ,

Upgrading the license on a Cisco 3560/3750

August 19, 2010 3 comments

With the new switches like 3560-X it is possible to run a universal IOS image with support for different feature sets like LAN Base, IP Base and IP Services where IP services is the most feature rich version. I did an upgrade from LAN Base to IP Base and thought it would be a good idea to show how it’s done.

The universal image has a name like this: c3560e-universalk9-mz.122-53.SE2.bin. To get the licenses you need to register your Product Activation Key (PAK) that you receive after ordering the license. You also need to now the productnumber and the serial number for the device that the license is for. The product number can be WS-C3560X-24T-L and the serial number is a string of letters and numbers, the same goes for the PAK number.

When the registration is done you will receive a .lic file whic is a combination of the PAK number, a date and some other numbers. You will need to upload this file to the switch. I used FTP to upload the file:

copy ftp://user:password@1.2.3.4/filename.lic flash:
Accessing ftp://user:password@1.2.3.4/filename.lic…
Loading filename.lic !
[OK – 1152/4096 bytes]
1152 bytes copied in 0.092 secs (12522 bytes/sec)

The file is now copied to flash. After that we need to install the license, the syntax is license install:

Switch#license install flash:filename.lic
Installing licenses from “flash:filename.lic”
Installing…Feature:ipbase…Successful:Supported
1/1 licenses were successfully installed
0/1 licenses were existing licenses
0/1 licenses were failed to install

The license is now installed but we need to reboot the switch before it goes active. We will also get a message logged to the console that looks like this:

*Mar 1 00:07:42.279: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c3560x Next reboot level = ipbase and License = ipbase
*Mar 1 00:07:42.539: %LICENSE-6-INSTALL: Feature ipbase 1.0 was installed in this device. UDI=WS-C3560X-24T-L:$PAKNR StoreIndex=1:Primary License Storage

After the reboot we can use show license to see what licenses are installed:

Switch#sh license
Index 1 Feature: ipservices
Period left: 8 weeks 4 days
License Type: Evaluation
License State: Active, Not in Use, EULA not accepted
License Priority: None
License Count: Non-Counted
Index 2 Feature: ipbase
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Priority: Medium
License Count: Non-Counted
Index 3 Feature: lanbase
Period left: Life time
License Type: Permanent
License State: Active, Not in Use
License Priority: Medium
License Count: Non-Counted

We can see here that there is an IP Services license available for evaluation if we need to do that. And that is how licensing works.

Categories: Other Tags: , ,

Transfering files with FTP (Cisco ASA)

August 16, 2010 8 comments

Trivial File Transfer Protocol (TFTP) has been the natural choice for transfering files on a Cisco device for a long time but it has some weaknesses:

  • It’s not reliable, since it doesn’t use TCP
  • Since it’s not using TCP every packet has to be acknowledged before the next one can be sent
  • No support for encryption of traffic
  • Takes long time to transfer large files

So why do we still use TFTP, mostly because it’s simple to setup and that we are used to it. File Transfer Protocol (FTP) overcomes most of the weaknesses of TFTP. It’s reliable because it uses TCP for transport. We send several packets before needing to acknowledge. It’s much faster. It is not encrypted but if that is a must Secure Copy (SCP) can be used.

Transfering a file from a FTP server to a Cisco ASA is very easy. First you need a FTP server, I use Quick ‘n Easy FTP Server Lite. This is the syntax to transfer a file:

copy ftp://user:password@serverip/filename disk0:

Change user and password to the real user and password and the servip is the IP used by the FTP-server. Filename is the name of the file to transfer. Disk0 is the destination for the file. I did some upgrades of ASA last week and I was shocked how much faster it is than TFTP so I highly recommend you start using it.

Categories: Other, Security Tags: , ,

Ghetto VGA cable

July 29, 2010 Leave a comment

This is a bit off topic but I just had to share this with you. I have a HP Elitebook 2530p laptop which I put in a dockingstation at work. Something is very weird with the dockingstation, when I connect the VGA cable to it my screen is flickering. The weird thing is if I remove the power adapter connected to the docking station the flickering stops. If I use the VGA cable directly connected to the laptop there is no flickering. Seems like the docking station is very sensitive to electro magnetic interference from the power adapter. Here are some pictures I took of it, I actually sawed the cable to get it to fit while my computer is docked.

Categories: Other Tags: