Archive for the 'Main blog' category

Netstat but then for IOS

 | 28 Jul 2007 16:49

Not sure how long this has been there but I just noticed it in 12.4T:

Router#show ip sockets
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 0 --any-- 67 0 0 2211 0

For those who’re wondering what a router listens to by default, it’s dhcp. To turn it off issue the following command:

no service dhcp

Researching regular expressions (filter show commands)

 | 25 Jul 2007 11:07

While trying to figure out whether I could find an AND operator rather than just the OR “|” I stubled across the following:

C2611XM#show ver | ?
_append____Append redirected output to URL (URLs supporting append operation only)
_begin_____Begin with the line that matches
_exclude___Exclude lines that match
_include___Include lines that match
_redirect__Redirect output to URL
_section___Filter a section of output
_tee_______Copy output to URL

A number of these are new to me… A nice recent addition is the ‘section’ key word, it shows the section following the matched line. This allows for displaying the running config of an access-list which previously was not possible:

C2611XM(config-ext-nacl)#do sr | section http
ip http server
no ip http secure-server
ip access-list extended http
_permit tcp any any eq www
_permit tcp any eq www any

This condensed quote from CCO lists a couple of things to remember:

show <command> | append <url> – Redirects the output of any show command to be appended to a specified file.
show <command> | redirect <url> – Redirects the output of any show command to a specified file.
show <command> | tee <url> – Copies the show command output to a file while displaying it on the terminal.

The Cisco IOS File System (IFS) uses URLs to specify the location of a file system, directory and file. Typical URL elements include:


Prefixes can be local file locations, such as flash: or disk0:. Alternatively, you can specify network locations using the following syntax:


The rcp: prefix is not supported.

Defective Serial module

 | 24 Jul 2007 00:53

Rats, had to spend more time in my hosted CCIE lab to replace a defective NM-8A/S in my F/R switch. But at least all my serial connectivity is up/up and the new F/R switch, a 3640 with a mere 16Mb of flash, is configured with a full mesh of PVC’s.

I feel ready to try some mock labs, having started one tonight I remember how difficult it is to translate/superimpose the hardware layouts. Oh well I guess I’ll get the hang of it sooner or later. It feels like last year was such smooth sailing between the bootcamp and the exam. Must be about the grass being greener elsewhere again…

I actually configured my first port channels today, or it’s been so long I can’t remember the last time. Funny having a 3548 and 3560, one starts to notice old and new config. Kinda nice as a hint of what new features might be emphasised in the lab. For those who’re wondering, for example: The 3548 uses ‘port groups’ where the 1st interface in the group holds the etherchannel config, but the 3560 uses channel-group style config which creates port-channel interfaces for the etherchannel config.

Another lesson learned: STP trouble can occur if one side of the etherchannel has been configured but not the other, so shut down the interfaces before adding them to an etherchannel. Also it’s best to create etherchannels from interfaces without prior config.

Note to self…

 | 00:38

When using a Bluetooth (BT) keyboard, check the batteries first before spending time on troubleshooting network problems… It appears that the keyboard just slows down rather than just cutting out.

Cool Cisco IOS hints site

 | 15 Jul 2007 21:01

Well it’s cool for us ppl who prepare for the CCIE R&S lab and possibly other Networking workaholics too 🙂

I first thought this guy workes for Cisco but this is far from the truth…

IPv6 routing (OSPFv3)

 | 14 Jul 2007 21:55

Well I guess I was wrong that IP BASE or TELCO feature-set would do fine for R&S labbing. They lack IPv6 and if they do have IPv6 then they don’t have IPv6 routing (OSPFv3) capability.

Remembering the noises about IPv6 really coming our way in the next year or two I think we’ll be upgrading a lot of routers… IP PLUS and ENT BASE seem to be the feature-sets to go for but my flash and ram don’t support the images. I guess I’ll have to dig out all the old memory and hope I can make it match (and stable).

Any help is welcome. My 3640 are limited to 64/16, the 2600’s to 40/8 and 48/16. All I have is a beefy 2691 (128/32) and my 7200’s with 128 and flash cards (48 and 2x 20Mb [eek]). Does anyone have a simple site listing which memory type is supported per platform?

[July 16th 2007] Well I went rummaging through a pile of old memory and it looks like I can max out my 3640’s to 128 ram. I’ still failing in the flash department… 🙁
Heehee, just found “c3640-is-mz.124-1c.bin and ‘3g.bin IP PLUS” which are just under 24Mb so I may just have saved myself a lot of hassle. It has OSPFv3 support and everything else I need, bar tcp intercept and MPLS.

Networkers EMEA 2008

 | 21:46

Last weeks news: Networkers EMEA 2008 will be in Barcelona. For the diary: Monday Jan 21st – Thursday 24th.

I’m counting on being there, though untill my manager gives approval and it’s been booked I will not know fur sure… 🙂

Personal lab updates

 | 14:23

Right, back on the number hunt I’ve listed up for and am currently upgrading most of my routers to 12.4 or in case of my two 7200’s with NPE-200’s 12.3.

The feature-sets are a right mix too but I hope that I’ll be OK there. Personally I think that the enterprise feature-set is not needed when labbing for R&S as SNA, DSLw and the likes were removed in Jan 2006. I do try to have crypto in there as securing routing protocols is a hot item these days.

Next to IOS upgrades I’ve ordered some more serial cables to add to my lab as it will give me a lot more flexibility. I guess it’s one of the down sides of having ones lab in a datacenter and not at home. Ooh and not being able to manually reload routers is another issue I have. Luckilly it doesn’t happen that much but my 2621 with 40/8 (ram/flash) did not like 12.3(3i) IP as it complains about IOMEM and just halts during boot. (I can feel another trip to the datacenter coming) Cables should be in next week so I’ll have to work at the datacenter late coming Friday (in the UK on Wednesday and Thursday).

MAC filtering

 | 7 Jul 2007 20:25

Just reading up on stuff and came across the I/G and U/L bits in the MAC address. The I/G bit is the first bit of the MAC address, reading MSB to LSB, the U/L bit the second.

I/G: Binary 0 means the address is a unicast; Binary 1 means the address is a multicast or broadcast.
U/L: Binary 0 means the address is vendor assigned; Binary 1 means the address has been administratively assigned, overriding the vendor-assigned address.

Say I’d want to Deny Multicast & Broadcast and also Administratively assigned addresses, then the following ACL would be best (out of the three options, due to ACL length).

mac access-list extended MACL-official-Ucast-only
permit any 0000.0000.0000 00ff.ffff.ffff
interface FastEthernet1/0/10
mac access-group MACL-official-Ucast-only in

2nd Lab exam coming up!

 | 23 May 2007 10:54

10th of August is my next lab date. After booking the 14th then the 4th of September, the 10th of August came up and I snapped it up as soon as I could.

For all those wondering whether you can easily change your lab date. It’s easy enough, you just book another date and it moans at you that you already have a date. You’ll have to option to have the system delete your previous date replacing it with the one you’re trying to book. Took me a while to figure that one out but apparently it is listed somewhere on the Cisco CCIE site but I had a hard time finding it, was only after I heard the answer to my question from Cisco that a colleague pointed me to a page with the info I’d been looking for…

Blown away: Netwokers EMEA 2007

 | 23 Feb 2007 23:33

EEK, just noticed I’d not written anything about attending Networkers yet. Well I had a whale of a time and not just because of a rather cool ‘customer appreciation event’, the former Cisco party. But because I was able to attend a fabulous Techtorial and I managed to discuss a lot of issues with key people from Cisco.

Networkers has really changed my view on Cisco, the technical guys there were really interested in what we, the customers, had to say. They welcomed open discussion during their sessions and handed out business cards galore. I even received mail during the weekend after with answers to questions I posed during face-to-face Design sessions in between the presentations/normal sessions.

I must clarify that I registered my sessions very early and I planned it meticulously. I’ve only been to level 3 sessions which kept me safe from hot air marketing talk etc. Also I agree with Cisco when they say that what you get out of it is what you put into it and it really paid off for me. I’ve got so much info to take back with me and process that I’m glad I made so many notes. It surely was way more valuable than a month of full time classroom training.

Further things that impressed me were: Explanations of road-maps, a few of them even more than 12 months ahead. How approachable everyone was. How I managed to baffle one of the speakers during an MPLS VPN Design session I walked into; MPLS VPN hub-and-spoke via a firewall without using a vlan per vrf. There is no solution…

Better stop here else I’ll never stop. I will probably divulge into one or more of the subjects I attended some time in the future, but I’d better not promise anything… 😉

CCIE R&S page updates

 | 23:12

Oh, lest I forget again. Check out the CCIE R&S pages. Since restarting my studies, I’m updating them regularly again so be prepared to find new gems in there. Or just browse it for some of those “oh yes” moments if ‘new’ it’s so new for you any more. We all forget this stuff if we don’t regularly remind ourselves, I do anyway…

3550 & 3560…

 | 23:07

I’ve heard reports of the lab containing more and more L3 switches these days. Looks like I need to update my lab hardware to incorporate some L3 switches. The 3550 is EOS but even second hand overly expensive, the 3560 is not cheap either. I’m hoping my employer is willing to get some as I’ve now got two other colleagues gearing up for their CCIE. I might have a trick up my sleeve but you’ll have to come back later if you want to know the outcome of that one.

I currently use a combination between a normal router and a vlan on my L2 switch for all switch related tasks but I guess Cisco is adding NAC (IEEE802.1x) and other advanced L2/L3 switching tasks into the lab. Which is kinda logical seeing as even I’m looking at the L3 switches as Ethernet access cpe’s.

Day return R’dam – Paris

 | 21 Feb 2007 08:32

It’s kinda strange the way traveling in Europe has no simple formula. I fly to the UK from R’dam to Stanstead and I fly to Hamburg, also from Rotterdam. But going to Paris feels like going as far as, let’s say Greece.

The dilemma is this that there is no direct flight from Rotterdam to Paris. If one insists on flying then one will have to hop via Amsterdam or London which makes it inefficient and expensive. I could take the train to Schiphol (Amsterdam) but that will take at least an hour add to that the longer check-in times compared to R’dam airport and you’re looking at a minimum of 2,5 hours front door to ‘window or isle’ seat.

The Saga continues with arriving in Paris after 1:15 flight and then having to find a cab to our office. According to my manager the cab from CDG (Charles de Gaulle) will take 1 to 1,5 hours. My total would now come to a minimum of 4 hours and 45 minutes door to door.

As most often though there is a simple answer, the Thalys. It’s cheap if you don;t go for first class and there’s no check-in time. Above all I can get on at Rotterdam Central, it takes 3:11 from R’dam to Gare du Nord and I am allowed to work on my laptop the whole way. The cab only took 30 minutes to the office and the bus into R’dam is the same I as for all other options. Total travel time? I left home at 7:15 and got to the office at 12:15.

5 hours? Yes 5 hours due to an unforeseen wait for a cab. On top of this the first cab driver evicted me from the cab after only 20 meters as he couldn’t find the address on any of his ancient maps, “address does not exist, please leave my cab”! The second cab driver said no problem and sped off, he did take me the scenic route though as he missed a turn…

All in all the Thalys route was faster, cheaper and with a lot less risk of delays or overbookings. Oh and did I mention that the cab was only 20 eur inward as opposed to the 100 Euro I payed last time from CDG into the center of Paris? For those who’re wondering, outward it took about 45 minutes and cost me 34 as it was rush hour…

Back to CCIE-lab study

 | 15 Jan 2007 18:00

Right, it’s been a while since my last attempt (2nd of August last year). Joshua, my 3,5 mo old son, is sleeping through the night so I can get back into studying.

Tonight is the evening I’ll be picking up the battle axe again and I must say I’m terribly rusty. Been very busy with work and that did not involve in-depth routing protocols. Will start on the basics and get myself familiar again with the basic stuff I got from my CCIE bootcamp. Then I’m planning to go through all the practice labs I have to see whether I’m really at ease with everything I encounter. Some of the points I’ve already mentally listed as crucial are:

  • Multicast (PIM-SM, PIM-DM and using GRE tunnels)
  • OSPF over various tastes of F/R
  • BGP route manipulation (redistribution and tagging)
  • ACLs (lock&key, time based & ‘odd’ logging)

I sure hope the other guys I studies with are still around as I’ve not heard from them in a while. My plan is to attempt my next lab in Feb, that is time permitting. Networkers EMEA 2007 will take a nice chunk out of my time as well as work related stuff although that shouldn’t be too much of an issue now that I’ve got some of my long awaited equipment.