| posted in Cisco Networking, Technical | |
| by dlots on August 30th, 2010 | tags: Cisco, copy-config, perl, SNMP |
Ever have your boss tell you “I need you to change ports 1-3 on switch 1 to vlan 5 over 30 stacks.” with about 30 min left in your shift? I know mine has, but never fear for there is SNMP read/write strings. These are just as powerful as a level 15 account and transferred in clear text so they aren’t for every occasion. The way this will work is it will merge the text document with the running config and not all commands are supported so be sure you test it on the same IOS you’ll be distributing it to before you rely on it.
Requirements:
- Perl and the Cisco-CopyConfig addition to it
- A TFTP server
- A text file: in this example it will be upload.txt but that’s just a name, what you use doesn’t matter
- Ciscoiosmerge.pl (listed below in the code)
- an SNMP read/write string
| posted in Cisco Networking, Technical | |
| by wirerat on July 21st, 2010 | tags: BGP, Cisco, ISP, local preference, multihome, weight |
Company XYZ has decided to add a backup link to add redundancy to their Internet connectivity. The current link with their ISP is over the 12.45.78.0/31 network. Their ISP has given them another link with a network address of 12.23.56.0/31 and has already configured their routers. Company XYZ has decided to use one of three methods to enable redundant Internet connectivity and needs to lab each of the three methods to see which they prefer.
The three methods they will be testing are:
1) Keep the current link (12.45.78.0/31) as their main link. The new link (12.23.56.0/31) will be the backup link in case the main link goes down. They will use Cisco’s Weight attribute to differentiate between the main and backup link.
2) Keep the current link as their main link. The new link will be the backup link in case the main link goes down. They will use the Local Preference attribute to differentiate between the main and backup link.
3) Use both links at the same time to load balance traffic via BGP multipath.
As a final step, Company XYZ wishes to aggregate their local networks that BGP will advertise.
| posted in Cisco Networking, Technical | |
| by Perlhack on July 16th, 2010 | tags: Cisco, GET VPN, Tutorial |
GET VPN uses GDOI (Group Domain of Interpretation) defined in RFC 3547 for IPSEC phase 1, while IPSEC phase 2 uses the traditional attributes with the exception of IP header preservation (inner and outer IP headers are identical) and NAT traversal is not supported with GET VPN.
GET VPN assumes that there is a network based VPN that is currently working and the enterprise wishes to turn on encryption for security purposes or to meet industry mandates. For the purposes of this document the network based VPN will be MPLS/IP. The major components of GET VPN consist of an MPLS VPN, GM (Group Member) and KS (Key Server). GET VPN works on a centralized IPSEC control plane that is maintained by the key server(s) while the GMs are responsible for IPSEC data plane and encryption.
| posted in Printed Material, Reviews | |
| by Steve on July 15th, 2010 | tags: 642-813, Cert Kit, Certification, Cisco, Cisco Press, Switch |
As many of you may remember, we ran a giveaway in February that was sponsored by CiscoPress. They provided their new Cert Kits as the prizes and they also sent me a set to use and review. If you’ve been following my recert progress, you know that I recently passed the CCNA again and have started studying for the SWITCH exam so I am finally getting around to reviewing the first of the Cert Kits.
The CCNP SWITCH kit package contains:
- A quick reference manual
- A DVD with 5 hours of video and the PDF version of the reference manual
- An access code for 300 online flash cards
| posted in Industry News | |
| by Perlhack on July 13th, 2010 | tags: Cisco, CiscoLive, Las Vegas |
Some great sessions and entertainment was found in Las Vegas during Cisco Live 2010. I was happy with all my sessions and will plan to attend next year’s networkers which I believe will be in LV again. Some of my favorite sessions included “2010 How do hackers still get in”, “Embedded IOS Instrumentation”, and the general session with Carlos D, and John Chambers. The general session included a demo of the Cisco Cius (See us). Cius is something of an iphone on steroids that is targeted towards commercial/enterprise. The speakers at each session were very good and I especially enjoyed the flow of the hacking session. It was not Cisco specific but more of industry vulnerabilities.
Expo center was packed with a lot of vendors eager to talk to folks about their products and most of them had some type of swag. Lots of parties and get togethers with friends and co-workers and I had the opportunity to meet some new interesting folks as well. I ended up staying at the MGM and the event took place in Mandalay Bay so there was a lot of walking which was an opportunity to walk off all the beer since I was too cheap to get a cab.
« Older Entries |
