David’s Cisco Networking Blog


January 30, 2008  9:04 PM

Cisco’s new version of PoE

David Davis David Davis Profile: David Davis

Cisco launched a new version of PoE called ePoE or “enhanced” power over ethernet. What’s this? Confusing marketing at its finest? Let’s find out…

This new version of PoE is only available in the Catalyst 3750-E and 3560-E Series switches, with ePoE availability for Cisco’s Catalyst 6500 and Catalyst 4500-E Series devices scheduled to follow in the second quarter of this year.

One of the reasons for this new type of PoE is because of 802.11n wireless AP’s. These APs use a lot of power – more power than older APs. This was causing customers to have to supply two PoE cables to every 802.11n wireless AP. With the new ePoE, they don’t have to do that.

The cool thing is that you can just upgrade the IOS of your supported switch and get the new ePoE update. The downside is that ePoE is proprietary so you must use Cisco 802.11n wireless APs to take advantage of this new feature. You can read more about ePoE at Cisco’s website.

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training

January 30, 2008  8:57 PM

How to download and run a FREE Cisco Router emulator

David Davis David Davis Profile: David Davis

I posted an article recently on how to download and run a FREE Cisco router emulator (see Practice Cisco Router Configuartion using a free emulator). I want to tell you up front, the only real catch is that you have to have a copy of the Cisco IOS that will run in the emulator. However, the emulator supports a number of different types of routers.

The cool thing about the emulator is that, on a single PC, you can run multiple routers and switches. You can design the network topology and connect all the devices together. Then, you can configure each of the routers in the LAN or WAN network.

It is a very powerful tool for creating & testing configurations as well as just learning about Cisco routers. The cost and trouble of purchasing and setting up a number of physical Cisco routers makes running an emulator on your PC a “no-brainer”.

Yes, there are simulators but emulators are much better because you are running the REAL IOS so you have 100% compatibility with the “real thing”.

I hope you will check out my article and try this very cool emulator out for yourself!

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training


January 30, 2008  8:36 PM

Are you concerned about IP version 6 (IPv6)?

David Davis David Davis Profile: David Davis

Are you concerned about IPv6? Should you start learning about it and converting to it now?

These are all valid concerns. I mean, “everyone” has been talking about how IPv4 (our current IP addressing scheme) will run out of IP addresses for a long long time. “Everyone” says that you need to convert to IPv6 but has anyone done it?

Anyone out there?

I can tell you that I have read and checked it out but haven’t started doing anything related to IPv6 for any of the servers and networks that I support. However, if you worked at a university or a very large company, I am sure that you need to be ahead of a medium size company like the one that I support.

So, if you are concerned and have a few minutes, you should check out these links on IPv6 to help prepare:

IPv4 Progress Report

The IPv6 Forum

Cisco IPv6 eBook

Internetworking IPv6 with Cisco Routers

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training


January 30, 2008  8:29 PM

Anyone out there a CCENT?

David Davis David Davis Profile: David Davis

I am curious to hear from those who are working on their CCENT certification. Have you tried it? Or have you even heard of the CCENT yet?CCENT-CCNA-CCDP-Pyramid

The CCENT is the Cisco Certified Entry Networking Technician and it is what you achieve if you take just 1 Cisco test (640-822 ICND1). The CCENT prepares you for the CCNA exam and you Cisco has some nice resources for it at both the CCENT Instant Answers webpage and the CCNA Prep Center.

I have heard from a number of my associates and they have been using the Train Signal CCENT Video Training package and have been impressed with it. I know they have a free demo at that URL.

So – how about you? Are you already a CCENT? What did you think of the experience? Are you aspiring to be a CCENT? What questions do you have? Post em’ here!

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training


January 30, 2008  8:16 PM

What is the CCDE?

David Davis David Davis Profile: David Davis

Cisco released a new certification offering called the CCDE. What is the CCDE? Let’s find out!

The CCDE is the new Cisco Certified Design Expert and it is the pinnacle of design and networking architecture of Cisco technologies and it is equivalent to the Cisco CCIE. It had been rumored, in the past, that there would be a new “CCIE Design”, just as there is a CCIE Routing/Switch & CCIE Security. However, instead of doing that, Cisco has released a newly-named certification – the CCDE.

Cisco CCDELike the CCIE, the CCDE is a two-step certification where you, first, pass the CCDE written (computerized) exam (number 352-001) and, second, pass a hands-on / practical / lab exam taken at a Cisco office. The written exam can be taken immediately at your local Pearson VUE testing center but the hands-on exam won’t be ready until later in 2008. That hands-on exam will be an 8 hour, scenario-based exam, focused on the design of large networks.

While the CCDA and CCDP are both Cisco lower level Cisco design certifications, neither of these are required to be achieved before attempting the CCDE.

Personally, I am excited to take the CCDE exam and pursue a new certification. I hope you will consider the CCDE as well!

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training


January 30, 2008  7:57 PM

Is Cisco selling a new car? Or what is the Cisco Nexus 7000?

David Davis David Davis Profile: David Davis

I was in Florida this week and there they have a chain of gas stations called “Cisco” truck stops, or something like that. I wondered if Cisco had tried to sue them for using the name. When I returned I read about a new product called a “Nexus 7000″. If you read that there was a new product called a “Nexus 7000″, what would you think that it is? A new car? That is what it sounds like, right? Even stranger is that it is made by Cisco Systems.

Cisco Nexus 7000Well, the Nexus 7000 isn’t a new car, it is actually a new switch from Cisco Systems. In Cisco’s words, the Nexus 7000 is a “flagship data center-class switching platform combining Ethernet, IP, and storage capabilities across one unified network fabric.” What this means to you and I is that the latest and greatest Cisco switch can do both LAN and SAN switching – pretty revolutionary!

The Nexus 7000 is actually the first Cisco switch to use TrustSec, which I talked about in my post entitled “What is Cisco TrustSec?“. This switch was code-named “DC3″. The Nexus will be the replacement for the Catalyst 6500 and it will provide 10GB Ethernet to the datacenter. The switch will have the capacity to support up to 512 x 10GB ports.

There will be a 10-slot and 18-slot chassis and the switch will start at$75,000 (at that price, it would be easier to buy a new car). The Nexus will run a Linux-based OS called the NX-OS that joins the Cisco IOS and Cisco’s SAN-OS. You can look for the Nexus 7000 in the 2nd quarter of 2008.

-David
Personal Website: HappyRouter.com
Checkout David’s Video Training:
VMware ESX Server Video Training
Cisco CCNA & CCNP Video Training


December 10, 2007  3:27 PM

What is Cisco TrustSec?

David Davis David Davis Profile: David Davis

I recently read a NetworkWorld article where learned about a new Cisco security framework called “TrustSec”. TrustSec is a new Cisco Security Framework (I know, you are saying “another one???”). The new TrustSec framework is an add-on to the Cisco Self-defending network.

TrustSec is “intended to determine, through policies, the role of users and devices in the network before granting access to resources.”

Bob Gleichauf, CTO of Cisco’s Security Technology Group, says “We’re getting this threat defense thing down pretty good; now let’s start worrying about where we can go in the network.” And that is exactly what TrustSec does.

So what that means is that, not only are the devices connecting to the network authorized by NAC, that “authorization” stays with them as they conduct their business on the network. Once their “businesss” is done, they must be reauthorized to perform another “transaction” on the network. And, as they use this authorization, every switch and router is aware of who they are and their credentials.

Although I know they aren’t the same, this reminds me of Kerberos security because of the concepts of the “ticket” and the “ticket granting server”, etc.

TrustSec is set to be available for Cisco Catalyst 6500 switches in early 2008 and, over the next 18 months, it is supposed to be available for the entire switch lineup.

What do you think of this concept? Please post your comments here!
-David
Personal Website: HappyRouter.com – home of Cisco how-to articles & videos
David Recommends:
HappyRouter Cisco VMware Workstation & Server Video Training Series
HappyRouter Cisco CCNA & CCNP Video Training Series


December 7, 2007  5:51 AM

FREE VIDEO: How to Configure VLAN s in the Cisco IOS

David Davis David Davis Profile: David Davis

Recently, I created a short video that shows you how to configure and use VLAN s on a Cisco IOS Router & Switch. It is a step-by-step 15 minute video. It was originally published over at SearchNetworking.com.

In this video, you will learn how to configure a VLAN in this step-by-step, automated, 15-minute demo. As a CCIE Cisco networking expert, I will walk you through the steps you’ll need to configure your routers and switches, set up and assign the trunk ports, and perform the necessary tests to get traffic moving across your VLAN successfully. You can view the configuration commands I used in the video at the bottom of this page.

This video is published in two places:

ENJOY!

-David
Personal Website: HappyRouter.com – home of Cisco how-to articles & videos
David Recommends:
HappyRouter Cisco VMware Workstation & Server Video Training Series
HappyRouter Cisco CCNA & CCNP Video Training Series


December 6, 2007  5:00 AM

Tracking Configuration Changes with the Cisco IOS – Built in! – using the Archive command

David Davis David Davis Profile: David Davis

As a semi-paranoid admin like me, perhaps you have used (or have wanted to use) applications like Tripwire and Kiwi CatTools to log all Cisco IOS configuration changes.

However, maybe we don’t need external tools. Have you seen the Configuraton Change Notification and Logging features?

It has been available since IOS 12.3(4)T/12.2(25)S (it has really gone mainstream in 12.4).

For each configuration command that is executed, the following information will be logged:

• The command that was executed
• The configuration mode in which the command was executed
• The name of the user that executed the command
• The time at which the command was executed
• A configuration change sequence number
• Parser return codes for the command

Here is a sample of how you configure it:

Router(config)# archive
Router(config-archive)# log config (enters config logging mode)
Router(config-archive-log-config)# logging enable (turns on running config change logging)
Router(config-archive-log-config)# logging size 500 (remembers the last 500 commands entered – 100 are default)
Router(config-archive-log-config)# hidekeys (hides passwords from being shown / logged)
Router(config-archive-log-config)# notify syslog (optional – exports changes to syslog server)

Watch this: this is an example of what the logging looks like in action:
CH_NAME_RTR# show archive log config all
idx sess user@line Logged command
1 1 david@vty0 | logging enable
2 1 david@vty0 | logging size 200
3 2 david@vty0 |hostname CH_NAME_RTR
4 2 david@vty0 |enable secret ***** (this is hidden because of hidekeys command)
5 2 david@vty0 |interface FastEthernet0/0
6 2 david@vty0 | bandwidth 100000

-David
Personal Website: HappyRouter.com – home of Cisco how-to articles & videos
David Recommends:
HappyRouter Cisco VMware Workstation & Server Video Training Series
HappyRouter Cisco CCNA & CCNP Video Training Series


December 5, 2007  7:37 PM

Before you blame “the users”, check yourself first for that security hole

David Davis David Davis Profile: David Davis

I was reading a recent article entitled “IT departments biggest source of data leaks, says research”. In this article, where the results of a study, published about the source of security holes and leaks at most companies. What the study found was that about 30% of all security leaks.

My takeaway from this article was that before we blame “the users” for causing security issues or getting into things that they shouldn’t have been in, we need to “check ourselves first”.

Let me ask you this-

  • Do you have a security policy?
  • When was the last time you did a security audit of all network and server devices?
  • How about Windows shares and who has access to what?
  • Are there any rootkits installed on your PCs or Servers?

When it comes to Cisco security, I recommend:

  • Check who can login to the routers, switches & firewalls
  • Change the admin/root password on routers
  • Implement password complexity requirements or use RADIUS from Windows AD
  • Check your IOS for old versions that need to be upgraded

And, as much as it hurts and really doesn’t sound fun at all, don’t forget to “Audit IT First” :)

-David
Personal Website: HappyRouter.com – home of Cisco how-to articles & videos
David Recommends:
HappyRouter Cisco VMware Workstation & Server Video Training Series
HappyRouter Cisco CCNA & CCNP Video Training Series


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: