Network technologies and trends

May 24, 2011  5:14 AM

SUP 720- 3B failing to boot

Posted by: Yasir Irfan
%DIAG-SP-6-RUN_MINIMUM: Module 7: Running Minimal Diagnostics..., %Software-forced reload, bootflash:, Breakpoint exception, Cisco Catalyst 6500, Cisco Catalyst 6513 Switch, Cisco Systems, Cisco TAC team, Cisco Troubleshooting, Core Switch, CPU signal 23, PC = 0x41D8BE6C, rommom mode, SUP 720- 3B failing to boot, SUP 720-3B is crashed, SUP 720-3B supervisor engine, Supervisor Engine failed, TAC Case, Writing crashinfo to bootflash:crashinfo_20110523-131601

Friends we have a Cisco Catalyst 6513 Switch installed with SUP 720-3B as a supervisor engine. From past 7 years its working fine but suddenly we the SUP 720-3B supervisor Engine failed. The SUP 720-3B is always going in to rommom mode and I am getting the following error

System Bo otstrap, Version 8.1(3)

Copyright (c) 19 94-20 04 by cisco Systems, Inc.

Cat6k-Sup720/SP processor with 524288 Kbytes of main memory

rommon 1 >

I tried to boot the SUP 720-3B using the boot command from rommon mode but that too failed and I am getting the following error.

%DIAG-SP-6-RUN_MINIMUM: Module 7: Running Minimal Diagnostics…

Also I tried to boot the SUP 720-3B from the flash memory using the “bootflash:”command that too failed again I am getting the same error

%DIAG-SP-6-RUN_MINIMUM: Module 7: Running Minimal Diagnostics…

%Software-forced reload

Breakpoint exception, CPU signal 23, PC = 0x41D8BE6C

-Traceback= 41D8BE6C 41D89DB8 41B370D8 41B37104 41A09A1C 41A4ACCC 41A41000 41A41058 4075B9FC 4075C6E4 419168D8 419166F4 41AD8610 41AD5530 41AD574C 41D7E35C

$0 : 00000000, AT : 43100000, v0 : 44AF0000, v1 : 43640000

a0 : 50E46E18, a1 : 0000F100, a2 : 00000000, a3 : 42E30000

t0 : 41D7E978, t1 : 3400F101, t2 : 41D7E988, t3 : FFFF00FF

t4 : 41D7E978, t5 : 00000000, t6 : 00000000, t7 : 00000000

s0 : 00000000, s1 : 430B0000, s2 : 5033A36C, s3 : 087365C8

s4 : 50D740D0, s5 : 50D1AC48, s6 : 00000040, s7 : 43890000

t8 : 5000BA74, t9 : 00000009, k0 : 00000000, k1 : 00000000

gp : 431011F0, sp : 5000BB28, s8 : 00000000, ra : 41D89DB8

EPC  : 41D8BE6C, ErrorEPC : 65DFF3A3, SREG     : 3400F103

MDLO : 00000000, MDHI     : 00000000, BadVaddr : 00000000


Cause 00000024 (Code 0×9): Breakpoint exception

Writing crashinfo to bootflash:crashinfo_20110523-131601

=== Flushing messages (16:16:01 KSA Mon May 23 2011) ===

Buffered messages:

00:01:01: curr is 0×0

Seems like the SUP 720-3B is crashed, I will open a TAC case and see what the issue is. I know Cisco TAC team is quite helpful and they will come out with a solution for this problem. If anyone has any inputs or solutions they are welcome provide solutions in the comment area of this post.

May 22, 2011  5:15 AM

How to configure HRSP between Nexus 7000 and Cisco Catalyst 6500 Series Switches?

Posted by: Yasir Irfan
0000.0c07.ac22, Cisco Catalyst 6500 Switch, Cisco Catalyst 6506-E Switch, Cisco Configuration, Cisco configuration tips, Data Centre, Default MAC, Forwarding threshold, Hellotime, How to configure HSRP between Nexus 7000 and Cisco 6500 Switch, HSRP, interface vlan, IP Address, Nexus 7000 Series Switch, sho hsrp group, sho standby brief, standby, subnet, Virtual IP, Virtual MAC address

Configuring HRSP in a Cisco Nexus 7000 Series Switch is often an easy task and it takes slight different approach. Recently we had some issues in our Data Centre and then I was forced to configuring the HSRP between a Cisco Nexus 7010 Switch and Cisco Catalyst 6506 E Switch. The configuration was quite simple, I would like to share the steps need to configure HSRP between a Cisco Nexus 7000 Series and Cisco Catalyst 6500 Series Switches.

In the below example I will configure HRSP for VLAN 34 with a subnet of

Cisco Catalyst 6500 Series Switch Configuration

Step 1 – Create VLAN 34 in Cisco Catalyst Switch and assign an IP Address

MBGF-DAC-6500-BB01(config)#interface vlan 34

MBGF-DAC-6500-BB01(config-if)#ip address

Step 2 – Configure HSRP group id, priority and timers, my active switch will be Cisco 6500 Switch due to its priority

MBGF-DAC-6500-BB01(config-if)# standby 34 ip

MBGF-DAC-6500-BB01(config-if)# standby 34 timers 1 3

MBGF-DAC-6500-BB01(config-if)# standby 34 priority 150

MBGF-DAC-6500-BB01(config-if)# standby 34 preempt

Cisco Nexus 7000 Series Switch Configuration

Step 1 – Create VLAN 34 in Cisco Nexus Switch and assign an IP Address

VDC-Admin-AG01-MB-1256-002(config)# interface vlan 34

VDC-Admin-AG01-MB-1256-002(config-if)# ip address

Step 2 – Configure HSRP group id, priority and timers , Nexus will be in standby mode

VDC-Admin-AG01-MB-1256-002(config-if)#hsrp 34

VDC-Admin-AG01-MB-1256-002(config-if-hsrp)# priority 110

VDC-Admin-AG01-MB-1256-002(config-if-hsrp)# timers 1 3

VDC-Admin-AG01-MB-1256-002(config-if-hsrp)# ip

Verify the HSRP States

Cisco Catalyst 6500 Switch Status

MBGF-DAC-6500-BB01:1#sho standby brief

P indicates configured to preempt.


Interface   Grp Prio P State    Active          Standby         Virtual IP

Vl34        34  150  P Init     local 


Nexus 7000 Series Switch HSRP Status

VDC-Admin-AG01-MB-1256-002# sho hsrp group 34

Vlan34 – Group 34 (HSRP-V1) (IPv4)

Local state is Standby, priority 110 (Cfged 110)

Forwarding threshold(for vPC), lower: 1 upper: 110

Hellotime 1 sec, holdtime 3 sec

Next hello sent in 0.179000 sec(s)

Virtual IP address is (Cfged)

Active router is

Standby router is local

Virtual mac address is 0000.0c07.ac22 (Default MAC)

2 state changes, last state change 2d18h

IP redundancy name is hsrp-Vlan34-34 (default)


Configuring HRSP is a quite a simple and if you are facing any problems configuring you can post your scenario in the comments area of this post.

May 15, 2011  4:50 AM

Cisco predicts weak quarter

Posted by: Yasir Irfan
Cisco CEO John Chambers, Cisco News, Cisco predicts weak quarter, Cisco Systems, core technologies, Flip, Network Technologies and Trends, networking pioneer

Cisco CEO John Chambers expects Q4 sales growth will be between 0% to 2 %, which is much below the analyst expectations of 7%. Cisco Systems also warned they are looking to reduce the workforce with a target of saving S1 billion per year. Most of job cuts are most likely to come through an early retirement programs, already Cisco managed to shed 550 jobs with the closure of its Flip unit.

During a May 11 conference call to discuss quarterly financial numbers, both Cisco Chairman and CEO John Chambers and COO Gary Moore said job cuts were on the way as the networking giant tries to get back on solid footing after several disappointing quarters.

For the last quarter which ended  30th April, Cisco reported sales were up 4.8% to $10.9 billion, although income was down 17.6% to $1.8bn from $2.2bn in the same period of 2010.

“This quarter played out as we expected,” said Chambers. “We have acknowledged our challenges. We know what we have to do. We have a clear game plan, and we are a company with a track record of market-shaping innovation.”

I expect Cisco to concentrate on their core technologies and products which are quite popular worldwide; especially in Middle East Cisco is a networking pioneer.

May 10, 2011  5:13 AM

HP debuts “Toner Cartridge Authentication Software”

Posted by: Yasir Irfan
anti-counterfeit page, Authentication software, authentication web service, Cartridge Authentication Software, counterfeiting printer cartridges, firmware, holographic security labels, HP, HP Printers, Inkjet printers, LaserJet printers, smart chip technology, Toner Cartridge Authentication software

At least in this part of World counterfeiting printer cartridges has become a common activity. To tackle this issue HP becomes the first company in the world to debut Toner Cartridge Authentication software. The goal of the software is to detect counterfeit toner cartridges and alert the user that the cartridge is not an original HP brand cartridge

The newly announced Toner Cartridge Authentication software is comprised of three components working together. The smart chip technology contains authentication information which is collected by the Authentication software and transmitted to the authentication web service. That service then checks the data and once it is validated, it is sent back to the software, which shows the result in a pop-up box on a users’ screen. Guess what the whole process takes about a minute, amazing!

The software can be downloaded from HP for LaserJet printers, Inkjet printers already have the software embedded within the firmware. Currently  the 1000, 2000 and 3000 series LaserJet printers are supported and by 2012 HP hoping support all the HP products that comes under the ink segment.

“Either you get a message saying no risk detected, all packages are original or you get a big, bold risk detected message. If you get the risk detected message, we suggest you also click the link directly to the anti-counterfeit page,” said Andrea Gebhard, LaserJet Supplies, Imaging and Printing Group, Middle East, Mediterranean and Africa.

According to HP in the span of four years they discovered more than 30 million counterfeit products worldwide.

In addition to the Cartridge Authentication Software, HP advises that there are three basic steps that every user of HP supplies can take to identify the authenticity of an HP product, including checking for holographic security labels on the packaging tabs, checking the quality of the packaging and checking the quality and finish of the cartridge itself.

April 30, 2011  6:45 AM

Resequence the access-list!

Posted by: Yasir Irfan
ACL, Cisco Access list, Cisco IOS, Cisco IOS device, Cisco Router, Cisco Switches, Cisco tip, extended ip access-list, ip access-list resequence, Network technologies & trends, Network Technologies and tips., Resequence the access-list

When it comes to modifying Access lists in Cisco IOS devices most of us remove the ACL’s from the Cisco Router and then edit the entries in a note, and then paste back the modified ACL to the respective router via CLI.

There is a way to reduce the overhead involved in modifying ACL by using the Cisco IOS feature of resequencing.

In the following example in a Cisco router there is an access-list name ITKE

ASW2-02#sho access-lists ITKE

Extended IP access list ITKE

1 permit ip host host

2 permit ip host host


From the example if we need to add one more deny statement for the host 192.168.1, it’s not possible to add a statement without deleting the current access list and create a new one. But the power of resequence allows you to assign a new set of sequence numbers to current access list as demonstrated below using the IOS command “ip access-list resequence”

ASW2-02#configure t

ASW2-02(config)#ip access-list resequence ITKE ?

<1-2147483647>  Starting Sequence Number

ASW2-02(config)#ip access-list resequence ITKE 10 10

This starts the first entry with a sequence number of 10 and increments all new lines by 10. The result is as shown below

ASW2-02#sho ip access-lists ITKE

Extended IP access list ITKE

10 permit ip host host

20 permit ip host host


By resequencing the ACL now it’s easy to inserts a new ACL with a sequence number of 15 which would fall between the existing entries in the ITKE access list.

April 30, 2011  5:27 AM

Ten top popular and paying Cisco Certifications-part2

Posted by: Yasir Irfan
(CCIE R&S), AAA, ACL, advanced protocol handling, ASA products, CCDA, CCDP, CCNA Security, CCNA Voice, CCNP, CCNP Security, CCNP voice, Cisco ASA Specialist, Cisco Catalyst Switches, Cisco Certified Design Associate, Cisco Certified Design Professional, Cisco Certified Internetwork Expert Routing & Switching, Cisco Certified Network Professional, Cisco IP Telephony Design Specialist, Cisco network design concepts, Cisco Network Security Engineer, Cisco Routers, Cisco Unified Communications Manager, Cisco Unified Presence applications, Cisco Unity Connection, converged network infrastructure, Data Center, Designing and Networking, failover, gatekeepers, gateways, Global Knowledge, IP multicast, IP Phones, IP telephony, IT salary survey, LAN, network management, Networking devices, popular Cisco Certifications, QOS, remote access VPN, routed, secure socket layer VPN, Security, Security in Routers, Site-to-site vpns, switched network infrastructure, Switches, TechRepublic, voice applications, WAN

In my previous post we came to know five of the top ten Cisco Certifications which are not only popular but also they yield high remuneration. In this post we will discover the other five Cisco Certifications.

6. CCNP Security ($97,539)

CCNP Security certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments

7.CCNP: Cisco Certified Network Professional ($97,296)

There are two tracks available at the Associate and Professional levels – Designing and Networking. The Cisco Certified Network Professional (CCNP) demonstrates that you have the ability to plan, implement, verify and troubleshoot local and wide-area enterprise networks. A CCNP certified individual is expected to work collaboratively with other Cisco specialists on advanced security, voice, wireless and video solutions.

8.CCNA: Voice ($92,837)

There are two tracks at the Associate and Professional levels – Designing and Networking. The Cisco Certified Network Associate Voice (CCNA Voice) demonstrates that an individual possess the required associate-level knowledge and skills to administer a voice network and validates skills in VoIP technologies such as IP PBX, IP telephony, handset, call control, and voicemail solutions.

9. Cisco ASA Specialist ($86,812)

The ASA Specialist certification identifies individuals who possess in-depth expertise with implementing security technologies using the Adaptive Security Appliance (ASA) technologies, especially firewall and VPN functionality. Other topics include ACL, AAA, advanced protocol handling, remote access VPN, secure socket layer VPN, site-to-site VPNs, failover, and security appliance management. Cisco ASA Specialists possess the ability to describe, configure, verify and manage the ASA products and the Adaptive Security Device Manager (ASDM).

10. CCNA Security ($83,101)

Cisco Certified Network Associate Security (CCNA® Security) validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure.

April 29, 2011  4:29 PM

Ten top popular and paying Cisco Certifications-part1

Posted by: Yasir Irfan
(CCIE R&S), CCDA, CCDP, CCNP voice, Cisco Catalyst Switches, Cisco Certifications, Cisco Certified Design Associate, Cisco Certified Design Professional, Cisco Certified Internetwork Expert Routing & Switching, Cisco IP Telephony Design Specialist, Cisco network design concepts, Cisco Routers, Cisco Unified Communications Manager, Cisco Unified Presence applications, Cisco Unity Connection, converged network infrastructure, Data Center, Designing and Networking, gatekeepers, gateways, Global Knowledge, IP multicast, IP Phones, IP telephony, IT salary survey, LAN, network management, Network technologies & trends, popular Cisco Certifications, QOS, routed, Security, switched network infrastructure, TechRepublic, Ten top popular and paying Cisco Certifications, voice applications, WAN

Recently Global Knowledge and TechRepublic partnered to create a comprehensive IT salary survey. The survey revealed few surprises especially when it comes to Cisco Certification, I thought it would be a great to compile popular Cisco Certifications and their associated pay.  No doubt CCIE R&S: Cisco Certified Internetwork Expert Routing & Switching leads the path but the surprise element is CCDP: Cisco Certified Design Professional stands second when it comes to remuneration. I am going to reveal the top 10 Cisco Certifications in terms of pay and popularity. Note the rankings are purely based on the recent survey carried out by Global Knowledge and meant only for the US market. You can access their web site for more details.

1. CCIE R&S: Cisco Certified Internetwork Expert Routing & Switching ($120,008)

Cisco Certified Internetwork Expert (CCIE®) certifies the expert-level skills required of network engineers to plan, prepare, operate monitor, and troubleshoot complex, converged network infrastructure. Professionals who achieve CCIE have demonstrated their technical skills at the highest level. There are no formal prerequisites for CCIE certification. Other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. You are expected to have an in-depth understanding of the topics in the exam blueprints and strongly encouraged to have three to five years of job experience before attempting certification.

2. CCDP: Cisco Certified Design Professional ($107,878)

There are two tracks at the Associate and Professional levels – Designing and Networking. The Cisco Certified Design Professional (CCDP) certification demonstrates that the individual who has passed the required exams possesses advanced knowledge of Cisco network design concepts and principles. The CCDP certified individual can discuss, design, and create advanced networks.

With the CCDP certification, you can plan addressing and routing schemes, security, network management, data center, and IP multicast complex multi-layered enterprise architectures that include virtual private networking and wireless domains. The CCDP curriculum includes building scalable internetworks, building multilayer switched networks, and designing network service architecture1.

3. Cisco IP Telephony Design Specialist ($105,871)

The Cisco IP Telephony Design Specialist certification was developed for those who design IP Telephony multi-service network solutions. Cisco IP Telephony Design Specialists can design a scalable, converged network using QoS, Cisco Call Manager clustering, H.323, MGCP, or SIP signaling protocols, and assess the scope of work required to integrate legacy TDM PBXs and voice mail systems into an existing data network.

4. CCNP Voice  ($98,290)

Cisco Certified Network Professional CCNP Voice validates advance knowledge and skills required to integrate into underlying network architectures. Furthermore, this certification validates a robust set of skills in implementing, operating, configuring, and troubleshooting a converged IP network. With a CCNP Voice certification, a network professional can create a collaboration solution that is transparent, scalable, and manageable. The CCNP Voice focuses on Cisco Unified Communications Manager (formerly Unified CallManager), quality of service (QoS), gateways, gatekeepers, IP phones, voice applications, and utilities on Cisco routers and Cisco Catalyst switches. Additionally, the integration and troubleshooting of Cisco Unified Communications applications are now covered in the CCNP Voice, specifically the Cisco Unity Connection and Cisco Unified Presence applications.

5. CCDA: Cisco Certified Design Associate ($97,995)

The Cisco Certified Design Associate (CCDA) demonstrates that the individual who has passed the required exams has the requisite knowledge, experience and understanding required to design a Cisco converged network. A CCDA certified individual has the skills to design a routed and switched network infrastructure and services involving LAN, WAN, and broadband access for businesses and organizations.

In upcoming post I will disclose rest of the five most popular Cisco Certifications.

April 27, 2011  8:22 AM

One more Major Security breach – Sony PlayStation Network

Posted by: Yasir Irfan
Credit card, Qriocity, Security breach, security firm, Sony Official PlayStation blog, Sony Play Station Network

Sony Play Station Network went down one more security beach, according to Sony Official PlayStation blog there is no evidence for stolen credit card detail but Sony even not ruling out the possibility.

“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number [excluding security code] and expiration date may have been obtained. For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information,” said Patric Seybold in the blog post.

I would suggest all PlayStation users to be careful and be vigilant until Sony comes out clean. Make sure to review your account statements and monitor your credit reports daily.

Sony is currently working hard to restore the PlayStation network and hired a recognized security firm to conduct a thorough investigation into what happened.

April 27, 2011  8:03 AM

What happened to Cisco’s Flip video camera?

Posted by: Yasir Irfan
Cisco News, Cisco Systems, closure of Flip, Flip video camera, Network Technologies and Trends, Pure Digital Technologies, Umi home telepresence

In 2009 Cisco acquired Pure Digital Technologies was not the brave move, eventually it led to back away from the consumer market by the closure of Flip as part of restructuring. Cisco is expected to reduce its headcount by 550 workers.

May be a better idea for Cisco Systems to concentrate on its core business, especially when there is a rising competition from its rival Juniper Networks and Huawei. I am seeing Huawei gradually making its strong presence in the Middle East market.

According Analysts Flip flopped due to its lack of Internet connectivity, and the proliferation of high end smartphones.

“We have disappointed our investors and we have confused our employees.  Bottom line, we have lost some of the credibility that is foundational to Cisco’s success – and we must earn it back. Our market is in transition, and our company is in transition. And the time is right to define this transition for ourselves and our industry.  I understand this.  It’s time for focus.” said John Chambers CEO of Cisco Systems.

I am looking forward to see how Umi home telepresence going to perform.

April 27, 2011  7:40 AM

Major cyber-attacks on critical infrastructure expected?

Posted by: Yasir Irfan
Centre for Strategic and International Studies, critical electricity infrastructure enterprises, Cyber crime, Cyber espionage, DDoS attacks, In the Dark: Crucial Industries Confront Cyber-attacks, IT security executives, Malware, McAfee Incorporation, Network Technologies and Trends, Oil and gas industries, security measures

A report called ‘In the Dark: Crucial Industries Confront Cyber-attacks’, produced by McAfee and the Center for Strategic and International Studies (CSIS) has revealed that 40% of 200 IT security executives polled believe a major cyber-attack on critical infrastructures may occur over a span of year.


This report surveyed 200 IT security executives from critical electricity infrastructure enterprises in 14 counties, focused on the critical civilian energy infrastructure that depends most heavily on industrial control systems.

Forty percent of the IT security executives from critical electricity infrastructure enterprises believed that the industry’s vulnerability had increased almost 30% and believed that their company was not ready for cyber-attacks.

“We found that the adoption of security measures in important civilian industries badly trailed the increase in threats over the last year,” said Stewart Baker, who led the study for CSIS.

“Ninety to 95% of the people working on the smart grid are not concerned about security and only see it as a last box they have to check,” said Jim Woolsey, former United States director of Central Intelligence.

Some of the key findings of this report

  • Eighty percent of respondents have faced a large-scale denial of service attack
  • Twenty-five percent of respondents have been victims of extortion attempts
  • More than 40 percent of executives believe that their industry’s vulnerability has increased
  • Almost 30 percent believe their company is not prepared for a cyber-attack
  • More than 40 percent expect a major cyber-attack within the next year
  • Energy sector increased its adoption of security technologies by only a single percentage point, at 51 percent
  • Oil and gas industries increased by only three percentage points, at 48 percent
  • Nearly 70 percent of respondents frequently found malware designed to sabotage their systems
  • A quarter of respondents reported daily or weekly DDoS attacks

After reading the complete report it’s evident that there has been an increase in cyber-attacks on critical infrastructure and still most of the organizations are unprepared. Time has come to design the critical infrastructure systems with cyber-security in mind, and organizations need to implement stronger network controls, to avoid being vulnerable to cyber-attacks.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: