Network technologies and trends


September 6, 2008  10:40 AM

The best way to record the serial number for Cisco Devices for Remote support.

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Imagine if you are accesing the remote router and need to figure out the serial number for a router or the Circuit IDs of the serial interface, then you may start looking your docmented data or call the remote technician to help you out in figuring these details. The best and easy way to get these details in matter of seconds is to put the serial number of each device in the Banner MOTD, and the circuit IDs in the serial interface descriptions.

September 1, 2008  9:42 AM

Most Commonly used Network Layer Utilities

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

I was just thinking about the most commonly used Network Layer utilities in day to day business. Here are they which are useful to guys who are aspiring for their CCNA.
1) Address Resolution Protocol (ARP)
2) Domain Name Systems (DNS)
3) Dynamic Host Configuration Protocol (DHCP)
4) Ping.

You can find more details about  Network Layer Utilities  in detail, how they work etc.


August 30, 2008  5:16 AM

A cool tool to solve layer 1 UTP cable issues in Cisco Catalyst Switches.

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Here is a simple and cool tool for solving layer 1 UTP cable issues in a Cisco Catalyst Switches, the command used for this function is “test cable-diagnostics tdr interface”
Here is the example

MBGF-DAC-3560-AS01#test cable-diagnostics tdr interface gigabitEthernet 0/1
TDR test started on interface Gi0/1
A TDR test can take a few seconds to run on an interface
Use ‘show cable-diagnostics tdr’ to read the TDR results.
MBGF-DAC-3560-AS01#
The Catalyst 2960, 2970, 3560/3560-E, and 3750/3750-E switches have an integrated Time Domain Reflector (TDR), which is used to test cables associated with a port. TDR is supported only on 10/100/1000 and some 10/100 (Catalyst 2960) copper Ethernet ports. It is not supported on 10 GigabitEthernet or SFP module ports.

A TDR test can take a few seconds to run on an interface. Use “show cable-diagnostics tdr” to read the TDR results.

MBGF-DAC-3560-AS01#sho cable-diagnostics tdr interface gigabitEthernet 0/1
TDR test last run on: August 30 08:01:35

Interface Speed Local pair Pair length        Remote pair Pair status
——— —– ———- —————— ———– ——————–
Gi0/1     1000M Pair A     54   +/- 4  meters Pair A      Normal             
                Pair B     52   +/- 4  meters Pair B      Normal             
                Pair C     53   +/- 4  meters Pair C      Normal             
                Pair D     54   +/- 4  meters Pair D      Normal             
MBGF-DAC-3560-AS01#


August 24, 2008  6:20 AM

How to reset the Cisco Catalyst Switch to Factory Defaults

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

To reset the Cisco Catalyst switches to factory defaults, you need access to the Cisco Catalyst Switch console through either a physical console or a Telnet connection. You also need the console/enable passwords. If you forget the console and enable password of your Cisco Catalyst Switch , you cannot reset the Cisco Catalyst Switch  configuration to factory default to reset the password.

So you have decided to reset the Cisco Catalyst  Switch to factory default settings or else to delete the complete configuration along with VLAN data, here is the easy way.Log in to your Cisco Switch, in global configuration mode issue the following commands

ITKE# write erase
ITKE # delete flash:vlan.dat
ITKE # reload

Here is the graphical snap shots I took while reseting the Cisco Catalyst 3550 Switch.

This snap shot is before reseting with exsisting configuration.

Switch1

 

Now lets issue the following commands to reset the Cisco Catalyst Switch to factory default setting,

ITKE# write erase
ITKE # delete flash:vlan.dat
ITKE # reload

Switch2

 

After reload you will see the following

Switch3


August 23, 2008  6:04 AM

Discover Cisco Network Assistant (CNA)

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Cisco Network Assistant (CNA) is a PC-based graphical network management application which is free tool included when a new Cisco Switch is purchased. Cisco Network Assistant (CNA) is capable of managing the standalone Cisco Switches and clusters of Cisco Switches in your intranet. Cisco Network Assistant (CNA) is best suited for Small to Mid Sized LANS. . Cisco Network Assistant (CNA) supports wide range of Cisco Catalyst Switches from Cisco 2900 through Cisco Catalyst 4506. The Cisco Network Assistant (CNA) manages many of the critical functions of a Cisco Switches & is optimized for wired and Wireless LANs (WLANs). The Cisco Network Assistant (CNA) provides a centralized network view and allows network administrators to employ its features across Cisco switches, routers, and access points.  With Cisco Network Assistant (CNA) a Network Administrators can easily apply common services, generate inventory reports, synchronize passwords and employ features across Cisco Switches, routers and access points.   Cisco Network Assistant (CNA) is available at no cost and can be downloaded from the Cisco Network Assistant Software Download.

CNA

 

What’s new in Cisco Network Assistant (CNA) Version 5.4?

Increased device limits: Supports up to 40 switches and routers

Enhanced discovery: Discover devices with subnet or IP range 

Diagnostics: Conduct on-demand or scheduled tests to verify hardware functionality 

Command-line interface (CLI) preview: View CLIs before they are sent to the device

In my next article I will focus on how to use the Cisco Network Assistant (CNA).

[kml_flashembed movie="http://www.cisco.com/cdc_content_elements/flash/netwrk_mgmt/cna/index.html" width="undefined" height="undefined"/]


August 20, 2008  6:22 AM

What is Service timestamps logging, and how it can be configured Cisco Switch or a Router?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Logging is a quite essential part of a secure network configuration. Logging not only helps the Network Administrators to identify the issue while troubleshooting, also enables them to react to intrusion attempts or Denial-of –Service attacks.

By default  on Cisco IOS , no timestamp information is included; however, you can enable timestamps and also modify the format of the timestamp attached to SYSLOG message by using the service timestamps log global configuration commands as follows:

ITKE(Config)# service timestamps log {uptime |datetime [msec |localtime |show-timezone]}

I will demonstrate how to configure a Cisco IOS Switch to log the datetime and loclatime.

Before Configuring the service timestamps log you will get the following logs in a IOS Switch.

ITKE#sho log

Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

   Console logging: level debugging, 453895 messages logged, xml disabled,

                     filtering disabled

    Monitor logging: level debugging, 0 messages logged, xml disabled,

                     filtering disabled

    Buffer logging:  level debugging, 453895 messages logged, xml disabled,

                    filtering disabled

    Exception Logging: size (4096 bytes)

    Count and timestamp logging messages: disabled

    File logging: disabled

    Persistent logging: disabled

    Trap logging: level informational, 453898 message lines logged

        Logging to 10.0.0.2  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              453898 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

        Logging to 10.0.0.1  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              453898 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

          Log Buffer (4096 bytes):

17w5d: %LINK-3-UPDOWN: Interface GigabitEthernet0/41, changed state to down

17w5d: %LINK-3-UPDOWN: Interface GigabitEthernet0/41, changed state to up

17w5d: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/41, changed state to up

17w5d: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.6(49336) -> 0.0.0.0(23), 1 packet

Now we will configure the Cisco IOS Switch with the Service timestamp log command with date & local time of the Switch by issuing the following command from the global configuration mode. 

ITKE(config)#service timestamps log datetime localtime

Here are the details of log show in the switch after configuring the service timestamps log command

ITKE#sho log

Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

    Console logging: level debugging, 454006 messages logged, xml disabled,

                     filtering disabled

    Monitor logging: level debugging, 0 messages logged, xml disabled,

                     filtering disabled

    Buffer logging:  level debugging, 454006 messages logged, xml disabled,

                    filtering disabled

    Exception Logging: size (4096 bytes)

    Count and timestamp logging messages: disabled

    File logging: disabled

    Persistent logging: disabled

    Trap logging: level informational, 454009 message lines logged

        Logging to 10.0.0.2  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              454009 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

        Logging to 10.0.0.1  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              454009 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

         

Log Buffer (4096 bytes):

Aug 20 09:10:48: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to up

Aug 20 09:10:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to up

Aug 20 09:10:55: %SYS-5-CONFIG_I: Configured from console by yasir on vty2 (10.0.0.6)

Aug 20 09:11:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to down

Aug 20 09:11:20: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to down

Aug 20 09:11:22: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.1(44420) -> 0.0.0.0(23), 1 packet

Aug 20 09:11:23: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to up

Aug 20 09:11:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to up

Aug 20 09:11:37: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.6(49493) -> 0.0.0.0(23), 1 packet

ITKE#


August 17, 2008  5:55 AM

What is the Link-flap error in Cisco Switches?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Link flap means that the interface continually goes up and down in a Cisco Switch. The interface is put into the errdisabled state if it flaps more than five times in 10 seconds. The common cause of link flap is a Layer 1 issue such as a bad cable, duplex mismatch, or bad Gigabit Interface Converter (GBIC) card. Look at the console messages or the messages that were sent to the syslog server that state the reason for the port shutdown.

13w0d: %PM-4-ERR_DISABLE: link-flap error detected on Fa0/28, putting Fa0/28 in err-disable state 

Issue this command in order to view the flap values:

SRCL-ONC-3550-AS01# sho errdisable flap-values  ErrDisable Reason    Flaps     Time (sec)

—————–        ——   ———-

pagp-flap                        3       30

dtp-flap                           3       30

link-flap                           5       10

SRCL-ONC-3550-AS01# 

The interface can be recovered from errdisable state by reenabling the port using the errdisable recovery cause link-flap. This command is used to configure the recovery mechanism so that the interface can be brought out of the disabled state and allowed to try again. You can also set the time interval. Errdisable recovery is disabled by default in Cisco Switches; when enabled, the default time interval is 300 seconds.

Once you enable the errdisable state you can see the following log in the Cisco switch which is trying to recover the error disable interface (link-flap error)

13w0d: %PM-4-ERR_RECOVER: Attempting to recover from link-flap err-disable state on Fa0/28


August 16, 2008  11:12 AM

How to change an IP address in a HP Procurve Switch

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Changing an IP address in a Cisco Switch is quite simple, where as in HP Procurve Switches if you try to change an IP address for any existing vlan you get an error message  The IP address (or subnet) 10.0.0.122/23 already exists.. 

I will demonstrate how to change an IP address for an existing VLAN. In this example we have a VLAN 100 assigned with an IP address 10.0.0.99/23 in a HP Procurve Switch.

vlan 100

   name “VLAN100″

   ip address 10.0.0.97 255.255.248.0

   tagged 25-26

   exit

We will try to change the IP address in a normal way as we do in a Cisco Catalyst Switch.

ICU(config)# vlan 100

ICU(vlan-100)# ip address 10.0.0.122 255.255.254.0

The IP address (or subnet) 10.0.0.122/23 already exists.. 

The moment you enter the IP address command you will get an error message mentioned above.

In order to change an IP address do the following things

Log in to the Switch thro a console port.

Then from the global parameters use the following commands

vlan 100

 name “VLAN100″

 no ip address 10.0.0.97 255.255.248.0

 ip address 10.0.0.122  255.255.248.0

However, you can’t do that if you connect to the switch remotely. As soon as the “no ip address” command is received and processed by the switch, your session will be disconnected and you won’t be able to get to the switch.The trick to get around this issue is to make this IP address change through the switch’s built-in menu system instead of using the plain old CLI.
HP Procurve
1. Type “menu”, hit Enter
2. Select “Switch Configuration”
3. Select “IP Configuration”
4. Navigate to Edit, hit Enter
5. Change the IP and then Save

you will be disconnected once you save it but you will be able to reconnect using the new IP.


August 12, 2008  6:56 AM

Juniper Networks launches Network and Security Manager (NSM)

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Juniper Networks is expanding its network and security management capabilities across routing, switching and security infrastructure with the launch of the Network and Security Manager (NSM).

The new Network and Security Manager (NSM) offers centralized management for Juniper Networks J-series services routers, EX-series Ethernet switches, Secure Access SSL VPN and firewall/VPN and Intrusion Detection and Prevention appliances, and the newly announced Unified Access Control (UAC) solution.

The Network and Security Manager (NSM) enables high-performance businesses to consolidate and simplify the management of their network infrastructure to increase security, reduce cost and realize operational gains.

 Juniper

Overview

Network and Security Manager (NSM) is a powerful, centralized management solution that controls the entire device life cycle of firewall/IPSec VPN, Secure Access (SSL), Infranet Controller (IC), J-series and EX-series switches (JUNOS® software). NSM handles the basic setup and network configuration with local and global security policy deployment for these products. Unmatched role-based administration allows IT departments to delegate appropriate levels of administrative access to specific users, minimizing the possibility of a configuration error that may result in a security hole. NSM can scale from small to large enterprises with NSMXpress and NSM Central Manager as a plug-and-play appliance preloaded with the latest version of NSM software.

Watch how to Manage Your Network Security

Datasheets

Brochures


August 11, 2008  1:37 PM

What happened to the telnet client in Windows Vista?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

As we all know how important is a Telnet client.  But by default, Telnet client is not installed with Windows Vista, but you can always install telnet client in Widnows Vista by following the steps below.

1)      Click on Start – Control Panel

Telnet 1

 1)      Click on Programs.

Telnet 2

 3) Click on Turn Windows features on or off.

Telnet 3

4) In the Windows Features dialog box, select the Telnet Client check box.

 Telnet 4

5) Click on OK.

Telnet 5

6) Windows will now install and enable Telnet so it is available from command line.

telnet9

telnet8


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: