Friday, November 27, 2009

Today's work in a shot: initial Lwapp Access Points config




Nice to have 6 radios turned on on my desk ;-)

Today I have prepared 6 x 1242 Lwapp access points (not much config to do... just name and something else).

Marco

Wednesday, November 18, 2009

STP Root and a simple trick

Hi all,
today I was playing with some switches and I realized this strange STP output:

3560-48#sh spann vlan 10

VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 24586
Address 0015.facf.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24586 (priority 24576 sys-id-ext 10)
Address 0015.facf.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 15

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/8 Desg FWD 19 128.10 P2p
Fa0/10 Desg FWD 19 128.12 P2p
Fa0/14 Desg FWD 19 128.16 P2p
Fa0/16 Desg FWD 19 128.18 P2p
Fa0/47 Desg LBK 19 128.51 P2p

This switch is the root bridge for Vlan10, but note that port Fa0/47 is in blocking state.

Here the same output after enabling RSTP, nothing changed:

3560-48# sh spanning-tree vlan 10

VLAN0010
Spanning tree enabled protocol rstp
Root ID Priority 24586
Address 0015.facf.0000
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 secstyle="font-family: verdana;"

Bridge ID Priority 24586 (priority 24576 sys-id-ext 10)
Address 0015.facf.0000
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/8 Desg FWD 19 128.10 P2p Peer(STP)
Fa0/10 Desg FWD 19 128.12 P2p Peer(STP)
Fa0/14 Desg FWD 19 128.16 P2p Peer(STP)
Fa0/16 Desg FWD 19 128.18 P2p Peer(STP)
Fa0/47 Back BLK 19 128.51 P2p

3560-48#


Well the question is ... why a STP root bridge has a blocked port?
as you can see from the second output, it's classified as "Backup" ... but here we are the root, so doesn't make it sense a backup port to reach the root...

If you want to know how it's possible ....Click HERE and laugh ;-) [+/-]



3560-48#sh run int fa 0/47
Building configuration...

Current configuration : 147 bytes
!
interface FastEthernet0/47
switchport access vlan 10
switchport mode access
switchport nonegotiate
no keepalive
end


woops and a L1 loopback inserted into fa 0/47 ;-)



With this physical loopback and keepalive disabled, the port goes up and every bpdu sent is also received, so if I have correctly understood, the root bridge is convincted to have an additional port to reach the root ;-)

... I have several Layer 8 problems, I know ;-)))))

Monday, November 9, 2009

BGPGEN: a simple TCL script to generate BGP prefixes

hi all,
during my courses at Europa Networking (BG, Italy) I've always heard Rocco Tessicini talking about a script to generate BGP prefixes on Cisco routers.
Suddently I haven't found one ready to download, so today I've decided to write my own (the simpler, the better)

Here the resulting script:


##################################################################################
## Tclsh BGPGEN SCRIPT v0.3 Beta: Add random BGP prefixes to a process
## Use with care on CISCO routers
## By Marco Rizzi ( http://rizzitech.blogspot.com ) marco.rizzi.com[A_T]gmail.com
## Date Nov 09, 2009
## licensed under a Creative Commons Attribution 3.0 United States License
## ( http://creativecommons.org/licenses/by/3.0/us/ ) ;-)
##################################################################################
### USAGE: BGPGEN (number_of_prefixes_to_gen) (bgp_as_number)

## BE CAREFUL! too much prefixes will consume a lot of router resource!
## DON'T USE ON PRODUCTION SYSTEMS, IT'S ONLY FOR LAB TESTING
## No warranty, provided "AS IS"

## Main procedure
proc BGPGEN {n_prefixes bgp_as} {
## 1) adds a redistribute static command under your bgp process
ios_config "router bgp $bgp_as" "redistribute static"

## 2) creates random static routes to null0 interface from /16 to /24
for {set i 0} {$i <= $n_prefixes} {incr i} {
Gen_rnd_Static
}
}


####################################################################

proc Gen_rnd_Static {} {
## Generate random static routes
## to null0 with variable subnet mask betw 16 and 24 bits

## Network: A.B.C.0 Subnet Mask: 255.255.CM.0
set bits [expr {int(rand()*8)}]
set CM 0
if {$bits == 0} { set CM 0 ; set C 0 }
if {$bits == 1} { set CM 128 ; set C [expr {int(rand()*1)*128}]}
if {$bits == 2} { set CM 192 ; set C [expr {int(rand()*3)*64}]}
if {$bits == 3} { set CM 224 ; set C [expr {int(rand()*7)*32}]}
if {$bits == 4} { set CM 240 ; set C [expr {int(rand()*15)*16}]}
if {$bits == 5} { set CM 248 ; set C [expr {int(rand()*31)*8}]}
if {$bits == 6} { set CM 252 ; set C [expr {int(rand()*63)*4}]}
if {$bits == 7} { set CM 254 ; set C [expr {int(rand()*127)*2}]}
if {$bits == 8} { set CM 255 ; set C [expr {int(rand()*255)}]}

## Create the random network: A.B.C.0
set A [expr {int(rand()*223)}]
## some not bullet-proof control to avoid
## "strange" or private addresses (can be improved ;-) )
if {$A <= 10} { set A [expr {$A + int(rand()*200)}]}
if {$A == 127} { set A [expr {int(rand()*223)}]}
if {$A == 172} { set A [expr {int(rand()*223)}]}
if {$A == 192} { set A [expr {int(rand()*223)}]}

set B [expr {int(rand()*254)}]

## configure the final static
ios_config "ip route $A.$B.$C.0 255.255.$CM.0 null0"

}

################################# END OF SCRIPT ###################################
##
##
### USAGE: BGPGEN (number_of_prefixes_to_gen) (bgp_as_number)
#### enjoy ;-)


Obviously I'm not a good programmer, so it can be improved.

to execute it, simply type tclsh and paste the code, look if there are some errors due to the fast paste, in this case, copy and paste smaller pieces...

then type eg.:
R3(tcl)#BGPGEN 10000 64500

and wait until BGPGEN execution terminates.

on the bgp neighbor you can see the prefixes arriving....
eg:

R2#sh ip bgp summary
BGP router identifier 23.23.23.2, local AS number 65000
BGP table version is 146398, main routing table version 146398
34489 network entries using 4552548 bytes of memory
34489 path entries using 1793428 bytes of memory
2/1 BGP path/bestpath attribute entries using 296 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 6346296 total bytes of memory
BGP activity 90156/55667 prefixes, 90707/56218 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
12.12.12.1 4 65000 3238 794 0 0 0 00:02:46 Active
23.23.23.3 4 64500 855 71 146237 0 0 00:01:49 34489
R2#


as well as you can see errors and experience crashes. ;-)

Any comment and/or feature/improvement is always wellcome!

have phun with your routing tables ;-)
Marco

Friday, November 6, 2009

AUX back-to-back: poor man's connection

Hi all,

today I have focused my attention on the Aux port, the only free I have in my old 2600's lab....

So, first I have found some old docs on Cisco.com explaining clearly how to connect two routers back-to-back using the AUX port:

Connecting Routers Back-to-Back Through the AUX Ports (Document ID: 10365 )

and then was time to try it:

1) use an old rollover RJ-45 cable to connect AUX ports (pins 1-8 to 8-1... as learned in CCNA times)


2) Find the AUX tty number on both sides:

R3#sh line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
65 AUX 9600/9600 - - - - - 0 0 0/0 -
66 VTY - - - - - 0 0 0/0 -
67 VTY - - - - - 0 0 0/0 -
68 VTY - - - - - 0 0 0/0 -
69 VTY - - - - - 0 0 0/0 -
70 VTY - - - - - 0 0 0/0 -

Line(s) not in async mode -or- with no hardware support:
1-64



R5#sh line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
5 AUX 9600/9600 - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -

Line(s) not in async mode -or- with no hardware support:
1-4

As you can see, different hardware/platform can use different tty numbers for AUX port, here we have tty 65 and tty 5

3) configure the AUX port on both sides:

R5(config)#line aux 0
R5(config-line)#transport input all
R5(config-line)#modem inOut
R5(config-line)#flowcontrol hardware
R5(config-line)#speed 115200 !-- better than 9600...
R5(config-line)#end

!-- same on R3


4) Create and configure the async interfaces (each interface uses the tty number of AUX port as point 2)


R5(config)#int async 5 !-- remember the tty number for AUX?
R5(config-if)#encapsulation ppp
R5(config-if)#async default routing
R5(config-if)#async mode dedicated
R5(config-if)#ip address 10.0.0.5 255.255.255.0
R5(config-if)#end
R5#


R3(config)#int async 65 !-- remember the tty number for AUX?
R3(config-if)#encapsulation ppp
R3(config-if)#async default routing
R3(config-if)#async mode dedicated
R3(config-if)#ip address 10.0.0.3 255.255.255.0
R3(config-if)#end



wait a little and you will see messages like

R5#
*Nov 6 16:58:20.237: %LINK-3-UPDOWN: Interface Async5, changed state to up
*Nov 6 16:58:23.394: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async5, changed state to up
R5#


...Now you have a poor man's additional interface for your lab!
You can ping it and use it for dynamic routing (althrough u can't use it for mpls or other advanced features... ;-) ) (PS: Nov 14, another "informal meeting" aka a beer with Nicola Modena today (CCIE R&S #19119) and he said he used Aux back-to-back connections since a couple of years, and he runs mpls over it! ;-) so I corrected this post (and tryed it with mpls too ;-) )

R2#sh run int async 1 | beg int
interface Async1
ip address 192.168.0.2 255.255.255.0
encapsulation ppp
ip ospf 1 area 0.0.0.0
async dynamic routing
async mode dedicated
mpls ip
routing dynamic
end

R2#sh mpls interfaces detail
Interface Async1:
IP labeling enabled (ldp):
Interface config
LSP Tunnel labeling not enabled
BGP labeling not enabled
MPLS operational
MTU = 1500
R2#



Marco


NOTE: I have found an additional note on Document ID: 5465 (Configuring Dialout using a Modem on the AUX Port )
that say about the AUX speed:

speed 115200
!--- The AUX port on the 2600 supports a speed of 115200.
!--- Note: If you route through the AUX port, each character generates a
!--- processor interrupt. This is an abnormally high load on the CPU,
!--- which can be resolved if you use a lower AUX port speed.

I guess that in a lab environment the cpu usage will be low.