Articles in the networking category

1. Gotcha! Upgrading Catalyst to New Feature Set

   Posted on January 17, 2008 in Networking

   Error: The image in the archive which would be used to upgrade
   Error: system number 1 does not support the same feature set.
   

   I just got this error message while upgrading a Cisco Catalyst 3560 from 12.2(35)SE5 to 12.2(44)SE. The older version was IP …

2. Cisco's New ip verify unicast source reachable-via

   Posted on January 16, 2008 in Networking

   Oops! I guess I'm way behind the times.

   For quite a while, I've been using ip verify unicast reverse-path to prevent packets with spoofed source addresses from crossing my routers. Apparently, as of IOS 12.0 (12.4 is current as of this writing), that command has been replaced with …

3. Find Cisco Serial Numbers with the IOS Command Line

   Posted on January 14, 2008 in Networking

   "How do I find a Cisco serial number remotely through the command line?"

   This is one of those frequently asked questions that I see over and over. So, here's the quick and dirty answer:

   You can find Cisco serial numbers from the IOS command line by using the show inventory …

4. Installing PDLMs for Cisco NBAR

   Posted on December 17, 2007 in Networking

   I've talked about using Cisco <acronym title="Network-Based Application Recognition">NBAR</acronym> frequently (check the Related Posts section below for more articles). One thing I've never pointed out is that not all versions of Cisco <acronym title="Internetwork Operating System">IOS</acronym> come with all protocol descriptions built in.

   Not …

5. Cisco ASA / PIX Logging Facilities

   Posted on December 11, 2007 in Networking

   When setting up a Cisco ASA or PIX to send logs to a remote syslog server, you need to specify which facility to use. This can cause a bit of disconnect since the syslog server configuration uses names and the logging facility command in the Cisco Adaptive Security Appliance Software …

6. 2 AM and ssh_exchange_identification Silliness

   Posted on December 02, 2007 in Networking

   I could blame it on the late hour, but the truth of the matter is that I'm just a bonehead.

   I'm currently installing a new Cisco ASA 5520 to replace an old Cisco PIX. This new device is going to use <acronym title="Secure SHell">SSH</acronym> and TACACS+ to …

7. Catalyst 2960 Unsupported Commands Still Work?

   Posted on October 26, 2007 in Networking

   This is a bit of random oddness I stumbled upon this morning.

   I was working on a Cisco Catalyst 2960 switch and needed to know which MAC addresses the device had learned on a particular interface. The usual way to do this is with the show mac-address-table interface command. While …

8. Have You Heard About Clubbox?

   Posted on October 25, 2007 in Networking

   I've noticed a mysterious new protocol popping up in my protocol lists lately: 19101/TCP. Apparently, this TCP port is used by the Clubbox service. I 'm not fluent in Korean, so I can't really tell you what the site says, but I can tell you what it does!

   Clubbox …

9. What is Local Policy-Based Routing?

   Posted on October 24, 2007 in Networking

   What is Local <acronym title="Policy-Based Routing">PBR</acronym>?

   Policy-based routing makes routing decisions based on factors other than normal routing protocols. For example, it might be necessary to forward all <acronym title="Session Initiation Protocol">SIP</acronym> packets via a more expensive low-latency link while all other traffic use …

10. SNMP Community String Indexing

    Posted on October 11, 2007 in Networking

    Today I was browsing through the Cisco NetPro Forums and came across someone that needed to track down which switch port a <acronym title="Media Access Control">MAC</acronym> address had been dynamically learned on.

    I'd seen this sort of thing before in the Bridge MIB, so I assumed it …

11. Allow PPTP Through Cisco ASA

    Posted on October 10, 2007 in Networking

    By default Point-to-Point Tunneling Protocol (PPTP) will now work properly through a Cisco Adaptive Security Appliance (ASA) firewall or it's forerunner the Cisco <acronym title="Private Internet EXchange">PIX</acronym>.

    Prior to PIX software version 6.3, allowing PPTP to work through a PIX was a painful procedure involving static …

12. Cisco NBAR P2P Protocols

    Posted on October 08, 2007 in Networking

    The following are the Peer-to-Peer (P2P) protocols recognized by Cisco's NBAR Protocol Discovery.

    • bittorrent
    • directconnect
    • edonkey
    • fasttrack
    • gnutella
    • kazaa2
    • napster
    • winmx

    If I've missed any, leave a comment below or use the Slaptijack Contact Form to update me.

    Thanks!

13. Private Autonomous System Numbers (ASNs)

    Posted on October 03, 2007 in Networking

    Occasionally you might need an Autonomous System Number (ASN) that is only used on your network. The need for these should be infrequent, but it does happen.

    One thing that comes to mind is a customer that connects to your network in multiple locations. That customer needs an ASN for …

14. Using SPAN to Monitor a Switchport

    Posted on September 18, 2007 in Networking

    You'll find that some network problems can only be solved by sticking a packet sniffer on the network and seeing what the packets are doing. In a switched environment, this will not work properly since each port is configured to only broadcast traffic destined for the MAC addresses it has …

15. Set the Cisco Interface Description

    Posted on September 17, 2007 in networking

    One of my pet peeves is Cisco switch and router interfaces that remain unlabeled. There is nothing worse that trying to debug a network problem when the problematic interface is unlabeled. Instead of spending valuable time working on the actual problem, you've got to trace down where this cable goes …