Posted on in Networking
I've been in the situation before were I needed to discover the neighbors of a Cisco device programmatically. This is useful in a case where you want to crawl a network without hard-coding a list of devices into your script. By default, all Cisco devices have Cisco Discovery Protocol (CDP …
Posted on in Networking
If you are at all familiar with <acronym title="Simple Network Management Protocol">SNMP</acronym>, you've probably heard of "community strings". Community strings are similar to passwords. They define and grant access to a device's <acronym title="Management Information Base">MIB</acronym>. If you've used SNMP in conjuction with a …
Posted on in Networking
I've got a Class C (/24, subnet of 256 IPs) that I assign glue addresses for point-to-point links out of. Although all these little /30 subnets are in the same location, they are not guaranteed to be on the same router. So, the question is, how can I see which …
Posted on in Networking
Generally speaking, a route server is a network device that does not participate directly in routing, but carries an entire routing table that other devices may refer to. Often times, this is a router that carries the entire Internet BGP routing table (currently over 220,000 routes).
More commonly, a …
Posted on in Networking
You might have a situation where you have multiple network segments utilizing <acronym title="Dynamic Host Configuration Protocol">DHCP</acronym> to assign IP addresses, name servers, etc. DHCP clients use network broadcasts to alert a DHCP server to their presence. Once a request for an address has been made, the …
Posted on in Networking
This isn't late breaking information, but there's an interesting post in the Cisco WAN, Routing and Switching Forum regarding a particular regular expression that, when used in conjunction with the show ip bgp regexp, results in a router crash. Here is the full command.
show ip bgp regexp (.*)(_\1 …Posted on in Networking
Let me start by saying this article is not about server load-balancing. That's a different topic, and I apologize if that's what you were looking for. That said, interface load-balancing is an interesting topic and one that comes up quite frequently.
A time will come when it becomes necessary to …
Posted on in Networking
On most networks, there is a subset of IP addresses assigned to "management" hosts. These hosts might be the workstations of network administrators or monitoring servers. One of the keys to network security is restricting who has access to the device. Generally, we think of access restriction in terms of …
Posted on in Networking
The last thing I want to do when some network administrator leaves my organization is change all the login passwords on the Cisco network devices. (For now, let's just assume the administrator in question didn't know the enable secret.) If you have relatively few machines, it's easy to setup username …
Posted on in Networking
If you followed my recent Cisco Catalyst rate-limiting post, you already know that policing traffic on a Cisco Catalyst switch requires a bit of thought. Mainly, you have to do a bit of calculating to determine the best bucket size for your application. The good news is that achieving the …
Posted on in networking
This is the full text rate limiting example that accompanies my Catalyst rate limiting post. This example was derived on a Cisco Catalyst 2960 and should be ready to copy and paste directly to your device.
mls qos
ip access-list extended ACL_SLAP
permit ip any any
class-map match-all CLASS_SLAP
match …Posted on in networking
If you need to limit the inbound bandwidth of a switch port on a Cisco Catalyst, the key is in the QoS configuration. Rather than going into an depth discussion of QoS and how it works, let's skip that (check out Wikipedia to get started with that) and jump into …
Posted on in networking
Ever so often, you need to check the status of a the power supplies in
Posted on in Networking
If you work on a fairly spread out network (or have remote clients), you might be managing Cisco Catalyst switches that are far, far away. For a long time, I thought the only option was to have someone on site to pre-configure the switch just enough to get it on …
Posted on in Networking
Sending log messages from your Cisco network equipment to a centralized syslog server is a fairly normal activity. Most of the time, this setup works fine and there's no reason to do anything out of the ordinary. Occasionally though, you might need to run a debugging session over an extended …
