Posted on in programming
In today's complex network environments, monitoring traffic efficiently is crucial for maintaining performance and security. Tools like Cisco NBAR (Network-Based Application Recognition) and MRTG (Multi Router Traffic Grapher) can provide valuable insights into network usage. In this article, we'll discuss how to use a Perl script with MRTG to collect …
Posted on in networking
In the rapidly evolving landscape of network security, ensuring the protection of Virtual Terminal (VTY) lines on Cisco-based networks remains a critical task. VTY lines provide remote access to routers and switches, typically via telnet by default, making them prime targets for remote brute force password attacks. This article will …
Posted on in networking
As a network engineer, identifying and mitigating network abuse is a critical task. Cisco's IP cache flow tools can help you detect hosts responsible for generating high volumes of traffic, which is often indicative of abusive behavior such as Denial of Service (DoS) attacks. Here’s an updated guide to …
Posted on in networking
The load-interval command in Cisco IOS allows network administrators to define
the time frame used to calculate interface load statistics. By default, this
interval is set to 5 minutes, providing a broad overview of traffic patterns.
However, some situations might call for a more granular view. Here's a breakdown
of …
Posted on in networking
The error message "%TAC+: no address for get_server" can send shivers down the spine of any network administrator. It signifies a problem with TACACS+ (Terminal Access Controller Access-Control System Plus), a crucial security protocol for user authentication, authorization, and accounting (AAA) on Cisco devices. But fear not, for this guide …
Posted on in networking
In the fast-paced world of networking, where milliseconds matter and data demands soar, pinpointing performance bottlenecks can feel like hunting elusive phantoms. While sophisticated tools exist, the often-underrated Cisco Test TCP (TTCP) utility emerges as a hidden gem for gauging real-world throughput on network paths. This practical guide empowers you …
Posted on in networking
In the labyrinthine world of network troubleshooting, pinpointing performance bottlenecks can feel like navigating a maze blindfolded. While various tools exist, the Cisco Test TCP (TTCP) utility often emerges as a hidden gem for gauging real-world throughput on network paths. This article embarks on a comprehensive exploration of TTCP, uncovering …
Posted on in networking
Network performance testing is a critical aspect of maintaining and optimizing a network, ensuring it meets the demands of modern applications and services. If you're using Cisco networking equipment, you have a powerful tool at your disposal: "Tclsh iperf." In this comprehensive guide, we'll walk you through how to utilize …
Posted on in networking
The "load-interval" command is used in network configuration settings, particularly in Cisco routers and switches, to specify the interval at which the interface's load statistics are updated and collected. Setting "load-interval 30" means that the device will collect load statistics for the interface every 30 seconds. The choice of this …
Posted on in Networking
As always, I've changed pertinent details for reasons.
I was working on an ASR the other day and received the follow error:
RP/0/RSP0/CPU0:ASR9K(config-tacacs-host)# commit
Fri Jul 29 12:55:46.243 PDT
% Failed to commit one or more configuration items during a pseudo-atomic
operation. All …Posted on in Networking
Here are a few tips that might be helpful if you are having trouble accessing your Cisco router or switch via the web server.
aaa new-model, you will …Posted on in Networking
If you need to disable spanning-tree on a particular VLAN in your Cisco-based network, use the following command:
Switch(config)# no spanning-tree vlan 13
This will disable spanning-tree on unlucky VLAN 13.
If you have some good examples of why you might want to disable spanning-tree for a VLAN, please …
Posted on in Networking
Not everyone has a great password maintenance process. If you run into a situation where the group pre-shared keys for your VPN are lost, you face the option of changing the existing key (and breaking any users that are currently working), or creating a new group with a new key …
Posted on in Networking
On occasion, you may need to put your Cisco IPS into bypass mode. Bypass mode allows the IPS to pass traffic without inspecting it. This may be useful if you suspect the IPS is causing a problem, if you are going to run a one-time scan that would set the …
Posted on in Networking
When you get your brand new Cisco ASR1000 series router, Stateful Switchover (SSO) is disabled by default:
Router# show redundancy states
my state = 13 -ACTIVE
peer state = 1 -DISABLED
Mode = Simplex
Unit ID = 6
Redundancy Mode (Operational) = Non-redundant
Redundancy Mode (Configured) = Non-redundant
Redundancy State = Non Redundant
Enable SSO!
Router# config …
