How to find Wireless Card specs

Search for detailed wireless specifications of most devices here:

Wi-Fi.org

FCC

Cisco Device Logging

There two types of Logging

• Syslog
• SNMP

First of all  I set the NTP/timezone and also timestamp my logs.

 #ntp server x.x.x.x

This is for Istanbul/Turkey with summer-time modification
#clock timezone utc 2
#clock summer-time EEST recurring last Sun Mar 3:00 last Sun Oct 4:00

#service timestamps debug datetime msec
#service timestamps log datetime localtime

SYSLOG 

• Save in Buffer (on device DRAM)
• Send to external server

Level Keyword	Level	Description	Syslog Definition
emergencies	0	System unstable	LOG_EMERG
alerts	1	Immediate action needed	LOG_ALERT
critical	2	Critical conditions	LOG_CRIT
errors	3	Error conditions	LOG_ERR
warnings	4	Warning conditions	LOG_WARNING
notifications	5	Normal but significant condition	LOG_NOTICE
informational	6	Informational messages only	LOG_INFO
debugging	7	Debugging messages	LOG_DEBUG

 

Buffer

#logging buffered 25000

External Syslog Server

Set the facility you will be sending. This only sets the LABEL of the syslog messages your device will send. It's usefull on the syslog server side, for sorting and categorizing incoming messages.

#logging facility local6
  
Set your syslog server:
#logging  x.x.x.x

SNMP

• SNMP queries made from your Monitoring Solution to your Cisco Device
• SNMP Traps sent by your Cisco Device 

Set your community, permissions and ACL
Here I set my community string and give ReadOnly permissions to hosts that ACL 5 permits.
This will allow your Monitoring Solution to query your device using SNMP MIBs. Your cisco device will not start sending SNMP Traps with only this command.

#snmp-server community MySNMP RO 5


To start sending SNMP Traps, define a host and enable the traps you would like to send.

#snmp-server host 10.1.60.51
#snmp-server enable traps XXXXXX

Linux Shell Tips

#1 Sort/Display files by date, recursively 

stat --printf="%y %n\n" $(ls -tr $(find * -type f))

Lync - CUCM integration notes #1

Reverse Number Lookup (RNL)
SIP URI Dialing

 http://mattellis.me/lync-2013-cucm-ms-skip-rnl-sip-uri-dialling/

Lync debugging, tracing

ClsController.exe -start -scenario AlwaysOn
CLSController.exe -start -scenario IncomingAndOutgoingCall -pools lync2013.apbeta.local
CLSController.exe -search -components Sipstack -pools lync2013.apbeta.local > sip.log


http://www.ucprimer.com/lync2013-logging-and-tracing.html

Firefox Extensions / Addons 2014

Here's a list of my favorite extensions:

Adblock Plus
BetterPrivacy
Ghostery
Greasemonkey (+usable youtube fix)
NoScript
Secure Login
Session Manager
FEBE
HTTPS Everywhere

dot1x troubleshoot&view commands

show authentication sessions
show authentication interface XXX

show dot1x interface XXX


debug dot1x events
debug radius

A dot1x adventure...

802.1x

It's hell of an adventure, so strap your gas mask on and join me at the barricades!!

(article is wip, starting with notes first..)


Notes:

Use "Cisco-AV-Pair" parameter with value "device-traffic-class=voice" to make the switch put an IP Phone into a voice vlan.

1. host-mode selection

2. err-disable settings

authentication violation restrict|shutdown
 default is shutdown. i shall use restrict

3. re-auth & timers

inactivity timer (cisco default off)

• Radius can return Idle-Timeout (in seconds)
• Radius can return the action to take Termination-Action (I use Default which is reauth without service outage)

reauthentication interval 





I'll be using radius returned parameters for most of this.

 

4. critical AAA

Basic Tivoli Storage Manager (TSM) Backup Client commands

Backup using TSM, useful link for the commands and procedures:

Using the TSM Client Command Line Interface for Backup & Restore

6500 Performance monitoring

Here are some commands to see stats/performance.



#show fabric utilization detail
  Fabric utilization:     Ingress                    Egress
    Module  Chanl  Speed  rate  peak                 rate  peak              
    1       0        20G    0%   18% @21:45 06Jan13    0%   15% @09:55 07Jan13
    1       1        20G    3%   10% @02:17 10Feb13    1%   10% @18:21 20Jul12
    2       0        20G    0%   10% @12:43 01Apr13    1%   16% @13:49 27Jan12
    2       1        20G    0%   11% @02:02 08Feb13    0%   10% @12:14 14Sep12
    3       0        20G    0%    9% @15:30 15Feb13    0%   98% @15:10 27Sep12
    3       1        20G    0%    9% @23:02 02Jun12    0%   97% @15:10 27Sep12
    5       0        20G    1%   54% @15:04 27Sep12    3%   49% @15:10 27Sep12
    5       1        20G    0%    0%                   0%    0%              
    7       0        20G    0%    6% @10:21 17Aug12    0%   17% @01:08 20Sep12
    7       1        20G    0%   49% @15:10 27Sep12    0%   53% @15:04 27Sep12

#

6500 Fabric Troubleshooting

Switch Fabric- Troubleshooting tips

Migrate to new Certificate Authority, while another one is in production

http://serverfault.com/questions/276342/adding-new-root-enterprise-ca-without-disturbing-existing-one

OSPF packets

Intra-area - O
Inter-area - O IA (Summary routes)
External - O E2 or O E1

Preference order for destinations with multiple routes:

1. Intra-area 
2. Inter-area
3. External E1 (external+internal cost)
4. External E2 (only external cost)

LSA Types:

Type 1 (RL): Router Links.
Type 2 (NL): Network Links.
Type 3 (SL): Summary Links.
Type 4 : ASBR Summary Links.
Type 5 (EL): External Links.

List largest folders (sorted)

du -sk * | sort -rn | while read size fname; do for unit in k M G T P E Z Y; do if [ $size -lt 1024 ]; then echo -e "${size}${unit}\t${fname}"; break; fi; size=$((size/1024)); done; done|more

Microsoft NLB weirdness

NLB (Network Load Balancing) is a clustering tech. used by Microsoft products. There are two NLB methods:

• Unicast NLB
• Multicast NLB

NLB is a software clustering tech. and should be avoided. You are better off using Hardware load balancers such as Citrix Netscaler.

NLB has a bad design and using it causes switch flooding. The reason to this is it's ARP/MAC address usage.

To avoid problems where NLB must be used, check configuration examples for Cisco Devices. Catalyst Switches for Microsoft Network Load Balancing Configuration Example

Cisco Mobile to be in Istanbul in April

This is a chance to take the CCIE exams without traveling abroad.
Istanbul, Turkey Apr 16 - 20 R Routing & Switching, Security


Ref: Cisco Doc

TwinGig Convertor configuration

These Cisco convertors are pretty handy I must say. It's an X2 Convertor module that is able to take 2 SFP modules; Allowing you to convert an X2 slot to twin SFP slots. Anyway, when you insert a TwinGig to a switch without first doing the pre-configuration, you're most likely to get an error like this:

%C4K_GLMMAN-3-X2PLUGGABLESEEPROMREADFAILED: Failed to read seeprom on port Te2/8. Reinsert X2 module or configure GigabitEthernet port group if TwinGigConverter is installed.

It's because the X2 slot you used is configured as a TenGig slot. It should be set to Gigabit for the TwinGig to be detected. The way it's done on an 4900M is:

hw-module module 2 port-group 4 select gigabitethernet

The catch is that the 8 port TenGig module used on the 4900M is over-subscribed and you will have to set a "port-group" which represents 2 ports, as "gigabit" to get the TwinGig to work.

After setting our port-group, the log will show the TwinGig is detected:

Nov 23 10:32:06.501: Port Te2/8: TwinGig Converter inserted: vendor: CISCO SYSTEMS, p/n: 800-27645-02, s/n: FDO14290SE5


Here are some references for more info:
Installation Notes for the Cisco TwinGig and OneX Converter Modules
Selecting X2/TwinGig Convertor Mode
SFP Interfaces of X2/Twin Gigabit Converter Do Not Come Up

Protocol overhead

Various protocols introduce overhead to packet networks.
Good explanations here:
Protocol Overhead
Overhead in Packet Networks

Fiber Optic Cable specs

Multi Mode

850nm and 1300nm
OM1: 62.5/125 µm
OM2: 50/125 µm
OM3: 50/125 µm Laser optimized. 10GbE for 300m (quality cables support 550m length)
OM4: Cable will support 125m links at 40 and 100 Gbit/s.


Single Mod
20km, 1 Gbps

Get your GNS3 project fix

Here's a link to a great site from my friend Rene Molenaar:
GNS3Vault

Description from the site:

* Cool Scenarios to get the maximum out of your networking experience ;)
* Downloadable topologies that you can use right away with the GNS3 software.
* Different levels of difficulty, there's something for everyone...novice, intermediate and expert!
* The forum where you can discuss about all the labs.
* It's possible to review labs.
* You can share your labs with others.

AND Yes, all for free ;)

Using 3rd Party SFP modules in Cisco Devices

All SFP modules contain in their EEPROM, a Serial Number, Vendor Name & ID, Security code and a CRC. The Switch checks this information, if it can't verify it might give messages like the following:

%PHY-4-UNSUPPORTED_TRANSCEIVER: Unsupported transceiver found in Gi1/0/1
%GBIC_SECURITY_CRYPT-4-VN_DATA_CRC_ERROR: GBIC in port 65538 has bad crc

There are two undocumented cisco commands to get 3rd party SFP modules to work:

switch(config)# service unsupported-transceiver
switch(config)# no errdisable detect cause gbic-invalid

Upgrading Software on a 6509 Switch

Planning on upgrading the ancient CatOS 5.5(1)on our 6509 switch.

1. Check Supervisor NMP BootROM version. If Fw 5.1(1) then you must field upgrade your ROM. Check here.



Ref: Upgrading Software Images on Catalyst 6000/6500 Series Switches

Running ASA and ASDM using GNS3/Qemu

Finally got ASA and ASDM to work nicely with GNS3.
Here's my setup:

GNS3 v0.7
Qemu (The one that comes with GNS3 v0.7)
ASA 802-k8 (files needed for Qemu are: asa802-k8.initrd.gz & asa802-k8.kernel)
ASDM 6.0(2)
Fiddler (Instructions to configure it are here)

To get ASDM to connect with ASA, you must use Fiddler to intercept the HTTPS stream and modify it to correct some of Qemu's shortcomings.
Then set your JRE to use fiddler as proxy.
All instructions can be found in the lengthy discussion at hacki.at. Make sure to read pages 17,18,+

Visio tips & tricks

In this post I will collect Visio tips & tricks that I come up with and links to similar articles.

Shortcuts:
Ctrl+1 Pointer Tool
Ctrl+2 Text Tool
Ctrl+3 Connector Tool
Ctrl+W Zoom Whole Page
Ctrl+Shift+G Group
Ctrl+Shift+U Ungroup

Links:
Shortcuts to Edit in Visio @ Visio Insights
Nortel Visio Stencils
Visio Stencils collection (lots of vendors)

STP, PVST, RSTP, MSTP articles

Many standards, many proprietary approaches.. All this causes interoperability and management headaches.

References:
Understanding MSTP, very in-depth article from Petr Lapukhov.
Understanding STP and RSTP Convergence, again by Petr.
Lots of valuable articles from ine blog.

Cisco and HP Interoperability

Some pointers to related information on the net:

Articles:
Summaries from Dave Tucker's 3 Day Training: HP ProCurve/Cisco Interoperability – Day 1, Day 2, Day 3


Documents:
ProCurve and Cisco Spanning-tree Interoperability

Discovery Protocols, STP, Link Aggregation, IP Routing, etc:
HP & Cisco Interoperability Guide

Troubleshooting High CPU Utilization

Cisco 7500 Series Routers, Troubleshooting TechNotes

* High CPU Utilization in Exec and Virtual Exec Processes

* The show processes Command

* Troubleshooting High CPU Utilization Due to Interrupts

* Troubleshooting High CPU Utilization due to Processes

* Troubleshooting High CPU Utilization in IP Input Process

* Troubleshooting High CPU Utilization on Cisco Routers

* Understanding VIP CPU Running at 99% and Rx-Side Buffering

* What Causes %SYS-3-CPUHOG Messages?

IOS Syslog facilities

Logging and debugging messages are the cornerstone of troubleshooting.

There are 4 possible destinations for Logging:
1.Console
2.Monitor
3.Buffer
4.Host
+plus SNMP

R1(config)#do sh logging
Syslog logging: enabled (9 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled)
Console logging: level debugging, 33 messages logged, xml disabled
Monitor logging: level debugging, 0 messages logged, xml disabled
Buffer logging: disabled, xml disabled
Logging Exception size (8192 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 38 message lines logged

Descriptions for the fields in the output above.

When troubleshooting in High CPU utilization situations, and you have to use debugging, make sure to disable or "level-limit" the console and monitor logging facilities. Instead use the buffered logging facility to record the debug output and view it with "show logging". This will allow the CPU to process the log messages in a high utilization environment.

To use a syslog server and set the log-level:

R1(config)# logging host
R1(config)# logging trap ?
<0-7> Logging severity level
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
debugging Debugging messages (severity=7)
emergencies System is unusable (severity=0)
errors Error conditions (severity=3)
informational Informational messages (severity=6)
notifications Normal but significant conditions (severity=5)
warnings Warning conditions (severity=4)

Reference:
Troubleshooting and Fault Management Commands @ Cisco
Troubleshooting High CPU Utilization on Cisco Routers @ Cisco

Portable Product Sheets @ Cisco

Here's a page I came across on the Cisco Site.
Provides easy access to reference documents useful to partners.
Eg: Switch Performance, IOS Packaging, Router Memory/Performance, ISR Ref.Sheets, etc.

Portable Product Sheets

Password recovery references for almost all Cisco Devices

Here's a great reference page from Cisco, explaining the pwd recovery procedures for many of their devices.

Password Recovery Procedures

Internet Map of Autonomous Systems in Türkiye

Here's a recent and very well done study of the Networks/ASs located in Türkiye, by Hakan Çetin.

Türkiye'nin Otonom Sistem Seviyesinde İnternet Haritasının Çıkarımı (TİH) - 2009

Steps for migrating from PIX to ASA

You should be running v7.x on your PIX so that your configuration can be converted properly. Two ways of going about this:

* Tool-Assisted Conversion (Link)
* Manual Conversion

I'll covert the manual method here.
Upgrading your PIX to v7.x

1. Get copies of your config and version/license info

# show running
# write net
# show version

2a. If BIOS is earlier than 4.2, use Monitor Mode instead of copy tftp flash

Reboot and press BREAK or ESC during boot to enter Monitor Mode

monitor>interface
monitor>address
monitor>server
monitor>gateway
monitor>ping
monitor>file
monitor>tftp

PIX will automatically boot, but the software upgrade is only done in Memory, you MUST you go through the steps below to complete the upgrade!

2b. Upgrade System software

#enable
#copy tftp: flash:
Address or name of remote host []? 10.1.6.44
Source filename []? pix701.bin
Destination filename [pix701.bin]?

3. Now you have upgraded your software and your config was auto converted to v7.x
You should go through and check the changes made, which could be very different from your older pix config.

4. Use this config in your ASA appliance. Do this either with the Copy/Paste method, or via a tftp/ftp config file transfer.



Ref: Migration from PIX 500 Series Security Appliances to ASA 5500 Series Adaptive Security Appliances

G.HSDSL Config through a Cisco 828 router

I'll copy this here for reference purposes. Used a few of these configs to connect one of my customers branch offices to their headquarters.

Be careful of the vpi/vci values which should be:
Point to point g.shdsl links: 0/35
Internet g.shdsl links: 8/35

!
controller DSL 0
mode atm
line-term cpe
line-mode 2-wire line-zero
dsl-mode shdsl symmetric annex B
line-rate auto
!

!
interface ATM0
no ip address
ip nat outside
ip virtual-reassembly
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
bandwidth 2048
ip nat outside
ip virtual-reassembly
pvc 8/35
pppoe-client dial-pool-number 1
!
!

!
interface Dialer0
mtu 1476
bandwidth 2048
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp header-compression iphc-format
ip tcp adjust-mss 800
load-interval 30
dialer pool 1
ppp authentication pap chap callin
ppp chap hostname user@isp
ppp chap password 0 123
ppp pap sent-username user@isp password 0 123
ppp ipcp dns request
ip rtp header-compression iphc-format
!

Most useful Freeware/Shareware Windows Apps.

Firefox: THE browser of the Internet. Won't use anything else.
Total Commander, my choice of File Manager since, forever.
CDBurnerXP: Very nice CD/DVD/BlueRay, Data/Audio burner. Freeware.
SysInternals: Indispensable system tools.
Media Player Classic: With a few codecs, it's all you need to play your videos.
Winamp: Essential audio player for me.
TrueCrypt, an essential encryption suite.
BitComet, my choice of torrent client.
Foxit, a freeware PDF Reader. It's light-weight and fast, why use bloated Adobe apps?
Daemon Tools Lite, mount cd/dvd images

SyncToy

iMazingConverterWindows.exe iMazingConverter, heic'den jpg, mov'dan mp4'e çeviriyor, gerçekten free ama dikkat et, converter'ı indir sadece.

Win7 Tips&Tricks, Useful Applications

* Shortcuts: Master List of Windows 7 Keyboard Shortcuts (Mar 09)
* Take ownership and delete files/folders for good!
For Files:

takeown /f file_name /d y
icacls file_name /grant administrators:F

For Directories (will perform action recursively):

takeown /f directory_name /r /d y
icacls directory_name /grant administrators:F /t

* Turn off Driver Signing

bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
bcdedit.exe -set TESTSIGNING ON

* Turn off Hibernation

powercfg -h off

* Classic Start Menu and Explorer
Classic Shell, now this is very cool, I had enough of the new featureLESS Start menu and awkward Explorer

CCNP at last!

Hooray!! Just became CCNP certified today.

Now it's onto my ultimate goal, CCIE Routing & Switching. Must start planning right away ;-)

History of Computers and the Birth of the Internet

I've been reading "Where Wizards Stay Up Late" by Hafner&Lyon which tells the story of ARPA and how the network to connect all the different mainframes in universities came to being, which then would be the foundation of the Internet. It's written in a novel fashion and once you start flipping the pages it's hard to put it down!

There are mentions of many of the first huge computing machines that were built in various Universities and Corporations, such as the TX-2 in MIT Lincoln Labs, Q-32 that was transferred by the Airforce from SDC to ARPA, etc. So being the researcher I am :) I had to track these beasts and learn more about them. I shall write a separate article about these in the near future.

Computer History Museum in California (History Timeline)

CCIE Preparation, devices to accumulate for a home lab

This is a WIP entry that I'll use to compile a list of useful devices/information for my future CCIE lab preperation

ISDN Simulator B-LinkU has 2 ports that you can connect to using U or S/T interface.

2520 Series Multiport routers, for use as Frame Relay switch, ISDN cloud.

Cisco Router boot configuration

File Systems:
system: (RAM, where running-config is kept)
nvram: (NVRAM, where startup-config is saved)
bootflash: (Internal Flash memory)
slot0: (First PCMCIA slot)
slot1: (Second PCMCIA slot)

Copying:
#copy ftp: system:running-config
#copy ncp: system:running-config
#copy tftp: system:running-config

#copy ftp: nvram:startup-config
#copy rcp: nvram:startup-config
#copy tftp: nvram:startup-config

#copy system:running-config nvram:startup-config

Booting:

#show bootvar (verify the contents of the CONFIG_FILE environment variable.)
#boot config dest-flash-url (Set the CONFIG_FILE environment variable.)

#boot network ftp:[[[//[username[:password]@]location]/directory]
/filename]
#boot network rcp:[[[//[username@]location]/directory]/filename]
#boot network tftp:[[[//location]/directory]/filename]
#service config (Enable the router to download config-files at startup)

#boot system

Other Useful commands:
#service compress-config
#boot buffersize bytes (The buffer that holds the configuration file is usually the size of NVRAM. Larger configurations need larger buffers. )
(config)#config-register value
#dir [flash-filesystem:]

Examples
#copy system:running-config tftp://172.16.1.130/istanbul-config
#copy system:running-config ftp://netadmin1:mypass@172.16.101.101/Ankara-config
#copy rcp://netadmin1@172.16.101.101/host1-confg system:running-config
#copy slot0:4:ios-upgrade-1 nvram:startup-config


Ref: Rebooting and Reloading - Configuring Image Loading Characteristics @ Cisco
Cisco IOS Conf. Fundamentals Command Reference Boot Commands

GRE over IPsec in a Hub-Spoke Topology w/ EIGRP (Lab) #2

Ok this is the enhanced version of the previous GRE lab I've posted.
We've decided to encrypt and secure all communications between our HQ and Branches.
As previously noted we needed GRE to run a dynamic routing protocol (EIGRP) between our networks. So here we implement an IPsec GRE tunnel that will encrypt all traffic including the multicast EIGRP messaging.

Download Project files for GNS3.