Top

IOS: Setting the TCP Timeout on IOS

August 14, 2008 by Greg Ferro · 1 Comment 

One of my favourite default commands on IOS is “ip tcp synwait 5″. Lets look into this command and why you might like to use it as well.

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS: Enable and …. Disable ?

July 20, 2008 by Greg Ferro · 1 Comment 

All these years, and I didn’t realise the opposite of the enable, was disable.

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS: ROMMON on the C6500/Sup720 - Lesson Learned

June 28, 2008 by Greg Ferro · Leave a Comment 

Recently, one of my Supervisor 720 goes into a permanent reboot cycle. I was able to break it into ROMMON mode, but I couldn’t get it to ’stick’ the boot settings.

Finally….

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS: Reverse SSH Console Access - Part 2

June 25, 2008 by Greg Ferro · 3 Comments 

Following my original post about configuring Reverse SSH on a Cisco console server, I wanted to make some followup to extend the usage. Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

Configuring Windows 2003 / XP SP2 to Use IOS NTP Server

June 10, 2008 by Greg Ferro · 4 Comments 

In certain networks, it is difficult to get the time on your servers to be exactly the same as the NTP time on your network equipment. In this case, you want to force the Windows servers to use the same NTP Network time source as your routers and switches. But Microsoft Windows doesn’t understand NTP by default, it has its own ‘way’ of setting up NTP so you need a little tweak to make it compatible.
Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS:Open Source Lab DNS and IP Addressing

June 2, 2008 by Greg Ferro · 1 Comment 

A number of Cisco Bloggers have talked about making labs available for others to use. However, part of what will be needed is some conventions to make these labs work for the largest number of people.

Following Ivan Pepelnjak posting on Private Domain Names, and an earlier posting that I made on Reserved IP Address for Testing I believe we have perfect combination for DNS and IP addresses for building live test environments, that will work for Open Source lab scenarios.

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS: Reverse SSH Console Access

May 29, 2008 by Greg Ferro · 5 Comments 

I recently needed to secure the reverse console access using Cisco IOS router. Now for many years, we have been doing this over telnet and the configuration has been straightforward. But configuring it to support SSH instead of telnet is a little bit different, awkward in fact. Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

Ip Tcp Timestamp

April 14, 2008 by Greg Ferro · Leave a Comment 

ip tcp timestamp

I have seen this command a few times, today I am going to look into it and see what it does. Also, this is probably a classic CCIE lab gotcha.

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

IOS CLI: Show Run Linenum

March 12, 2008 by Greg Ferro · 1 Comment 

You probably know this one already, but I have been typing “wr t” for a long time and never stopped to look. Puts a line number at the side of the config so you can say to the person on the other end of the phone, see line 10……….

r2#sh run linenum
Building configuration…

Current configuration : 3057 bytes
1 : !
2 : upgrade fpd auto
3 : version 12.4
4 : service nagle
5 : no service pad
6 : service tcp-keepalives-in
7 : service tcp-keepalives-out
8 : service timestamps debug datetime msec localtime show-timezone
9 : service timestamps log datetime msec localtime show-timezone
10 : service password-encryption
11 : service sequence-numbers
12 : !
13 : hostname r2
14 : !
15 : boot-start-marker
16 : boot-end-marker
17 : !

They think of everything these days. I suspect that cheap and large flash in your routers means that useful commands are now possible. I must start looking for them more often.

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

Bidirectional Forwarding Detection  [Cisco IOS Software] - Cisco Systems

March 8, 2008 by Greg Ferro · Leave a Comment 

BFD is a most useful feature of IOS, and IMHO, a much unloved feature. I notice that latest releases of IOS now have BFD for static routing, but more importantly now supports HSRP

standby bfd
Example:
Router(config-if)# standby bfd
(Optional) Enables HSRP support for BFD on the interface
standby bfd all-interfaces

Example:
Router(config)# standby bfd all-interfaces
(Optional) Enables HSRP support for BFD on all interfaces.

Bidirectional Forwarding Detection  [Cisco IOS Software] - Cisco Systems: “”

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

On the Death and Rebirth of IOS - Why Did It Take So Long ?

March 5, 2008 by Greg Ferro · 3 Comments 

The market has been commenting on the rise of Juniper for some years and the fact that Cisco has not been able to stop them growing. Well, we can now see that Cisco was listening to the stock market by spending a lot of time and money developing a new operating system. Oh yeah, and some new hardware to run it on. Read all about the Cisco ASR 1000 here.

IOS performance limits

Its been clear for a long time that the conventional IOS had hit a wall in performance. The monolithic kernel has been subjected to any number of hacks to improve performance (fast switching, CEF) but ultimately, it obviously had to be discarded and a new approach built that supported modularity, improved upgrade, and other serviceability features. This has seen the release of NXOS (Nexus 7000), IOS XR (CRS-1) and now IOS XE for the ASR1000. You can probably also include IOS SX as used in C6500 and other switches as another.

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

Single Internet Connection but HA Infrastructure - Using Bridging Instead of Routing

February 20, 2008 by Greg Ferro · 1 Comment 

Introduction - The Design Constraint

The customer had decided to build a hosting platform, but could only arrange for a single internet connection to that site due to location. However, all other hardware was duplicated for high availability. After considering the options the following diagram was prepared showing the first pass at the design. This was the Internet Connection (100Mb Ethernet) connected to the router, then connected to a switch, which was interconnected by trunk to a second switch. The first layer of firewalls is then connected.

In this design, the router and the first switch are single points of failure as shown on the diagram

oneleginternetbefore.png

Read more

Please rate this post :    Why ?
Rating: 10.0/10 (1 vote cast)

Cisco ASA and IOS Command Tip - Test Aaa-Server

February 18, 2008 by Greg Ferro · Leave a Comment 

I have been working on a VPN setup that loads the Group Policy from a CiscoSecure ACS server. During the process I discovered the test aaa-server command. Its very handy tool when you are doing this kind of stuff.

Read on…..

Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

The Poor Man’s IOS Traffic Generator

January 18, 2008 by Greg Ferro · 1 Comment 

This is a feature that I used to use years ago, but had forgotten about. For some reason, I remembered it today and it is still as useful as it ever was. Read on…
Read more

Please rate this post :    Why ?
Rating: 0.0/10 (0 votes cast)

Bottom