Skip to Content

Adam's blog

CCIE Routing and Switching v5 Official Cert Guide Library



With a publication date of August 4, 2014, the CCIE Routing and Switching v5.0 Official Cert Guide Library (5th Edition) is on its way! If you haven't passed the version 4 written exam, this might be a good investment to help out with your studies. I've owned the version 3 and version 4 cert guides and will likely pickup a copy of version 5 when the time to take the written again arrives.

Contents of the Library

Looks like in addition to the two books (volume 1 and volume 2) you get a ton of practice questions on a DVD. That's 1400 pages between the two volumes and "hundreds" of practice questions.

Authors

One thing that caught my eye with this publication is

Ninja your way through a running-config

Do you use the command line often? If so, you probably have a set of go-to commands that get you the information you need. One of the staple commands I use is "show run"or show running-config if you want to type it out. The only problem with show run is it gives you the whole config. Often the output is dozens of pages long and can take time to flip through. Here are the shortcuts I use to speed this up..

Forward slash    /

You can use the forward slash after issuing the show run command to search for a specific string of text. I use this a lot when I want to jump to specific range of interfaces. For example, I want to see the configuration for interfaces g0/19, g0/22, and g0/24. I don't feel like typing show run int g0/19 then typing it all over again for the other two interfaces. Simply type show run and then hit /   then type your search string, in this case "0/19" will get you there.

Cisco Memory Component Issues

Cisco recently announced a problem with the memory used in several of their platforms. A specific memory supplier (who Cisco has not named) provided faulty memory modules to Cisco and other vendors between the years of 2005 and 2010.

The Problem

The memory in these platforms degrades over time and up until recently the failure rate was below expected levels. However, recently several Cisco customers have had higher than expected failure rates and as a result Cisco is publicizing the issue to raise awareness.

One way to see if your device has the issue is to power cycle it. If a device does not boot up after being powered back on, then it is likely due to this memory issue.

Affected Platforms

The following platforms may have the faulty memory:

How to Force Quit an application on a Mac

Force Quit

I've been using Macs for years and in my experience it is a very stable platform. I can leave it running for months without issues. However, from time to time an application will get stuck and requires manual intervention to clear it out using the Force Quit feature. There are a couple ways to access Force Quit: one via the menu and the other via keyboard shortcut. Since this happens so rarely, I forget what the keyboard shortcut is and usually resort to the menu. However, sometimes the menu might not be visible (for example, getting stuck in a full screen VNC session). The only way out of this is the keyboard shortcut:

Command + Option + Escape

This will bring the Force Quit menu into view and you should be able to kill the application that has the (Not Responding) listed after it.

If you haven't seen this feature before, click on the Apple menu at the top and select Force Quit:

Cisco ASCII Art

While going through a network inventory of sorts, I came across a device with a banner motd of the Cisco logo. This was on a piece of gear that wasn't deployed by me or anyone I work with, but I thought it was cool enough (in that nerdy sort of way) to share here. At the very least, it's more fun than legal notices..

Enjoy!

How to get Wireshark to work in OS X Mavericks

If you have upgraded your Mac to OS X 10.9 Mavericks, you might have noticed that Wireshark (and other apps that utilize the X11 environment stripped from OS X) no longer load. There is a solution that I was able to piece together through trial and error and I'd like to share it here.

First, you need to install the X11 environment. To do this, get a copy of XQuartz and install it.

Second, install a copy of Wireshark

When you go to load Wireshark, it'll complain about not being able to find X11.

IPvFox - Firefox Add-on for IPv6/IPv4 Content

Whenever I come across a useful tool that I find myself installing on every computer I touch, I figure it's something I should share. That said, if you are doing any work with IPv6 and if you use the FireFox browser, I highly recommend checking out the IPvFox add-on.

https://addons.mozilla.org/en-US/firefox/addon/ipvfox/

This adds a 4 or 6 to the end of the URL bar at the top of the browser window depending on whether the destination address of the web server you are accessing is IPv4 or IPv6.

Verify Cisco IOS Before Upgrading

If you have ever upgraded the IOS on a Cisco Switch or Router, you may have just copied the new IOS file from a tftp server and then rebooted without thinking twice about it. This generally works and I've done my fair share of upgrades without checking the file integrity in the past. However, there is a safer way to upgrade: the Verify command.

After copying your file from whatever source (ftp, tftp, scp, etc), you simply type verify and the filename and it does the rest. Here's what it looks like:

Cisco ip nbar protocol-discovery interface limit

I have been working with NBAR based QOS lately and I have to say, it's really cool. The fact you can just tell the router to match protocol <fill in the blank> and then apply policy to that traffic is awesome. So much better than being forced to match dscp values or even worse, writing ACLs to match traffic patterns. Yuck!

Well, while configuring a Cisco ASR 1k router with a ton of subinterfaces, I came across an interesting (and somewhat annoying) status message while creating more subinterfaces and applying the ip nbar protocol-discovery command on the sub-if level:

% NBAR ERROR: Can not enable Protocol-discovery Platform interface limit reached

This caught me off guard since I figured an ASR 1k could handle as much nbar as I could throw at it. After a little research however, it turns out it depends on the version of IOS XE you are running. Found the following table on cisco.com, link to original provided below:

How to configure a minimum password length on a Cisco Router

Command Line

If you want to ensure passwords adhere to a minimum length on a Cisco router, there is a simple command you can use to enable this feature: security passwords min-length <#>

To configure it, simply enter global configuration mode and type the following:

R1(config)#security passwords min-length ?
  <0-16>  Minimum length of all user/enable passwords

R1(config)#security passwords min-length 10

Here's how the command works when you try to configure a password that is too short:

Add user to Apache group www-data in Ubuntu

While working on an Ubuntu linux server yesterday I ran into a group permissions issue involving Apache2. The default Apache group in Ubuntu is www-data. To solve the problem, a user needed to be added to the www-data group. Figured I'd write up a quick post on how you can add a user to the www-data group. We'll use the username "bob" for the examples below.

Add an existing user to the www-data group

$ sudo usermod -a -G www-data bob

To verify, use the groups command:

$ groups bob
bob: adm bob cdrom sudo dip www-data plugdev lpadmin sambashare

Create a new user and add them to the www-data group

$ sudo useradd -g www-data bob

To verify, use the groups command:

$ groups bob
bob: www-data

How to flush dns cache on a mac

Mac Terminal

If you use a mac and need to flush the hosts local DNS cache there is a relatively simple way to accomplish this. Similar to the procedure on a Windows machine (open cmd and type ipconfig /flushdns), this procedure is done on a command line prompt.

To begin, open a terminal window

Then type the following command:

dscacheutil -flushcache

That's all there is to it. However, to make it simpler, I've created a script file on my desktop that can easily be double-clicked any time I need to flush the dns cache. If you would like to create a similar script file, follow the steps below:

Step 1 - open a terminal window.

Step 2 - navigate to where you want to save the file. By default, when I open a terminal window I am in my username's directory (/Users/adam). You can change directory up to Desktop if you want to place it on your desktop.

How to enable IPv6 support on a Cisco 3560 switch

If you have tried configuring IPv6 on a Cisco 3560 switch, you may have noticed the ipv6 commands aren't available by default. This often catches me when I am working on a new switch that has never had IPv6 enabled. I just had this happen tonight, so I figured I'd write a brief how-to with some background info thrown in.

Where are the IPv6 commands hiding?

Cisco 3560 switches have a feature called Switch Database Management (SDM) templates. There are various templates that can modify the allocation of system resources to better support different features. What does this mean? By default, a small catalyst switch is built to support 8 routed interfaces and 1024 VLANs. It's not generally used to route OSPFv3 and BGP (though, it can do that). So as a result, the system resources are evenly distributed among the various functions to accommodate a common set of tasks.

Service Config - Error opening tftp://255.255.255.255

Command Line

If you have worked on a newer Cisco IOS device, you may have seen the following error messages:

%Error opening tftp://255.255.255.255/network-confg (Socket error)
%Error opening tftp://255.255.255.255/cisconet.cfg (Socket error)
%Error opening tftp://255.255.255.255/router-confg (Socket error)
%Error opening tftp://255.255.255.255/ciscortr.cfg (Socket error)

If you are wondering what these messages mean, it is the result of the config service being enabled by default in some IOS versions. Read on to learn about how it works and how to disable it.

Cisco 4500 Series Sup7e Install Notes

One of my projects at work is to replace a couple switches with newer (and larger) 4507R+E with Sup7e. I love projects like this because they're relatively straight forward, but mainly because they are fun! Who doesn't like unboxing a $60,000USD switch and firing it up? It's like a Cisco birthday or something.

Anyway, while configuring this thing, I've noticed a few quirks... idiosyncrasies? "Features"? Whatever you call them, they're new to me and I felt like blogging about it.

SD Memory in a Supervisor

First, just an observation: Cisco now has Secure Digital (SD) memory in a Supervisor. You might be thinking "yeah, I read about that when the Sup7e came out..." However for those who were in the dark, now you know. Here's a picture to share: 

Syndicate content


Dr. Radut