Skip to Content

How to

Save yourself some time with the default interface command

Mon, 2012-11-26 01:00
Command Line

If you configure Cisco equipment on a regular basis, you might find yourself in a situation with a large number of router or switch ports that need to be reconfigured. There are several ways you can prep your switch ports to complete your task:

  • You could do a "show run" and then build a script that includes the "no" form in front of each of the old commands, then apply your new script.
  • You could simply overwrite the old config with the new and then go do the no form of the stuff you don't want after the fact.
  • You could erase the startup-config then reload the switch and start from scratch (assuming the device isn't in production anymore).

There are probably another half dozen different ways of simply erasing the config and starting over, but there's one more option that this post is focused on today: the default interface command.

SecureCRT Feature - Alt Select

Tue, 2012-10-30 08:08

If you are a SecureCRT user, here's a feature that might save you some time. Let's say you have a list of information in your terminal window that you'd like to copy - perhaps the output of "show ip interface brief." However, instead of the whole output, you only want the list of interfaces, not the rest of it. Normally, you would just highly the whole output of information and then either paste it as is or paste it in a notepad window and delete all the stuff you don't want. 

This gives you the following output:

R2#show ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
Serial0/0                  unassigned      YES unset  up                    up      
Serial0/1                  unassigned      YES manual up                    down    
Serial0/2                  unassigned      YES unset  up                    down    
Serial0/3                  unassigned      YES unset  administratively down down    
FastEthernet1/0            10.1.1.2        YES manual up                    up      
FastEthernet2/0            192.168.100.2   YES manual up                    up      
Multilink1                 223.254.254.198 YES manual up                    up

Well, there is another way. A much cleaner way...

SecureCRT Feature - Chat Window

Thu, 2012-10-04 11:00
SecureCRT Icon

If you are a SecureCRT user, you might find a certain feature useful when configuring multiple devices via CLI. The feature is called Chat Window and it's not what it appears at first glance.

When I first saw the Chat Window feature listed in the View menu, I assumed it was some sort of remote tech support option or a way to collaborate with multiple users. Although it is certainly possible to use it to "chat" using the IOS Send command, it is far more powerful as a quick way to configure several routers or switches at the same time. 

Here's how it works...

Upgrade your Macbook Pro to a 1 TB hard drive

Sun, 2012-09-02 11:40

If you bought a Macbook Pro in the last couple years, like me, you may be pushing the limits of the factory installed 250Gb hard drive. So far, the factory installed Toshiba hard drive has been rock solid, no complaints. I just need more space than 250Gb.

As of right now, the current Macbook Pros come with 500Gb or 750Gb hard drives (with an option to upgrade to 1Tb).  Back when I bought, they had 250Gb and 500Gb options. If you want more storage in your Macbook Pro, read on!

Select a Hard Drive

The first decision you have to make when buying a hard drive is how much space do you want?

I figure storage is relatively cheap, so why not go as big as possible? After a bit of research, the disk I chose to go with is the Western Digital Scorpio Blue 1 TB Hard Drive. The decision was mainly based on the size of the disk, but several reviews I read all stated the disk is quiet and reasonably fast for it's size. The price is right as well (right around $100US).

How to do Crtl+Break sequence in SecureCRT without a Break Key

Mon, 2012-06-25 00:08
Command Line

So, for the past couple years I've been using a Mac Book Pro for the majority of my writing, but still relied on a Windows platform for most of my command line work. I recently was faced with the need to perform a password reset on a device using Secure CRT on my Macbook Pro, and wouldn't you know it? There's no Break key! Here's how I got around this issue, if you have another way to do it, please feel free to share in the comments below.

1. Start out by establishing your console connection.

How to concatenate multiple text files into one

Mon, 2012-04-23 07:01
Command Line

Have you ever wanted to merge a bunch of text files together into one large one? For example, if you use a tool to go grab a bunch of show command results and output it to a text file per device, it's handy if you can have the operating system merge all that together for you. Many of you have likely done this at one point or another, but I figured it was worth capturing here to share the syntax.

So, if you are in a Windows command prompt, you can use the type command to output the contents of a file.

C:\>type text1.txt
This is a test.

Then you can use the type command plus the double arrows to merge a bunch of files:

C:\>type *.txt >> merge.txt

text1.txt

text2.txt

text3.txt

text4.txt

This leaves you with all the original files plus a new one called merge.txt. Piece of cake.

How to setup Configuration Change Notification and Tracking

Wed, 2012-01-25 22:53

Have you ever found yourself troubleshooting a problem caused by a coworker or consultant mistyping a command? It happens, everyone makes mistakes, but what's frustrating is when people won't own up and admit they made the mistake. Not only is it dishonest, it can impede a fast resolution by knowing what to undo.

As a result, you might find yourself wishing there was a relatively simple way to see every command typed into every router and switch in the network... You can do this with a AAA server, but it can be cumbersome to have to scour through the logs on your ACS server. However, there is another way and it's really easy to configure.

Configuration Change Notification and Logging, or simply Configuration Logging, is Cisco's method to log every configuration command entered on your Cisco IOS routers and switches. The feature was introduced in 12.3(4)T & 12.2(25)S, so it should be available in almost any IOS device that's been upgraded in the last 5 years. It can log locally up to a specified number of lines of config, and even send the commands off to a syslog server.

The following examples are from a Cisco 3550 switch and demonstrate how to configure and monitor change logging.

How to configure DHCP Snooping on a Cisco Catalyst switch

Wed, 2012-01-04 22:20
Command Line

A question was asked in the Tekcert forums regarding DHCP snooping configuration. After thinking about writing an in depth response, I decided to just write a full blown blog post.

Everything in this post has been tested in a lab environment with a Cisco 3550, Infoblox DHCP servers, a Netgear router as a "rogue" dhcp server, and a MacBook Pro as a client. The 3550 is configured with ip routing and a layer 3 interface on the subnet where the DHCP servers are located (10.0.10.0/24). VLAN 20 has been created on the 3550 with an interface ip address of 10.0.20.254/24. All the DHCP server configuration and helper addresses were tested and working prior to implementing DHCP snooping to eliminate any doubt as to whether the DHCP snooping configuration is working or not. So, let's get started.

How to use the changeip command to modify the FQDN of a Mac OS X Server

Mon, 2011-11-28 00:38

I was recently faced with having to change the domain name on a Mac OS X Server. If I had to do this on a Windows machine, it would be a relatively simple process using a GUI interface. However, on a Mac server, there isn't (as of version 10.6.8) a way to change the fully qualified domain name (FQDN) via a GUI. Thankfully, there is a way to change the domain settings using the CLI and it's a piece of cake.

The changeip command was created to allow administrators to change the ip address and FQDN in static config files on a Mac OS X Server. For example, if you setup the DNS and iCal services, instead of manually updating the config files associated with these services, simply running the changeip command updates the files for you. 

The syntax for the command is as follows:

Re-enable http:// protocol in URL bar for Firefox 7

Mon, 2011-10-10 07:33

Mozilla is at it again with their rapid fire release of Firefox 7. If you have automatic updates enabled, it most likely restarted your browser and installed version 7 without you even really noticing. This release likely has some whizzbang feature they believe justifies a major revision, however I doubt most people would agree it's major revision worthy.

The topic of today's post is regarding one of the lesser advertised features slipped into this version which lends to the "stupidization" of web surfers. The protocol handle is now gone at the leading edge of the URL. So, previously you would see "http://tekcer.com", it now reads "tekcert.com". Probably not a show stopper for your average sheepish websurfer, but if you are security-minded and want to know whether you're accessing something via http or https, it's handy to see it listed.

Thankfully, there is a work around. Whoever thought this was a great idea at least recognized that some people wouldn't think it was great, so they added a configuration setting to undo the damage. Here's how to get it fixed:

How to configure Rate Limit to stop bandwidth hogs

Mon, 2011-09-26 00:11

Have you ever had a low speed serial link get overrun by a single user hogging all the bandwidth? Well, there is a quick and easy way to prevent any type of traffic from using up an entire link - rate-limit.

To implement this feature, you simply type in rate-limit under an interface and specify a few parameters such as the allowable bits per second and the burst rate. However, if you do that it will rate-limit all traffic traversing the link which honestly the link will do on its own when traffic exceeds the available bandwidth. A more useful configuration is to include the access-group keyword in the command and point it to an access list that defines the traffic you want to rate-limit.

To demonstrate, I've configured two routers connected with a low speed serial link clocked at 128k. Without the rate limit configured, you can ping between them with no problems:

How to configure multiple NTP time sources in Windows Server 2008 (R2)

Sat, 2011-09-17 12:18
clock.jpg

Over the past few weeks, I noticed my computer's time was drifting several minutes behind. This actually caused me to be late to a couple different meetings because I kept working on my computer instead of leaving the house. Well, since it's a Saturday and I had some time to fix the problem once and for all, I wanted to share what I've learned since it took longer than I expected to configure NTP on a Windows Server.

It all began several months back when I setup a Windows 2008 R2 Server and thought "wouldn't it be cool if I set my desktop's clock to update from the server instead of a reliable external source?" So, I unwittingly redirected my desktop from its reliable 0.us.pool.ntp.org to my server's ip address with the assumption the server was already getting it's time from a default external source. Hence the source of my lateness months later.

Fast forward to today. I figured it would be a quick 5 minute fix to remote into the server, find some sort of ntp settings tab in a properties window, then add my multiple servers. I should have known better than to assume Microsoft would have added such a logical GUI feature. 

After searching the Internet, reading through several Microsoft technet articles, and testing multiple configurations, here's what I've got...

How to configure an IPv4 GRE tunnel to carry IPv6 traffic

Mon, 2011-09-12 08:03

Continuing the review of the TSHOOT Topology, on the IPv6 network map there is a GRE tunnel that is configured between Router 3 and Router 4. This tunnel is in place to allow IPv6 traffic to traverse the 10.1.1.8/30 IPv4 network. So, while reviewing the IPv6 tshoot topology, I decided to try out the tunnel configuration.

There are several ways to configure tunnels to allow IPv6 traffic to traverse IPv4 networks (and vice versa). This post will be focusing on a GRE tunnel configuration. If you want to review the other ways to create tunnels, i.e.  Automatic IPv4-Compatible IPv6 Tunnels, IPv6 Rapid Deployment Tunnels, and Automatic 6to4 Tunnels, I've included a link below to a great resource on Cisco's website that shows some great examples of other tunnels.

I threw together the following network diagram to provide a visual of what we are configuring: 

IPv6_GRE_Tunnel2

How to configure a Cisco router to be a frame relay switch

Mon, 2011-09-05 15:03

If you are studying for the TSHOOT exam, it is a good idea to familiarize yourself with the topology. I've been working on creating a lab that mocks the TSHOOT topology, and it has forced me to recall how to setup a Cisco router to act like a Frame Relay switch. 

Here is the topology that I've built. As you can see, it closely resembles the topology that Cisco has provided on their site. Since their doc doesn't provide specific DLCIs, I've used the most logical numbers I could think of.

tshoot-wan

The first step in configuring a Cisco router to act like a frame relay switch is to enable frame relay switching:

How to convert an IMG file to ISO using Mac OS X Disk Utility

Mon, 2011-08-22 00:14

If you are ever in a situation where you have an img (disk image) file, but you want it to be an ISO file so you can mount it rather than burn it, then we have something in common. I stumbled on a quick and easy process using the free Mac OS X Disk Utility (free if you have a Mac) and have created a quick video to demonstrate the steps. Check it out...

Update: Thanks to an anonymous commenter, the much simpler way to achieve the same results is to rename the file extension from img to iso. I just tested this and it appears to work. Who would have thought?

Syndicate content


Dr. Radut