Sunday, September 30, 2007

Combine Serial Interface to Increase Link Capacity

Yesterday I mention about example to increase link capacity. Now I give example configuration about it with two Serial interface. Other way we can use Ethernet interface is EtherChannel.

Combine two Serial interface with a new logical interface is Multilink. The IP address attach in Multilink interface.

config
R2#sh run int multilink 1
interface Multilink1
ip address 192.168.0.2 255.255.255.252
ppp multilink
multilink-group 1
end

R2#sh run int serial 1/1
interface Serial1/1
no ip address
encapsulation ppp
serial restart_delay 0
ppp multilink
multilink-group 1
end

R2#sh run int serial 1/2
interface Serial1/2
no ip address
encapsulation ppp
serial restart_delay 0
ppp multilink
multilink-group 1
end

Monitor & Verify
R2#sh int multilink 1
Multilink1 is up, line protocol is up
Hardware is multilink group interface
Internet address is 192.168.0.2/30
MTU 1500 bytes, BW 3088 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: CDPCP, IPCP, loopback not set
DTR is pulsed for 2 seconds on reset
Last input 00:00:37, output never, output hang never
Last clearing of "show interface" counters 00:01:38
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
8 packets input, 866 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
10 packets output, 876 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions

R2#sh int s1/1
Serial1/1 is up, line protocol is up
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open, crc 16, loopback not set
Restart-Delay is 0 secs
Last input 00:00:42, output 00:00:09, output hang never
Last clearing of "show interface" counters 00:01:22
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair [suspended, using FIFO]
FIFO output queue 0/40, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
30 packets input, 1722 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
27 packets output, 769 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

R2#sh ppp ?
bap BAP parameters and statistics
mppe MPPE statistics
multilink Multilink PPP bundle information
queues Event Manager request queues

R2#sh ppp multilink l?
% Unrecognized command
R2#sh ppp multilink ?
interface Show information for this MLP bundle only
| Output modifiers


R2#sh ppp multilink

Multilink1, bundle name is R1
Bundle up for 00:01:25, 1/255 load
Receive buffer limit 24384 bytes, frag timeout 1000 ms
0/0 fragments/bytes in reassembly list
0 lost fragments, 0 reordered
0/0 discarded fragments/bytes, 0 lost received
0xC received sequence, 0xC sent sequence
Member links: 2 active, 0 inactive (max not set, min not set)
Se1/1, since 00:01:29
Se1/2, since 00:01:14

Saturday, September 29, 2007

Increase Link Capacity with Combine Link

As long as we know link capacity is limit depend
on type of link, E1 2048 Kbps, DS3 45 Mbps etc. Sometimes we need more of link capacity use combine many link existing capacity become to big capacity.

In here I have several example to increase link capacity :

o load balancing of several link with IGP routing protocol example OSPF
o load balancing of 2 or more link with eBGP multihop use static route to reach next hop BGP peer
o combine 2 or more interface with a new logical interface use Serial interface and Ethernet interface

If you have a different way to increase link capacity without buy a new link, you can share with me. Thank you.

Friday, September 28, 2007

Create 2 or More Link from Ethernet

Few days ago I ever show about create 2 or more link from 1 physical link use frame-relay encapsulation Serial interface. Now I show about create more link use Ethernet interface, you can use Ethernet, FastEthernet, GigabitEthernet or xxxEthernet.

Ethernet interface as layer 2 or layer 3 can create logical link. Ethernet interface layer 3 use subinterface as logical link. Here example the configuration :

Router R with step configure
R#sh run int f0/0  
interface FastEthernet0/0
no ip address
duplex auto
speed auto
end

R(config)#int f0/0.1
R(config-subif)#ip address 10.10.10.1 255.255.255.252

% Configuring IP routing on a LAN subinterface is only allowed if that
subinterface is already configured as part of an IEEE 802.10, IEEE 802.1Q,
or ISL vLAN.

R(config-subif)#encapsulation ?
dot1Q IEEE 802.1Q Virtual LAN
isl Inter Switch Link - Virtual LAN encapsulation

R(config-subif)#encapsulation dot1Q ?
<1-4094> IEEE 802.1Q VLAN ID

R(config-subif)#encapsulation dot1Q 10
R(config-subif)#ip address 10.10.10.1 255.255.255.252

R#sh run int f0/0.1
interface FastEthernet0/0.1
encapsulation dot1Q 10
ip address 10.10.10.1 255.255.255.252
no snmp trap link-status
end

R#sh run int f0/0.2
interface FastEthernet0/0.2
encapsulation dot1Q 20
ip address 10.10.20.1 255.255.255.252
no snmp trap link-status
end

Router R2 and verify
R2#sh run int f0/0
interface FastEthernet0/0
no ip address
duplex auto
speed auto
end

R2#sh run int f0/0.1
interface FastEthernet0/0.1
encapsulation dot1Q 10
ip address 10.10.10.2 255.255.255.252
end

R2#sh run int f0/0.20
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.10.20.2 255.255.255.252
end

R2#ping 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/44 ms

R2#ping 10.10.20.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/36/52 ms

Wednesday, September 26, 2007

Set Date Time on Cisco Router

This intruction of set date time on Cisco Router, use it for NTP server and other router use it as NTP peer.

Set date time
R#clock ?
set Set the time and date

R#clock set ?
hh:mm:ss Current Time

R#clock set 11:20:00 ?
<1-31> Day of the month
MONTH Month of the year

R#clock set 11:20:00 26?
<1-31>

R#clock set 11:20:00 26 ?
MONTH Month of the year

R#clock set 11:20:00 26 SEPT ?
<1993-2035> Year

R#clock set 11:20:00 26 SEPT 2007

R#sh clock
11:20:03.415 UTC Wed Sep 26 2007

R(config)#clock timezone GMT 7

R(config)#do sh clock
11:21:11.979 GMT Wed Sep 26 2007

R(config)#ntp clock-period 17179574

R(config)#ntp master

R(config)#do sh clock
11:31:30.675 GMT Wed Sep 26 2007

NTP peer
RX(config)#ntp clock-period 17179576

RX(config)#ntp peer 1.2.3.4

RX(config)#do sh clock
.04:31:33.639 UTC Wed Sep 26 2007

Tuesday, September 25, 2007

Maximum Dynamic IP Routing Processes on Cisco

The Cisco IOS software can handle simultaneous operation of up to 30 dynamic IP routing
processes. The combination of routing processes on a router or access server consists of the following protocols
(with the limits noted) :

~ up to 30 IGRP or EIGRP routing processes
~ up to 30 OSPF routing processes
~ one RIP routing process
~ one IS-IS process
~ one BGP routing process

Well, let we test

R(config)#do sh ip proto sum            
Index Process Name
0 connected
1 static
2 rip
3 bgp 65500
4 eigrp 1
5 eigrp 2
6 eigrp 3
7 eigrp 4
8 eigrp 5
9 eigrp 6
10 eigrp 7
11 eigrp 8
12 eigrp 9
13 eigrp 10
14 eigrp 11
15 eigrp 12
16 eigrp 100
17 eigrp 200
18 eigrp 300
19 eigrp 400
20 eigrp 500
21 eigrp 600
22 eigrp 700
23 eigrp 800
24 eigrp 900
25 eigrp 1000
26 ospf 1
27 ospf 2
28 ospf 3
29 ospf 4
30 ospf 5
31 ospf 6
0 ospf 111

R(config)#router ospf 222
too many IP routing processes

R(config)#router eigrp 222
too many IP routing processes

R(config)#router bgp 100
BGP is already running; AS is 65500


All of IP routing processes in a router include connected and static is 33, without connected and static is 31 routing processes, So 31 dynamic routing processes can running concurrent (connected and static is static routing processes). But we need concern don't push a router running many of routing process very depend on memory of router futhermore advertise many of prefix.

Monday, September 24, 2007

Cisco Router Get IP Routing Protocol Info

There isn't IOS command 'get IP routing protocol' to get information about current running routing protocol on Cisco router. Cisco developed IOS command with prefix 'show' to view all configuration or status. To get information for IP routing protocol :

o 'show ip protocol' to detail IP routing protocol current running on router
o 'show ip protocol summary' only view what name of routing protocol

It is just simple tips to view IP routing protocol. Sometimes we confuse to do it at moment troubleshooting in underpreasure time, do it one by one status like 'show ip bgp sum', 'show ip ospf' etc.

RR#sh ip protocols summary 
Index Process Name
0 connected
1 static
3 ospf 1
2 bgp xxxx

Sunday, September 23, 2007

Set Screen logging Console to Log Buffer

This is simple way to disable logging appear on screen console, the name logging console. Logging console is very usefull information appear immediately on screen happen in the router or switch, but someday we don't need to appear in screen but still log all of happen in the device. So logging console set to save in logging buffer, and show it with 'show log'.

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hos
Router(config)#hostname R
R(config)#^Z
R#
*Mar 1 00:00:48.959: %SYS-5-CONFIG_I: Configured from console by console
R#conf t
Enter configuration commands, one per line. End with CNTL/Z.

R(config)#no logging console
R(config)#exit
R#conf t
Enter configuration commands, one per line. End with CNTL/Z.

R(config)#logging buffered

R(config)#do sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
R(config)#int f0/0
R(config-if)#no shutdown
R(config-if)#^Z

R#sh log
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns)
Console logging: disabled
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 3 messages logged
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 40 message lines logged

Log Buffer (4096 bytes):

*Mar 1 00:01:37.811: %SYS-5-CONFIG_I: Configured from console by console
*Mar 1 00:01:38.239: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar 1 00:01:39.239: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Saturday, September 22, 2007

Back up and Restore Cisco Configuration

o use a TFTP server: 'copy running-config tftp' and 'copy tftp running-config', follow the instrunctions

o use a FTP server: 'copy running-config ftp' and 'copy ftp running-config', follow the instrunctions

o manual capture with application console
# back up
- type 'terminal length 0'
- set application console capture output save to a file
- 'show running-config'
# restore
- copy all configuration on text to clipboard
- paste all to console device

All method that is a few of many method procedure back up and restore. Note : don't do restore all configuration to current operational network, very risk because make network down. May be someday or now but I don't know there is software to do restore the last change configuration so don't make network down time. If someone know about it may be you can share with me.

Sorry today I'm not share to detail how back up and restore Cisco configuration procedure, may be next time I will share.

Friday, September 21, 2007

Cisco Download IOS Use XModem

Xmodem is procedure to download IOS to router or catalyst, why we need this procedure, whereas we can download IOS from tftp server to device with IOS command. why ? because IOS on Cisco router or catalyst is fail, IOS binnary in flash memory corrupt, flash memory on device is small to archieve many IOS image or may be we want to upgrade IOS.

Xmodem is console mode with cable console and rommon prompt. This method should be work on many router or catalyst series are 8xx, 17xx, 26xx, 36xx, 37xx, etc.

Here the step of procedure

o boot device to rommon prompt, if IOS failed usually come in it
o use application console with serial port like HyperTerminal, Zterm etc, for 8-N-1 at 9600 bps
o (optional) if device still can access IOS prompt use 'config-register 0x0' to boot come on to rommon
o type 'confreg' and follow the instructions, set console baud to 115200 change the boot characteristics to 'y' if want to change console baud (default 9600) and then reset
o change default console baud application console with 115200
o in rommon prompt type 'xmodem -c flash:IOS_NAME.bin'



o in application console do transfer and send with xmodem protocol specify IOS image location and then transfer



o 'confreg 0x2102' to set back boot option to normal IOS

Thursday, September 20, 2007

QoS | Cisco Router Get QoS Info

Simple tips How to get QoS info on a Cisco router. One of apply QoS is use MQC (modular QoS CLI). QoS define 3 step are classification classes, policy define and apply policy to interface.

o Classification use 'class-map'
o Policy define use 'policy-map'
o Apply policy use 'service-policy'

To show what are policy-map apply to interface that mean MQC active.
#sh policy-map interface

Simple way to know active policy-map
#sh policy-map interface | i Service-policy


Just look at point 1 and 2 :

QoS | Cisco IP Protocol Discovery

In a few day ago, I ever post about IP accounting feature can get IP accounting information in interface Cisco router. Now I will show, how to get protocol based on application or mention NBAR (network based application recognation). This feature is one of way to classification classes to define (QoS) Quality of Service. Other classification classes in QoS are IP DSCP, IP ACL etc. To define QoS based on MQC (modular QoS CLI) need to 3 step are classification classes, policy define and apply policy to interface.

This topic just explain how to use simple classification classes based on protocol discovery or NBAR. To use NBAR just need default setting, it feature can automatic classification packet cross the interface based on application with specific port. If Cisco router known type of application, name of application or type shown in result NBAR, but if not just port number and type of packet.

To enable NBAR in interface use, from interface configuration
(config-if) #ip nbar protocol-discovery

To simple show result of NBAR
#sh ip nbar protocol-discovery

To show resulf in Top N
#sh ip nbar protocol-discovery top-n N

To other feature in resulf of NBAR use ?
#sh ip nbar protocol-discovery ?                     
interface Show for a specific interface
protocol Show stats about a particular protocol
stats Show Stats
top-n Show Top-N protocols by bytes
| Output modifiers

Wednesday, September 19, 2007

Simple Cisco Router Setup Network

This is about how simple setup network with Cisco router connect to internet service provider. We must concern about a few things, simple security performance.

o Simple : not all people deep understand about router specially Cisco router, so how setup network is simple, not need deep understand and more time to understand too.

#example configuration
- interface F0/0 to internet provider with IP address 100.100.100.1/30
interface FastEthernet0/0
ip address 100.100.100.2 255.255.255.252
duplex auto
speed auto

- interface F0/1 to LAN with switch IP gateway 192.168.0.1/24
interface FastEthernet0/1
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto

- default route to internet service provider with static route if we use one service provider
ip route 0.0.0.0 0.0.0.0 100.100.100.1

o Security : how about device is simple but secure, I'm not show about complex security, just simple security to defend attack from illegal management device.

#mandatory security configuration
service password-encryption
!
enable secret 5 [skip-enable-secret]
!
access-list 1 permit 192.168.0.100
!
line con 0
exec-timeout 5 0
password 7 [skip-password]
line aux 0
line vty 0 4
access-class 1 in
exec-timeout 3 0
password 7 [skip-password]
login

o Performance : how about device work best in performance, not overload process, not overload capacity of throughput interface.
- do it periodic check list about activity processor and memory usage in peak time and low time usage network.
- don't do debug command in operational network without deep understanding about Cisco router.
- don't do change configuration in peak time and do maintenance network in low time usage network or may be in off work.

IOS command to check list performance
o #show version
o #show processes
o #show processes cpu history

Compare Cisco Config use Diff

Sometimes I need to compare running-config and startup-config in Cisco router, may be there is command I configured but not sure to commit or save, or I have already miss configure and I lost some IOS command from running-config. As long as I know, IOS feature there is no feature use to rollback config from startup-config to current or running-config. But if there is IOS feature to rollback config from last startup-config, I think it is very risk to do it.

So I need something to compare running-config with startup-config, am I copy both of config and paste in text and use diff utility to compare it :-s ? I think this is traditional method.

I show to you about IOS Cisco feature configuration diff utility. I have little add command in new Cisco router and want to compare running-config and startup-config before write memory.

1#
R#show archive config differences system:running-config nvram:startup-config
Contextual Config Diffs:
+no service password-encryption
+no logging buffered
-service password-encryption
-logging buffered 4096 debugging
-no logging console
-enable secret 5 $1$I5HH$ljHLBZsJb9e3XGE.MRgUE.
line vty 0 4
-password 7 045802150C2E
-login

R#sh startup-config | i no
no service password-encryption
no logging buffered
no aaa new-model
no ip address
no ip address
no ip http secure-server

In contextual config diffs, there are + and -
+ indicates the configuration line exists in second text (startup-config) but not in first text (running config)
- indicates the configuration line exists in first text (running-config) but not in second text (startup-config)

or you can use : (the same result)
R#show archive config differences nvram:startup-config
Contextual Config Diffs:
+no service password-encryption
+no logging buffered
-service password-encryption
-logging buffered 4096 debugging
-no logging console
-enable secret 5 $1$I5HH$ljHLBZsJb9e3XGE.MRgUE.
line vty 0 4
-password 7 045802150C2E
-login

use command 'ignorecase' for ignore case sensitive text.
2#
R#sh archive config incremental-diffs nvram:startup-config ignorecase
!List of Commands:
no service password-encryption
no logging buffered
end

The list of commands there is not in running-config, same mean as dislpay line which will be added to running-config.

Monday, September 17, 2007

Cisco Router as a Frame Relay Switch

Cisco router can act as frame relay switch with special configuration little different from point-to-point router use frame-relay encapsulation to create 2 or more link logical. Because of a Cisco router can generate clock so can act as DCE device like if we create link point-to-point using HDLC encapsulation, one of side serial interface must set as DCE use clock rate.

To configure a Cisco router as a Frame Relay switch, follow the configuration steps below

1#
enable Frame Relay switching
(config)# frame-relay switching

2#
set encapsulation in the interface serial
(config-if)# encapsulation frame-relay

3#
configure the interface as a DCE interface
(config-if)# frame-relay intf-type dce

4#
specify incoming DLCI, outgoing interface and outgoing DLCI, Frame Relay switching can be configured only on physical interfaces

5#
set clockrate on serial interface of the Frame Relay switch. it provides clocking signals to the connected Frame Relay routers, which set up as DTE

#example

R1 --- (DLCI 100) R-FRSW (DLCI 200) --- R2

R1 : 10.10.10.1/24
R2 : 10.10.10.2/24

R-FRSW as Frame-Relay Switch
R-FRSW#
frame-relay switching
!
interface Serial1/0
no ip address
encapsulation frame-relay
serial restart_delay 0
clockrate 64000
frame-relay intf-type dce
frame-relay route 100 interface Serial1/1 200
!
interface Serial1/1
no ip address
encapsulation frame-relay
serial restart_delay 0
clockrate 64000
frame-relay intf-type dce
frame-relay route 200 interface Serial1/0 100

R-FRSW#sh frame-relay ?
end-to-end Frame-relay end-to-end VC information
fragment show frame relay fragmentation information
ip show frame relay IP statistics
lapf show frame relay lapf status/statistics
lmi show frame relay lmi statistics
map Frame-Relay map table
multilink Show Multilink Frame Relay bundle information
pvc show frame relay pvc statistics
qos-autosense show frame relay qos-autosense information
route show frame relay route
svc show frame relay SVC stuff
traffic Frame-Relay protocol statistics
vc-bundle FR VC-Bundle
vofr Show frame-relay VoFR statistics

R-FRSW#sh frame-relay route
Input Intf Input Dlci Output Intf Output Dlci Status
Serial1/0 100 Serial1/1 200 active
Serial1/1 200 Serial1/0 100 active


Router 1
R1#
interface Serial1/0
ip address 10.10.10.1 255.255.255.0
encapsulation frame-relay
serial restart_delay 0

R1#sh frame-relay map
Serial1/0 (up): ip 10.10.10.2 dlci 100(0x64,0x1840), dynamic,
broadcast,, status defined, active


Router 2
R2#
interface Serial1/0
ip address 10.10.10.2 255.255.255.0
encapsulation frame-relay
serial restart_delay 0

R2#sh frame-relay pvc 200
PVC Statistics for interface Serial1/0 (Frame Relay DTE)

DLCI = 200, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0

input pkts 6 output pkts 6 in bytes 554
out bytes 554 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 1 out bcast bytes 34
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:02:07, last time pvc status changed 00:01:47

R2#sh frame-relay map
Serial1/0 (up): ip 10.10.10.1 dlci 200(0xC8,0x3080), dynamic,
broadcast,, status defined, active

Sunday, September 16, 2007

The First Time Config of Cisco IOS Switch

Why I mention Cisco IOS Switch not just Cisco Switch, because Cisco has Switch with Catalyst OS old version of Cisco Switch. Cisco has two type of OS Switch device are Catalyst OS (CatOS) and IOS Switch, IOS switch newer than CatOS.

If we new start up or use IOS Switch in network existing there are several condition of switch must be always remember. That are VTP domain and type of VTP.

o VTP domain is the name of switch domain, if we have several switch in a network we need define VTP domain each switch. that is to manage of vlan database every switch, several switch with same VTP domain can sync vlan database.
o type of VTP has three model : server, client and transparent.

- server : create, delete, modify vlan, advertise to other switch with same VTP domain
- client : receive vlan from other switch act as server with same VTP domain
- transparent : create, delete, modify vlan for it self but not advertise to other switch with same VTP domain, if receive vlan update from other switch with sampe VPT domain drop it (VTP version 1), advertise again to other switch with same VTP domain (VTP version 2)

We need concern about vlan database. Vlan database is data about condition of switch about matrix from ports in switch, for example port 1 is same broadcast domain from port 2 or not, all port in switch act as hub same broadcast domain etc.

Friday, September 14, 2007

Create 2 from 1 Physical Link

Like Magic! WoW, no magic in networking :d. As like in title create 2 logical link from 1 physical link, actually not just 2 link can we create, can more than 2 link. Physical link in here are Serial and Ethernet, but now I just use Serial link with frame-relay encapsulation, may be next time for Ethernet. Logical link is use subinterface Serial interface. Serial interface link identic with WAN and use E1/T1 dedicated link.

What is purpose separate 2 or more link from 1 physical link :

o traditional separate traffic type
o separate VPN with internet traffic
o out-of-band, separate main traffic like Internet or Data with signal or management traffic
o etc.

Example configuration with 1 physical link attach 2 Cisco router (R1 and R2).

R1#
frame-relay switching

interface Serial1/0
no ip address
encapsulation frame-relay
serial restart_delay 0
no frame-relay inverse-arp
frame-relay intf-type dce

interface Serial1/0.1 point-to-point
ip address 10.10.1.1 255.255.255.0
frame-relay interface-dlci 100

interface Serial1/0.2 point-to-point
ip address 10.10.2.1 255.255.255.0
frame-relay interface-dlci 200

R2#
interface Serial1/0
no ip address
encapsulation frame-relay
serial restart_delay 0
no frame-relay inverse-arp

interface Serial1/0.1 point-to-point
ip address 10.10.1.2 255.255.255.0
frame-relay interface-dlci 100

interface Serial1/0.2 point-to-point
ip address 10.10.2.2 255.255.255.0
frame-relay interface-dlci 200

R1#sh frame-relay ?
end-to-end Frame-relay end-to-end VC information
fragment show frame relay fragmentation information
ip show frame relay IP statistics
lapf show frame relay lapf status/statistics
lmi show frame relay lmi statistics
map Frame-Relay map table
multilink Show Multilink Frame Relay bundle information
pvc show frame relay pvc statistics
qos-autosense show frame relay qos-autosense information
route show frame relay route
svc show frame relay SVC stuff
traffic Frame-Relay protocol statistics
vc-bundle FR VC-Bundle
vofr Show frame-relay VoFR statistics

R1#sh frame-relay map
Serial1/0.2 (up): point-to-point dlci, dlci 200(0xC8,0x3080), broadcast
status defined, active
Serial1/0.1 (up): point-to-point dlci, dlci 100(0x64,0x1840), broadcast
status defined, active

R1#sh frame-relay pvc 100

PVC Statistics for interface Serial1/0 (Frame Relay DCE)

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0.1

input pkts 16 output pkts 16 in bytes 3044
out bytes 3044 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 6 out bcast bytes 2004
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:25:40, last time pvc status changed 00:05:24

Monday, September 10, 2007

QoS | CAR, CIR, MIR, EIR, PIR, CDR

Several a day ago I posted about CIR how to calculate TC, this is list figure of rate, if there is wrong CMIIW (correct me if I wrong)

Committed Access Rate (CAR) is used to limit traffic that can enter or exit an interface.

Committed Information Rate (CIR) is minimum bandwidth that is guaranteed to work under normal conditions, at any time the bandwidth should not fall below.

Minimum Information Rate (MIR) is minimum bandwidth, the lowest information rate will be assigned where there is congestion.

Excess Information Rate (EIR) is burstable bandwidth, CIR plus excess burst rate.

Peak Information Rate (PIR) is bandwidth will may use during data bursts when there is excess bandwidth available and no congestion also mention maximum information rate (MaxIR/MIR).

Committed Data Rate (CDR) refers also to voice and non-data packets and not only to data packets as in CDR.

All rate figure in kilobits per second (kbit/s).

Sunday, September 9, 2007

Exec Command from Cisco Config Mode

IOS (Internetwork Operating System) has three mode management from telnet or console. That are unprivileged mode, privileged mode, config mode, in config mode there are more type config like interface config (int-conf), route config (route-config) etc. all of them include in config mode.

o unprivileged mode :
Router>

o privileged mode :
Router#

o config mode :
Router(config)#


From unprivileged to privileged use enable command and need enable password / secret password if set, go back to unprivileged mode type disable. To access config mode must from privileged mode just type config terminal or just conf t and go in Router(config)#, go back to privileged mode type exit.

In early IOS cisco build, config mode just for config if we need to show or execute command, must be exit from config mode, but in newer IOS version we can do execute command from config mode using 'do' command in every execute command.

Router#configure ?
memory Configure from NV memory
network Configure from a TFTP network host
overwrite-network Overwrite NV memory from TFTP network host
terminal Configure from the terminal


Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#do ?
LINE Exec Command

Router(config)#do sh ver
Cisco Internetwork Operating System Software
IOS (tm) xxxx Software (xxxx), Version 12.2(13)T5, RELEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Wed 28-May-03 16:33 by nmasa


This feature like in JUNOS, Juniper OS using 'run' command in edit mode to execute comamnd, but I don't know much more detail about management mode in JUNOS, just compared.

> edit 
Entering configuration mode

[edit]
# run show configuration
...
version 7.1R2.2;
groups {
21;
}
...

Saturday, September 8, 2007

QoS | Weighted Fair Queueing

a dynamic scheduling method for fair bandwidth allocation to all network traffic.

Four type of WFQ :
- Flow-based WFQ
- Flow-based Distributed WFQ (DWFQ)
- Class-based WFQ
- Class-based Distributed WFQ

Distributed just run on versatile interface processor (VIP) for faster performance and a route switch processor (RSP).

Example simple implement WFQ :

#config interface to WFQ
(config-if) fair-queue


#verify
show interface INT
...
queueing strategy: weighted fair
...

Friday, September 7, 2007

QoS | Committed Information Rate

This is example about CIR. I have a link T1 with limit bandwidth CIR 768 kbps, BC set 96000 CIR/8, how many TC to across a link?

TC = BC / CIR
TC = 96000 / 768000
= 0.125 s
= 125 ms
= 1/8 s

ex. #2
CIR 1024 kbps
BC 256000
TC = 256000 / 1024000
= 0.25 s
= 250 ms
= 1/4 s


CIR : Committed Information Rate
TC : time committed
BC : burst committed

Thursday, September 6, 2007

QoS | Priority Queueing

PQ allows certain traffic to be strictly-prioritized, multiple queue, allow priority. By default is define 4 queue are high, medium, normal, low, if you not define queue type default use normal. Each of queue is 20, 40, 60, 80 packets by default.

PQ use round-robin sequence occurs for every single packet. Therefore, if there are consistently packets in upper queues, packet in lower queues will never get serviced. PQ like CQ no direction option is applied, as queuing is always outbound.

Task configuration of PQ

#define priority list (required)
R1(config)#priority-list ?
<1-16> Priority list number

R1(config)#priority-list 1 ?
default Set priority queue for unspecified datagrams
interface Establish priorities for packets from a named interface
protocol priority queueing by protocol
queue-limit Set queue limits for priority queues

R1(config)#priority-list 1 protocol ?
aarp AppleTalk ARP
appletalk AppleTalk
arp IP ARP
bridge Bridging
bstun Block Serial Tunnel
cdp Cisco Discovery Protocol
clns ISO CLNS
clns_es ISO CLNS End System
clns_is ISO CLNS Intermediate System
cmns ISO CMNS
compressedtcp Compressed TCP (VJ)
decnet DECnet
decnet_node DECnet Node
decnet_router-l1 DECnet Router L1
decnet_router-l2 DECnet Router L2
dlsw Data Link Switching (Direct encapsulation only)
http HTTP
ip IP
ipv6 IPV6
ipx Novell IPX
llc2 llc2
pad PAD links
pppoe PPP over Ethernet
qllc qllc protocol
rsrb Remote Source-Route Bridging
snapshot Snapshot routing support
stun Serial Tunnel

R1(config)#priority-list 1 protocol http ?
high
medium
normal
low

R1(config)#priority-list 1 protocol http high ?
gt Prioritize packets greater than a specified size
lt Prioritize packets less than a specified size


R1(config)#priority-list 1 protocol http high


#assigning priority list to an interface (required)
R1(config-if)#priority-group ?
<1-16> Priority group

R1(config-if)#priority-group 1 ?


#monitoring (optional)
- default queue FIFO on interface FastEthernet
...
Queueing strategy: fifo
Output queue: 0/40 (size/max)
...

- use PQ
...
Queueing strategy: priority-list 1
Output queue (queue priority: size/max/drops):
high: 0/20/0, medium: 0/40/0, normal: 0/60/0, low: 0/80/0
...


#final config
...
interface FastEthernet0/1
ip address 192.168.100.1 255.255.255.0
duplex auto
speed auto
priority-group 1

priority-list 1 protocol http high
priority-list 1 protocol ip medium
priority-list 1 protocol pppoe normal
priority-list 1 default low
...


The concept config PQ almost like CQ just change 'queue-list' with 'priority-list' in global configuration IOS command and applied on an interface use 'priority-group'. CQ and PQ still don't need MQC (modular QoS CLI) IOS command, next time may be I will explain about example Congestion Management with MQC.

New Apple iPod series

a several minutes later, Apple announce new iPod suffle with new color, iPod nano with video, iPod video with big storage 80-160GB called iPod classic, iPod-touch all user-interface like iPhone.

iPod nano with video has new interesting feature that is video. Now can watch video-on-demand on ipod nano, it's amazing feature, with small and thin iPod can watch amazing video, Apple say A little video for everyone. In photo album or music using cover-flow like in finder Mac OS X leopard.

iPod-touch has interesting feature too but I am not mention new but in iPhone launch several month ago has this feature. That is Wi-fi, so we can surf on internet using Safari built-in WOW we can read or search some IOS command in Cisco UniverCD or join in CCIE community or posting a blog. It's that amazing. I hope there is application can telnet to Cisco router :d.

Wednesday, September 5, 2007

QoS | Custom Queueing

CQ implementation WRR, up to 16 user queues, threshold based on number of bytes. Service use Round-robin we need requires configuration. CQ is used to create a bandwidth reservation in output queue of an interface. So no direction option on applied to the interface, fact that queueing is always outbound.

I have simple sample of CQ, objective is guaranteed the following amount of bandwidth that traffic leaving its Ethernet interface. I want 3 traffic define are ftp, telnet www and default for else logical. Each queue would be guaranteed bandwidth in a ratio of 5:2:2:1 on a total value 16000 bytes or 128 kbps, which results in 8000/16000, 3200/16000, 3200/16000, 1600/16000. With the CQ if there is traffic of type A and B waiting to be sent, but no traffic of type C, type A and B are not limited to a maximum of 50% and 20%. Instead A and B are guaranteed a minimum of 50% and 20% in the case of congestion.

#final running-config
...
queue-list 1 protocol ip 1 tcp ftp
queue-list 1 protocol ip 2 tcp telnet
queue-list 1 protocol ip 3 tcp www
queue-list 1 default 4
queue-list 1 queue 1 byte-count 8000
queue-list 1 queue 2 byte-count 3200
queue-list 1 queue 3 byte-count 1600

interface FastEthernet0/0
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto
custom-queue-list 1
...


#step-by-step configuring define queue (required)
R1(config)#queue-list ?
<1-16> Queue list number

R1(config)#queue-list 1 ?
default Set custom queue for unspecified datagrams
interface Establish priorities for packets from a named interface
lowest-custom Set lowest number of queue to be treated as custom
protocol priority queueing by protocol
queue Configure parameters for a particular queue
stun Establish priorities for stun packets

R1(config)#queue-list 1 protocol ?
aarp AppleTalk ARP
appletalk AppleTalk
arp IP ARP
bridge Bridging
bstun Block Serial Tunnel
cdp Cisco Discovery Protocol
clns ISO CLNS
clns_es ISO CLNS End System
clns_is ISO CLNS Intermediate System
cmns ISO CMNS
compressedtcp Compressed TCP (VJ)
decnet DECnet
decnet_node DECnet Node
decnet_router-l1 DECnet Router L1
decnet_router-l2 DECnet Router L2
dlsw Data Link Switching (Direct encapsulation only)
http HTTP
ip IP
ipv6 IPV6
ipx Novell IPX
llc2 llc2
pad PAD links
pppoe PPP over Ethernet
qllc qllc protocol
rsrb Remote Source-Route Bridging
snapshot Snapshot routing support
stun Serial Tunnel

R1(config)#queue-list 1 protocol ip ?
<0-16> queue number

R1(config)#queue-list 1 protocol ip 1 ?
fragments Prioritize fragmented IP packets
gt Classify packets greater than a specified size
list To specify an access list
lt Classify packets less than a specified size
tcp Prioritize TCP packets 'to' or 'from' the specified port
udp Prioritize UDP packets 'to' or 'from' the specified port


R1(config)#queue-list 1 protocol ip 1 tcp ?
<0-65535> Port number
bgp Border Gateway Protocol (179)
chargen Character generator (19)
cmd Remote commands (rcmd, 514)
daytime Daytime (13)
discard Discard (9)
domain Domain Name Service (53)
drip Dynamic Routing Information Protocol (3949)
echo Echo (7)
exec Exec (rsh, 512)
finger Finger (79)
ftp File Transfer Protocol (21)
ftp-data FTP data connections (20)
gopher Gopher (70)
hostname NIC hostname server (101)
ident Ident Protocol (113)
irc Internet Relay Chat (194)
klogin Kerberos login (543)
kshell Kerberos shell (544)
login Login (rlogin, 513)
lpd Printer service (515)
nntp Network News Transport Protocol (119)
pim-auto-rp PIM Auto-RP (496)
pop2 Post Office Protocol v2 (109)
pop3 Post Office Protocol v3 (110)
smtp Simple Mail Transport Protocol (25)
sunrpc Sun Remote Procedure Call (111)
syslog Syslog (514)
tacacs TAC Access Control System (49)
talk Talk (517)
telnet Telnet (23)
time Time (37)
uucp Unix-to-Unix Copy Program (540)
whois Nicname (43)
www World Wide Web (HTTP, 80)

R1(config)#queue-list 1 protocol ip 1 tcp ftp ?


#step-by-step configuring specify queue (optional)
R1(config)#queue-list 1 ?
default Set custom queue for unspecified datagrams
interface Establish priorities for packets from a named interface
lowest-custom Set lowest number of queue to be treated as custom
protocol priority queueing by protocol
queue Configure parameters for a particular queue
stun Establish priorities for stun packets

R1(config)#queue-list 1 queue ?
<0-16> queue number

R1(config)#queue-list 1 queue 1 ?
byte-count Specify size in bytes of a particular queue
limit Set queue entry limit of a particular queue

R1(config)#queue-list 1 queue 1 byte-count ?
<1-16777215> size in bytes

o use byte-count for average number of bytes
o use limit for maximum number of packet

#step-by-step configuring applied on interface (required)
R1(config-if)#?
Interface configuration commands:
...
custom-queue-list Assign a custom queue list to an interface
...

R1(config-if)#custom-queue-list ?
<1-16> Custom queue list number

R1(config-if)#custom-queue-list 1 ?


#monitor or verify CQ (optional)
R1#sh int f0/0
FastEthernet0/0 is up, line protocol is up
Hardware is Gt96k FE, address is c200.02d4.0000 (bia c200.02d4.0000)
Internet address is 192.168.0.1/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:03, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: custom-list 1
Output queues: (queue #: size/max/drops)
0: 0/20/0 1: 0/20/0 2: 0/20/0 3: 0/20/0 4: 0/20/0
5: 0/20/0 6: 0/20/0 7: 0/20/0 8: 0/20/0 9: 0/20/0
10: 0/20/0 11: 0/20/0 12: 0/20/0 13: 0/20/0 14: 0/20/0
15: 0/20/0 16: 0/20/0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
92 packets output, 9553 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

R1#sh queueing ?
interface
custom custom queueing list configuration
fair fair queueing configuration
priority priority queueing list configuration
random-detect random early detection configuration
| Output modifiers


R1#sh queueing custom ?
| Output modifiers


R1#sh queueing custom
Current custom queue configuration:

List Queue Args
1 4 default
1 1 protocol ip tcp port ftp
1 2 protocol ip tcp port telnet
1 3 protocol ip tcp port www
1 1 byte-count 8000
1 2 byte-count 3200
1 3 byte-count 1600

QoS | Congestion Management

In my archieve, I ever post about Queueing Strategy and Queueing Strategy part 2. it's part of Congestion Management in QoS. Congestion management use marking on each packet to determine in which queue to place packets, mechanisms queuing algorithms each interface must have a queuing mechanism to prioritize transmission of packets. Congestion management to control congestion by determining order in which packets are sent out an interface based on priorities assigned to packets. Congestion occur at any point where there re-points of speed mismatches, aggregation or confluence, queuing manages congestion to provide bandwidth and delay guarantees.

Queueing components divide two : hardware and software. Hardware queuing always use FIFO, software queuing can be selected schedules packets into hardware queue. Software queue use if hardware queue is full. What is hardware and what is software queueing ?

- Hardware Queueing is queue happen in real interface, this handle by hardware component
- Software Queueing is queue happen in software based to schedules packet into hardware queue

Softwere queue use if hardware queue is full. A full hardware queue indicates interface congestion and software queue is used to manage it. If a packet forward that mean router bypass software queue. Router determine length hard queue based on config bandwidth interface in 'tx-ring' value. In subinterface or software interface like tunnel, dialer etc. not have separate tx-ring. You can adjust length of value with 'txt-ring-limit' command IOS. So only hardware interface have a tx-ring.

Congestion management is sophisticated queuing technology, there are algorithms of queuing or congestion management QoS features :
- FIFO (first in, first out)
- PQ (priority queuing)
- CQ (custom queuing)
- WFQ (weighted fair queuing)
- CBWFQ (class-based weighted fair queuing)
- LLQ (low latency queuing) hybrid PQ and CBWFQ

We can assign only one queueing mechanism type to an interface. A variety of queueing mechanisms can be configured using multilink, for example, Multichassis Multilink PPP (MMP). However, if only PPP is used on a tunneled interface—for example, virtual private dialup network (VPND), PPP over Ethernet (PPPoE), or PPP over Frame Relay (PPPoFR)—no queueing can be configured on the virtual interface.

Tuesday, September 4, 2007

1 of 2 but not a half

Thank's God, thank's God, thank's God, I passed CCIE Routing Switching Written in first attempt last day in August (08/31). It's really cool, I done 75 hour's learning dedicated for written and -/+4 month studied for CCIP. for CCIE written preparation I use all CCIP guide, SND guide for securiy, cisco univercd for new IOS technology multicast IPv6, some book from ciscopress for bridge switching & troubleshooting.

Pass written not a half of journey CCIE but it just 1 of 2. I need more deep understand and try all technology in blueprint, more lab, not believe all teory but need try with my self.

in last word, congratulation for my CCIE written, 1 step for 2 step. I hope enjoy with this journey going to CCIE.