menjelang pergantian tahun GMT+7, sedikit menengong kebelakang merenungi perjalanan ku belajar about network, simple world but many mean and many application.
satu kisah yg tak terlupakan di 2008
- kesempatan CCIE lab exam first time
- CCIE lab exam first time failed
- kehilangan kesempatan first attempt pass CCIE lab exam and get #number
benar-benar keputusan yg besar untuk menuju CCIE, apalagi tanpa bantuan dari sponsor atau company, semua dgn swadaya swadana sendiri.
CCIE lab yg dibuat dengan format 8 jam ujian terus menerus praktek, di depan sebuah komputer yg terkoneksi dengan jaringan khusus yg mengakses topologi jaringan sesuai dengan soal, close book, hanya bisa mengakses cisco.com/univercd sebagai panduan. 8 jam ujian lab sangat menentukan dalam hasil namun 8 jam dibandingkan dengan persiapan sebelum ujian rasa2nya tidak ada artinya, harus mengurangi waktu tidur setiap hari, tidak pernah merasa tidur dengan nyenyak, beresiko sering ketiduran waktu kerja :D.
kalau dirangkum kira-kira efeknya seperti ini
1. bisa mengetik cepat, apalagi command2 cisco
2. banyak hal2 yang belum ngerti bahkan belum pernah tahu jadi tahu dan paham
3. semakin dekat waktu ujian, semakin banyak hal-hal yg belum mengerti dan rasanya waktu kurang 24 jam
4. perut jadi agak sedikit buncit, karena jadi makan banyak, sering lapar
5. jadi sedikit kuper, kurang bergaul, jalan-jalan jadi bawa2 ibook, ada sedikit kesempatan buka console telnet terminal-console lab :D
6. kantong jadi bokek, karena harus nabung abis2an buat biaya lab :D, buat beli peralatan lab, kabel2 serial, server simulasi dsb
beberapa jam setelah ujian lab, keluar hasilnya di web cisco dan failed, mencoba menerima apa yg telah dikerjakan dan diusahakan. tidak banyak yg punya kesempatan untuk sampai ke lab exam, meskipun hasilnya failed :D
di akhir tahun 2008, bulan desember tgl 17, sedikit hasil dari usaha belajar juniper network pass JNCIA, tp pass itu tidak lah berarti apa2 tanpa belajar dan terus belajar tentang network. waktu tidak tidur, selalu berputar dan terus berputar dan akan berdampak positif bagi yg bisa memanfaatkan utk hal-hal yg baru dan positif.
tidak ada selamat tahun baru untuk kali ini, karena tidak semua saudara-saudara kita di semua belahan bumi ini menikmati pergatian tahun ini.
bye 2008, welcome 2009.
Wednesday, December 31, 2008
Wednesday, December 17, 2008
back ...
It's long time, I'm not post this blog. welcome back ...
So what I do? busy? or stress? because failed CCIE a few month ago no no no. I just little busy for my daily job and busy read what is network from other side :D. So ... really stress with Cisco and change to Juniper ? no no no, I want to know more about network, how OSPF work, how BGP policy apply etc from other side and I choose Juniper. I think learn about network not only from one resource, many resource in this world can be reference and from many company network but still focus. But remember if you're compare network device from different company network doing head-to-head and be fair, not part-of or just half.
So what I do? busy? or stress? because failed CCIE a few month ago no no no. I just little busy for my daily job and busy read what is network from other side :D. So ... really stress with Cisco and change to Juniper ? no no no, I want to know more about network, how OSPF work, how BGP policy apply etc from other side and I choose Juniper. I think learn about network not only from one resource, many resource in this world can be reference and from many company network but still focus. But remember if you're compare network device from different company network doing head-to-head and be fair, not part-of or just half.
Wednesday, August 20, 2008
Cisco Kron Schedule not Cron Schedule
Do you familiar with *nix Cron Schedule / *nix Crontab Schedule ? How about Kron Schedule in Cisco IOS
Warning be carefull with this example about configure replace at hh:mm
old configure
ip route 0.0.0.0 0.0.0.0 161.1.78.8
new configure (flash:test)
ip route 0.0.0.0 0.0.0.0 161.1.78.8 --> delete it
configure kron schedule
configure terminal
kron policy-list remove-static-route
cli configure replace flash:test force
kron occurrence remove-static-route at 22:49 oneshot
policy-list remove-static-route
step by step, verify, debug
Router#sh clock
22:48:07.145 UTC Wed Aug 20 2008
Router#sh kron schedule
Kron Occurrence Schedule
remove-static-route inactive, will run once in 0 days 00:01:09 at 22:49 on
Router#debug kron all
All kron debug flags are on
Router#sh debug
Kron:
Kron debugs, failure messages debugging is on
Kron debugs, informational and minor warning messages debugging is on
Kron cli occurrence messages debugging is on
Router#sh kron schedule
Kron Occurrence Schedule
remove-static-route inactive, will run once in 0 days 00:00:50 at 22:49 on
Router#sh ip ro static
S* 0.0.0.0/0 [1/0] via 161.1.78.8
Router#
5w1d: Major 1, Minor 0
5w1d: Timer Event remove-static-route
5w1d: Call parse_cmd 'configure replace flash:test force'
5w1d: Rollback:Acquired Configuration lock.
5w1d: Occurrence remove-static-route is active, it will be removed when inactive
5w1d: Policy remove-static-route is Active, cannot be removed yet
Router#
5w1d: %PARSER-3-BADUNLOCKREQ: Unlock requested by process id '225' name 'Kron CLI Process' debug info 'Rollback'. You are not the lock owner
Router#
5w1d: Kron CLI return 0
'
**CLI 'configure replace flash:test force':
Total number of passes: 1Rollback Done'
5w1d: Major 4, Minor 7
5w1d: Respond to end of CLI Process
5w1d: Forcing Removing Policy remove-static-route
5w1d: Removing Policy remove-static-route
5w1d: Removing CLI 'configure replace flash:test force'
5w1d: Done Removing Policy remove-static-route
5w1d: Forcing Removing Occur remove-static-route
5w1d: Removing Occur remove-static-route
5w1d: Removing Policy Name 'remove
Router#-static-route'
5w1d: Finished Removing Occurrence remove-static-route
Router#show ip route static
Router#sh kron schedule
Kron Occurrence Schedule
Warning be carefull with this example about configure replace at hh:mm
old configure
ip route 0.0.0.0 0.0.0.0 161.1.78.8
new configure (flash:test)
ip route 0.0.0.0 0.0.0.0 161.1.78.8 --> delete it
configure kron schedule
configure terminal
kron policy-list remove-static-route
cli configure replace flash:test force
kron occurrence remove-static-route at 22:49 oneshot
policy-list remove-static-route
step by step, verify, debug
Router#sh clock
22:48:07.145 UTC Wed Aug 20 2008
Router#sh kron schedule
Kron Occurrence Schedule
remove-static-route inactive, will run once in 0 days 00:01:09 at 22:49 on
Router#debug kron all
All kron debug flags are on
Router#sh debug
Kron:
Kron debugs, failure messages debugging is on
Kron debugs, informational and minor warning messages debugging is on
Kron cli occurrence messages debugging is on
Router#sh kron schedule
Kron Occurrence Schedule
remove-static-route inactive, will run once in 0 days 00:00:50 at 22:49 on
Router#sh ip ro static
S* 0.0.0.0/0 [1/0] via 161.1.78.8
Router#
5w1d: Major 1, Minor 0
5w1d: Timer Event remove-static-route
5w1d: Call parse_cmd 'configure replace flash:test force'
5w1d: Rollback:Acquired Configuration lock.
5w1d: Occurrence remove-static-route is active, it will be removed when inactive
5w1d: Policy remove-static-route is Active, cannot be removed yet
Router#
5w1d: %PARSER-3-BADUNLOCKREQ: Unlock requested by process id '225' name 'Kron CLI Process' debug info 'Rollback'. You are not the lock owner
Router#
5w1d: Kron CLI return 0
'
**CLI 'configure replace flash:test force':
Total number of passes: 1Rollback Done'
5w1d: Major 4, Minor 7
5w1d: Respond to end of CLI Process
5w1d: Forcing Removing Policy remove-static-route
5w1d: Removing Policy remove-static-route
5w1d: Removing CLI 'configure replace flash:test force'
5w1d: Done Removing Policy remove-static-route
5w1d: Forcing Removing Occur remove-static-route
5w1d: Removing Occur remove-static-route
5w1d: Removing Policy Name 'remove
Router#-static-route'
5w1d: Finished Removing Occurrence remove-static-route
Router#show ip route static
Router#sh kron schedule
Kron Occurrence Schedule
Sunday, August 17, 2008
Berbeda-beda Tetapi Tetap Satu
Mungkin blog ini banyak dibahas hal-hal tentang network IP (internet protocol) dari Cisco, teknologi, konfigurasi, trik dan yang lain. Apakah hanya Cisco yang bermain dalam hal network tersebut jawabnya tidak, banyak perusahaan lain selain Cisco bermain di network sebut saja Juniper dengan JunOS-nya (sistem operasi router Juniper, sistem operasi router Cisco adalah IOS). Bisa dibilang pesaing Cisco dan banyak bermain dalam core network.
Disini akan saya tulis beberapa command yang mempunyai fungsi sama JunOS dan IOS
1# menampilkan daftar interface secara kolom berserta IP address
JunOS> show interfaces terse
IOS# show ip interface brief
2# menampilkan konfigurasi router
JunOS> show configuration
IOS# show running-config
3# mengambil baris yang diinginkan
JunOS> show configuration | match nnnnn
IOS# show running-config | include nnnnn
4# mengambil sekumpulan baris yang diinginkan dari awal
JunOS> show configuration | find nnnnn
IOS# show running-config | begin nnnnn
5# menampilkan routing tabel router
JunOS> show route
IOS# show ip route
6# menampilkan BGP peering
JunOS> show bgp summary
IOS# show ip bgp summary
7# menampilkan prefix yang di-advertise ke BGP peering a.a.a.a
JunOS> show route advertising-protocol bgp a.a.a.a
IOS# show ip bgp neighbor a.a.a.a advertised-routes
8# menampilkan prefix yang di-terima dar BGP peering a.a.a.a
JunOS> show route receive-protocol bgp a.a.a.a
IOS# show ip bgp neighbor a.a.a.a routes
9# menampilkan user yang sedang telnet
JunOS> show system users
IOS# who
10# menampilkan berapa lama waktu router menyala (waktu nyala)
JunOS> show system uptime
IOS# show version
11# menampilkan log router
JunOS> show log /var/log/messages
IOS# show logging
12# menampilkan cpu proses
JunOS> show system processes
IOS# show processes
Di atas terdapat perbedaan dalam penyampaian dari masing-masing sistem operasi namun maksudnya sama. Sama seperti suatu bangsa ini 'Indonesia' banyak perbedaan di dalamnya, perbedaan suku, perbedaan tempat, perbedaan kebiasan namun semua ini tetap satu atas nama Bangsa Indonesia.
Tepat hari ini 63 tahun Indonesia merdeka, dan spesial untuk hari ini juga menggunakan Bahasa Indonesia menghormati Indonesia yang merayakan dirgahayu.
Selamat Ulang Tahun Indonesia ku.
Dirgahayu Indonesia.
Perbedaan bukan halangan untuk maju, tetap satu Bangsa Indonesia.
Disini akan saya tulis beberapa command yang mempunyai fungsi sama JunOS dan IOS
1# menampilkan daftar interface secara kolom berserta IP address
JunOS> show interfaces terse
IOS# show ip interface brief
2# menampilkan konfigurasi router
JunOS> show configuration
IOS# show running-config
3# mengambil baris yang diinginkan
JunOS> show configuration | match nnnnn
IOS# show running-config | include nnnnn
4# mengambil sekumpulan baris yang diinginkan dari awal
JunOS> show configuration | find nnnnn
IOS# show running-config | begin nnnnn
5# menampilkan routing tabel router
JunOS> show route
IOS# show ip route
6# menampilkan BGP peering
JunOS> show bgp summary
IOS# show ip bgp summary
7# menampilkan prefix yang di-advertise ke BGP peering a.a.a.a
JunOS> show route advertising-protocol bgp a.a.a.a
IOS# show ip bgp neighbor a.a.a.a advertised-routes
8# menampilkan prefix yang di-terima dar BGP peering a.a.a.a
JunOS> show route receive-protocol bgp a.a.a.a
IOS# show ip bgp neighbor a.a.a.a routes
9# menampilkan user yang sedang telnet
JunOS> show system users
IOS# who
10# menampilkan berapa lama waktu router menyala (waktu nyala)
JunOS> show system uptime
IOS# show version
11# menampilkan log router
JunOS> show log /var/log/messages
IOS# show logging
12# menampilkan cpu proses
JunOS> show system processes
IOS# show processes
Di atas terdapat perbedaan dalam penyampaian dari masing-masing sistem operasi namun maksudnya sama. Sama seperti suatu bangsa ini 'Indonesia' banyak perbedaan di dalamnya, perbedaan suku, perbedaan tempat, perbedaan kebiasan namun semua ini tetap satu atas nama Bangsa Indonesia.
Tepat hari ini 63 tahun Indonesia merdeka, dan spesial untuk hari ini juga menggunakan Bahasa Indonesia menghormati Indonesia yang merayakan dirgahayu.
Selamat Ulang Tahun Indonesia ku.
Dirgahayu Indonesia.
Perbedaan bukan halangan untuk maju, tetap satu Bangsa Indonesia.
Saturday, July 26, 2008
still ...
!
still losing time for my sleep
still my home browser is http://www.cisco.com/univercd
still my screen open iTerm or Terminal
still my finger typing on console
still doing on my lab
still thinking how can be routing-loop
!
...
absolutely still going to magic number #
!
end
- combination IGP mutual redistribute (RIP, EIGRP, OSPF)
.OSPF <-> RIP
.OSPF <-> EIGRP
.RIP <-> EIGRP
*<-> mutual redistribute
- OSPF mutual redistribute with RIP should not be routing-loop
if
1. destination on RIP with default metric
2. destination on OSPF with default metric
how scenario can be routing-loop (one example)
# destination on RIP but advertise with modification metric ex. advertise with metric 10
I will share with simple scenario about it next time ;)
still test & prove ... IGP routing-loop
still losing time for my sleep
still my home browser is http://www.cisco.com/univercd
still my screen open iTerm or Terminal
still my finger typing on console
still doing on my lab
still thinking how can be routing-loop
!
...
absolutely still going to magic number #
!
end
- combination IGP mutual redistribute (RIP, EIGRP, OSPF)
.OSPF <-> RIP
.OSPF <-> EIGRP
.RIP <-> EIGRP
*<-> mutual redistribute
- OSPF mutual redistribute with RIP should not be routing-loop
if
1. destination on RIP with default metric
2. destination on OSPF with default metric
how scenario can be routing-loop (one example)
# destination on RIP but advertise with modification metric ex. advertise with metric 10
I will share with simple scenario about it next time ;)
still test & prove ... IGP routing-loop
Wednesday, July 16, 2008
Simple TCLSH, multiple ping from IOS
This is simple way to multiple ping from IOS command in one way, use tclsh. tclsh is IOS scripting like shell scripting in *nix machine. Just type your script in note text, paste it in your terminal console.
Router# tclsh
Router(tcl)#foreach IP {
+>192.168.0.1
+>192.168.1.1
+>192.168.2.1
+>192.168.3.1
+>} { "ping $IP" }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
foreach IP {
192.168.0.1
192.168.1.1
192.168.2.1
192.168.3.1
} { "ping $IP" }Router# tclsh
Router(tcl)#foreach IP {
+>192.168.0.1
+>192.168.1.1
+>192.168.2.1
+>192.168.3.1
+>} { "ping $IP" }
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Tuesday, July 15, 2008
Network Time Service Cisco Router
Network time in Cisco router, all configuration about date, time, clock, calendar in Cisco router. in Cisco router divide two method network time : hardware clock, software clock.
# Hardware clock : date time from hardware component inside router, maintain use battery, battery-powered, like bios in computer system, so if router reload or off the clock still running as long as battery is ok
# Software clock : date time from software, source can from NTP, SNTP, VINES, hardware clock
By default Cisco router use software clock, but after router come up, the clock not sync. So we need to make the clock sync from a source.
1. Source from NTP (client)
(config)# ntp server IP-ADDRESS
- can use to primary source
or
(config)# ntp peer IP-ADDRESS
- cau use to secondary source
2. Source from SNTP (client) use in Cisco router 1600, 1700 and older series not support NTP
(config)# sntp server ADDRESS | HOSTNAME
or
(config)# sntp broadcast client
3. Source from VINES (client)
(config)# vines time set-system
for redistribute time into VINES
(config)# vines time use-system
4. Source from Hardware Clock
(config)# clock calendar-valid
5. Update hardware clock from software clock
# ntp update-calendar
6. Update software clock from hardware clock
# clock read-calendar
7. Setting hardware clock manually
> calendar set HH:MM:SS DAY MONTH YEAR
or
> calendar set HH:MM:SS MONTH DAY YEAR
8. Setting software clock manually
# clock set HH:MM:SS DATE MONTH YEAR
or
# clock set HH:MM:SS MONTH DATE YEAR
9. Server-Client
How to make a Cisco router as NTP server, this is example R1 as NTP server and R2 as NTP client, but in R1 we need choose one of source network time
R1(config)# ntp master [STRATUM]
R2(config)# ntp server/peer IP-ADDRESS
10. NTP broadcast
If we have large network, we can use NTP server acts as NTP broadcast to network, so every device in a cloud network can receive broadcast date time.
R-NTP-SERVER(config-if)# ntp broadcast
and
Router(config-if)# ntp broadcast client
optional
Router(config)# ntp broadcastdelay MICROSECONDS
Router(config-if)# ntp disable
Router(config)# ntp source INTERFACE
11. Other config about network time are
- NTP access group
(config)# ntp access-group ACL
- NTP authentication
(config)# ntp authenticate
(config)# ntp authentication-key NUMBER md5 VALUE
(config)# ntp trusted-key KEY-NUMBER
- The Time Zone
(config)# clock timezone ZONE
ZONE : GMT +7
- Summer Time (Daylight Savings Time)
(config)# clock summer-time ZONE recurring
Ohhh one more, Cisco router can connect a GPS timesource device so source use External reference clock but it just a few Cisco device only.
# Hardware clock : date time from hardware component inside router, maintain use battery, battery-powered, like bios in computer system, so if router reload or off the clock still running as long as battery is ok
# Software clock : date time from software, source can from NTP, SNTP, VINES, hardware clock
By default Cisco router use software clock, but after router come up, the clock not sync. So we need to make the clock sync from a source.
1. Source from NTP (client)
(config)# ntp server IP-ADDRESS
- can use to primary source
or
(config)# ntp peer IP-ADDRESS
- cau use to secondary source
2. Source from SNTP (client) use in Cisco router 1600, 1700 and older series not support NTP
(config)# sntp server ADDRESS | HOSTNAME
or
(config)# sntp broadcast client
3. Source from VINES (client)
(config)# vines time set-system
for redistribute time into VINES
(config)# vines time use-system
4. Source from Hardware Clock
(config)# clock calendar-valid
5. Update hardware clock from software clock
# ntp update-calendar
6. Update software clock from hardware clock
# clock read-calendar
7. Setting hardware clock manually
> calendar set HH:MM:SS DAY MONTH YEAR
or
> calendar set HH:MM:SS MONTH DAY YEAR
8. Setting software clock manually
# clock set HH:MM:SS DATE MONTH YEAR
or
# clock set HH:MM:SS MONTH DATE YEAR
9. Server-Client
How to make a Cisco router as NTP server, this is example R1 as NTP server and R2 as NTP client, but in R1 we need choose one of source network time
R1(config)# ntp master [STRATUM]
R2(config)# ntp server/peer IP-ADDRESS
10. NTP broadcast
If we have large network, we can use NTP server acts as NTP broadcast to network, so every device in a cloud network can receive broadcast date time.
R-NTP-SERVER(config-if)# ntp broadcast
and
Router(config-if)# ntp broadcast client
optional
Router(config)# ntp broadcastdelay MICROSECONDS
Router(config-if)# ntp disable
Router(config)# ntp source INTERFACE
11. Other config about network time are
- NTP access group
(config)# ntp access-group ACL
- NTP authentication
(config)# ntp authenticate
(config)# ntp authentication-key NUMBER md5 VALUE
(config)# ntp trusted-key KEY-NUMBER
- The Time Zone
(config)# clock timezone ZONE
ZONE : GMT +7
- Summer Time (Daylight Savings Time)
(config)# clock summer-time ZONE recurring
Ohhh one more, Cisco router can connect a GPS timesource device so source use External reference clock but it just a few Cisco device only.
Monday, July 14, 2008
Wednesday, July 9, 2008
Failed in first attempt CCIE lab exam
Actually last night i already know about result lab exam from ccie login page, i check from blackberry roaming with local operator, I failed :(
Many thing i know during this journey, until now i still don't know what exact mistake in my lab, before lunch i already complete configure core and verify, the last requirement exam is test pass can ping all loopback, use tclsh, i think there explicit requirement to be I failed.
It's time to prepare for next mission ;) for a few day i will enjoy hong kong, i will pass next time ;)
oh fyi this is post from free wifi in north point mtr using ipod touch.
Many thing i know during this journey, until now i still don't know what exact mistake in my lab, before lunch i already complete configure core and verify, the last requirement exam is test pass can ping all loopback, use tclsh, i think there explicit requirement to be I failed.
It's time to prepare for next mission ;) for a few day i will enjoy hong kong, i will pass next time ;)
oh fyi this is post from free wifi in north point mtr using ipod touch.
Mission to Hong Kong
Yesterday i did CCIE lab exam, i come to hong kong in sunday, monday go to lab place, 29th great eagle center wan chai. I'm not alone to attempt lab, we both, my friend from sampe company attempt too.
Here are in hk
Here are in hk
Saturday, July 5, 2008
3 days before mission 'going to CCIE'
Do yo know ? why need put 'subnets' in redistribute to OSPF
May be in OSPFv1 just concern about classfull networks :D
What about progress going to CCIE
my condition (last night)
- health 49% increase 59% before sleep
- spirit 89%
this morning
- health 75%
keep spirit, always battle ...
ganbatte kudasai
May be in OSPFv1 just concern about classfull networks :D
Router(config-router)#redistribute rip metric 1
% Only classful networks will be redistributed
Router(config-router)#redistribute rip metric 1 subnets
What about progress going to CCIE
my condition (last night)
- health 49% increase 59% before sleep
- spirit 89%
this morning
- health 75%
keep spirit, always battle ...
ganbatte kudasai
Friday, July 4, 2008
BGP AS-path Manipulation without AS-prepend
This simple scenario about different way to manipulation AS-path without prepend.
R1(AS100) -- R2(AS200)
R1#
neighbor 1.1.2.2 remote 200
R2#
neighbor 1.1.1.1 remote 100
network 100.100.100.0 mask 255.255.255.0
AS-path prefix 100.100.100.0/24 from R1 is '200 i'
I will make AS-path from R1 is '500 200 i'
How to make it ? manipulate it with 'local-as'
R1#
no neighbor 1.1.2.2 remote 200
neighbor 1.1.2.2 remote 500
R2#
neighbor 1.1.1.1 remote 100
neighbor 1.1.1.1 local-as 500
network 100.100.100.0 mask 255.255.255.0
'local-as' other function is to manipulation AS-number for existing network, may be we want to migration network in real network, we don't want to long downtime. as I know on a router just can run one 'router bgp AS' process ;) so just one AS-number on one router. I ever test how many routing protocol can running in one router.
How about static routing, how many static routing can run in one router ? Let's see ... continue
R1(AS100) -- R2(AS200)
R1#
neighbor 1.1.2.2 remote 200
R2#
neighbor 1.1.1.1 remote 100
network 100.100.100.0 mask 255.255.255.0
AS-path prefix 100.100.100.0/24 from R1 is '200 i'
I will make AS-path from R1 is '500 200 i'
How to make it ? manipulate it with 'local-as'
R1#
no neighbor 1.1.2.2 remote 200
neighbor 1.1.2.2 remote 500
R2#
neighbor 1.1.1.1 remote 100
neighbor 1.1.1.1 local-as 500
network 100.100.100.0 mask 255.255.255.0
'local-as' other function is to manipulation AS-number for existing network, may be we want to migration network in real network, we don't want to long downtime. as I know on a router just can run one 'router bgp AS' process ;) so just one AS-number on one router. I ever test how many routing protocol can running in one router.
How about static routing, how many static routing can run in one router ? Let's see ... continue
Thursday, July 3, 2008
BGP is clever (% BGP : incorrect network or mask configured)
Do you know why BGP is clever, she is know if I input incorrect network or mask :D
why she, cause' BGP is beautiful ;;)
why she, cause' BGP is beautiful ;;)
Router(config-router)#net 1.1.8.8 mask 255.255.255.0
% BGP: Incorrect network or mask configured
Router(config-router)#net 1.1.8.0 mask 255.255.255.0
Router(config-router)#do sh ip int b | i 1.1.8.8
Loopback0 1.1.8.8 YES NVRAM up up
Friday, June 27, 2008
12 Days Remaining CCIE RS Lab Exam
Today is 12 days remaining before CCIE RS Lab Exam, preparation for Exam :
# Exam Location : Hong Kong
# Exam Date : July 8, 2008
# Exam Payment : Paid
# Invitation Letter from Cisco : Yes (pdf)
# Passport Expire : July 2011
# Visa : Visa on Location
# Transport : Garuda Indonesia Airline
# Hotel : on booking and paid
# Default Web Browser : www.cisco.com/univercd
# Experience on lab : 500 hours more ...
# Experience out of lab : reading, googling, video on IPOD, video on PSP, listening audio book, share with friend, forum online, etc
Keep on lab every day, practice practice practice ...
Don't forget keep my body always health.
Always pray to God.
# Exam Location : Hong Kong
# Exam Date : July 8, 2008
# Exam Payment : Paid
# Invitation Letter from Cisco : Yes (pdf)
# Passport Expire : July 2011
# Visa : Visa on Location
# Transport : Garuda Indonesia Airline
# Hotel : on booking and paid
# Default Web Browser : www.cisco.com/univercd
# Experience on lab : 500 hours more ...
# Experience out of lab : reading, googling, video on IPOD, video on PSP, listening audio book, share with friend, forum online, etc
Keep on lab every day, practice practice practice ...
Don't forget keep my body always health.
Always pray to God.
Monday, June 23, 2008
Frame Relay Hub-Spoke without Mapping between Spoke
This is example topology hub-spoke use frame-relay, but between spoke there isn't mapping.
R1 hub
ip add 192.168.0.1 255.255.255.0
frame map ip 192.168.0.2 102 broadcast
frame map ip 192.168.0.3 103 broadcast
R2 spoke
ip add 192.168.0.2 255.255.255.0
frame map ip 192.168.0.1 201 broadcast
R3 spoke
ip add 192.168.0.3 255.255.255.0
frame map ip 192.168.0.1 301 broadcast
Between spoke never be communication, but we can test connectivity between spoke without add mapping.
-102---201-- R2
R1 --|
-103---301-- R3
R1 hub
ip add 192.168.0.1 255.255.255.0
frame map ip 192.168.0.2 102 broadcast
frame map ip 192.168.0.3 103 broadcast
R2 spoke
ip add 192.168.0.2 255.255.255.0
frame map ip 192.168.0.1 201 broadcast
R3 spoke
ip add 192.168.0.3 255.255.255.0
frame map ip 192.168.0.1 301 broadcast
Between spoke never be communication, but we can test connectivity between spoke without add mapping.
R2(config-if)#do ping i
Target IP address: 192.168.0.3
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface:
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: l
Source route: 192.168.0.1
Loose, Strict, Record, Timestamp, Verbose[LV]: v
Loose, Strict, Record, Timestamp, Verbose[L]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.3, timeout is 2 seconds:
Packet has IP options: Total option bytes= 7, padded length=8
Loose source route: <*>
(192.168.0.1)
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/85/88 ms
Wednesday, May 14, 2008
In the middle of Journey
Now I'm on journey, this isn't journey about go to some place to vacation but it's journey to CCIE. hmmm what CCIE it's a food or it's new model of the car :)) no no no, there's someone say it's hall of fame, the top of certified of network hmmm some people say it because CCIE is a top of certified from Cisco but now CCIE not one track, there is several track of CCIE routing switching, service provider, security, voice, storage and design. What about me, CCIE is journey to get something different the journey to make a network as specially si is (*red Cisco) to be part of my life.
The journey start from my CCNA in september 30 2005, not first attempt, 2nd attempt to pass it. It's because of my possition in company not safe, I don't have more knowledge about my job, I like zombie, to do follow instruction, just do working instruction. so I want to be more, study about network, thank to my friend, my senior, my teacher hoho aka Anwar CCIE#20281, until now he always to remind me work with my CCIE lab workbook, sometime we work lab together in some public place with remote lab. Short of story I pass CCNA 2nd attempt. CCNA is not everything about first time to know about network, a year after pass CCNA many about si is I never know, so make me to hard study and read about it ohhh. I like borrow a book cisco press series from my senior just to satisfy my angered.
December 2006, I determined to continue my certified. CCIP, I take BSCI, I failed on first attempt again :( it's make me little down for a while. April 2007 I pass BSCI 2nd attempt, june pass QOS 1st attempt, july pass BGP+MPLS 1st attempt. Now I'm CCIP. What next ...
August 31, pass CCIE written Routing Switching. but it's not a half of CCIE, just little of my CCIE huffff take a little breath.
And then .... my CCIE is begin, first take schedule lab on may 20, 2008 at tokyo. Cancel take schedule on same time but at sydney, find the place near from my country, because all of my CCIE is self fund. A few day after determined to sydney, I get bad news, how difficult to get visa go to ausy (*red australia) :( but I have good news, in hongkong open schedule about CCIE RS, I'm very happy hear that, to HK more cheap transportation fee. I will take at july 08, 2008. Now I'm in 60 days going to CCIE lab and always counting down.
To prepare my lab, I build own lab use dynamips with IE scenario in dedicated computer with fedora OS and AMD proc with 4GB memory and build own rack lab combine with dedicated computer fedora OS and intel proc with 512MB memory to emulate 3 router, because I don't have enough router to build it. One lab use full dynamips and a rack lab real router/switch combine with dynamips. Next time I will share my rack lab real router/switch combine with dynamips.
Is there anyone prepare CCIE too, come on share experience with me.
The journey start from my CCNA in september 30 2005, not first attempt, 2nd attempt to pass it. It's because of my possition in company not safe, I don't have more knowledge about my job, I like zombie, to do follow instruction, just do working instruction. so I want to be more, study about network, thank to my friend, my senior, my teacher hoho aka Anwar CCIE#20281, until now he always to remind me work with my CCIE lab workbook, sometime we work lab together in some public place with remote lab. Short of story I pass CCNA 2nd attempt. CCNA is not everything about first time to know about network, a year after pass CCNA many about si is I never know, so make me to hard study and read about it ohhh. I like borrow a book cisco press series from my senior just to satisfy my angered.
December 2006, I determined to continue my certified. CCIP, I take BSCI, I failed on first attempt again :( it's make me little down for a while. April 2007 I pass BSCI 2nd attempt, june pass QOS 1st attempt, july pass BGP+MPLS 1st attempt. Now I'm CCIP. What next ...
August 31, pass CCIE written Routing Switching. but it's not a half of CCIE, just little of my CCIE huffff take a little breath.
And then .... my CCIE is begin, first take schedule lab on may 20, 2008 at tokyo. Cancel take schedule on same time but at sydney, find the place near from my country, because all of my CCIE is self fund. A few day after determined to sydney, I get bad news, how difficult to get visa go to ausy (*red australia) :( but I have good news, in hongkong open schedule about CCIE RS, I'm very happy hear that, to HK more cheap transportation fee. I will take at july 08, 2008. Now I'm in 60 days going to CCIE lab and always counting down.
To prepare my lab, I build own lab use dynamips with IE scenario in dedicated computer with fedora OS and AMD proc with 4GB memory and build own rack lab combine with dedicated computer fedora OS and intel proc with 512MB memory to emulate 3 router, because I don't have enough router to build it. One lab use full dynamips and a rack lab real router/switch combine with dynamips. Next time I will share my rack lab real router/switch combine with dynamips.
Is there anyone prepare CCIE too, come on share experience with me.
Sunday, April 13, 2008
Linux Box Terminal via Serial Cable Console
Here example how to make linux box access login / terminal via serial console cable. Without monitor / keyboard cable. Use PC / Notebook with hyper terminal, minicom or Zterm via serial cable. This example use linux box with fedora core 4, minimal installation.
Step by step to configure linux box via serial console
1. check system serial support
2. configure inittab to support serial console login, add (copy/paste)
Here Example /etc/inittab file
3. welcome banner, create file /etc/issueserial
4. activate the new init file, force the init to re-read the config file
5. permit to login via serial console as the root user, edit /etc/securetty and add ttys0/1
6. Test
7. verify process
# ps -ef | grep agetty
root 25519 1 0 15:22 ttyS1 00:00:00 /sbin/agetty -L -f /etc/issueserial 9600 ttyS1 vt100
Step by step to configure linux box via serial console
1. check system serial support
# dmesg | grep tty
ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
# setserial -g /dev/ttyS[01]
/dev/ttyS0, UART: 16550A, Port: 0x03f8, IRQ: 4
/dev/ttyS1, UART: 16550A, Port: 0x02f8, IRQ: 3
2. configure inittab to support serial console login, add (copy/paste)
# Run agetty on COM1/ttyS0 and COM2/ttyS1
s0:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS0 vt100
s1:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS1 vt100
Here Example /etc/inittab file
# vi /etc/inittab
id:3:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
# Trap CTRL-ALT-DELETE
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# When our UPS tells us power has failed, assume we have a few minutes
# of power left. Schedule a shutdown for 2 minutes from now.
# This does, of course, assume you have powerd installed and your
# UPS connected and working correctly.
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
# If power was restored before the shutdown kicked in, cancel it.
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
# Run agetty on COM1/ttyS0 and COM2/ttyS1
s0:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS0 vt100
s1:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS1 vt100
#s1:2345:respawn:/sbin/agetty -L -i 38400 ttyS1 vt100
# Run xdm in runlevel 5
x:5:once:/etc/X11/prefdm -nodaemon
3. welcome banner, create file /etc/issueserial
# vi /etc/issueserial
Welcome
Connected on \l at \b bps
\U
4. activate the new init file, force the init to re-read the config file
# init q
5. permit to login via serial console as the root user, edit /etc/securetty and add ttys0/1
console
ttyS0
ttyS1
vc/1
6. Test
7. verify process
# ps -ef | grep agetty
root 25519 1 0 15:22 ttyS1 00:00:00 /sbin/agetty -L -f /etc/issueserial 9600 ttyS1 vt100
Saturday, April 12, 2008
Cisco Back to Back Line AUX Ports
This is example back to back through line AUX ports on Cisco router.
# config
ROUTER-A#
ROUTER-B#
# verify
ROUTER-A#
How to determine interface async value 1, 65 or other, look at this
ROUTER-A
ROUTER-B
# config
ROUTER-A#
interface Async1
description Connected to ROUTER-B
ip address 172.16.4.1 255.255.255.0
encapsulation ppp
async dynamic routing
async mode dedicated
!
line aux 0
modem InOut
transport input all
flowcontrol hardware
ROUTER-B#
interface Async65
description Connected to ROUTER-A
ip address 172.16.4.3 255.255.255.0
encapsulation ppp
async dynamic routing
async mode dedicated
!
line aux 0
modem InOut
transport input all
flowcontrol hardware
# verify
ROUTER-A#
show async status
Async protocol statistics:
Int Local Remote Qd InPack OutPac Inerr Drops MTU
* 1 172.16.4.1 172.16.4.3 0 6189 6389 0 0 1500
Rcvd: 6189 packets, 316489 bytes
0 format errors, 0 checksum errors, 0 overrun
Sent: 6389 packets, 325431 bytes, 0 dropped
How to determine interface async value 1, 65 or other, look at this
ROUTER-A
show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 4/121606218 -
A 1 AUX 9600/9600 - inout - - - 1 2501 0/0 -
2 VTY - - - - - 0 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
5 VTY - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
ROUTER-B
show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 33 2/40237371 -
A 65 AUX 9600/9600 - inout - - - 22 0 0/35770 -
66 VTY - - - - - 0 0 0/0 -
67 VTY - - - - - 0 0 0/0 -
68 VTY - - - - - 0 0 0/0 -
69 VTY - - - - - 0 0 0/0 -
70 VTY - - - - - 0 0 0/0 -
Friday, February 29, 2008
29 february ...
This is last day in this month. Everyone know the date just happen every 4 year. So why I'm not doing some usefull .. hmmm 'cause I'm ... so bored, all of day not doing usefull for my CCIE. I'm in the middle of going to CCIE, I mention it after I pass written in a few month ago, after that I can get schedule for lab. My activity in a few month later and may be until my next lab schedule: work in office, lab from my ibook in home or office sometime in outside place remote my private lab, hang out with my friend, reading UniverCD from my blacberry, repeat again repeat repeat again again ...
A few day ago, I contact someone from blog comment. He successful running well idlepc dynamips in PowerPC processor. He share binnary and path from Chris (red: someone coding dynamips). But I still failed in a few condition simulation, may be someday I will try again, now ... so bored.
Progress my lab still try a few workbook scenario lab and completely a few scenario technology lab but I'm not yet to repeat again. Just completely core lab of scenario not all of scenario.
Beside I using private lab for full workbook scenario, I use mini lab for test some technology and feature. Mini lab is 1 x Cisco 3725 Router, 1 x Cisco 2600 Router, 2 x Cisco Catalyst 3560. I design with a few of cable simulation of technology and feature of Router and Switch. I remote using TermServ with Cisco Router 2600 in separate lab. Actually I need 2 x Cisco Switch 3550 again for may mini lab, but still looking for it. in lab equipment CCIE RS use four Cisco series : 3725 router, 3825 router, catalyst 3550, catalyst 3560 with certain IOS version.
Back to today, 29 february ... there is no special day for me just the day happen one times in 4 year. This is the day just closing the month of february.
... so bored
A few day ago, I contact someone from blog comment. He successful running well idlepc dynamips in PowerPC processor. He share binnary and path from Chris (red: someone coding dynamips). But I still failed in a few condition simulation, may be someday I will try again, now ... so bored.
Progress my lab still try a few workbook scenario lab and completely a few scenario technology lab but I'm not yet to repeat again. Just completely core lab of scenario not all of scenario.
Beside I using private lab for full workbook scenario, I use mini lab for test some technology and feature. Mini lab is 1 x Cisco 3725 Router, 1 x Cisco 2600 Router, 2 x Cisco Catalyst 3560. I design with a few of cable simulation of technology and feature of Router and Switch. I remote using TermServ with Cisco Router 2600 in separate lab. Actually I need 2 x Cisco Switch 3550 again for may mini lab, but still looking for it. in lab equipment CCIE RS use four Cisco series : 3725 router, 3825 router, catalyst 3550, catalyst 3560 with certain IOS version.
Back to today, 29 february ... there is no special day for me just the day happen one times in 4 year. This is the day just closing the month of february.
... so bored
Thursday, February 28, 2008
storm-control broadcast
What is storm-control broadcast ? is there someone know what is the mean. This morning i see happen in my company network. There is router dan switch connected trunk, suddenly traffic from switch to router high almost full just one way traffic. From the switch there isn't who is generate this traffic. Check mac-address-table normal, spanning-tree ok, other trunk link in switch normal and etc. Finally i add 'storm-control broadcast level 10.00' in interface switch to router. Amazing .... just in a few second traffic be normal. hmmmm I don't know what happen is it :-s.
From cisco.com 'traffic storm control does not differentiate between control traffic and data traffic' :-?
From cisco.com 'traffic storm control does not differentiate between control traffic and data traffic' :-?
Wednesday, February 27, 2008
Simple backup, Primary and Secondary Link
I have simple scenario dan test about backup simple backup using ppp encapsulation link and primary link using frame-relay link. For simulation use 'no frame-relay interface-dlci 513' disable frame-relay DLCI as though there is problem from frame-relay cloud.
'backup delay 60 300' : 60s for hold time backup operation, 300s for revert time to normal operation
#Primary Link
#Secondary Link
'backup delay 60 300' : 60s for hold time backup operation, 300s for revert time to normal operation
#Primary Link
interface Serial1/0.1 point-to-point
ip address 132.1.35.5 255.255.255.0
backup delay 60 300
backup interface Serial1/1
frame-relay interface-dlci 513
end
#Secondary Link
interface Serial1/1
ip address 132.1.45.5 255.255.255.0
encapsulation ppp
ppp authentication chap
ppp chap hostname ROUTER5
#(config-subif)#no frame inter 513
#(config-subif)#
*Mar 2 10:07:24.663: BACKUP(Serial1/0.1): event = primary interface went down
*Mar 2 10:07:24.663: BACKUP(Serial1/0.1): changed state to "waiting to backup"
#(config-subif)#
*Mar 2 10:08:24.663: BACKUP(Serial1/0.1): event = timer expired on primary
#(config-subif)#
*Mar 2 10:08:27.679: BACKUP(Serial1/0.1): secondary interface (Serial1/1) made active
*Mar 2 10:08:27.683: BACKUP(Serial1/0.1): changed state to "backup mode"
*Mar 2 10:08:27.683: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up
#(config-subif)#
*Mar 2 10:08:27.683: BACKUP(Serial1/1): event = secondary interface came up
#(config-subif)#
*Mar 2 10:08:30.683: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up
#(config-subif)#frame inter 513
#(config-fr-dlci)#
*Mar 2 10:11:54.383: BACKUP(Serial1/0.1): event = primary interface came up
*Mar 2 10:11:54.387: BACKUP(Serial1/0.1): changed state to "waiting to revert"
#(config-fr-dlci)#do sh backup
Primary Interface Secondary Interface Status
----------------- ------------------- ------
Serial1/0.1 Serial1/1 waiting to revert (260 more seconds)
#(config-fr-dlci)#
*Mar 2 10:16:54.387: BACKUP(Serial1/0.1): event = timer expired on primary
*Mar 2 10:16:54.419: BACKUP(Serial1/0.1): secondary interface (Serial1/1) moved to standby
*Mar 2 10:16:54.423: BACKUP(Serial1/0.1): changed state to "normal operation"
#(config-fr-dlci)#
*Mar 2 10:16:56.391: %LINK-5-CHANGED: Interface Serial1/1, changed state to standby mode
*Mar 2 10:16:57.391: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
*Mar 2 10:16:57.395: BACKUP(Serial1/1): event = secondary interface went down
#(config-fr-dlci)#do sh backup
Primary Interface Secondary Interface Status
----------------- ------------------- ------
Serial1/0.1 Serial1/1 normal operation
Wednesday, January 9, 2008
'verify /md5' is nothing, still ..a valid magic number
I really really under preasure yesterday in lunch time. I have critical a network with one of PE from MPLS, PE really really critical, router still on but many have error undercontrol, lost of ability from the a76 series router. So my team dedicate to uprade IOS version with new disk. Old disk in disk0 with 128MB compact flash memory and new disk with new IOS version in disk 1 with 256MB compact flash memory.
Before lunch time I already 'verify /md5' new IOS version but boot failed :(
Loading image, please wait ...
device does not contain a valid magic number
loadprog: error - on file open
boot: cannot load bla bla bla
and then rommon prompt
As long as I know 'verify /md5' is guarantee to work well, but I never know tutorial or document about it from Cisco.
Finally I format from IOS command use 'format disk1:/' and then upload IOS image use FTP use 'copy ftp://user:password@host-ftp/image.bin disk1:/image.bin'. Try boot again work well :).
Before lunch time I already 'verify /md5' new IOS version but boot failed :(
Loading image, please wait ...
device does not contain a valid magic number
loadprog: error - on file open
boot: cannot load bla bla bla
and then rommon prompt
As long as I know 'verify /md5' is guarantee to work well, but I never know tutorial or document about it from Cisco.
Finally I format from IOS command use 'format disk1:/' and then upload IOS image use FTP use 'copy ftp://user:password@host-ftp/image.bin disk1:/image.bin'. Try boot again work well :).
Thursday, January 3, 2008
'IP Source Binding' for Static IP & Mac Address
A few days ago my friend ask about static IP & Mac address, want to help his customer about static IP address & mac address for LAN. I said can use 'dhcp snooping', I ever read about binding host information like IP and mac address in Cisco Switch dynamicly database using DHCP database or static but I don't know implement it.
Today I try in Cisco Switch Catalyst 3560 IOS version 12.2(35)SE1 (C3560-Advipservicesk9-M work well.
Before it I try in Cisco Router 3660 IOS version 12.2(13) (C3660-JS-M) with NM-16ESW module failed, there is no 'ip source binding' command, 'ip verify source port-security' and 'ip dhcp snooping' command.
I will show step about static IP & Mac
- ip source binding IOS command just work in several IOS version, I still confuse what type of IOS version can do it
- just work in 'switchport mode' interface
- a mac address can't multiply IP address
- a IP adress can multiply mac address
#conf t
#ip dhcp snooping --> to active snooping
#ip dhcp snooping vlan 44 --> specific work in vlan 44
#ip source binding 0123.4567.8901 vlan 44 192.168.0.1 interface Fa0/44
#interface Fa0/44
#ip verify source port-security --> to verify source IP & Mac address
Today I try in Cisco Switch Catalyst 3560 IOS version 12.2(35)SE1 (C3560-Advipservicesk9-M work well.
Before it I try in Cisco Router 3660 IOS version 12.2(13) (C3660-JS-M) with NM-16ESW module failed, there is no 'ip source binding' command, 'ip verify source port-security' and 'ip dhcp snooping' command.I will show step about static IP & Mac
- ip source binding IOS command just work in several IOS version, I still confuse what type of IOS version can do it
- just work in 'switchport mode' interface
- a mac address can't multiply IP address
- a IP adress can multiply mac address
#conf t
#ip dhcp snooping --> to active snooping
#ip dhcp snooping vlan 44 --> specific work in vlan 44
#ip source binding 0123.4567.8901 vlan 44 192.168.0.1 interface Fa0/44
#interface Fa0/44
#ip verify source port-security --> to verify source IP & Mac address
Subscribe to:
Posts (Atom)
