AI, ML, Development + Cisco Learning Blog Learning about Machine Learning, Artificial Intelligence, related devlopment topics and formerly Routing and Switching, Datacenter, Security and other topics, CCIE #23664, Frank Wagner

18. Januar 2007

dynagen tuning / idlepc values

Filed under: dynamips — ocsic @ 16:34

I had to adjust the idlepc values for dynamips.

This is how you do it.

First try to figure out, if there are some presets in the dynagen.net ini file for all routers or for single routers. If there are preconfigured values, these values are likely not to match your current system.

Uncomment them and calculted your own.

This can be done by starting dynagen:

fu@lap:~/internetworkexpert> dynagen router-config.net

Reading configuration file…

Network successfully started

Dynagen management console for Dynamips

=> start R1
100-C3600 ‚R1‘ started
=> idlepc get R1
Please wait while gathering statistics…
Select the values that match your system best.

Starting „xosview“ for example, gives you an impression on how the improvement will be.

I adjusted each router one by one. Improvment was for me by falling from 100% cpu usage to about 20% for one router.
When adjusted the new value should be saved with „idlepc save R1“, then it’s stored in the config file.

I can start all 13 instances with 2 GB Ram. Things take a while on my 1.6 Mhz mobile processor, but they will start up. I haven’t done testing complex labs until now. But this will follow in a few days.

dynamips / dynagen IE v4 switch setup

Filed under: dynamips — ocsic @ 15:35

I have done some documenting the new switch layout someone posted on groupstudy.

Switch topology
These are the crossover connections for the four switches.

Here is the corresponding dynagen configfile:

###############################################################################
#
# Internetwork Expert Routing & Switching topology mappings for dynamips/dynagen
# by: Brian McGahan, CCIE #8593
# bmcgahan@internetworkexpert.com
#
# For more information:
# Dynamips: http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator
# Dynagen: http://dyna-gen.sourceforge.net/
# Hackis Forum: http://hacki.at/7200emu/index.php
# Internetwork Expert’s Forum: http://forum.internetworkexpert.com
#
###############################################################################

##################################################
#
# Define global router parameters for instance 1
#
##################################################

autostart = False
[localhost:7200]

workingdir = /home/frank/internetworkexpert/working

ghostios = true

[[3640]]
#
# Specify 3640 IOS image on Windows here:
#image = C:\Program Files\Dynamips\images\c3640-jk9o3s-mz.123-14.T7.extracted.bin
image = /opt/dyna/image
#
# Specify 3640 IOS image on Linux here:
# image = /ios/c3640-jk9o3s-mz.123-14.T7.extracted.bin
#
ram = 128
disk0 = 0
disk1 = 0
# Choose an idlepc value from the below
# idlepc = 0x60530870
# idlepc = 0x60530890
# idlepc = 0x60530a58
# idlepc = 0x60530abc
# idlepc = 0x605310c4
# idlepc = 0x605e92e8
# idlepc = 0x605e9364
# idlepc = 0x60531394
# idlepc = 0x605313d0
# idlepc = 0x605313ec
mmap = True

###########################
#
# Define router instances
#
###########################

[[Router R1]]
model = 3640
autostart = False
slot0 = NM-1FE-TX
slot1 = NM-4T
F0/0 = SW1 F1/1
S1/0 = FRSW 1
cnfg = /home/frank/internetworkexpert/initial.configs/R1.initial.config.txt
idlepc = 0x6042a3ac

[[Router R2]]
model = 3640
autostart = False
slot0 = NM-1FE-TX
slot1 = NM-4T
F0/0 = SW1 F1/2
S1/0 = FRSW 2
cnfg = /home/frank/internetworkexpert/initial.configs/R2.initial.config.txt
idlepc = 0x6042a3ac

[[Router R3]]
model = 3640
autostart = False
slot0 = NM-4E
slot1 = NM-4T
S1/0 = FRSW 3
S1/1 = FRSW 13
S1/2 = R1 S1/1
S1/3 = R2 S1/1
E0/0 = SW1 F1/3
E0/1 = SW3 F1/3
cnfg = /home/frank/internetworkexpert/initial.configs/R3.initial.config.txt
idlepc = 0x6042a3ac

[[Router R4]]
model = 3640
autostart = False
slot0 = NM-4E
slot1 = NM-4T
E0/0 = SW2 F1/4
E0/1 = SW4 F1/4
S1/0 = FRSW 4
S1/1 = R5 S1/1
cnfg = /home/frank/internetworkexpert/initial.configs/R4.initial.config.txt
idlepc = 0x605570dc

[[Router R5]]
model = 3640
autostart = False
slot0 = NM-4E
slot1 = NM-4T
E0/0 = SW1 F1/5
E0/1 = SW3 F1/5
S1/0 = FRSW 5

cnfg = /home/frank/internetworkexpert/initial.configs/R4.initial.config.txt
idlepc = 0x60555cc0

[[Router R6]]
model = 3640
autostart = False
slot0 = NM-4E
slot1 = NM-4T
E0/0 = SW2 F1/6
E0/1 = SW4 F1/6
S1/0 = FRSW 6
cnfg = /home/frank/internetworkexpert/initial.configs/R5.initial.config.txt         idlepc = 0x60555efc          [[Router SW1]]         model = 3640         autostart = False         slot1 = NM-16ESW         slot2 = NM-16ESW         F2/1 = SW2 F2/1         F2/2 = SW2 F2/2         F2/3 = SW2 F2/3         F2/4 = SW3 F2/1         F2/5 = SW3 F2/2         F2/6 = SW3 F2/3         F2/7 = SW4 F2/1         F2/8 = SW4 F2/2         F2/9 = SW4 F2/3         cnfg = /home/frank/internetworkexpert/initial.configs/R6.initial.config.txt         idlepc = 0x60555efc   ################################################## # # Define global router parameters for instance 2 # ##################################################  [localhost:7201]    # Talk to the 2nd dynamips process on port 7201     udp = 11000    # Change the base udp port to 11000 (the default is 10000)           workingdir = /home/frank/internetworkexpert/working          [[3640]]         #         # Specify 3640 IOS image on Windows here:         #image = C:Program FilesDynamipsimagesc3640-jk9o3s-mz.123-14.T7.extracted.bin         image = /opt/dyna/image         #         # Specify 3640 IOS image on Linux here:         # image = /ios/c3640-jk9o3s-mz.123-14.T7.extracted.bin         #         ram = 128         disk0 = 0         disk1 = 0         # Choose an idlepc value from the below         # idlepc = 0x60530870         # idlepc = 0x60530890         # idlepc = 0x60530a58         # idlepc = 0x60530abc         # idlepc = 0x605310c4         # idlepc = 0x605e92e8         # idlepc = 0x605e9364         # idlepc = 0x60531394         # idlepc = 0x605313d0         # idlepc = 0x605313ec         mmap = True               ###########################     #     # Define router instances     #     ###########################          [[Router SW2]]         model = 3640         console = 2007         autostart = False         slot1 = NM-16ESW         slot2 = NM-16ESW         F2/4 = SW3 F2/4         F2/5 = SW3 F2/5         F2/6 = SW3 F2/6         F2/7 = SW4 F2/4         F2/8 = SW4 F2/5         F2/9 = SW4 F2/6         cnfg = /home/frank/internetworkexpert/initial.configs/SW2.initial.config.txt         idlepc = 0x60555cc0          [[Router SW3]]         model = 3640         console = 2011         autostart = False         slot1 = NM-16ESW         slot2 = NM-16ESW         F2/7 = SW4 F2/7         F2/8 = SW4 F2/8         F2/9 = SW4 F2/9         cnfg = /home/frank/internetworkexpert/initial.configs/SW3.initial.config.txt         idlepc = 0x60555c98          [[Router SW4]]         model = 3640         console = 2012         autostart = False         slot1 = NM-16ESW         slot2 = NM-16ESW         cnfg = /home/frank/internetworkexpert/initial.configs/SW4.initial.config.txt         idlepc = 0x60555e8c               [[Router BB1]]         model = 3640         console = 2008         autostart = False         slot1 = NM-4T         S1/0 = BB3 S1/0         S1/1 = FRSW 21         cnfg = /home/frank/internetworkexpert/initial.configs/BB1.initial.config.txt         idlepc = 0x60521bc8          [[Router BB2]]         model = 3640         console = 2009         autostart = False         slot0 = NM-4E         E0/0 = SW2 F1/10         cnfg = /home/frank/internetworkexpert/initial.configs/BB2.initial.config.txt         idlepc = 0x60521bc8          [[Router BB3]]         model = 3640         console = 2010         autostart = False         slot0 = NM-4E         slot1 = NM-4T         E0/0 = SW1 F1/10         cnfg = /home/frank/internetworkexpert/initial.configs/BB3.initial.config.txt         idlepc = 0x605568e8          #    [[Router TermServ]]     #        model = 3640     #        console = 2012     #        autostart = False     #     # Specify your local host's loopback here from the network device list     # Too add a loopback in windows:     # http://support.microsoft.com/kb/839013     #     # E0/0 = NIO_gen_eth:DeviceNPF_{4065B11C-2A6C-4FD2-8204-A12A9A8328A4}     #        cnfg = /home/frank/internetworkexpert/initial.configs/TermServ.initial.config.txt
[[FRSW FRSW]]
# R1 to FRSW
1:102 = 2:201
1:103 = 3:301
1:113 = 13:311
1:104 = 4:401
1:105 = 5:501
# R2 to FRSW
2:203 = 3:302
2:213 = 13:312
2:204 = 4:402
2:205 = 5:502
# R3 to FRSW
3:304 = 4:403
3:305 = 5:503
13:314 = 4:413
13:315 = 5:513
# R4 to FRSW
4:405 = 5:504
# R6 to FRSW
6:51 = 21:51
6:100 = 21:100
6:101 = 21:101
6:201 = 21:201
6:301 = 21:301
6:401 = 21:401

Failed on my first attempt in Bruessels

Filed under: Allgemein — ocsic @ 15:28

It’s now three days in the past, when i failed on my first attempt in the R&S Lab. It was a very nice expirience and i will try it again. The proctor was very helpful. His name was Stephan. Want to thank for his engagement.
Currently i sell my whole home rack on ebay and switch to dynamips completly. I can’t do working as much as the last times on my own rack and things will fall in value quickly so i decided to do that.

I will still have access to real routing and switching equipment at work. And for learning i have tested dynamips so far and it seems it’s good for configuring and testing. I have currently even tested the new IE v4 lab topology and all routers are running and are ready to go. I start them on an Samsung notebook with 1.6Mhz. I have 2 GB Ram installed though.

12. Januar 2007

ntp auth

Filed under: IP and IOS Features — ocsic @ 15:49

Server 192.10.1.254 with authentication

Rack1R1#s | inc ntp
ntp authentication-key 1 md5 02252D682829 7
ntp authenticate
ntp trusted-key 1
ntp server 192.10.1.254 key 1

Rack1R1#sh ntp ass de
192.10.1.254 configured, authenticated, our_master, sane, valid, stratum 4
ref ID 127.127.7.1, time AF7D0BB5.1F58ABC8 (11:29:57.122 UTC Mon Apr 19 1993)
our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
root delay 0.00 msec, root disp 0.03, reach 360, sync dist 3.479
delay 6.52 msec, offset -0.1136 msec, dispersion 16000.00
precision 2**18, version 3
org time AF7D0BBA.91DA71F5 (11:30:02.569 UTC Mon Apr 19 1993)
rcv time AF7D0BBA.92AD5CD9 (11:30:02.572 UTC Mon Apr 19 1993)
xmt time AF7D0BBA.903C38FA (11:30:02.563 UTC Mon Apr 19 1993)
filtdelay = 0.00 0.00 7.51 6.52 6.73 9.09 7.35 7.02
filtoffset = 0.00 0.00 0.44 -0.11 -0.04 1.14 0.03 -0.10
filterror = 16000.0 16000.0 0.08 0.09 0.11 0.12 0.14 0.15

configuring access to ntp servers
if acting as an ntp server only for clients in the access-list 1
ntp access-group serve-only 1

11. Januar 2007

Cisco Assessor Lab

Filed under: Lab — ocsic @ 14:53

I tried the Cisco Assessor lab from Labgear, Technology Networks, and found it very interesting. The userinterface is not really good and makes things quite difficult, but if you want to get an idea on how it could be in teh lab, this is a good starting point.

I did both labs and the secound lab also has four siwtches in the topology. Also the mixture with 3550 and 3560’s.

There is an AutoVerify you can run during the session to watch, if your answers have been correct and which part of the questions haven’t been or what is missing still.

After the four hour lab, you have two hours to check the solutions.

More details:

http://www.cisco.com/web/learning/le3/ccie/preparation/assessor_details.html

dynamips / dynagen

Filed under: Lab — ocsic @ 14:50

I have teste dynamips on both XP and Linux, but i starting about 10 routers is quite slow. I have not found a solution, which could speed things up. I thought about using this as a substitute for rack access, but i don’t thnik it will do it for now. Things are to slow, or maybe someone knows how to speed up things.

I have read that using a 3660 for the switching features would be better, but i haven’t tested it yet, since there is not configuration for it, for the IE setup.

private-vlans 3560

Filed under: Bridging + Switching — ocsic @ 14:25

The main new feature introduced with 3560 catalyst switches is the private vlan feature.

It’s not that complicated as it seems to be.

Basically it a „switchport protected“ bound to vlan’s over trunk ports. It’s also similar like an RSPAN session, which is SPAN over differens switches.
So if you configure two ports as switchport protected in the same vlan on the same switch, they are not able to communicate with each other.

vlan 28

int f0/2

switchport access vl 28

switchport protected

int f0/3

switchport access vl 28

switchport protected

Now these ports are not able to communicate with each other.

This feature does not work, if ports are seperated over a trunk. At this points private vlan’s come into play.

You can define a private vlan and add isolated ports to this vlan, similiar as protected ports on the same switch. These isolated ports are also not able to communicate with each other. Vtp mode has to be in transparent mode and vlan assignments have to be made on both switches.
vtp mode transpartent

vlan 28

private-vlan primary
private-vlan association 281

vlan 281
private-vlan isolated

This defines the primary vlan and the vlan 281 where later isolated hoste are added.

Adding hosts looks like this:

inf f0/7

switchport private-vlan host-association 28 281
switchport mode private-vlan host

This adds an interface as an isolated port to the primary vlan 28.

You can now define a promiscuous port in vlan 28, which is able to communicate with these isolated ports.

f0/8

switchport private-vlan mapping 28 281
switchport mode private-vlan promiscuous

This promiscuous port will be able to communicate also with the SVI of the vlan, if there is any.

The communties are private-vlans inside a vlan, which build groups of ports that are able to communicate with each other only inside this private-vlan community. Different communities inside a vlan are also not able to talk to each other. There is no limitation for promisucous ports.
Source:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpvlan.htm

7. Januar 2007

New features introduced with the 3560 in the lab

Filed under: Lab — ocsic @ 17:14

There are a couple of new thing coming into the lab with the new 3560 sincce November last year.

Check out this link for a more detailed description.

http://www.internetworkexpert.com/resources/ccie-3560-3550.htm

Powered by WordPress