AI, ML, Development + Cisco Learning Blog Learning about Machine Learning, Artificial Intelligence, related devlopment topics and formerly Routing and Switching, Datacenter, Security and other topics, CCIE #23664, Frank Wagner

3. Dezember 2008

3725 on dynamips against 3550/3560 and what is missing

Filed under: dynamips — ocsic @ 22:36

Here is a list of what is missing with the 16 port switching modul for the 3725 in comparision to the 3550/3460 Catalys switches in the lab.

Access Switch Device Manager (SDM) Template
ACL – Improved Merging Algorithm
ARP Optimization
BGP Increased Support of Numbered as-path Access Lists to 500
BGP Restart Neighbor Session After max-prefix Limit Reached
BGP Route-Map Continue Support for Outbound Policy
Clear Counters Per Port
DHCP Snooping
DHCP Snooping Counters
Diagnotics Options on bootup
ErrDisable Reactivation Per Port
ErrDisable timeout
EtherChannel
EtherChannel – Flexible PAgP
Etherchannel Guard
Fallback Bridging
Flex Link Bi-directional Fast Convergence
Flex Link VLAN Load-Balancing
Flex Links Interface Preemption
GOLD – Generic Online Diagnostics
IEEE 802.1ab, Link Layer Discovery Protocol
IEEE 802.1s – Multiple Spanning Tree (MST) Standard Compliance
IEEE 802.1s VLAN Multiple Spanning Trees
IEEE 802.1t
IEEE 802.1W Spanning Tree Rapid Reconfiguration
IEEE 802.1x – Auth Fail Open
IEEE 802.1x – Auth Fail VLAN
IEEE 802.1x – VLAN Assignment
IEEE 802.1x – Wake on LAN Support
IEEE 802.1x Authenticator
IEEE 802.1X Multi-Domain Authentication
IEEE 802.1x RADIUS Accounting
IEEE 802.1x with Port Security
IEEE 802.3ad Link Aggregation (LACP)
IEEE 802.3af Power over Ethernet
IGMP Fast Leave
IGMP Version 1
IGRP
IP Phone Detection Enhancements
IP Phone Enhancement – PHY Loop Detection
IPSG (IP Source Guard)
Jumbo Frames
L2PT – Layer 2 Protocol Tunneling
MAC Authentication Bypass
MLD Snooping
Multicast Etherchannel Load Balancing
NAC – L2 IEEE 802.1x
NAC – L2 IP
NAC – L2 IP with Auth Fail Open
Packet-Based Storm Control
Per Port Per VLAN Policing
Port Security
Port Security on Private VLAN Ports
Private VLANs
QoS Policy Propagation via Border Gateway Protocol (QPPB)
Rapid-Per-VLAN-Spanning Tree (Rapid-PVST)
Reduced MAC Address Usage
Remote SPAN (RSPAN)
Smart Port
Spanning Tree Protocol (STP) – Loop Guard
Spanning Tree Protocol (STP) – Portfast
Spanning Tree Protocol (STP) – PortFast BPDU Filtering
Spanning Tree Protocol (STP) – Portfast Support for Trunks
Spanning Tree Protocol (STP) – Root Guard
Spanning Tree Protocol (STP) – Uplink Load Balancing
SRR (Shaped Round Robin)
Standby Supervisor Port Usage
STP Syslog Messages
Switching Database Manager (SDM)
Trunk Failover
Trusted boundary (extended trust for CDP devices)
Unicast Mac Filtering
UniDirectional Link Detection (UDLD)
VLAN Access Control List (VACL)
VLAN Aware Port Security
Weighted Tail Drop (WTD)

23. April 2008

new dynamips version 0.2.8-RC2

Filed under: dynamips — ocsic @ 11:22

Thanks very much to the author Chris (Christophe Filot) for dynamips. Which is very helpfull preparing for the lab.

Mostly bugfixes, but also now with ISL trunking support.

GNS3 is also a nice tool for drag and drop a topology with the needed devices and IOS versions. It`a still a little bugy sometime, but if you can live with that, give it a try. It`s really nice.

Source:

http://www.ipflow.utc.fr/blog/?p=52

Here are the binaries:

Download x86 Linux:

http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-x86.bin

Download x86_64 Bit Linux:

http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-amd64.bin

Download Win32 Version:

http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-cygwin.zip

GNS3:

www.gns3.net

24. November 2007

dynamips performance on suse linux

Filed under: dynamips — ocsic @ 23:05

As i started to configure some labs now, i recognized that my new laptop with dual core 2,1 Mhz (3GB )is not enough for 14 virtual machines.

In the beginning everything is fine. When you fire up all devices first, you get a load about 5-10 percent. Which is really nice. Most devices have not really much configured. But as you add more configurations, the load starts to get higher. When i start to add BGP the load is getting to high for one machine. Even i got the best idlepc value for my machine, the neighbors got flapping and it`s getting unusable.

I read about each router is equipped with a cpu with about 400 Mhz each. That make`s 5,6 Ghz for 14 machines. So a single duo core machine can`t handle the load, when all routers are at cpu limts.

You can get a quad core machine, which for me is not possible, as i travel a lot and must have a notebook with me. So i can not do some things with one notebook. And if i have a second one,  i can split between two notebooks. I configured the BB`s on one and routers and switches on the other. That should already help a lot. So

I will update my blog, when i have more experience regarding load sharing. It`s still great to work with dynamips. Thanks to the author one more. 🙂

I planning to to my next attempt in february or march next year. Good luck anyone else attempting it maybe even this year in december.

10. November 2007

dynamips training

Filed under: dynamips — ocsic @ 14:28

I went back home by train yesterday from berlin and was able to do some labbing with dynamips. On my 6 hours journey i started with lab 3 from internetworkexpert workbook 3 v4.1. It took quite some time to setup everything to start. You have to change the interface types (FastEthernet to Ethernet or Serial0/0 to Serial1/0 for example) from the startup-configs. But everything went fine. I let ospf/eigrp/rip run all over the devices.

I’m using „konsole“ from KDE with tabbing feature. So i can easily switch between the routers by holding down „Shift“+“Left“ or „Right“. So you don’t need to switch with the mouse back and forth.

And i got to know a nice blog here where there is a collection of other ccie candidates also writing about their progress. Please have a look at:

Still More CCIE Blogs

28. Oktober 2007

road to ccie with dynamips

Filed under: dynamips — ocsic @ 13:48

I came along some topics that do not work with dynamips and that have to be covered with other devices for training. The only problem is with 3560 specific features that are not availble on the NM-16ESW:

  • some optional available STP features, like bpduguard, bpdufilter
  • MSTP
  • layer 3 port-channel
  • different etherchannel protocols, a channel-group can only be turned on, no lacp/pgacp
  • private-vlans
  • sdm modes
  • udld
  • port security
  • port protected
  • qos specific configuration of hardware queues like srr-queue
  • port configurations like dynamic, desirable
  • some configurations are similar but do not look the same like on the 3560, for example vlan config, on the NM-16ESW there is only the old vlan database mode available
  • vtp transparent mode with vlan numbers from 1006 – 4094. Dynamips only knows about 1005 vlan numbers also in transparent mode, some workbooks might ask for vlan numbers greater than 1005, what then indicates that you have to use vtp transparent mode

Other features that are not only switching dependent

  • clocking feature for serial lines (no need to set up „clock 64000“)

There are probably other features to add here. I will keep up completing this list.

26. Mai 2007

CallManager Express and Dynamips

Filed under: dynamips,Voip — ocsic @ 22:17

As you know maybe, CallManager Express is able to manage small sites with up to 100 phones. I installed a CME capable IOS on a dynamips 3660 router and i’m able to connect a real phone to the dynamips router.

Here i explained who you could make your local device and network available to your dynamips routers. Keep in mind that you have to allow traffic on your newly created interfaces, for example br0 and allow the new traffic, if you have a firewall enabled.

For using tap0 and br0 look at this link:

http://blog.sazza.de/?cat=26

You need an image that is callmanager express capable IOS. Look at cisco.com and IOS Feature Navigator http://www.cisco.com/go/cfn and search for CallManager Express. You need a valid CCO account for downloading IOS images.

Currently dynamips is able to simulate a lot of 3600’er and 3700’er routers. So choose the one that matches your needs.The 3660 only support CME 3.0 though.

You have to add then some extra flash to keep up the files for the phones.

Dynamips supports the disk option. So „disk0 = 256“ gives you a lot of space for files.

You have to format the flash before using it.Do thi dependend on the router IOS with „erase flash:““ or „format flash:“

On the 3725:

cme#erase flash:
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device… eeeeeeeeeeeeeeeeeeeeeeeeeeeeee …erased
Erase of flash: complete

Then you can tftp files to flash, for example moh file „music-on-hold.au“

cme#copy tftp flash
Address or name of remote host []? 1.1.1.29
Source filename []? music-on-hold.au
Destination filename [music-on-hold.au]?
Accessing tftp://1.1.1.29/music-on-hold.au…
Erase flash: before copying? [confirm]n
Loading music-on-hold.au from 1.1.1.29 (via FastEthernet2/0): !OOO!OO
[OK – 496521 bytes]

Verifying checksum… OK (0x206E)
496521 bytes copied in 15.516 secs (32001 bytes/sec)

cme#dir
Directory of flash:/

1 -rw- 757 <no date> startup-config
2 -rw- 496521 <no date> music-on-hold.au

268435452 bytes total (267938040 bytes free)

To setup moh (music on hold) do the following:

telephony-service
ip source-address 192.168.1.31 port 2000
moh flash:music-on-hold.au

…..

And configure, as it’s not the default, „multicast-moh“ under each ephone you want the feature.

You should hear now the moh sound.

You should also copy the cme-gui archive to the flash:

cme#archive tar /xtract tftp://1.1.1.29:/cme-gui.tar flash:/

Login to your router through:

http://1.1.1.31/telephony_service.html

19. Mai 2007

dynamips real world communication

Filed under: dynamips — ocsic @ 09:27

*** Error: Connecting SW1 F1/12 to NIO_linux_eth:eth0 resulted in
206-unable to create Linux raw ethernet NIO
With this error messages dynamips tells you it’s not able to create the device under linux. So maybe the dynamips process is not running with the right permissions to do so. Probably you run dynamips as a normal user. Try to run it as root.

17. Mai 2007

dynampis with internetworkexpert version 4.0

Filed under: dynamips — ocsic @ 11:54

It does work. 🙂

I can boot 6 routers, 4 switches and 3 backbone routers alltogether and the machine is still usable.

I had a 1,6 Mhz Machine before and i could not startup all simulations, because after the 6-8 simulations, the notebook got unusable. I had enough RAM but the cpu was not able to handle the load.

Dynamips load desktop

Now i’m using a SuSE 10.2 installation with dynamips-0.2.7-RC3-amd64.bin on a t60 notebook (2,1 DuoCore, 3GB). You don’t even need that much ram, but the cpu power you will definitely.

All routers and switches respand fast. You will need a good idlepc value to save cpu cycles.

Just test it on the dynagen console with „idlepc get R1“ for example. Probably you will set up the same value for all your routers.

Dynagen Console

20. Februar 2007

dynamips and local connectivity / bridging with linux

Filed under: dynamips — ocsic @ 08:18

Hi, i had really a hard time to get this working. I tried to make the local PC interface reachable by the dynamips router and could not succeed. But i gladly found a solution, that works. Someone on http://hacki.at/7200emu figured it out.

——————————————————————————————

Content of the post (order of these steps seem to be important!!!)

1.Download bridge-utils – If you have Ubuntu or Debian simply do apt-get install bridge-utils
Or download from here http://linux-net.osdl.org/index.php/Bridge
2.Remove ip address on eth0 – ifconfig eth0 0.0.0.0
shutdown eth0 – ifconfig eth0 down
3.Create bridge – brctl addbr br0
assign ip address to bridge – ifconfig br0 netmask
4.Bridging tap0 in Dynampis config.net
e0/0 = NIO_tap:tap0
5.Start Dynamips/vpod

6.Bridging eth0 and tap0 to br0
brctl addif br0 eth0
brctl addif br0 tap0
7.Bringing all interfaces up
ifconfig br0 up
ifconfig eth0 up
ifconfig tap0 up
8.Logging on to the router with the bridged interface and assigning ip address in the same network/subnet as br0

——————————————————————————————

Look at this. 192.168.2.1 is a local vmnet (vmware) interface.

Rack1R6#ping 192.168.2.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/34/60 ms
Rack1R6#

Now i can also use all kinds of software on my local pc to test with dynamips. That’s really great. For example you can use a local syslog server or a radius server for authentication. I will try to configure a local freeradius server with dynamips.

Source:

http://hacki.at/7200emu/viewtopic.php?t=669&highlight=arp

18. Januar 2007

dynagen tuning / idlepc values

Filed under: dynamips — ocsic @ 16:34

I had to adjust the idlepc values for dynamips.

This is how you do it.

First try to figure out, if there are some presets in the dynagen.net ini file for all routers or for single routers. If there are preconfigured values, these values are likely not to match your current system.

Uncomment them and calculted your own.

This can be done by starting dynagen:

fu@lap:~/internetworkexpert> dynagen router-config.net

Reading configuration file…

Network successfully started

Dynagen management console for Dynamips

=> start R1
100-C3600 ‚R1‘ started
=> idlepc get R1
Please wait while gathering statistics…
Select the values that match your system best.

Starting „xosview“ for example, gives you an impression on how the improvement will be.

I adjusted each router one by one. Improvment was for me by falling from 100% cpu usage to about 20% for one router.
When adjusted the new value should be saved with „idlepc save R1“, then it’s stored in the config file.

I can start all 13 instances with 2 GB Ram. Things take a while on my 1.6 Mhz mobile processor, but they will start up. I haven’t done testing complex labs until now. But this will follow in a few days.

Older Posts »

Powered by WordPress