NetworKHelp

Tuesday, 18 September 2018

                                         Professional/Technical Competencies:

ï‚§ OSI & TCP/IP Network protocol architecture, Layering benefits and concept, functions of different layers, switches and LAN design, VLANâ€™s, VTP, STP, RSTP, MSTP.
ï‚§ Cisco Router & Switch experience with emphasis on IOS / CatOS, NxOS.
ï‚§ Excellent knowledge in Nexus Technologies (OTV, VPC, FABRICPATH) & Hardware (7K, 5K, 2K etc).
ï‚§ First hop redundancy protocols (i.e. HSRP, VRRP, GLBP etc)
ï‚§ Experience on configuration and maintenance of F5/ ACE load balancer.
ï‚§ Proficient knowledge in Routing protocols (RIP, BGP, OSPF, EIGRP, IPX etc) especially in OSPF & BGP.
ï‚§ WAN transport technologies (Frame Relay, ATM, Private/Leased Line, MPLS, ISDN, PPP, HDLC)
ï‚§ Proficient knowledge in LAN technologies (Ethernet, Fast Ethernet, Gigabit Ethernet, Wi-Fi)
ï‚§ VPN Technologies (IPSec, SSL, Cisco Anyconnect, Cisco EasyVPN, DMVPN)
ï‚§ Experience on troubleshooting various Site to site and Remote access VPN related issues.
ï‚§ Authentication, authorization, encryption mechanisms (LDAP, RADIUS, TACACS+, PKI, SSL, SSH)
ï‚§ Quality of Service, Multicasting
ï‚§ Excellent Knowledge on F5/ACE load balancer.
ï‚§ Wireless LAN technologies, Cisco unified wireless LAN solution etc.
ï‚§ Excellent understanding of the protocols like FTP, TFTP, HTTP, DHCP, DNS, SNMP, WINS, IPSEC.
ï‚§ WAN Acceleration & compression services
Experience on configuration and maintenance of Cisco multilayer switches, Cisco routers.

Thursday, 13 September 2018

Multiple Spanning Tree Protocol (802.1s)

Now that we have basic understanding of how MSTP works inside a region let’s create a sample configuration. Consider the following physical topology of three switches:

The topology has the following VLANs: 1, 10, 20, 30, 40, 50, 60. Our goals for this scenario are:

Make VLANs 10,20,30 follow the link from SW3 to SW1.
Make VLANs 40,50,60 follow the link from SW3 to SW2.
If any of the above links fail, the affectred VLANs should fall-back to the other link.

To accomplish this, we create two MSTIs – number 1 and 2. SW1 will be the root for instance 1 and SW2 will be the root for instance 2. As for the IST (MSTI0), we make SW3 the root switch for it (though it’s not recommended to assign root roles to access switches). As for VLAN to MSTI mappings, VLAN 1 will remain mapped to the IST. Remaining VLANs 10, 20 and 30 would map MSTI1, while VLANs 40, 50 and 60 would map to MSTI2. Here is the configuration:

W1:
spanning-tree mode mst
!
spanning-tree mst configuration
 name REGION1
 instance 1 vlan 10, 20, 30
 instance 2 vlan 40, 50, 60
!
! Root for MSTI1
!
spanning-tree mst 1 priority 8192
!
interface FastEthernet0/13
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/16
 switchport trunk encapsulation dot1q
 switchport mode trunk

SW2:
spanning-tree mode mst
!
spanning-tree mst configuration
 name REGION1
 instance 1 vlan 10, 20, 30
 instance 2 vlan 40, 50, 60
!
! Root for MSTI 2
!
spanning-tree mst 2 priority 8192
!
interface FastEthernet0/13
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/16
 switchport trunk encapsulation dot1q
 switchport mode trunk

SW3:
spanning-tree mode mst
!
spanning-tree mst configuration
 name REGION1
 instance 1 vlan 10, 20, 30
 instance 2 vlan 40, 50, 60
!
! Root for the IST
!
spanning-tree mst 0 priority 8192
!
interface FastEthernet0/13
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/16
 switchport trunk encapsulation dot1q
 switchport mode trunk

The following show commands will demonstrate the effect our configuration has on traffic forwarding:

SW1#show spanning-tree mst configuration
Name      [REGION1]
Revision  0     Instances configured 3

Instance  Vlans mapped
--------  ---------------------------------------------------------------------
0         1-9,11-19,21-29,31-39,41-49,51-59,61-4094
1 10,20,30
2 40,50,60
-------------------------------------------------------------------------------

SW1#show spanning-tree mst               

##### MST0    vlans mapped:   1-9,11-19,21-29,31-39,41-49,51-59,61-4094
Bridge        address 0019.5684.3700  priority      32768 (32768 sysid 0)
Root          address 0012.d939.3700  priority      8192  (8192 sysid 0)
              port    Fa0/16          path cost     0
Regional Root address 0012.d939.3700  priority      8192  (8192 sysid 0)
                                      internal cost 200000    rem hops 19
Operational   hello time 2 , forward delay 15, max age 20, txholdcount 6
Configured    hello time 2 , forward delay 15, max age 20, max hops    20

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Desg FWD 200000    128.15   P2p
Fa0/16 Root FWD 200000    128.18   P2p 

##### MST1 vlans mapped: 10,20,30
Bridge        address 0019.5684.3700  priority      8193  (8192 sysid 1)
Root this switch for MST1

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Desg FWD 200000    128.15   P2p
Fa0/16 Desg FWD 200000    128.18   P2p 

##### MST2 vlans mapped: 40,50,60
Bridge        address 0019.5684.3700  priority      32770 (32768 sysid 2)
Root address 001e.bdaa.ba80 priority 8194  (8192 sysid 2)
              port    Fa0/13          cost          200000    rem hops 19

Interface        Role Sts Cost      Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/13 Root FWD 200000    128.15   P2p
Fa0/16           Altn BLK 200000    128.18   P2p 

SW1#show spanning-tree mst interface fastEthernet 0/13

FastEthernet0/13 of MST0 is designated forwarding
Edge port: no             (default)        port guard : none        (default)
Link type: point-to-point (auto)           bpdu filter: disable     (default)
Boundary : internal                        bpdu guard : disable     (default)
Bpdus sent 561, received 544

Instance Role Sts Cost      Prio.Nbr Vlans mapped
-------- ---- --- --------- -------- -------------------------------
0 Desg FWD 200000    128.15   1-9,11-19,21-29,31-39,41-49,51-59
                                     61-4094
1 Desg FWD 200000    128.15   10,20,30
2 Root FWD 200000    128.15   40,50,60

SW1#show spanning-tree mst interface fastEthernet 0/16

FastEthernet0/16 of MST0 is root forwarding
Edge port: no             (default)        port guard : none        (default)
Link type: point-to-point (auto)           bpdu filter: disable     (default)
Boundary : internal                        bpdu guard : disable     (default)
Bpdus sent 550, received 1099

Instance Role Sts Cost      Prio.Nbr Vlans mapped
-------- ---- --- --------- -------- -------------------------------
0        Root FWD 200000    128.18   1-9,11-19,21-29,31-39,41-49,51-59
                                     61-4094
1 Desg FWD 200000    128.18   10,20,30
2 Altn BLK 200000    128.18   40,50,60

The link cost values are much higher than the default STP costs (IEEE standard values), and MSTIx is called MSTx (e.g. IST is MST0). Aside from that, note the term “Regional Root” which is to be explained in details below.

Wednesday, 12 September 2018

Running Cisco Catalyst Switch(CLI) on GNS3 using IOU (IOS on Unix) and VirtualBox

Contents [hide]

Downlaods

IOU Virtual Vmware Image

Cisco L2 and L3 Images for IOU

Import IOU in VirtualBox

The IOU Vmware zip file contains a full load of stuffs. You need only one.

VirtualBox IOU VM Host Settings

After that open the vmdk file in VirtualBox and do some little changes in settings. Set the memory requirement as 256MB and it is enough to open the IOU VM.

Before you start the VM, do not forget to set the Virtual Network Adapter settings as Host Only.

Now time to fire up the VM and after successful booting the VirtualBox console will come up with a login prompt with a notification to browse the VM through browser to upload the L2 and L3 IOS file(here the IP address is set to 192.168.56.101 and the port is 8000 to access the http portal).

Username: root

Password: cisco

Uploading IOS to IOU VM

Now open the browser and upload the necessary files.

Url to open the VM http portal: http://192.168.56.101:8000/upload

Dont worry. These files are available on “L2 & L3 IOU IOS” zipFile.

IOU Licencing

Before starting the GNS3, need to license the VM. Go through the Video.

Upload Keygen to IOU VM

Either have to download the KeyGen.py or take it from the zip file itself and upload it to the VM.

Run the Keygen in IOU VM

Now write some simple command into the VM console.

cd /home/gns3/GNS3/images
python3 keygen.py

Now you are half done to the licensing. I am taking the rest aside and will discuss after GNS3 setup.

Import the IOU VM Instances into GNS3

In GNS go to Preference>IOU Devices and then select a new . After the new IOU prompt come set the server type as remote(by default) .

Step 1 : Selecting Server Type

Step 2 : Mount the IOU image

Now mount the IOU image by simply copy and paste the path from the browser(it is a file located in 192.168.56.101:8000).

IOU Licensing Part 2

Now come to the rest of the licensing procedure.

IOURC Setup

Go to preferences> IOU on UNIX and you need to provide the absolute path of the iourc.txt file located in your local drive.

In the same way you can bring the L3 IOS also.

Launch the IOU Devices (L2 & L3) in GNS3

Now check how these IOU L2 and L3 devices being reflected in the GNS3 window.

You are ready to play with the Cisco switches. Here you can simulate almost all kind of toplogy, features, protocols & configurations.

Thank You —