There are many ways to monitor devices: netflow, span port, switchport and so on. Today I will explain how to monitor bandwith, CPU, … of routers and switches using SNMP and Cacti. Simple Network Management Protocol (SNMP) is an “Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more.” It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists [...]

An access list is a sequential list consisting of at least one permit statement and possibly one or more deny statements that apply to IP addresses and possibly upper-layer IP protocols. Time-based ACLs is a Cisco feature introduced in the Release 12.0.1.T to allow access control based on time. The time range, identified by a name, can be ‘absolute‘ or ‘periodic‘. Use time-based access list is easy and can be useful in some situations. To implement it, you need: Define time-range Define ACL, where the time-range is applied to Apply ACL; for istance: to the interface, to the vty, to [...]

Often in a network environment, it is needed to manage a router/switch via console, but what can you do if you don’t have a computer with a serial interface? You can use another router! It is easy to do it. 1) Connect the console interface of the router/switch to the router aux interface using a rollover cable. Rollover cables essentially have one end of the cable wired exactly opposite from the other. As you can see below, this essentially “rolls over” the wires.

What can I do if I forgot the password in my router? The fastest solution is replace it with the ‘password recovery‘ (you can try to find the password with bruteforce attack but I think it is not the better solution..). During the password recovery procedure, it is fundamental sent the correct ‘Break’ key sequence to enable ROMMON, but, as you know, the ‘break’ sequence depends by the software that you use! Below the standard break key sequence combinations for the most common operating systems.

A number of shortcuts exist within the IOS command line interface. The most famous shortcut is the ‘TAB’ command, that completes a partially typed CLI command. For istance, if you type “sh ru” and press TAB, it will complete the command as “show running-config“. Below the complete list of the IOS shortcuts: Ctrl+T: Swap the current character with the one before it Ctrl+K: Erase all characters from the current cursor position to the end of the line Ctrl+X: Erase all characters from the current cursor position to the beginning of the line Ctrl+L: Reprint the line Ctrl+C: Exit configuration mode

Cisco IOS permits to define a shortcut to complex command. An alias can be configured to do anything that can be done at the command line, but an alias cannot move between modes, type in passwords, or perform any interactive functions. To create a command alias, issue the alias command in global configuration mode. The syntax of the command is alias mode command-alias original-command. Who have never typed repeatedly the commands show cdp neigh or show ip inter brief?

One of the things that usually are not implemented by the network administrator is the banner; but what and why use it? The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH. There are two main reasons to implement banner on our router/switch: Banner messages should be used to warn would-be intruders that they are not welcome on your network. Banner are useful to quickly [...]

In ”An introduction to SNMP” I have explained how SNMP protocol works and how use it; but what are the softwares that use SNMP to monitor network bandwith? HP Openview, Ciscoworks, MRTG are some examples. In this article I will explain how monitor Cisco Switches/Routers bandwith under a Linux machine using a free open source tool: MRTG. The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic. MRTG consists of a Perl script which uses SNMP to read the traffic counters [...]

Not everyone knows that HSRP, a fault-tolerant default gateway protocol, has two versions: version 1 (the default) and version two. The second version was integrated from IOS Release 12.2(25)S. HSRP Version 2 features: It advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases. It expands the group number range from 0 to 4095 and consequently uses a new MAC address range 0000.0C9F.F000 to 0000.0C9F.FFFF. It provides improved management and troubleshooting: the HSRP version 2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field [...]

The Spanning Tree Protocol is an OSI layer-2 protocol that ensures a loop-free topology for any bridged LAN. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links. Bridge loops must be avoided because they result in flooding the network. The Spanning Tree Protocol (STP), is defined in the IEEE Standard 802.1D. As the name suggests, it creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches), and [...]