Browsing articles in "Tutorial"
Nov
5
2009
Slow ADSL with 12.4 IOS version?!

Recently, I have upgraded my Cisco 2650XM from 12.3 to 12.4 version; I use it to connect my PC to Internet, but something goes wrong. After the upgrading, I have tried to downlad an ISO image but the speed was very low (about 300KB/s and not 700KB/s). Mhhh this is strange! I have begun the troubleshooting but no error, no warning message. So I have reset my current configuration, but nothing… no real improvement.

Sep
9
2009
How to create shortcut command

Cisco IOS permits to define a shortcut to complex command. An alias can be configured to do anything that can be done at the command line, but an alias cannot move between modes, type in passwords, or perform any interactive functions. To create a command alias, issue the alias command in global configuration mode. The syntax of the command is alias mode command-alias original-command. Who have never typed repeatedly the commands show cdp neigh or show ip inter brief?

Jul
22
2009
CoPP?! What is that?

Cisco Network Foundation Protection (NFP) is an umbrella strategy encompassing Cisco IOS Security features that provides the tools, technologies, and services that enable organizations to secure their network foundations. NFP helps to establish a methodical approach to protecting router planes, forming the foundation for continuous service delivery. The router is typically segmented into three planes of operation, each with a clearly identified objective: the data plane allows the ability to forward data packets the control plane allows the ability to route data correctly the management plane allows the ability to manage network elements. The vast majority of packets handled by […]

Jul
1
2009
OSPF Virtual Link

The Open Shortest Path First (OSPF) protocol, defined in RFC 2328, is an Interior Gateway Protocol used to distribute routing information within a single Autonomous System. The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford vector based algorithms used in traditional Internet routing protocols such as RIP. OSPF has introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, and so forth. An OSPF network can be divided into sub-domains called areas. An area is a logical collection of OSPF networks, routers, and links that have the same […]

Jun
22
2009
Have you never seen a Cisco crash?

It is not common see a Cisco crash: Software forced crash, Bus Error, Software watchdog timeout, and so on… But if you would do it, there is a pretty trick :) : it’s the “test crash” command, an hidden IOS command. This can help you if you are lucky enough to have the real crash exactly like one of those you can test with “test crash” command.

May
19
2009
BGP best path selection

The Border Gateway Protocol (BGP) is an interautonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP). BGP is a very robust and scalable routing protocol, as evidenced […]

Apr
16
2009
Tips for securing Cisco administrative access

In this article I would explain some tips for securing Cisco administrative access. When creating passwords, keep these rules in mind: Make passwords lengthy Passwords should combine letters, numbers, and symbols. Passwords should not use dictionary words Change passwords as often as possible Strong passwords are the primary defense against unauthorized access to your router. The best way to manage passwords is to maintain them on an AAA server, but not all people can have/manage a AAA server. Cisco provides a number of enhanced features that allow you to increase the security of your passwords. For the basic configuration read […]

Apr
6
2009
Banner, what is that?

One of the things that usually are not implemented by the network administrator is the banner; but what and why use it? The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH. There are two main reasons to implement banner on our router/switch: Banner messages should be used to warn would-be intruders that they are not welcome on your network. Banner are useful to quickly […]

Mar
17
2009
How to protect against BPDU attack
bpdu_attack_2

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability! See below to understand BPDU attack: In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that all the switches have the same priority).

Feb
17
2009
Use MRTG to monitor bandwidth

In “An introduction to SNMP” I have explained how SNMP protocol works and how use it; but what are the softwares that use SNMP to monitor network bandwith? HP Openview, Ciscoworks, MRTG are some examples. In this article I will explain how monitor Cisco Switches/Routers bandwith under a Linux machine using a free open source tool: MRTG. The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic. MRTG consists of a Perl script which uses SNMP to read the traffic counters […]