This is the first post to this example blog. To add new posts, just add files to the posts/ subdirectory, or use the web form. Sometimes change document to test out new features.
Sometimes there is a frequently occurring logging message on a IOS device you do not want to be send to a syslog server, either because there is no workaround for this issue, or you simply can not upgrade an IOS at the moment. Like this:
09:14:05 MET: %PLATFORM_ENV-1-FRU_PS_ACCESS: FRU Power Supply is not responding (switch)
It is possible to write a logging discriminator that drops the message, and does not send to syslog server:
conf t
!
logging discriminator PLATFORM severity drops 1 facility drops PLATFORM mnemonics drops FRU_PS_ACCESS
!
! to disable logging to a syslog server via IP
logging host 192.0.2.10 discriminator PLATFORM
!
! to disable logging to local syslog
logging buffered discriminator PLATFORM 100000
logging console discriminator PLATFORM
logging monitor discriminator PLATFORM
!
exit
I have been using tiddlywiki for last 6 months, and was satisfied with the blog software. However some of my needed functions for a blog, could not be realized at current setup, f.e. grep for needed data inside a directory where each blog entry is a .txt file. That setup needs node.js. And there is no way for me to accomplish this.
The bad news is, ikiwiki is not easy to learn for me, so lot of new stuff... But it is interesting staff. I really like to edit articles on the CLI, that is a hudge advantage. I am working mainly with iTerm2, or urxvt on X linux systems, sometimes with XTerm. So this is the good thing that is now reality. Editing in CLI, making some 'magic' commands then et voila, a nice looking blog software presents it.
I would like to write some migration script to import the blog entries from the tiddly wiki, but It will take some time. Eventually I just put them as new articles... I have not decided yet howto do this
At the end, welcome ikiwiki, and goodbye TiddlyWiki. It has been a great time with TiddlyWiki, now a new era begins...
Find files changed in the last 24 hours, the syntax is hard to remember for me:
The UTF-8 encoding is over here now over 20 years. It is much like the IPv6 addressing. It has been written down in RFC2279 as well as defined as a standard in ISO 10646. Almost all websites and majority of applications support UTF-8 encoding. But it has to be configured explicitly. There is a webpage which makes testing support of UTF-8 by Markus Kuhn. UTF-8 Test page
If working with routing everyone familiar with it should know what a nullroute does if installed in the routing table. Sometimes this is needed to exclude specific IP prefixes from accessing a host IP using onboard tools. In this example it is shown how to add a "null route" used by Cisco IOS, on a linux host, here it is called "blackhole route":
Sometimes it is needed to append several files to a file. That's the way to do this on a UNIX/BSD/Linux host:
IPv4 is a legacy protocol. Legacy IP. It is still important to know which IP prefixes are preserved for special uses RFC6890 and RFC6598. My favourite prefixes are the TEST-NET1 - 3.
Reminder to myself, password recovery on a N7K
At a IOS component you sometimes want a sequentially ordered interfaces in a cisco 3700 stack. A switch in a stack can not be un-provisioned or re-provisioned, so removing and adding a physical switch in a running Stack does not work. It generates following syslog message:
%Switch can not be un-provisioned when it is physically present
To change a index number of a physical component in a stack use following IOS command:
switch(config)#switch 3 renumber 1
I have been searching for ascii graph chart tools, this is what I have found some of them highly specific for a special purpose, like monitoring virtual machines, a funny fact is the author of asciivmssdashboard has written a great looking tool using ncurses. The screenshot shows an IP address belonging to Microsoft. 104.40.0.0/13, asking myself if this tool does show HyperV hosts? Also the OUI of the MAC address also belongs to Microsoft 00:0d:3a.
Finally found out the tool for my own purpose will be gnuplot.
If using an OS X operating system most things are done with a GUI. However there are a lot of things under the hood one can do from command line. Lately I have been searching for a way to update the system and installed applications without using the App Store GUI. The command is called softwareupdate
Usage: softwareupdate <mode> [<args> ...]
** Catalog Management:
--set-catalog <URL> Set the new catalog URL (requires privileges)
--clear-catalog Clear the catalog URL back to defaults (requires privileges)
** Manage Updates:
-l | --list List all appropriate update labels
-d | --download Download Only
-i | --install Install
<label> ... specific updates
-a | --all All appropriate updates
-r | --recommended Only recommended updates
--ignore <label> ... Ignore specific updates
--reset-ignored Clear all ignored updates
--schedule (on | off) Set automatic checking
-v | --verbose Enable verbose output
-h | --help Print this help
The following command will list all application that need to be updated
sudo softwareupdate --list
This way it is possible to get updates for installed applications, it is not possible to install new applications.
A URL to an awesome list of OSX CLI commands. Does not matter how long I think and which OS I have been using in the past, all of them Windows, Linux, OSX (BSD I have not been using until now, the time will come) Command line has been always my favorite tool. Here it is a awesome OSX command line.
Since I have been using often SVN in the past as the RCS for projects it is difficult to remember standard commands for git. Often I recall the subversion command but do not remember the equal git command and end up in crippled commands like f.e. gitversion or similar.
Found an interesting site that focuses on exactly my own problem git for svn swappers.
If using route redistribution with OSPF there is a possibility to set it as type 1 or type 2. Dealing with IOS and NX-OS at the same time I have been searching for setting redistributing as OSPF type 1 with NX-OS. Using IOS the command for this routine it works like following
configure terminal
!
router ospf 1
redistribute static metric 100 metric-type 1 subnets
!
end
Dealing with NX-OS there is no such way to set the OSPF metric type in the router process. NX-OS route redistribution works following way: Everything which deals with micromanagement like setting cost, type of metric or different has to be defined in a route-map. In the router process there is only a cross reference to a route map
configure terminal
!
router ospf 1
redistribute static route-map Static-to-OSPF
!
route-map Static-to-OSPF
set metric-type type-1
end
!
Historically I prefer the IOS way of route redistribution, however the NX-OS way of redistributing networks seems to be more logical and consequent way. This kind of configuration makes it simpler to define a statement for a subnet type. It leaves more space for granularity. Although it is preferred to make configuration easy and simple it is possible to make super granular configuration parts one per subnet.
If setting up linux hosts in GNS3 mostly one needs only a certain functionality, or service to test. TinyCore is a tiny linux has a small memory print, and needs few ressources. Once a test scenario has been setup f.e. to test quagga with IOS or other systems the IP settings should be saved. The tinycore wiki describes a method howto do this. This approach works properly if using a vm with qemu or on a physical host. Using GNS3 this approach somehow does not restore the IP settings. I could not find out why there is a difference if using QEMU with GNS3 and using QEMU natively on a physical host. After some research I have found a different approach described by Brian Linkletter howto make settings in GNS3 persistent if using TinyCore. Persistenst IP settings accross reboots need to be edited in the file /opt/bootlocal.sh. Using vi add the prefered IP settings to this file
sudo ip addr add 192.0.2.10/24 dev eth0
sudo ip route add default via 192.0.2.1
sudo pkill udhcpc
To backup the settings use following command:
filetool.sh -b
Then restart the TinyCore host. The set up settings should be restored from the backup This setup has been tested using Core 4.7.7 with linux kernel 3.0.21-tinycore, and GNS3 1.5.0dev6.
TinyCore linux distribution ships a syslog server with busybox but there is no way to start is to act as a syslog server listening to an TCP/IP socket. I needed to find a workaround how to implement a simple syslog server. It does only 2 things it is listening on UPD port 514 to receive messages and store them in a file so every message that is send to UDP port 514 will be stored in the /tmp/syslog file. To use socat to act as a syslog server use following command:
Any IP packets arriving on the port 514 wil be logged to /tmp/syslog file. The service has been bound to a specific IP address here 192.0.2.10. To verify the syslog server is started and has been bound to the specified address use following command:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 192.0.2.10:514 0.0.0.0:* 2069/socat
The output shows the syslog server is bound to an IP address, and is listening on the configured port for incoming notifications. Making a daemon starting on bootup is described here Over here I have edited the /opt/bootlocal.sh file and added the socat command as written before
The file has been backed up with the filetool command:
And after a restart of the tinycore machine the service was running bound to the configured IP interface.
Using Cisco devices sometimes it is needed to rewrite a part of configration for many interfaces. A router can sometimes have several hundred physical interfaces, if the nomeclature has been changed and one needs to change only 1 character or letter at the device it is useful to show only the needed part of the configurations. At IOS devices something like this can be done:
or with some regexp:
The same functionality presented at a NX-OS component, here using egrep
and just another example:
This way it is possible to parse and change hudge parts of the configuration in a quick and easy manner.
While playing around with IOS and quagga routers I noticed an interesting behaviour. While the loopback IP's of my IOS routers did have a considerable cost value in the routing table, here 10.255.255.1
R1#sh ip route 10.255.255.2
Routing entry for 10.255.255.2/32
Known via "ospf 1", distance 110, metric 101, type intra area
Last update from 10.0.0.2 on GigabitEthernet1/0, 00:19:06 ago
Routing Descriptor Blocks:
* 10.0.0.2, from 10.255.255.2, 00:19:06 ago, via GigabitEthernet1/0
Route metric is 101, traffic share count is 1
the quagga loopback interaces had a lot higher metric, see here 10100
R1#sh ip route 10.255.254.1
Routing entry for 10.255.254.1/32
Known via "ospf 1", distance 110, metric 10100, type intra area
Last update from 10.0.0.18 on GigabitEthernet6/0, 00:00:08 ago
Routing Descriptor Blocks:
* 10.0.0.18, from 10.255.254.1, 00:00:08 ago, via GigabitEthernet6/0
Route metric is 10100, traffic share count is 1
My first thought was to configure the same auto-cost reference bandwidth across all routers. Unfortunatelly it did not change anything. The metric was still the same. Here as seen on IOS:
R1#sh run | sec router.ospf
router ospf 1
auto-cost reference-bandwidth 100000
Here as seen on quagga:
router ospf
ospf router-id 10.255.254.1
! Important: ensure reference bandwidth is consistent across all routers
auto-cost reference-bandwidth 100000
I like the commented out notice in quagga, it is there by default. Second thought was to configure the bandwith on the quagga eth0 interface, so set and done
interface eth0
bandwidth 1000000
Still, nothing has changed the IP prefix has the same metric 10100, depending on which router you look. So which configuriaton leads to such high metric cost on quagga loopback interface? The solution was to look over the show ip ospf interface command on both router platforms:
R1#sh ip ospf interface lo0
Loopback0 is up, line protocol is up
Internet Address 10.255.255.1/32, Area 0, Attached via Interface Enable
Process ID 1, Router ID 10.255.255.1, Network Type LOOPBACK, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Enabled by interface config, including secondary ip addresses
Loopback interface is treated as a stub Host
So as IOS has default cost for a loopback interace set to 1. The quagga platform has following settings:
R2# sh ip ospf interface lo
lo is up
ifindex 1, MTU 16436 bytes, BW 0 Kbit <UP,LOOPBACK,RUNNING>
Internet Address 10.255.254.1/32, Area 0.0.0.0
MTU mismatch detection:enabled
Router ID 10.255.254.1, Network Type LOOPBACK, Cost: 10000
Transmit Delay is 1 sec, State Loopback, Priority 1
No designated router on this network
No backup designated router on this network
Multicast group memberships: <None>
Timer intervals configured, Hello 10s, Dead 40s, Wait 40s, Retransmit 5
Hello due in inactive
Neighbor Count is 0, Adjacent neighbor count is 0
The quagga router has a default cost set to 10000 on loopback interfaces. This was unexpected. And the solution was to explicitely configure the desired metric/cost for the loopback interface. Set and done:
interface lo
ip ospf cost 1
Then everything looked sane again
R1#sh ip route | i 10.255.254.1
O 10.255.254.1/32 [110/101] via 10.0.0.18, 00:00:39, GigabitEthernet6/0
The lesson learnt was to configure services the way you expect them to work, and do not leave things at default or unconfigured, even if it worked that way past 20 years. Vendors change things and a firmware update on $vendor box might lead to unexpected behaviour if leaving things on default values that have been true for last years.