after the csg/ggsn exploits, the better part of my week is freed up. I like it when I do something and the impact is felt almost immediately by customers, the feedback is quite refreshing.
An assesor lab some time back showed me weak on IPv6, multicast and i need to polih up on L2 technologies.
Either way I think Im still on track for the CCIE. time to start redirecting my finances towards this goal. This is probably going to be the most painful one since money is hard to come by.
anyway,,...I was on the following links today for other reasons mainly work related, and since its slowly becoming clear that data center networking might be my next bread and butter:-)
**Yes I had nowhere to book mark the pages and needed a quick reference point...:-)
Configuring Enhanced Service-Aware Billing - on the ggsn ( i deal with mobility so ggsn's sgsn,s are sort of my main dish:-)
Technical Resources for the Enterprise - Cisco Design Zone
Data Center Assurance Program (DCAP) 3.0
Protocol Compliance Statements for the CSG 3.1(3)C7(1)
Cisco DCAP Data Mobility Manager (DMM) Design Guide (External)
Friday, February 27, 2009
Tuesday, February 24, 2009
CMX CSG upgrade:
Today had me doing an MOP for some upgrades. This is for a cisco CMX running on a 7613 chassis. It assumes you plug in a CSG module on slot 13 and it doesn't have the right software installed but you have it on disk0 on the supervisor.
Next I will show how to put it together with some ggsn's, configure and test billing for mobile users.
The above shows the image we want is in disk0
Now make the file above accessible via tftp as follows:
Now the file above can be reached and picked via tftp by the csg. Another alternative is to use our tftp server.
You should get output similar to the above.
When the module comes up sh mod should give the output almost exactly like below:
That’s it your CSG is upgraded.
Next I will show how to put it together with some ggsn's, configure and test billing for mobile users.
CMX1#dir
Directory of disk0:/
5 -rw- 4736628 Jun 25 2008 02:33:06 +03:00 c6csg-apc.31-3.C7.7.bin
The above shows the image we want is in disk0
Now make the file above accessible via tftp as follows:
CMX1(config)#tftp-server bootflash: c6csg-apc.31-3.C7.7.bin
Now the file above can be reached and picked via tftp by the csg. Another alternative is to use our tftp server.
CMX1#session slot 13 processor 0
The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.50 ... Open
wwwwwwwwwwwwwwwwwwwwwwww
www.C o n t e n t w
www.S e r v i c e s w
www.G a t e w a y w
wwwwwwwwwwwwwwwwwwwwwwww
CSG> dir
usage
upgrade slot0:|server-ip-addr filename
ping ip-addr
show ...
copy coredump tftp|rcp ip-addr filename [rcp-user]
capture [on|off]
pktlog ...
exit
CSG> upgrade slot0: c6csg-apc.31-3.C7.7.bin
Upgrading System Image 1
CSG ExImage Nov 8 2007
R/W| Reading:lam_ppc.bin..DONE Writing:lam_ppc.bin..DONE
Read 13 files in download image. (13,0,0)
Saving image state for image 1...done.
CSG> exit
Good Bye.
[Connection to 127.0.0.10 closed by foreign host]
You should get output similar to the above.
CMX1# hw-module mod 13 reset
When the module comes up sh mod should give the output almost exactly like below:
CMX1#sh mod
5 0001.c9dd.0f5e to 0001.c9dd.0f65 1.4 3.1(3)C7(7) Ok
That’s it your CSG is upgraded.
Thursday, February 19, 2009
stil on track
Ahhh Im still on track for the ccie, had an assessor lab - still need a bit of lab time- though work has really intruded on my time table. However the work has mainly been fun appart from a few 'people' related political annoyances. I have also learnt how important some politics is to get some jobs done so I won't complain much.
Im rerouting my finances to cover for the ccie. Giving it a single shot and I don't see why it should not be passable by year end.
Im done with most of the books, so labs from now on, probably upgrading some hardware (ive been at work alot lately and the current laptop can't hack more than 5 routers on dynamips). so a new one is in order (pre-exam gift):-)
Im rerouting my finances to cover for the ccie. Giving it a single shot and I don't see why it should not be passable by year end.
Im done with most of the books, so labs from now on, probably upgrading some hardware (ive been at work alot lately and the current laptop can't hack more than 5 routers on dynamips). so a new one is in order (pre-exam gift):-)
Sunday, January 25, 2009
My left knee is a traitor!!
So i took a break from work, reading and all things indoors today (sunday). One other goal I have this year is to get fitter, swim better - longer, jump a higher bungee, run a 21Km (half marathon) without something on or in me giving up.
So to test my current status, I went for a triathlon:-)....The swim almost killed me, so bad was I my event was changed to a duathlon - didn't finish the swim....:-(I'm yet to take the ccie lab but i suredo hope my chances with it are better than what I had in water...
I transitioned after the last swimmer - to be fair- and off we went cycling....I think apart from laziness, and probably terrible eating habits, I'm a strong, good cyclist...the trails at KU-the university are not bad at all, parts of it are single track, brief vegetation then its you and open ground....
Ahhh then came the run, after about 4Km, my left knee totally gave up on me, the rest of the body definately felt betrayed, there was this awfully sharp pain from the back of my knee (I don't run much) and I swear I could hear my heart bouncing with every step...it ended well, heck they gave me a medal - probably to console me:-) the running kicked my ass though...This knee thing! not sure whether to get it checked out, so if you get by here and have a clue let me know...
Im dedicating more hours to the run and general fitness stuff every week, not sure what to do with the swim, need a plan..to complete a full triathlon by end of year I need to probably put in as much time as I'll do the ccie lab, It will be very satisfying to accomplish both by end year-something I plan on doing-....either way I find that getting out every once in a while works wonders for my concentration..... ahhh now back to IPV6.....
So to test my current status, I went for a triathlon:-)....The swim almost killed me, so bad was I my event was changed to a duathlon - didn't finish the swim....:-(I'm yet to take the ccie lab but i suredo hope my chances with it are better than what I had in water...
I transitioned after the last swimmer - to be fair- and off we went cycling....I think apart from laziness, and probably terrible eating habits, I'm a strong, good cyclist...the trails at KU-the university are not bad at all, parts of it are single track, brief vegetation then its you and open ground....
Ahhh then came the run, after about 4Km, my left knee totally gave up on me, the rest of the body definately felt betrayed, there was this awfully sharp pain from the back of my knee (I don't run much) and I swear I could hear my heart bouncing with every step...it ended well, heck they gave me a medal - probably to console me:-) the running kicked my ass though...This knee thing! not sure whether to get it checked out, so if you get by here and have a clue let me know...
Im dedicating more hours to the run and general fitness stuff every week, not sure what to do with the swim, need a plan..to complete a full triathlon by end of year I need to probably put in as much time as I'll do the ccie lab, It will be very satisfying to accomplish both by end year-something I plan on doing-....either way I find that getting out every once in a while works wonders for my concentration..... ahhh now back to IPV6.....
Thursday, January 22, 2009
Etherchannel Load Balancing and Forwarding Methods
a couple of WS-C3750E's - had a strange problem (mainly with my assumptions) on how etherchannel load balances. I thought it was automatic:-) it should feel what i need and do it!!!...
Imagine two ports bound to form one port channel giving 200Mbps. Now imagine on one end you have two hosts/servers that generate/carry a lot of traffic (an ftp server for instance) to multiple destinations on the other end - internet, auth servers etc etc...
One of the hosts has more traffic than the other, infact alot more then 98Mb. so when traffic hit 100Mbps, i started noticing random packet drops. why why why...I thought this is a 200mbps interface???
upon further checks we discovered that one of the interfaces within the bundle was dropping packets/frames.
so the checks started:
src-mac was the default.
Now according to cisco :
EtherChannel load balancing can use either source-MAC or destination-MAC address forwarding.
With source-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the source-MAC address of the incoming packet. Therefore, to provide load balancing, packets from different hosts use different ports in the channel, but packets from the same host use the same port in the channel (and the MAC address learned by the switch does not change).
With destination-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the destination host's MAC address of the incoming packet. Therefore, packets to the same destination are forwarded over the same port, and packets to a different destination are sent on a different port in the channel.
So obviously the default load balancing was not working for me.
Since this was a 3750, I correctly figured that it can also use IP. playing around with the setup on the end that was dropping packets, the following sort of sorted me out:
the command to make this change is:
you can play around with:
you can run a test by:
references:
before:
now :
I figure after some time I'll come across a few drops..because the network hates me!!!
Imagine two ports bound to form one port channel giving 200Mbps. Now imagine on one end you have two hosts/servers that generate/carry a lot of traffic (an ftp server for instance) to multiple destinations on the other end - internet, auth servers etc etc...
One of the hosts has more traffic than the other, infact alot more then 98Mb. so when traffic hit 100Mbps, i started noticing random packet drops. why why why...I thought this is a 200mbps interface???
upon further checks we discovered that one of the interfaces within the bundle was dropping packets/frames.
so the checks started:
Gitau-Switch-01-Sw#sh etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-mac
src-mac was the default.
Now according to cisco :
EtherChannel load balancing can use either source-MAC or destination-MAC address forwarding.
With source-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the source-MAC address of the incoming packet. Therefore, to provide load balancing, packets from different hosts use different ports in the channel, but packets from the same host use the same port in the channel (and the MAC address learned by the switch does not change).
With destination-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the destination host's MAC address of the incoming packet. Therefore, packets to the same destination are forwarded over the same port, and packets to a different destination are sent on a different port in the channel.
So obviously the default load balancing was not working for me.
Since this was a 3750, I correctly figured that it can also use IP. playing around with the setup on the end that was dropping packets, the following sort of sorted me out:
Gitau-Switch-01-Sw#sh etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-ip
the command to make this change is:
port-channel load-balance src-ip
you can play around with:
Gitau-Switch-01-Sw#port-channel load-balance ?
dst-ip Dst IP Addr
dst-mac Dst Mac Addr
src-dst-ip Src XOR Dst IP Addr
src-dst-mac Src XOR Dst Mac Addr
src-ip Src IP Addr
src-mac Src Mac Addr
you can run a test by:
test etherchannel load-balance interface port-channel [#] ip [src] [dst]
references:
http://www.edgenetworks.nl/etherchannel.html
http://www.cisco.com/en/US/tech/tk389/tk213/technologies_tech_note09186a0080094714.shtml
before:
Gitau-Switch-01-Sw#sh int g1/0/24 | include drop
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 20191
now :
Gitau-Switch-01-Sw#sh int g2/0/24 | include drop
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Gitau-Switch-01-Sw#sh int g1/0/24 | include drop
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
I figure after some time I'll come across a few drops..because the network hates me!!!
Subscribe to:
Posts (Atom)
Posts
