ShaneKillian.net

I found two simple script to mount ISO files in Ubuntu. One script to mount and one script to unmount.

Download both scripts here: Mount and Unmount

After downloading both scripts, fire up the terminal and enter the following commands to change the permissions:

After this you need to copy them to nautilus-scripts:

Thats it! Now when you right click an ISO you should see the following

Obviously, all you need to do is select the mount/unmount script depending on what you want to do.

Note to self: remember you have a blog remember to update your blog!

I’ve recently moved back over to Ubuntu mainly because of performance issues. I had been running Windows 7 for over a month and I really like it but when it comes down to the crunch, it really is not able for dynamips (at least on the scale that I would like).

I’ve always known that Linux (Ubuntu in particular) can provide a huge perfomance increase while runing dynamips but, I have failed to find many people running dynamips with dynagen successfully on Ubuntu Jaunty 9.04.

Heres what I did to run the Internetwork Expert 4.01 R&S dynamips lab on my 9.04 install.

First I installed dynamips and dynagen:

Pretty simple huh?

After installing those I had to reconfigure the Internetwork Expert Dynamips config. I was basically running it from a folder on my desktop called “internetworkexpert”

A quick look at the contents (to avoid confusion):

I had extracted my IOS using the “unzip” command and placed it in the root of the “internetworkexpert” folder. The new filename is J3640-JS.BIN.

After that, I needed to make some adjustments to the IE *.net file “ie.routing.and.switching.topology.4.01.net” , here is my completed file (credits to www.internetworkexpert.com):

As you can see in that file, there are actually two instances of dynamips being used. The two hypervisors are run on ports 7200 and 7201 as root on my setup.

I’ve adjust the IOS locations, the IDLEPC for my setup and the loopback for TermServ to E0/0 = NIO_tap:tap0. You will have to make adjustments pointing to your IOS aswel as creating and specifying a “tap” interface.

To start the setup we need to start the first hypervisor on 7200:

and of course the second hypervisor on port 7201:

After starting those two hypervisors we need to launch another terminal to run dynagen as root.  I find it easiest to run dynagen from the “internetworkexpert” folder and then specify the *.net file from there.

Thats pretty much it once dynagen is running. You can then list all devices by typing “all” . You can start devices by typing start devicename and telnet by typing telnet devicename.

If you have the loopback interface configured you can telnet into the TermServ device and then manage your connections from there Here’s a more comprehensive tutorial to understand the loopbacks, syntax and of course what this can and can’t do.

Credits:  dynagen.org, 7200emu.hacki.a, internetworkexpert.com

I’ve been hitting the books hard for the past week or so (and I’ve still managed to get out and go a little mad - so it’s not too bad!) covering all of the CCNA topics again.

I’ve got a good handle on all of the technologies now and I have perfected OSPF and EIGRP, I think I have a pretty good understanding of them. I scanned some of the CBT Nuggets again and I got my hands on some “Official” course ware that I’ve been reading for the BSCI exam.

For the BSCI, I’ve mainly been covering EIGRP benefits, metrics and configuration and a reasonable amount of reading on IIN (Intelligent Information Network)  and SONA (Service Oriented Network Arcitecture). Its interesting stuff!

I just wrapped up a rack session over at Internetwork Expert a half hour ago. I ran through the advanced technologies Bridging and switching workbook covering the sections on VLANS, VTP Modes and Etherchannel in a few labs. Definitely worth the money!

I’ve been covering all my other labs using Dynamips/Dynagen and GNS3 replicating the labs from the Cisco Press books as much as possible. At this stage I’m getting a minimum of two hours hands on every day.

All in all, its been a pretty good week. I’m definately ready for the CCNA (I’d be suprised if I didn’t pass it) and I have about 40% of the work done for the CCNP BSCI Exam.

I hope to schedule the CCNA as soon as I get a free day

Onward and upwards!

I’ve been reading back over routing protocols over the past day or so and one thing that confused my was triggered updates with RIP (which is a Distance Vector routing protocol).

Here’s the conclusion I’ve come to.

Scenario A

Assuming that all routers are using RIP and someone was to trip over the cable (disconnecting it) on fa0/1 of Router C, the following would happen.

1. Router C would remove the connected route to 192.168.2.0/24 from its routing table and advertise this route with an infinite metric (16 in this case because we are using RIP) out interface fa0/2 over to Router B.
2. Router B would then mark the route as inaccessible and start a hold down timer up to 180 seconds. During these 180 seconds, router B will ignore ALL updates for network 192.168.2.0/24 regardless of the cost (even if it is less than 16). This hold down timer will give the network a chance to converge.
3. Router B will advertise the route with the infinite metric over to Router A and back to Router C (this is called “Split Horizon with Poison reverse”) which will in turn start the hold down timers on these routers.
4. After the hold down timer expires Router B will accept updates for the 192.168.2.0 again. If no updates are received, Router B will remove the route from its routing table after the route-flush timer expires.

Scenario B

On Router C the cable connected to interface fa0/1 becomes faulty causing the interface to go into a “flapping state” (this is when the interface status changes from up to down repeatedly).

In this case again, Router C will advertises the infinite metric after the route goes down and steps 1 to 4 above would apply.

However, after the hold down timer expires (180 seconds) router B will accept updates from router C about the route to 192.168.2.0/24.  What happens next is determined by the state of the flapping interface on Router C.

You can read more about RIP and RIPv2 here.

I haven’t updated in a while because I’ve been hitting the books hard for some of my MCSE exams but I got a chance to do some more Cisco stuff this week (well, at least a few hours in between all the Exchange server stuff!).

I always seemed to have trouble understanding frame-relay when I started to study for CCNA. In my opinion the only way to master it is to configure hands on labs on real equipment or in Dynamips/GNS3.

Heres a basic frame-relay hub and spoke topology that I configured in GNS3, you can also see an example of “PPP Authentication CHAP” and how it is configured between links in such a configuration.

Here are the intitial configuration scripts that I’ve used to set passwords and vty/console settings. Just be sure to replace the hostname with THEhostname of the router that you are applying the script to.

Here’s how I configured the HUB router at the USA HQ site:

The “show frame-relay pvc” command will show the DLCI’s that you should be mapping to the interface (sent by the FR Switch).

The you need to configure S0/0.1 with ppp virtual template and DLCI.

DLCI 101 will be used to describe the link from R0 over to R1 at the London office at layer 2.

You need to configure the IP address on the virtual-template assigned to sub-interface s0/0.1 and use PPP Authentication CHAP to configure authentication.

Then assign the username and shared passwords to be used for CHAP authentication:

DLCI 102 will be used to describe the link from R0 over to R1 at the London office at layer 2.
You need to create sub-interface s0/0.2 and assign it to dlci 101.

Then assign an IP to virtual-template 2:

Thats the interface configuration, layer 2 and layer 3 address done at the hub router - its pretty simple!

R2 and R3 configuration is pretty straight forward too. You need to create a subinterface again (on a serial interface using frame-relay encapsulation).
Then you need to assign that interface a dlci and virtual-template (which is only significatnt locally).

You can then assign a layer 3 address to the virtual-template interface that you created.
Here is the configuration for R2.

First you can do a “show frame-relay dlci” (after no shutting the serial0/0 interface and setting the encapsulation to frame-relay) , this will show the DLCI that the FR switch is sending. This way you’ll know which DLCI you should be using here.

Ping to verify connectivity:

Show CDP Neighbours:
“show cdp neighbours” to verify layer 2 connectivity:

And the config for R3:

You should be able to ping directly connected interfaces on all routers now and indentify neighbours using “sho cdp neighbours” on all links!

Thate pretty much it, obviously directly connected networks won’t be advertised because there is no routing protocol enabled.
Other than that, I haven’t added static routes because I just wanted to show a basic frame relay configuration.

I’m sure this is pretty accurate but if you notice any mistakes, please let me know!

Vlan Trunking Protocol is used to propagate VLAN configuration (creating, deleting and changing) between multiple switches in the
same VTP domain. There are a number of requirements for VTP to work correctly which I will go into later.

Switches can operate in three VTP modes:

Server - Allows to read/write to the VLAN database, will propagate to switches in the same VTP domain.

Client - Read Only - You can’t make changes to the VLAN database, will propagate changes recieved to neighbouring switches in thesame VTP domain

Transparent - Essentially “ignores” VTP updates but still relays VTP information received regardless of VTP domain (there are some
important differences between transparent mode operation between VTPv1 and VTPv2)

In this example I will configure 4 switches to to operate in a VTP domain. In order for the switches to operate correctly
the following criteria must be met:
VTP Domain must be the same
VTP Password Must be the same
Trunk Links should be configured between the switches (switchport mode trunk)

If we take this simple four switch topology:

We can log on to SW1 and issue the “vtp mode server” command. You can see by the output that the switch by default operates in VTP
server mode but VTP is not in operation because there is no VTP domain name configured:

SW1(config)#vtp mode server
Device mode already VTP SERVER.
SW1(config)#

We can verify the topology (in particular the interface that is linked to SW2 by using “show cdp neighbour”:
SW1#sho cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID    Local Intrfce   Holdtme    Capability   Platform    Port ID
SW2          Fas 0/1          130            S       2950        Fas 0/1
SW1#

As you can see from the output SW1 local interface fa0/1 is connected to SW2 on f0/1.
We need to configure fa0/1 as a trunk link:

SW1(config)#int f0/1
SW1(config-if)#switchport mode trunk

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
SW1(config-if)#
%SYS-5-CONFIG_I: Configured from console by console
SW1#

Interface fa0/1 changes state to down and then up again. We can now verify that int fa0/1 is trunking:

SW1#sho int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/1       on           802.1q         trunking      1

Now we need to configure a VTP domain:

SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#vtp domain shanekillian.net
Changing VTP domain name from NULL to shanekillian.net
SW1(config)#

At this stage, if we jump over to SW2 we can see that SW2 has accepted the VTP update and has now changed its domain to
shanekillian.net:

SW2#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 255
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : shanekillian.net
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xBC 0xD6 0×34 0xF1 0xFC 0×1B 0×70 0×39
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
SW2#

Switches without a VTP domain name and password configured will automatically accept VTP updates (for VTP domains that do not
have passwords configured) by default.

We need to configure a password fro VTP authentication on SW1.This will ensure that only switches operating in server
and client mode with the same VTP domain and password configured will receive the updates.

SW1(config)#vtp password shane
Setting device VLAN database password to shane
SW1(config)#

Now, if we create a vlan 400 on SW1 as an example we can check SW2 to ensure the Vlan database has not been updated:

SW1(config)#
SW1(config)#vlan 400
SW1(config-vlan)#
SW1(config-vlan)#^Z
%SYS-5-CONFIG_I: Configured from console by console
SW1#
—– Output Omitted —–
SW1#show vtp stat
VTP Version                     : 2
Configuration Revision          : 1

—– Output Omitted —–

SW1#
SW1#sho vlan bri

VLAN Name                             Status    Ports
—- ——————————– ——— ——————————-
1    default                          active    Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
400  VLAN0400                         active
1002 fddi-default                     active
1003 token-ring-default               active
1004 fddinet-default                  active
1005 trnet-default                    active
SW1#
And now to SW2:

SW2#sho vtp stat
VTP Version                     : 2
Configuration Revision          : 0

A show vlan brief command on SW2 does not list the new vlan configured on SW1 earlier.
Its also worth noting the revision numbers. The switch with the highest revision number is using the most up to date
version on the vlan database. The highest revision number will be propagated throughout the VTP domain ALWAYS. This is worth
considering if you are adding another switch to a VTP domain that may have a higher revision number because it has already been in
use. The best way to reset the revision number is to change to another VTP mode and then back again - VTP mode Server - VTP mode Client.

We can now configure SW2 to operate in VTP client mode and then configure the VTP password as shane.
We’ll configure SW3 to use VTP transparent mode. VTP updates will not effect it’s vlan database, but it will forward the updates on to SW4.

SW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW2(config)#vtp password shanekillian.net
Setting device VLAN database password to shanekillian.net
SW2(config)#
SW2(config)#^Z
%SYS-5-CONFIG_I: Configured from console by console
SW2#

Configure the trunk link on fa0/2 of SW2 to SW3:

SW2(config)#int fa0/3
SW2(config-if)#switchport mode trunk
SW2(config-if)#^Z
%SYS-5-CONFIG_I: Configured from console by console
SW2#

After configuring the trunk links, VTP domain name and password both switches should have the same revision number (Revision number 1 in this case):

SW1#sho vtp stat
VTP Version                     : 2
Configuration Revision          : 1

SW2#sho vtp stat
VTP Version                     : 2
Configuration Revision          : 1

Vlan 400 as configured earlier should be listed in “show vlan brief” on both switches (as configured on SW1 earlier).
It a bit of a long explaination but its how I best understand it, but I’m sure you get the idea!

Further reading:

Understanding VTP (Cisco)

*I didn’t mention VTPv3 above- this does not seem to be covered for CCNA level.

I took the 70-293 exam this morning and passed with 877. To be honest I was a bit surprised! When I clicked the last button on the exam I was waiting for the fail sign but I was pretty relieved when I didn’t see it! I studied the MS Press 70-293 book, O’Reilly MCSE in a Nutshell and CBT nuggets while preparing.

I labbed out most of the topics in VMware workstation which was more than enough to get a good understanding. I still don’t like certificate services so much but I’d like to think I understand it very well!

Now, onwards and upwards. Time to schedule the 70-294!

After completing my CCNA reading I’ve decided that its best to work through the exam objectives as outlined on the Cisco site and so I have put together and Excel spreadsheet that I am going to work from which includes every part of the CCNA objectives outline.

My plan is to work through the spreadsheet, checking off boxes for reading (additional reading), Labs and Key Point revision / Technology Concepts. I’ll be mainly using GNS3 for my CCNA labs which is a GUI for dynamips/dynagen and I’ll move more towards just running dynamips/dynagen as I progress.

I’ll be using Cisco Press ICND1 and ICND2 exam guides just to skim to verify concepts and I will read the complete CCNA exam cram book for revision along with a number of RFC’s on RIP, RIPv2, OSPF, EIGRP and STP implementations.

The goal is to sit the CCNA exam within four weeks.

You can find the study outline here.

Its been a while (two years to be exact!) since I’ve used this domain for anything… and to be honest I didn’t intend to use it again. I’ve been extremely busy over the last 18 months or so between work, study and side projects I’ve let my online presence pretty much disappear!

In “recent news”, I’ve completed MCSA (long overdue!), scheduled the remainder MCSE exams (293 this Tuesday), immersed myself in Cisco technologies and I’ve put in about 400hours so far between dedicated study and labs for CCNA/CCNP exams which doesn’t include completing the majority of Cisco press books up to CCNP level.

My goal for the next two years is to complete the Cisco CCIE certification (and document it here every step of the way!), I haven’t decided which track I want to take yet but I’m leaning towards R&S as a natural progression from CCNA. I won’t get track specific just yet.

I know the CCIE is not a decision that should be taken lightly and I’ve been thinking about it a lot over the past ten months or so. I’ve had many discussions with peers, colleagues and current CCIE’s about pursuing such a certification and I think its time to stop talking and start doing at this stage! Internetwork expert’s new online community and Cisco learning network have helped me alot over the past few weeks while preparing for my CCNA certification and the journey ahead!