Configuring VRRP on a Juniper SSG

A few weeks ago, i was confronted with a Juniper Secure Services Gateway (aka SSG) for the first time. After playing a little bit with the box, i quickly learned to like her.
Okay, it took a time to get used to the CLI with its behaviour and the Virtual-System/-Router stuff, but the WebUI is very [...]

February 26th, 2010 | Category: Juniper | 2 comments

Using two HWIC-4ESW in a Cisco 1841

Recently, there was a need for additional FastEthernet ports on a Cisco 1841. The router had already one  HWIC-4ESW attached, but all ports were occupied.
Fortunately, there was a second HWIC-4ESW at stock which was inserted immediately. Two additional ports was configured quickly to a vlan already in use on the other HWIC.
But then the problem [...]

February 24th, 2010 | Tags: , | Category: Cisco | 4 comments

Configuring Resilient Ethernet Protocol

Resilient Ethernet Protocol (REP) is a Cisco propietary protocol which allows you to build redundant Ethernet rings. It’s an alternative to Spanning-Tree protocol and also avoids bridging loops or responds to link failures.
Compared to STP, it offers a faster convergence time (< 300ms) and gives you a simple VLAN load-balancing method.
In our example, we interconnect [...]

September 21st, 2009 | Tags: , | Category: Cisco | 2 comments

Well-known multicast addresses

A lot of dynamic routing protocols uses ip multicast for neighbor discovery, hellos and other things.
Here are some well known multicast adresses:

224.0.0.1 all hosts on a subnet
224.0.0.2 all routers on a subnet
224.0.0.4 Distance Vector Multicast Routing Protocols (DVMRP)
224.0.0.5 OSPF routers
224.0.0.6 OSPF designated routers
224.0.0.9 RIP Version 2 routers
224.0.0.10 EIGRP routers
224.0.0.13 Protocol independent Multicast (PIM) routers

September 7th, 2009 | Tags: | Category: General | Leave a comment

How to enable IP Forwarding in Debian

IP routing/forwarding is disabled per default in Debian.
For enabling on the fly, you only have to write “1″ in /proc/sys/net/ipv4/ip_forward or to set the kernel parameter net.ipv4.ip_forward to “1″.

Method #1:
echo 1 > /proc/sys/net/ipv4/ip_forward
Method #2:
sysctl -w net.ipv4.ip_forward=1

The actual setting can be checked as following:

debian:~# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
debian:~# cat /proc/sys/net/ipv4/ip_forward
1
debian:~#

If you want permanent setting, the most [...]

July 20th, 2009 | Tags: , , | Category: Debian | Leave a comment

Interface range macro

I often use the feature interface-range on Cisco switches running IOS.
Not so long ago, i discovered the command interface-range macro, from which i never heard before.
With this macro, you can group several interfaces together and address them by a significant name.
Short example:

define interface-range UPLINKS FastEthernet0/1, FastEthernet0/24
define interface-range USERPORTS FastEthernet0/2 - 23

Usage:

switch#conf t
switch(config)#interface range macro USERPORTS
switch(config-if-range)#switchport [...]

July 11th, 2009 | Tags: | Category: Cisco | 2 comments

Bringing up an interface without an IP address

To create a network interface without an IP address at all use the manual method and use pre-up and post-down commands to bring the interface up and down.
This can be necessary, when you like to bridge a VMWare VM to this interface or when it’s connected to a mirror port on the switch for sniffing [...]

July 8th, 2009 | Tags: , | Category: Debian | One comment

apt - Fix GPG error

When doing an apt-get update to refresh index files from their sources, the indexes of available packages are fetched from the location(s) specified in /etc/apt/sources.list
Sometimes you will see an error like that:

debian:~# apt-get update
Get:1 http://www.backports.org etch-backports Release.gpg [189B]
Hit http://www.backports.org etch-backports Release    
~             
~
(output shortened)
~
~
Hit http://security.debian.org etch/updates/contrib Packages
Hit http://security.debian.org etch/updates/main Sources
Hit http://security.debian.org etch/updates/contrib Sources
Fetched 180kB in 2s (75.2kB/s)
Reading [...]

July 3rd, 2009 | Category: Debian | Leave a comment

Building a customized menu

Recently i stumbled across a nice feature in Cisco IOS for building customized menus.
The “menu”-command is really old and was introduced in IOS 10.0
You can i.e. use it for building a menu for CLI-unexperienced staff to simplify troubleshooting.
First of all, you have to configure a little bit AAA  as well as create a user with [...]

June 30th, 2009 | Tags: , , | Category: Cisco | One comment

Solaris Network Configuration

Solaris Network configuration is a little bit different to Debian.
Because i always forget it, there’s a quick explanation of the necessary steps (taken from here and used with Solaris 5,6,7,8 +9).
/etc-Files
All configuration data, such as IP addresses, gateways, and so on, can be defined and changed at runtime level.
But first of all you have to [...]

June 26th, 2009 | Tags: | Category: General | Leave a comment
 
  Older Entries »