Disable XFP laser in JUNOS

Unfortunately JUNOS doesn’t provide a built-in command to disable laser on XFP ports.  If you have to shutdown the laser anyway, you can do this in the “pfe shell” with the command test xfp <index> laser off:
adm@MX80> start shell pfe network tfeb0

TFEB platform (1000Mhz MPC 8544 processor, 1024MB memory, 512KB flash)

TAZ-TBB-0(MX80 vty)# test xfp

Route descriptions in Cisco IOS

Recently, i came accross the name keyword in the ip route command in Cisco IOS.
The CLI help is quite misleading:

router(config)# ip route ?
  <1-255>    Distance metric for this route
  name       Specify name of the next hop
  permanent  permanent route
  tag        Set tag for this route
  track      Install route depending on tracked item

Configure ASA for ASDM access

Cisco has a nice GUI, called Adaptive Security Device Manager (ASDM), for configuring and monitoring ASA devices.
But first of all you have to do some configuration to prepare your ASA for ASDM access.

! authenticate ASDM access against local database
aaa authentication http console LOCAL
username adm password ccc

! enable http server and allow management access
http server enable
http [...]

PPPoE Dial-In with ASA5505

If you like to connect your external interface to the internet by using PPPoE, you have to configure a VPDN group first. In this simple example, our group is called PPPOE and we use PAP method for authentication. Unlike IOS, ASA OS accepts only one autentication protocol. Hence you have to know, if your provider [...]

Configuring VRRP on a Juniper SSG

A few weeks ago, i was confronted with a Juniper Secure Services Gateway (aka SSG) for the first time. After playing a little bit with the box, i quickly learned to like her.
Okay, it took a time to get used to the CLI with its behaviour and the Virtual-System/-Router stuff, but the WebUI is very [...]

Using two HWIC-4ESW in a Cisco 1841

Recently, there was a need for additional FastEthernet ports on a Cisco 1841. The router had already one  HWIC-4ESW attached, but all ports were occupied.
Fortunately, there was a second HWIC-4ESW at stock which was inserted immediately. Two additional ports was configured quickly to a vlan already in use on the other HWIC.
But then the problem [...]

Configuring Resilient Ethernet Protocol

Resilient Ethernet Protocol (REP) is a Cisco propietary protocol which allows you to build redundant Ethernet rings. It’s an alternative to Spanning-Tree protocol and also avoids bridging loops or responds to link failures.
Compared to STP, it offers a faster convergence time (< 300ms) and gives you a simple VLAN load-balancing method.
In our example, we interconnect [...]

Well-known multicast addresses

A lot of dynamic routing protocols uses ip multicast for neighbor discovery, hellos and other things.
Here are some well known multicast adresses: all hosts on a subnet all routers on a subnet Distance Vector Multicast Routing Protocols (DVMRP) OSPF routers OSPF designated routers RIP Version 2 routers EIGRP routers Protocol independent Multicast (PIM) routers

How to enable IP Forwarding in Debian

IP routing/forwarding is disabled per default in Debian.
For enabling on the fly, you only have to write “1″ in /proc/sys/net/ipv4/ip_forward or to set the kernel parameter net.ipv4.ip_forward to “1″.

Method #1:
echo 1 > /proc/sys/net/ipv4/ip_forward
Method #2:
sysctl -w net.ipv4.ip_forward=1

The actual setting can be checked as following:

debian:~# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
debian:~# cat /proc/sys/net/ipv4/ip_forward

If you want permanent setting, the most [...]

Interface range macro

I often use the feature interface-range on Cisco switches running IOS.
Not so long ago, i discovered the command interface-range macro, from which i never heard before.
With this macro, you can visit group several interfaces together and address them by a significant name.
Short example:

define interface-range UPLINKS FastEthernet0/1, FastEthernet0/24
define interface-range USERPORTS FastEthernet0/2 - 23


switch#conf t
switch(config)#interface range macro [...]