Category Archives: cisco

Playing around with DHCP

If you issue ip dhcp-sever 0.0.0.0 you effectively prevent the device from getting any addresses this way:

*Mar  1 00:28:56.687: DHCP: offer: server 10.0.0.1 not in approved list

 

Advertisements

Cisco Command Prompt Tricks and Gotchas

I guess most of you are familiar with the usual CLI prompt, be it on a Linux system, Cisco device, or whatever. On a standard *nix machine, you can modify your prompt appearance, and its configuration is specific to the shell you’re using – BASH, KSH, ZSH, etc.

Recently, I was surprised to figure out that you can also modify the standard Cisco prompt. I owe this knowledge to my friend and mentor Vladi – thanks! 🙂 Interestingly, the only place I could find more info on the matter was the Cisco IOS in a Nutshell book.

Back on topic. A regular prompt would read

[hostname]>
or
[hostname]#

You can modify the prompt directly with prompt command, and use any of the following escaped variables with it:

%% - the percent character itself
%h - hostname
%n - tty command counter number
%p - prompt character (> or #)
%s - white space character
%t - tab character

For example:

Router#config t
Router (config)# prompt %h:%n%p
Router:1# show ver
[output omitted]
Router:2#

So now you can either modify your prompt, or play a trick on a fellow colleague 😀

Unequal Load-Balancing on Cisco IOS

I just wanted to share a neat trick that a fellow CCIE colleague showed me.

In case of being connected to two ISPs, there is a way of doing unequal load-balancing with the help of static routes. For example, ISP X provides you with 25Mbps, and ISP Y with 50Mbps – a 2:1 ratio.

In order to achieve any kind of load-balancing on the Cisco IOS, we need multiple entries in the routing table, pointing to the same specific destination. As we would like to load-balance our uplink traffic towards the internet, we would need multiple entries towards our default gateways.

We are all familiar with the concept that there can be only one default route for a specific gateway – you can’t have multiple routing entries pointing to the same default gateway. That means that if we have multiple ISPs and multiple default gateways, our load-balance ratio will always be 1:1, as there is just a single entry in the routing table for each default gateway.

However, we can install multiple routing entries for seemingly different default gateways. That way, we can fool the device and have the same default gateway listed multiple times in the routing table. Ok, it sounds confusing, but just take a look at the configuration and it’ll become clear.

ip route 10.0.1.1 255.255.255.255 192.168.1.2  #(ISP X)
ip route 10.0.2.1 255.255.255.255 172.16.1.2  #(ISP Y)
ip route 10.0.2.2 255.255.255.255 172.16.1.2  #(ISP Y)

ip route 0.0.0.0 0.0.0.0 10.0.1.1
ip route 0.0.0.0 0.0.0.0 10.0.2.1
ip route 0.0.0.0 0.0.0.0 10.0.2.2

First, we define static routes for a couple of fake default gateways. Those IPs do not exist, and will only be used for the current load-ballancing trick, so be careful when setting up those and try not to assign some IPs in use.

After that, we define these fake IPs as default gateways. Having in mind that the ratio of the link bandwidth is 2:1, we created two routes towards the faster ISP and a single route towards the slower ISP.

What happens is the IOS uses all three of these default gateways, because the destination is seemingly different during the first look up in the routing table. The second look up will reveal that the fake default gateway’s IP is reachable only by either ISP X or ISP Y’s next-hop router. This is quite the ingenious way of tricking the device into installing multiple entries in its routing table.

Queuing Mechanisms

While doing my studies for the CCIP certificastion, I’ll do a series of posts on Quality of Service. It is a matter that I’m not very familiart with, so by talking about it, I’ll be sure to learn it better, and hey – maybe somebody will find my explanations useful.

Today we talk about the possible queuing mechanisms.

  • Priority Queuing – Uses 4 queues. Always serves higher priority traffic first. May starvate(block) low priority traffic due to constant high-priority traffic getting serviced first.
  • Custom Queuing – Uses 16 static queues for traffic (+ queue number 0 for layer 2 control traffic). Includes Layer 2 headers into the PDU size. Sends frames from a queue, and adds the frame size to a counter until the counter size is bigger or equal to the queue threshold. If the counter is bigger than the threshold, the next time the queue starts from this additional value, instead of 0 (a.k.a. a penalty). The queue threshold is computed from the byte-count value (1500 default). The queue’s limit is the number of packets held in the memory of the router, before it starts dropping the inbound packets from the sender. If a lower priority queue has traffic to spare, higher priority queues can take advantage of it.
  • Weighted Fair Queuing – Uses flows (identified by source/destination address and port numbers, plus protocol type). Automatically schedules low-bandwidth, interactive traffic to the front of the queue, and never drops it from queuing1. The rest of the traffic is divided fairly between high-bandwidth flows. WFQ is enabled by default on all interfaces less than or equal to 2.048 Mbps (E1 line).
  • Class-based Weighted Fair Queuing – Classify traffic using class-maps, which can be handed a strict bandwidth, percentage, or the rest of the unclaimed by the other classess traffic (fair-queue). Each classmap can either use tail drop (default) or WRED (random-detect). The total amount of bandwidth allocated for all classes included in a policy map must not exceed 75 percent of the available bandwidth on the interface. The other 25 percent is used for control and routing traffic. (To override the 75 percent limitation, use the max-reserved bandwidth command.)
  • Low-Latency Queuing – brings strict Priority Queuing (PQ) to Class-Based Weighted Fair Queuing (CBWFQ), so that delay-sensitive traffic, such as data, can be serviced first, while the rest of the traffic is using CBWFQ. Set up by the priority [bandwidth] command line switch in policy-map->class-map view.

CCNP and TSHOOT

I just passed the troubleshooting exam and thus obtained my CCNP.

The exam was really something interesting after the route and switch ones. It almost felt like a puzzle, or a crime solving adventure – you’re on the hunt for the bad guy that’s ruining your stuff 🙂

The TSHOOT exam is rightfully the finish line of the CCNP course. It incorporates routing and switching issues, and luckily, not at the same time, as that would be CCIE material. Besides from feeling refreshing, the exam is not hard by itself, but you need to watch out for potential pitfalls. I’ve almost succumbed to one in particular: I was checking which access vlan was assigned to a switchport. Naturally, I issued a show vlan, and all ports appeared to be assigned to the native vlan 1. Then, just to be sure, I tried a show run, and bam! The ports were in access vlan 10.

So, in a nutshell, I don’t know whether this was a bug or not, but it really helps to use show run. However, it is always a good idea to learn to troubleshoot without the help of show run, due to the possible size of the config itself, or simply use the pipe (|) with the regular expressions begin, section, include etc.