With the classic 'show ip route static', the backup floating route is not seen in the display:
Router#show ip route static
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 10.10.2.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.10.2.1
In order to see both routes, active and non-active route, we have to use the command 'show ip static route'. With this command, both routes and metrics are seen:
Router#show ip static route
Codes: M - Manual static, A - AAA download, N - IP NAT, D - DHCP,
G - GPRS, V - Crypto VPN, C - CASA, P - Channel interface proces
B - BootP, S - Service selection gateway
DN - Default Network, T - Tracking object
L - TL1, E - OER, I - iEdge
D1 - Dot1x Vlan Network, K - MWAM Route
PP - PPP default route, MR - MRIPv6, SS - SSLVPN
H - IPe Host, ID - IPe Domain Broadcast
U - User GPRS, TE - MPLS Traffic-eng, LI - LIIN
IR - ICMP Redirect
Codes in []: A - active, N - non-active, B - BFD-tracked, D - Not Track
Static local RIB for default
M 0.0.0.0/0 [1/0] via 10.10.2.1 [A]
M [5/0] via 10.10.25.1 [N]
Monday, January 11, 2016
Friday, December 11, 2015
Capture traffic on Cisco switch with EPC (both directions)
Embedded Packet Capture is a powerful tool implemented on certain Cisco devices. With this technology, it's no more mandatory to SPAN traffic in order to capture it. You can capture traffic at differents points of your network with some limitations described in the Cisco documentation.
In my case, I would like capture traffic between 2 machines (only these 2 machines) has described in diagram below:
In order to do this, you can use the following configuration:
ip access-list extended HOST-TO-FILTER
permit ip host 10.10.10.1 host 10.10.20.1
permit ip host 10.10.20.1.1 10.10.10.1
!
monitor capture MY-CAPTURE file location flash:mycapture.pcap size 10 int GigabitEthernet1/0/1 both access-list HOST-TO-FILTER
After that, you can start the capture with the command:
monitor capture MY-CAPTURE start
And stop it:
monitor capture MY-CAPTURE stop
This capture can be export and read with wireshark for example.
!! Warning!!
EPC can consumes CPU and memory. Take care to apply a good filter in order to not overload your router or switch.
In my case, I would like capture traffic between 2 machines (only these 2 machines) has described in diagram below:
In order to do this, you can use the following configuration:
ip access-list extended HOST-TO-FILTER
permit ip host 10.10.10.1 host 10.10.20.1
permit ip host 10.10.20.1.1 10.10.10.1
!
monitor capture MY-CAPTURE file location flash:mycapture.pcap size 10 int GigabitEthernet1/0/1 both access-list HOST-TO-FILTER
After that, you can start the capture with the command:
monitor capture MY-CAPTURE start
And stop it:
monitor capture MY-CAPTURE stop
This capture can be export and read with wireshark for example.
!! Warning!!
EPC can consumes CPU and memory. Take care to apply a good filter in order to not overload your router or switch.
Thursday, December 10, 2015
OSPF - Filter redistribution in a Totally NSSA area
In some cases, we can have the ABR which can also be an ASBR. If we are working with a Totally NSSA area we have unnecessary routes. ABR announces a default route and his redistributed routes which are not necessary. In order to solve this case and only announce a default route, we can use the commande below on the ABR:
area X nssa no-redistribution no-summary
The schema below is anexample of this implementation:
area X nssa no-redistribution no-summary
The schema below is anexample of this implementation:
Thursday, November 5, 2015
BGP Route Reflector - Routing advertisements rules
In order to avoid a looping route, the route reflector follows the 3 rules below:
1/ routes learned from an eBGP peers can be announced to eBGP peers, clients and non-clients.
2/ routes learned from a client can be announced to eBGP peers, others clients and non-clients.
3/ routes learned from a non-client can be announced to eBGP peers, clients and they cannot be sent to a non-clients.
1/ routes learned from an eBGP peers can be announced to eBGP peers, clients and non-clients.
2/ routes learned from a client can be announced to eBGP peers, others clients and non-clients.
3/ routes learned from a non-client can be announced to eBGP peers, clients and they cannot be sent to a non-clients.
Wednesday, November 4, 2015
Track an IP on your Network
Who has never received the following question from a colleague:
- Hey, the network guy, could you find where is this laptop for me ? I have only his IP address.
To resolve this, you start to follow the IP address by looking in the arp and mac-address table of your switchs, routers and firewall. I have finished this boring job by using the following open source tool:
http://netdbtracking.sourceforge.net/
Developpers have alreay preconfigured a VM:
http://sourceforge.net/projects/netdbtracking/files/vmware/
After 30 minutes of the VM installation and some hours (depending of the size of your network) of configuration to enter your different equipment, you can provide a webtools reachable from everybody to track an IP.
You will find below some examples of host configuration.
hostname,devtype=procurvehpv2, arp
On this example, I skipped uplinks interfaces (45 and 47). I have also limited to 2 mac address by interface.
hostname,devtype=procurvehpv2,skip_port=45,skip_port=47,use_trunks,max_macs=2
- Hey, the network guy, could you find where is this laptop for me ? I have only his IP address.
To resolve this, you start to follow the IP address by looking in the arp and mac-address table of your switchs, routers and firewall. I have finished this boring job by using the following open source tool:
http://netdbtracking.sourceforge.net/
Developpers have alreay preconfigured a VM:
http://sourceforge.net/projects/netdbtracking/files/vmware/
After 30 minutes of the VM installation and some hours (depending of the size of your network) of configuration to enter your different equipment, you can provide a webtools reachable from everybody to track an IP.
You will find below some examples of host configuration.
- HP Procurve (Layer 3)
hostname,devtype=procurvehpv2, arp
- HP Procurve (Layer 2):
On this example, I skipped uplinks interfaces (45 and 47). I have also limited to 2 mac address by interface.
hostname,devtype=procurvehpv2,skip_port=45,skip_port=47,use_trunks,max_macs=2
Monday, July 27, 2015
Windows: find the MTU for a specific IP
The following command, give us the MTU for a specific destination:
U:\>netsh interface ipv4 show destinationcache address='IP_addresss'
U:\>netsh interface ipv4 show destinationcache address=192.168.95.216
Destination : 192.168.95.216
Next Hop Address : 192.168.211.254
Source : 192.168.211.1
Interface : Local Area Connection
Path MTU : 1500
Upper-layer MTU : 1480
RTT mean : 3000
RTT deviation : 0
Path transmit speed (Bps): 0
Path receive speed (Bps) : 0
Link transmit Speed (bps): 1000000000
Link receive Speed (bps) : 1000000000
U:\>netsh interface ipv4 show destinationcache address=192.168.95.216
Destination : 192.168.95.216
Next Hop Address : 192.168.95.216
Source : 192.168.243.197
Interface : Local Area Connection
Path MTU : 1400
Upper-layer MTU : 1380
RTT mean : 40
RTT deviation : 20
Path transmit speed (Bps): 0
Path receive speed (Bps) : 0
Link transmit Speed (bps): 2000000000
Link receive Speed (bps) : 2000000000
U:\>netsh interface ipv4 show destinationcache address='IP_addresss'
- Example on a classic LAN:
U:\>netsh interface ipv4 show destinationcache address=192.168.95.216
Destination : 192.168.95.216
Next Hop Address : 192.168.211.254
Source : 192.168.211.1
Interface : Local Area Connection
Path MTU : 1500
Upper-layer MTU : 1480
RTT mean : 3000
RTT deviation : 0
Path transmit speed (Bps): 0
Path receive speed (Bps) : 0
Link transmit Speed (bps): 1000000000
Link receive Speed (bps) : 1000000000
- Example with an IPsec Tunnel:
U:\>netsh interface ipv4 show destinationcache address=192.168.95.216
Destination : 192.168.95.216
Next Hop Address : 192.168.95.216
Source : 192.168.243.197
Interface : Local Area Connection
Path MTU : 1400
Upper-layer MTU : 1380
RTT mean : 40
RTT deviation : 20
Path transmit speed (Bps): 0
Path receive speed (Bps) : 0
Link transmit Speed (bps): 2000000000
Link receive Speed (bps) : 2000000000
Tuesday, July 7, 2015
Configure PIM-sparse mode between Cisco and HP Procurve
This post explains how to configure PIM-sparse mode between a Cisco and HP Procurve environment. In our case, we have the following components:
- Cisco2 (Rendez-vous Point)
- Cisco1 (PIM router)
- HP1 (PIM router and IGMP edge router)
ip multicast-routing
ip pim rp-address 10.10.30.1 (we can filter group here with an ACL)
!
interface Gi1/0/1
description *** TO Cisco1 ***
ip address 10.10.20.2 255.255.255.0
ip pim sparse-mode
!
interface Vlan100
description *** VLAN Source ***
ip address 10.10.30.1 255.255.255.0
ip pim sparse-mode
ip multicast-routing
ip pim rp-address 10.10.30.1
!
description *** TO HP1 ***
ip address 10.10.10.1 255.255.255.0
ip pim sparse-mode
HP1# sho ip igmp groups
IGMP Group Address Information
VLAN ID Group Address Expires UpTime Last Reporter | Type
------- --------------- ------------- ------------- --------------- + ------
200 239.1.1.1 0h 3m 27s 0h 2m 4s 10.10.40.2 | Filter
- Cisco2 (Rendez-vous Point)
- Cisco1 (PIM router)
- HP1 (PIM router and IGMP edge router)
- Configuration
- Cisco2 (RP):
ip multicast-routing
ip pim rp-address 10.10.30.1 (we can filter group here with an ACL)
!
interface Gi1/0/1
description *** TO Cisco1 ***
ip address 10.10.20.2 255.255.255.0
ip pim sparse-mode
!
interface Vlan100
description *** VLAN Source ***
ip address 10.10.30.1 255.255.255.0
ip pim sparse-mode
- Cisco1:
ip pim rp-address 10.10.30.1
!
interface Gi1/0/1
description *** TO Cisco2 ***
ip address 10.10.20.1 255.255.255.0
ip pim sparse-mode
!
interface Gi1/0/1description *** TO Cisco2 ***
ip address 10.10.20.1 255.255.255.0
ip pim sparse-mode
!
description *** TO HP1 ***
ip address 10.10.10.1 255.255.255.0
ip pim sparse-mode
- HP1:
ip multicast-routing
!
router pim
enable
rp-address 10.10.30.1 224.0.0.0 240.0.0.0 (we can filter group here)
exit
!
vlan 316
name "To Cisco1"
untagged A1
ip address 10.10.10.2 255.255.255.0
ip pim-sparse
ip-addr any
exit
!
vlan 200
name "200-RECEIVER"
untagged A1
tagged A13-A15,B20,Trk1
ip address 10.10.40.1 255.255.255.0
ip igmp
ip pim-sparse
ip-addr any
exit
- Validation
Check PIM neighbors adjacency on HP:
HP1# sho ip pim neighbor
PIM Neighbors
IP Address VLAN Up Time (sec) Expire Time (sec)
--------------- ---- ------------------ ------------------
10.10.10.1 316 2305990 103
The receiver is requesting traffic from the source (IGMP membership report):
HP1# sho ip igmp vlan 200
IGMP Service Protocol Info
Total VLANs with IGMP enabled : 7
Current count of multicast groups joined : 1
IGMP Filter Unknown Multicast: Disabled
IGMP Filter Unknown Multicast Status: Disabled
VLAN ID : 200
VLAN Name : 200-RECEIVER
IGMP version : 2
Querier Address [this switch] : 10.10.40.1
Querier Port :
Querier UpTime : 129d 3h 48m 43s
Querier Expiration Time : 0h 0m 58s
Active Group Addresses Type Expires Ports Reports Queries
---------------------- ---------- --------------- ---------- ------- -------
239.1.1.1 Filter 0h 4m 19s A1 3 0
HP1# sho ip pim neighbor
PIM Neighbors
IP Address VLAN Up Time (sec) Expire Time (sec)
--------------- ---- ------------------ ------------------
10.10.10.1 316 2305990 103
HP1# sho ip igmp vlan 200
IGMP Service Protocol Info
Total VLANs with IGMP enabled : 7
Current count of multicast groups joined : 1
IGMP Filter Unknown Multicast: Disabled
IGMP Filter Unknown Multicast Status: Disabled
VLAN ID : 200
VLAN Name : 200-RECEIVER
IGMP version : 2
Querier Address [this switch] : 10.10.40.1
Querier Port :
Querier UpTime : 129d 3h 48m 43s
Querier Expiration Time : 0h 0m 58s
Active Group Addresses Type Expires Ports Reports Queries
---------------------- ---------- --------------- ---------- ------- -------
239.1.1.1 Filter 0h 4m 19s A1 3 0
HP1# sho ip igmp groups
IGMP Group Address Information
VLAN ID Group Address Expires UpTime Last Reporter | Type
------- --------------- ------------- ------------- --------------- + ------
200 239.1.1.1 0h 3m 27s 0h 2m 4s 10.10.40.2 | Filter
Check mroute on HP and Cisco:
HP1# sho ip pim mroute
IP Multicast Route Entries
Total number of entries : 1
Group Address Source Address Neighbor VLAN
--------------- --------------- --------------- ----
239.1.1.1 10.10.30.2 10.10.10.1 316
Cisco2#show ip mroute
IP Multicast Routing Table
...
(*, 239.1.1.1), 00:02:43/00:02:46, RP 10.10.30.1, flags: S
Incoming interface: GigaEthernet1/0/2, RPF nbr 10.10.20.2
Outgoing interface list:
GigaEthernet1/0/1, Forward/Sparse, 00:02:43/00:02:46
(10.10.30.1, 239.1.1.1), 00:02:43/00:00:16, flags: T
Incoming interface: GigaEthernet1/0/2, RPF nbr 10.10.20.2
Outgoing interface list:
Port-channel3, Forward/Sparse, 00:02:43/00:02:46
Subscribe to:
Posts (Atom)