Sunday, February 26, 2017

Performance Tables

http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/switchperformance.pdf
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/vpn_performance_eng.pdf
at No comments:

CRC Errors

Cisco definition:
http://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1904.html

CRC: Indicates that the cyclic redundancy checksum generated by the originating LAN station or far-end device does not match the checksum calculated from the data received. On a LAN, this usually indicates noise or transmission problems on the LAN interface or the LAN bus itself. A high number of CRCs is usually the result of collisions or a station transmitting bad data.or 

F
at No comments:

Thursday, August 25, 2016

Monitor IO in linux machines

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
          31.33    0.00    8.52   27.32    0.00   32.83

Device:         rrqm/s   wrqm/s     r/s     w/s   rsec/s   wsec/s avgrq-sz avgqu-sz   await  svctm  %util
sda               0.00     7.00   52.00   22.00  2848.00   232.00    41.62     0.42    5.65   3.41  25.20
sdb               0.00    16.00  213.00   48.00  9832.00   512.00    39.63     1.80    6.93   3.55  92.60
dm-0              0.00     0.00    0.00    0.00     0.00     0.00     0.00     0.00    0.00   0.00   0.00
dm-1              0.00     0.00    0.00    0.00     0.00     0.00     0.00     0.00    0.00   0.00   0.00
dm-2              0.00     0.00  265.00   93.00 12672.00   744.00    37.47     2.34    6.52   2.77  99.10
dm-3              0.00     0.00    0.00    0.00     0.00     0.00     0.00     0.00    0.00   0.00   0.00

^C
server#  iostat -x -t 1
at No comments:

Wednesday, May 18, 2016

Add latency to a linux server

In a simulation environment, it can be interesting to simulate latency.

! add 15ms latency
tc qdisc add dev eth0 root netem delay 15ms
! remove latency
tc qdisc del dev eth0 root netem delay 15ms

! check latency

tc -s qdisc

at No comments:

Monday, May 9, 2016

Problems after cloning Centos

ifconfig -a
vi /etc/udev/rules.d  -> edit this files and removes cloned macs.
rename interfaces to eth0,1,n
at No comments:

Friday, April 29, 2016

FRR Backup path

at No comments:

Thursday, April 28, 2016

Ansible 2.0 for Network Engineers - Getting Started

Well, enough of adoc scripting tcl/expect way, it is time to start using something more powerfull. After more then 10 years of tcl/expect I believe it is time to convert myself to python , ansible, jinja, paramiko and so on.
The problem is: How can I get into a fast pace as I have with older technology. The answer it ... I need to invest time and never look back ... :)

Getting started:
- Grab a centos machine and:
     yum install ansible - you should get version 2.0

- Install modules ...

at No comments:

Thursday, April 7, 2016

NetEnforcer Allot CLI Basic Commands

Here is a simple list of commands that will help drilling down allot sigma machines:

NetEnforcer:
- acstat-sum -> total connections
- netstat -antp | grep LISTEN
- actype - show version
- netstat -an | find "80"
- acstat-sum  -->> connections
- go config view  ->  assymetric config
- go list host
- go list vlan
- go list vc [<-option> ].
- acstat -l vc | grep searchtag
- acstat -l pipe   - >>> ** PIPE LIST ** CONNECTION PER PIPE
- acmon -p 5.51 -r ---> traffic and connections per second for specific pipe
- acmon -y    -> asymmetric statistics
- acmon -x 0 -> prcessing unit (0 ou 1) traffic in a cc (core controller)
- acstat -E 2.2.2.2   ->>> WORKED!  ------> all for a specific external IP
- acstat -P 10.1.1.1  ->>> WORKED!  ------>  all for a specific internal IP
- acstat -P 172.16.1.0 -M 255.255.255.0
- acstat -ifx | grep 172.16.1.1
- cat /proc/allot/infra/hw/status/*
- cat /proc/allot/infra/hw/network/*

Sigma-E:
The SG-Sigma E offers extreme performance valuesand comes in two models: SG-Sigma E6, using an ATCA standard 6 slots chassis, offers up to 64 Gbps, up to 20 million connections and a policy with up to 512 lines, 400,000 pipes and 800,000 VCs, when fully populated with 4 CC-300 blades. SG-Sigma E14, using an ATCA 14 slot chassis, offers up to 160Gbps, up to 50 million connections and a policy with up to 512 lines, 1,000,000 pipes and 2,000,000 VCs, when fully populated with 10 CC-300blades. These maximum values supported depend on the number of Core Controller blades deployed in each platform. The CC-200, used in the SGSigma, supports 15Gbps. The CC-300, used in the SG-Sigma E supports 16Gbps. Both types of blade support 5 million connections and a policy with 512 lines, 125,000 pipes and 250,000 VCs. 
at No comments:

Tuesday, February 9, 2016

How to determine the number of slots in a Catalyst 6500 or 7600

For capacity management kpis, could be interesting to know via snmp how many slots are in use in a 6500.
This can be achieved by using snmp mib:
server# snmpwalk -v 2c -c public 10.1.1.1 .1.3.6.1.2.1.47.1.1.1.1.7
SNMPv2-SMI::mib-2.47.1.1.1.1.7.1 = STRING: "WS-C6509-E"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.2 = STRING: "Physical Slot 1"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.3 = STRING: "Physical Slot 2"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.4 = STRING: "Physical Slot 3"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.5 = STRING: "Physical Slot 4"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.6 = STRING: "Physical Slot 5"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.7 = STRING: "Physical Slot 6"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.8 = STRING: "Physical Slot 7"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.9 = STRING: "Physical Slot 8"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.10 = STRING: "Physical Slot 9"
SNMPv2-SMI::mib-2.47.1.1.1.1.7.11 = STRING: "Backplane"
at 1 comment:

Thursday, February 4, 2016

Problem with bgp status snmp queries

I have been seen a problem in Cisco Catalyst line, either 3560 or 6500, with snmp queries returning snmp status.
For example,
1.3.6.1.2.1.15.3.1.1 ->  returns peer ip
1.3.6.1.2.1.15.3.1.2 ->  returns peer status
  1 : idle
  2 : connect
  3 : active
  4 : opensent
  5 : openconfirm
  6 : established

When ever there is a  returned mib with value:
SNMPv2-SMI::mib-2.15.3.1.1.10.1.1.1= IpAddress: 0.0.0.0

Then, the snmp status will be
SNMPv2-SMI::mib-2.15.3.1.2.10.1.1.1= INTEGER: 1



when the returned value should be:
SNMPv2-SMI::mib-2.15.3.1.2.10.1.1.1= INTEGER: 6 ---> established.








So far, I have no workaround.
at No comments:

Monday, January 25, 2016

hsrp v4 and v6 mac

HSRPv6:
0005.73A0.0000 through 0005.73A0.0FFF (4096 addresses
 udp/2029
 hsrp v4 must be enabled
 HSRPv4:
 0000.0c07.ac00 through 0000.0c07.acFF
 The mac changes with the group ID
 interface x
   standby
at No comments:

Monday, January 18, 2016

Monitor ASR nv Cluster Status with SNMP

Here are some mibs that can be used for that. I have a script that builds the logic. I will share it when I have time.

Inside MIB ID 1.3.6.1.4.1.9.9.498 you will find a lot of measurements to monitor the cluster.

Use these MIBs with this result:
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.1 = STRING: "Rack0"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.2 = STRING: "Rack1"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.2 = INTEGER: 1

if SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 returns 1 , then the node is ok.if SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 does not result anything, then node is down.

Example both are ok:
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.1 = STRING: "Rack0"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.2 = STRING: "Rack1"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.2 = INTEGER: 1

Example Rack0 is down:
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.1 = STRING: "Rack1"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.2 = failed result
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.2 = failed result

Example Rack1 is down:
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.1 = STRING: "Rack0"
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.2.1.2 = failed result
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.498.1.1.6.1.10.1.2 = failed result


Example rack0 and rack1 are down:
guess what ... not reply :)

at No comments:

How can I tell the type of traffic dropped in a interface 

In a normal day operation in a NOC, tipical problem is a port dropping packets.
How can you tell which type of traffic is dropping without sniffing the traffic?
 
Well, there is a way to how if it is a stp packet, broadcast packet: 
 
Use the command:
sh platform port-asic stats drop asic 2
 

 Supervisor TxQueue Drop Statistics
   Queue  0: 0 -> rpc
   Queue  1: 0 -> STP
   Queue  2: 0 -> ipc
   Queue  3: 931 -> Routing protocol
   Queue  4: 0
   Queue  5: 0
   Queue  6: 0
   Queue  7: 0
   Queue  8: 0 -> Broadcast
   Queue  9: 0
   Queue  10: 0  -> igmp snooping
at No comments:

Sunday, January 17, 2016

downtime measurement with linux ping script in bash

During a equipament upgrade in the datacenter, sometimes we need to measure downtime, mainly when and how long it was down.
One way is to do it with a list of pings:

while :; do
  for ip in $(cat /my/script/dir/listofipstoping.txt)
  do
     ping -c 1 -W 1 $ip >/dev/null || echo "PING TO $ip FAILED @ `date`";
  done
done
at No comments:

Saturday, January 16, 2016

Microsoft NLB debugging and Cisco ACE.

NLB multicast address looks something like this:
 03-bf-c0-a8-03-0e


First 2 digits:
      01=IGMP
      02=Unicast
      03=Multicast
The follows by "bf".
Followed by the ip address in hex:
    c0=192, a8=168, 03=3, 0e=14 and thus the IP of 192.168.3.14.

Some equipments will not put this mac in the cam table, like cisco ACE for example.

Nexus 7k/5k behavior:
 
vlan configuration 10
  layer-2 multicast lookup mac
at No comments:
Subscribe to: Posts (Atom)