A new problem has arisen in CCNA class: We have a lab that asks the students to enable a debug command; the debug overruns the console buffer to the extent that commands cannot be entered, and this goes on for more than an hour!
In my 15 years of teaching CCNA classes, we have always taught the dangers of using debug commands on production equipment. To demonstrate this, we would have the students run the debug ip packet command, let it run for 30 seconds, and then turn it off. Of course, turning off the debug is challenging, so we would teach the trick of turning the debug off before we would turn it on: adding the undebug all command to our command history buffer.
Running this test on the 2500 series and 2600 series routers would usually cause a crash and a forced reboot. After we changed the lab equipment to the newer ISR 2800 series, the same demonstration no longer resulted in a router crash; however, it introduced a new problem: loss of control of the command line.
The sheer amount of debug messages would cause the command line to be unusable. The debug messages continued to overrun the console buffer for over an hour before we would finally run out of patience and power cycle the router. In a lab scenario, this causes the students to take an excessive amount of time to finish their lab, and for people studying for certifications, it wastes precious study time. A better way to manage debugs is needed. We would like to see the debug messages (they can be very helpful in both troubleshooting and understanding how protocols function), but we would also like to retain control of the command line. Read More »
Tags: #ciscochampion, CCNA, Cisco ISR
Over the past few weeks I’ve had the chance to come up from my rabbit hole of deployment projects and catch up on the tech news. In particular, the announcement at Interop New York where Cisco announced the new ISR 4400 family of routers along with a few other articles got me to thinking about how far branch office connectivity has come in the past decade or so and to a question: is one method of branch connectivity better than another?
In the Beginning…
In the past decade or so we have seen substantial change in how we connect to the internet and how fast we do so. Early on (circa early 2000s) the internet was fairly flat. Real time voice and video were still a thing of science fiction. In the enterprise we connected remote offices back to the central office via leased lines over a frame relay network. T1s were considered good and if you had a DS-3 link you must have been in a big IT shop. Compute services were limited to corporate email (Outlook/Exchange were the new kids on the block) and client/server based systems. Read More »
Tags: #ciscochampion, Cisco ISR, ISR 4000 Series, ISR 4431, ISR 4451-X, IWAN, VPLS, vpn
In my last blog I talked about the value of Pfr to the IWAN solution. This week I wanted to talk about DMVPN and why it is going to be a critical component of your IWAN deployment.
Your IWAN topology will most likely consist of one or more internet connections which means that your data will be traveling over untrusted connections and shared environments so security is going to be top of mind. So how do you secure your data over the internet and other untrusted or shared environments? Well DMVPN (Dynamic Multi-point Virtual Private Network) is based on VPN the same technology that many of you use today to securely connect back to your office when you are traveling or working from home. A VPN will create a tunnel between two end-points and then encrypt all data traveling over the tunnel. VPN’s can connect users to a remote site, client-to-site VPN, or connect two remote sites, site-to-site VPN. Unlike VPN, DMVPN can securely connect multiple points together dynamically.
So how does DMVPN work and what is the benefit to IWAN? DMVPN works on top of your WAN infrastructure which means that DMVPN tunnels will be established between branch sites as traffic flow demands. In a common hub and spoke topology example, when data needs to be sent from the spoke to the hub site, the spoke will establish a VPN tunnel to the hub by registering first with the hub. In order for each tunnel to function a new dynamic IP address is created at the branch since the hub site will initiate the connection. In order for data to be routed between sites over the DMVPN tunnels, routing information will need to be exchanged. As more tunnels are created there will be more dynamically created IP addresses and traditional routing protocols like BGP or EIGRP are used to efficiently share routing information so all sites can talk to each other. Lastly QoS is applied to each tunnel to ensure that the hub site does not oversubscribe the spoke sites.
Read More »
Tags: Cisco ISR, DMVPN, IWAN, PfR
Networking as a technology has been around for decades now and most people consider it to be mature with a crawling pace of innovation. But with big market transitions like cloud computing, nothing can be further from the truth as the Cloud Services Router (CSR) 1000V has proven with its announcement at Cisco Live! – San Diego on June 12th as part of our Cloud Connected Solution launch
Read More »
Tags: best of interop, Cisco Integrated Services Router, Cisco ISR, cloud, Cloud Connected Solution, cloud router, cloud services router, CSR 1000V, interop, router, routing, vPC
One of the great things about being at Cisco HQ in Silicon Valley is the wonderful diversity we have here. Although you don’t really get seasons you do get an awesome mix of people. A recent stroll around the lake at Shoreline Park revealed people speaking English, Russian, German, Japanese, Chinese, Korean, Vietnamese, Hindi and some other languages I could not identify. Similarly sushi, butter chicken and naan, pho, bulgoki and bahn mi are all easy to find for the diversified, international foodie.
However, when I go out for Indian food with my friends, they almost always insist on going to a buffet in Mountain View called Passage to India. Partially because they usually have a huge assortment of “desi-chinese” dishes such as Gobi Manchurian and Chilli Chicken but largely because they see the buffet being a tremendous value. Little chicken tikka masala, little tandoori, little goat curry, some gulab jamun – enjoy them all, they are all included in a well integrated package. A la carte approaches make it hard to enjoy such variety, as each additional dish is usually priced like the main part of a meal.
Reminds me of the whole Cisco vs Juniper thing for the branch.
We took a look at the cost of building a modern, secure, integrated services network for the branch, incorporating the functionality and services that you would want in a new branch deployment, you know, things like security (firewall, IPS, VPN), video, server virtualization, WAN optimization, video optimization, 4G backup and Unified Communications. Doing all this with Cisco was pretty easy, all you need is an ISR, which we spec’ed out as an ISR 3945 for our hypothetical 150 person branch (with a 45Mbps WAN bandwidth). Implementation was cheap and easy, particularly when you consider all the capabilities that you were getting.
Read More »
Tags: access router, branch office, Cisco Integrated Services Router, Cisco ISR, juniper, routers