Using the iPhone for Out-of-Band access

I frequently use my iPad to console onto routers as per my earlier post. But there are so much more functionality here. The iPhone can be used as a Out-of-Band device.

Why? Because it occasionally happens that a router has no device near it that can provide console access. And if you doing risky changes, this beats having to sit next to the device while doing the changes.

Requirements:

  1. A serial connector cable  (30-pin Apple to male DB9 pin RS-232).
  2. A rollover cable.
  3. A jailbroken iPhone.
  4. Terminal application.
  5. Software that supports serial communication.
  6. Inbound connectivity to iPhone Sim.

Steps 1-5 is the same as my previous post. Only difference is with step-4. The app iSSH is not needed here as the SSH connection will not be made locally from the device. So once SSH is loaded via Cydia move along to Step-5.

The last step required is having inbound access to the cellular data IP on your iPhone. This varies between cellular providers. Some providers block inbound access, others allow it by default. If your cellular provider is blocking inbound access, you will have to request them to allow it for you SIM.

All that is left to do, is plugging your phone into the distant router, (preferably locked in the cabinet, to prevent it from being stolen). From you desk SSH to the iPhone and use Minicom to reverse console into your router.

Advertisements

EIGRP adjacency using a secondary IP

Consider the following statement from Cisco.com : “Routers do not form EIGRP neighbors over secondary networks.

A Routing-BitsHandbook candidate queried this last week, claiming the statement is misleading and that EIGRP will indeed form an adjacency using a secondary IP address under specific conditions.

Consider the following configuration. R1 connects to R2 using a back-to-back serial connection. Both S1/1 interfaces have a primary and a secondary IP address defined. The EIGRP processes only matches the secondary IP addresses.

R1#
interface Serial1/1
ip address 10.1.1.1 255.255.255.0 secondary
ip address 10.5.1.1 255.255.255.0
!
router eigrp 1
network 10.1.1.1 0.0.0.0
no auto-summary

R2#
interface Serial1/1
ip address 10.0.1.2 255.255.255.0 secondary
ip address 10.5.1.2 255.255.255.0
!
router eigrp 1
network 10.0.1.2 0.0.0.0
no auto-summary

So what do you think will happen in this scenario? Will R1 and R2 become adjacent? Cisco explicitly mentions that a secondary IP address is not used in the EIGRP hello packets, therefore EIGRP neighbors will not become adjacent using secondary IP addresses.
Continue reading “EIGRP adjacency using a secondary IP”

My CCIE Booklist

A quick post. I’ve had many requests from guys asking details surrounding my studies and preparation. As always I am more than happy to help and aid other candidates where I can. After all I did not get this far on my own.

So first off I have create a new page called CCIE BOOKLIST (on the right) of books I bought and used for both the R&S and SP. I have added a small review of most of them.

In the next week or two, I will post the methods I used to get through the theory, labs, my approach and lab strategies etc.

 

Terminal Server in Dynamips

I find using a terminal server to connect to routers while labbing very efficient. I personally don’t like having 10 windows open when configuring devices. I tried it back when I started studying for my R&S but found I made more errors than worth. Since then I have gotten used to jumping between terminal sessions on one screen.

Like most I used Dynamips when I studied for the SP. I built a quad-core PC at home with Ubuntu. My laptop at the time was running Windows XP, but during my 4 months trial I got a Mac Book Pro. Obviously I had to study whenever I had time regardless of the platform. So I configured the same setup across all three platforms.

Configuring a terminal server in Dynamips requires a real interface to be bridged to a virtual router interface. This is done by using a loopback interface. This is done very differently on the three  platforms:

  • Windows XP (32-bit)
  • Ubuntu 9.10 (64-bit)
  • Snow Leopard 10.6 (32/64-bit)

The .NET file I used for the Internetwork Expert SP labs are at the bottom of the article.

Continue reading “Terminal Server in Dynamips”

VRF-lite route leaking

The purpose of VRF-lite is to extend the logical separation of two different networks from a MPLS network down to a single CE router, connected to both these networks. It’s called VRF-lite because it is done without running MPLS (LDP/TDP) or MP-BGP between the PE and CE. Traffic is mapped to the VRF assigned to the ingress interface on the CE router.

But VRF-lite could be used without connecting to a MPLS network entirely! Consider what a VRF is?

A VRF is a mechanism used to provide logical separation between routing tables on the same router. It is locally significant to the router. Each interface on a router can only be assigned to one VRF, but a VRF can have multiple interfaces.

So VRF-lite could be used to separate multiple networks using the same equipment. (Not exactly something you should ever plan in a design, but it could be useful to know)

Once you have the separation you needed, you might need a way to selectively bridge that separation to allow communication between the VRF’s.

Assume the following scenario:
Continue reading “VRF-lite route leaking”

Output101- sh run vrf

Now that the hard work is behind me, the awesome holiday has past, I can finally get back to all the outstanding fun stuff. That said I have some good half completed posts are on the way :)

I came across the following command browsing the DOC-CD a couple months back, and I have used it ever since.

sh run vrf [vrf-name]

The show running vrf feature provides the option to display a subset of the running configuration on a router that is linked to a VRF instance. It can be used to display the configuration of a specific VRF or of all VRFs configured on a router. The command is unfortunately only available on the more recent IOS versions, but if available makes life easy.

Continue reading “Output101- sh run vrf”