IP Accounting is a very useful accounting feature in Cisco IOS, but it’s not as well known as other features, such as NetFlow. The fact that Cisco has considered replacing IP Accounting by adding new features to NetFlow potentially turns IP Accounting into a corner case solution.
However, compared to NetFlow, IP Accounting offers some advantages that make it an interesting feature to investigate: easy results retrieval via a MIB and limited resource consumption. Furthermore, access-list accounting currently cannot be solved with the NetFlow implementation. Note that NetFlow recently added the export of the MAC address as a new information element
Monday, September 15, 2008
link-link networking
- http://www.net-sense.com/flash_report.htm
Situs memanage cisco device dengan lebih cepat
Wednesday, July 9, 2008
Troubleshoot Cisco routers and switches using the debug commands
Troubleshoot cisco routers and switches using the debug commands
by = David Davis
Often, you cannot solve router and switch issues with “show” commands alone. At some point, you will have to use Debug commands to find out what is really going on behind the scenes. In this article, you will learn about Cisco IOS Debug commands and how they can help you.
What makes Cisco IOS Debug commands so useful?
Cisco IOS Show commands can tell you many things about what is going on with your router or switch, but they can’t tell you everything. For example, Show commands cannot tell you when routes drop in or out of the routing table, why an ISDN line failed to connect, whether a packet really went out the router, or what ICMP error code was received. On the other hand, Cisco IOS Debug commands can tell you all these things, and more.
Besides providing more detailed information than what Show commands can provide, Debug commands have the benefit of providing information in “real time” (or dynamically). This is contrary to Show commands that just take a snapshot in time and display the results on your console (somewhat static results). This real-time difference can be very helpful in diagnosing problems.
How do I use Debug commands?
Let’s take a look at a simple example. We are going to view RIP (Routing Information Protocol) in Debug mode.
Router# debug ip RIP
RIP protocol debugging is on
To verify what debugging is enabled, use this command:
Router# show debug
RIP protocol debugging is on
The output from whatever type of debug is enabled will be sent to wherever the Cisco IOS logging system tells that output to go. Either you will receive the output on your screen, it will go to the buffered log on the router, or it will go to a syslog server across the network (or all of these).
To see what level the various outputs are set to and where the output will go, type:
Router# show logging
Syslog logging: enabled (1 messages dropped, 3 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)
Console logging: level debugging, 8 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level warnings, 2 messages logged, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 12 message lines logged
Log Buffer (51200 bytes):
*Jun 9 20:56:49.195: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Jun 9 20:56:49.231: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
Router#
The console should display RIP updates that are sent and received through the RIP protocol. Here is an example of what you might see for RIP debugging:
*Jun 9 21:13:56.471: RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (1.1.1.1)
*Jun 9 21:13:56.471: RIP: build update entries - suppressing null update
*Jun 9 21:14:22.519: RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (1.1.1.1)
*Jun 9 21:14:22.519: RIP: build update entries - suppressing null update
Remember that you should use Debug only for a short time to get a snippet of information, and then turn Debug off as it can be a serious performance hit on your router.
There are several commands for turning off Debug. You could type undebug all or a precreated alias, un all (for more information on aliases, see my article “Enter Commands More Efficiently with Cisco Command Aliases“), but the no debug command works fine also.
Router# no debug
If you type debug ?, you will see that there are over 200+ Debug commands, and each of those has many options. Debugging RIP is just a very simple example.
What are the three most common mistakes made when using Debug?
Using Debug can be a risky proposition, and even experienced admins have made mistakes when using it.
What are some common scenarios when using Debug to troubleshoot?
To learn about the top 10 most useful Cisco IOS Debug commands, please read my TechRepublic article “Get IT Done: 10 Ways to Mitigate Problems Using Cisco IOS Debug.”
In conclusion
The Cisco IOS Debug commands are very powerful commands that every Cisco admin should know how to use properly. With Cisco IOS Debug commands, you can get down to the details of whatever protocol or feature you are troubleshooting in order to resolve your problem.
For more information on Cisco IOS Debug commands, see the Cisco IOS Debug Command Reference.
David Davis has worked in the IT industry for twelve years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.
Article Sources = www.techrepublic.com
by = David Davis
Often, you cannot solve router and switch issues with “show” commands alone. At some point, you will have to use Debug commands to find out what is really going on behind the scenes. In this article, you will learn about Cisco IOS Debug commands and how they can help you.
What makes Cisco IOS Debug commands so useful?
Cisco IOS Show commands can tell you many things about what is going on with your router or switch, but they can’t tell you everything. For example, Show commands cannot tell you when routes drop in or out of the routing table, why an ISDN line failed to connect, whether a packet really went out the router, or what ICMP error code was received. On the other hand, Cisco IOS Debug commands can tell you all these things, and more.
Besides providing more detailed information than what Show commands can provide, Debug commands have the benefit of providing information in “real time” (or dynamically). This is contrary to Show commands that just take a snapshot in time and display the results on your console (somewhat static results). This real-time difference can be very helpful in diagnosing problems.
How do I use Debug commands?
Let’s take a look at a simple example. We are going to view RIP (Routing Information Protocol) in Debug mode.
Router# debug ip RIP
RIP protocol debugging is on
To verify what debugging is enabled, use this command:
Router# show debug
RIP protocol debugging is on
The output from whatever type of debug is enabled will be sent to wherever the Cisco IOS logging system tells that output to go. Either you will receive the output on your screen, it will go to the buffered log on the router, or it will go to a syslog server across the network (or all of these).
To see what level the various outputs are set to and where the output will go, type:
Router# show logging
Syslog logging: enabled (1 messages dropped, 3 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)
Console logging: level debugging, 8 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level warnings, 2 messages logged, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 12 message lines logged
Log Buffer (51200 bytes):
*Jun 9 20:56:49.195: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Jun 9 20:56:49.231: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
Router#
The console should display RIP updates that are sent and received through the RIP protocol. Here is an example of what you might see for RIP debugging:
*Jun 9 21:13:56.471: RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (1.1.1.1)
*Jun 9 21:13:56.471: RIP: build update entries - suppressing null update
*Jun 9 21:14:22.519: RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (1.1.1.1)
*Jun 9 21:14:22.519: RIP: build update entries - suppressing null update
Remember that you should use Debug only for a short time to get a snippet of information, and then turn Debug off as it can be a serious performance hit on your router.
There are several commands for turning off Debug. You could type undebug all or a precreated alias, un all (for more information on aliases, see my article “Enter Commands More Efficiently with Cisco Command Aliases“), but the no debug command works fine also.
Router# no debug
If you type debug ?, you will see that there are over 200+ Debug commands, and each of those has many options. Debugging RIP is just a very simple example.
What are the three most common mistakes made when using Debug?
Using Debug can be a risky proposition, and even experienced admins have made mistakes when using it.
- I’d say the number one common mistake is to forget that you have left Debug on in a production environment. Sometimes, we get so focused on resolving the issue that when we get it resolved, we are on to the next “opportunity” and forget to issue the no debug command to turn off debugging. I think that many a network admin can attest to horror stories of when they brought their router to its knees because they forgot this simple task of turning off Debug.
- The second common mistake would be not realizing the effect on your router of issuing a lot of Debug commands at the same time. Remember that the router’s job is to forward packets, not to monitor processes and generate Debug messages. For example, you are having a problem with the packets on your router, so you issue the Debug statement debug ip packet. Then you decide that you want to view the events on the RIP protocol. Now, you have two separate Debug statements that are being processed and sent to the console. Debug statements are processed at a higher priority than other network traffic, so, needless to say, these Debug statements can jeopardize your router’s performance.
- The third common mistake made with the Debug command is entering debug all or debug ip packet detail on a production router. Either one of these commands can crash a heavily loaded production router. Luckily, there is an “are you sure” prompt before these take effect; however, that hasn’t prevented every debug-related catastrophe. You should be as specific as possible when using Debug, and then turn it off as quickly as possible. Also, always test your Debug commands on a test router before using them in a production environment.
What are some common scenarios when using Debug to troubleshoot?
To learn about the top 10 most useful Cisco IOS Debug commands, please read my TechRepublic article “Get IT Done: 10 Ways to Mitigate Problems Using Cisco IOS Debug.”
In conclusion
The Cisco IOS Debug commands are very powerful commands that every Cisco admin should know how to use properly. With Cisco IOS Debug commands, you can get down to the details of whatever protocol or feature you are troubleshooting in order to resolve your problem.
For more information on Cisco IOS Debug commands, see the Cisco IOS Debug Command Reference.
David Davis has worked in the IT industry for twelve years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.
Article Sources = www.techrepublic.com
Cisco Administration 101 - Understand the OSI Model to become a better cisco Troubleshooter
Cisco Administration 101: Understand the OSI model to become a better Cisco troubleshooter.
By = David Davis
What is the OSI model?
The OSI model is a hierarchical model of how different devices, protocols, and applications can interoperate to provide a network. The OSI (open systems interconnect) model was created by the International Standards Organization (ISO).
The applications and protocols that make up the network reside at different layers of the OSI model. Those layers are:
- Layer 7 – Application
- Layer 6 – Presentation
- Layer 5 – Session
- Layer 4 – Transport
- Layer 3 – Network
- Layer 2 – Data Link
- Layer 1 – Physical
For certification tests like the Cisco CCNA certification, most admins remember these layers by taking the first letter of the layer and matching it with a word. Here are some common ways to remember the OSI model:
- All People Seem To Need Data Processing
- Please Do Not Throw Sausage Pizza Away
- Phew Dead Ninja Turtles Smell Particularly Awful
A common question is, “What application or protocol resides at each of the layers?” Here is a general overview:
- Layer 7 - Application
The application layer is where the protocols and services that make up your application reside. Examples of what is located here are: Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
- Layer 6 - Presentation
The presentation layer “presents” the session layer data to the application. Examples of what is located here are: encryption (like IPSec), ASCII, and JPG.
- Layer 5 - Session
This layer is responsible for initiating and terminating network connections. Examples of the session layer are Remote Procedure Call (RPC) functions and the login portion of a SQL session.
- Layer 4 - Transport
TCP and UDP work at the transport layer. TCP provides the reliable, in-order delivery of your data, as well as error correction, sequencing, and windowing (flow control). Additionally, TCP at the transport layer provides source and destination port numbers that are commonly associated with applications. For example, TCP port 25 is SMTP, 23 is telnet, 22 is SSH, 80 is HTTP, and so on. These port numbers are very important if you are configuring an ACL (see my article, “What you need to know about Cisco IOS access-list filtering“) or studying for a certification test like the CCNA. Data at the transport layer is called a segment.
- Layer 3 - Network
The network layer is where the “IP” part of “TCP/IP” happens. IP is responsible for addressing in the network. Because IP works at layer 3, you could also say that routing and routers work at layer 3. Any data at layer 3 is called a packet.
- Layer 2 - Data Link
If you think about a WAN, there are many protocols that work at layer 2 (like PPP and Frame-Relay).
However, if you just look at the LAN, the most well-known protocol associated with layer 2 is Ethernet. The Ethernet protocol uses MAC addresses to identify unique devices on the network. Any data at layer 2 is called a frame. Ethernet switches work at layer 2 to switch Ethernet packets. To do this, they keep a MAC address table or CAM table — mapping MAC addresses to switch ports.
- Layer 1 - Physical
The physical layer provides the actual connection between devices. Ethernet cables and fiber optic cables work at layer 1. Data goes through the cables via electricity or light. That data is now represented as a bit (a one or a zero).
How does the OSI model help you on a practical basis?
While most of us know the OSI model, I believe that most of us do not make the very helpful connection between the OSI model and the daily, real-world tasks and troubleshooting that a Cisco admin must perform.
Most of us think of the OSI model as some kind of arcane textbook concept that must be learned for the exam and can then be forgotten. On the contrary, I believe it can be extremely helpful to Cisco admins on a day-to-day basis. Here are four ways the OSI model can help you, as a Cisco admin:
Understanding the network “big picture”
There are many new Cisco admins out there who may understand how to unlock a switch port or how to configure IP addressing, but they don’t see, really, how the network functions. By understanding the OSI model, you can see the “big picture” of how the network really works.
You can understand how bits are sent as electrical signals across copper wires; how those are reassembled into frames by Ethernet in layer 2; how the frames are switched to the right destination; how that PC disassembles the frame and packet to verify that it is the right destination IP; how it breaks up the segment at the transport layer, responds with an acknowledgement (ACK), and sends the data up to the session, presentation, and application layers; and how every tiny communication requires this whole process to happen many times per second.
Configure ACLs for traffic filtering and QoS
By understanding the OSI model you will better be able to configure Cisco IOS ACLs. Those ACLs can them be used to filter traffic or provide for router services on that traffic -– like QoS. By knowing that the transport layer is where TCP is and that port numbers are used to identify applications, you will understand more clearly how to create ACLs that define that traffic. You will also create better ACLs when you keep in mind the different protocols that could be in use at the transport layer. For example, you might want an ACL that defines UDP or ICMP (ICMP actually functions at layer 3, network).
Once you create the proper ACL, you can then take action on that traffic by filtering it or providing QoS for it. (See my articles “Cisco IOS access lists: 10 things you should know” and “What you need to know about Cisco IOS access-list filtering.”)
What is also interesting is that BGP works at layer 4 (transport) because it uses TCP; however, OSPF, IGMP, and ICMP all work at layer 3 (network). Also, ARP works between layers 2 and 3 as it maps MAC addresses to IP addresses.
Prepare for certification
Certainly, any entry-level certification will require you to learn about the OSI model and answer some questions about it. For example, the CCENT/CCNA and Network+ certifications all require that you understand the OSI model. I believe that this all comes back again to “knowing the big picture.”
Troubleshooting the network
Once you understand the OSI model, you will be a much better network troubleshooter. For example, in my article “Choosing a network troubleshooting methodology,” I cover how to use the OSI model to troubleshoot the network either by starting at the top or the bottom or by using the “divide and conquer” approach.
- If your Ethernet cable is disconnected, at what layer is your problem to be found? Answer: layer 1.
- If your ACL is dropping your TCP data, where is the trouble? Answer: layer 4.
- If your IPSec is misconfigured, where is the problem? Answer: layer 4.
Learn more
By understanding the OSI model, you will be able to do a lot more than pass your certification test. The OSI model may have been designed to help vendors ensure that their network products interoperate with others, but it is here to help Cisco admins, like us, visualize how the network works and troubleshoot it when it doesn’t.
For more information on the OSI model, see Cisco’s Internetworking Technology Handbook.
David Davis has worked in the IT industry for twelve years and holds several certifications, including CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of systems/network administrators for a privately owned retail company and performs networking/systems consulting on a part-time basis.
Article Source = www.techrepublic
10 commands you should master when working with the Cisco IOS
10 commands you should master when working with the Cisco IOS
by = David Davis
by = David Davis
Editor’s Note: This article was originally published on TechRepublic July 25, 2006. For your convenience, I’m republishing it in the blog to be part of the e Cisco Routers and Switches archive. It is also available as a PDF Format
The Cisco IOS provides thousands of commands, and configuring it can be challenging. Here are 10 commands you need to know, inside and out, when using the Cisco IOS.
#1: The “?”
It may seem entirely too obvious that you should know how to type ? to ask for help when using the Cisco IOS. However, the Cisco IOS is completely different from other operating systems when it comes to using the question mark (help key). As the IOS is a command-line operating system with thousands of possible commands and parameters, using the ? can save your day.
You can use the command in many ways. First, use it when you don’t know what command to type. For example, type ? at the command line for a list of all possible commands. You can also use ? when you don’t know what a command’s next parameter should be. For example, you might type show ip ? If the router requires no other parameters for the command, the router will offer CR as the only option. Finally, use ? to see all commands that start with a particular letter. For example, show c? will return a list of commands that start with the letter c.
#2: show running-configuration
The show running-config command shows the router, switch, or firewall’s current configuration. The running-configuration is the config that is in the router’s memory. You change this config when you make changes to the router. Keep in mind that config is not saved until you do a copy running-configuration startup-configuration. This command can be abbreviated sh run.
#3: copy running-configuration startup-configuration
This command will save the configuration that is currently being modified (in RAM), also known as the running-configuration, to the nonvolatile RAM (NVRAM). If the power is lost, the NVRAM will preserve this configuration. In other words, if you edit the router’s configuration, don’t use this command and reboot the router–those changes will be lost. This command can be abbreviated copy run start. The copy command can also be used to copy the running or startup configuration from the router to a TFTP server in case something happens to the router.
#4: show interface
The show interface command displays the status of the router’s interfaces. Among other things, this output provides the following:
- Interface status (up/down)
- Protocol status on the interface
- Utilization
- Errors
- MTU
This command is essential for troubleshooting a router or switch. It can also be used by specifying a certain interface, like shint fa0/0.
#5: show ip interface
Even more popular than show interface are show ip interface and show ip interface brief. The show ip interface command provides tons of useful information about the configuration and status of the IP protocol and its services, on all interfaces. The show ip interface brief command provides a quick status of the interfaces on the router, including their IP address, Layer 2 status, and Layer 3 status.
#6: config terminal, enable, interface, and router
Cisco routers have different modes where only certain things can be shown or certain things can be changed. Being able to move between these modes is critical to successfully configuring the router.
For example, when logging in, you start off at the user mode (where the prompt looks like >). From there, you type enable to move to privileged mode (where the prompt looks like #). In privileged mode, you can show anything but not make changes. Next, type config terminal (or config t) to go to global configuration mode (where the prompt looks like router(config)# ). From here, you can change global parameters. To change a parameter on an interface (like the IP address), go to interface configuration mode with the interface command (where the prompt looks like router(config-if)#). Also from the global configuration mode, you can go into router configuration using the router {protocol} command. To exit from a mode, type exit.
#7: no shutdown
The no shutdown command enables an interface (brings it up). This command must be used in interface configuration mode. It is useful for new interfaces and for troubleshooting. When you’re having trouble with an interface, you may want to try a shut and no shut. Of course, to bring the interface down, reverse the command and just say shutdown. This command can be abbreviated no shut.
#8: show ip route
The show ip route command is used to show the router’s routing table. This is the list of all networks that the router can reach, their metric (the router’s preference for them), and how to get there. This command can be abbreviated shipro and can have parameters after it, like shiproospf for all OSPF routers. To clear the routing table of all routes, you do clear ip route *. To clear it of just one route, do clear ip route 1.1.1.1 for clearing out that particular network.
#9: show version
The show version command gives you the router’s configuration register (essentially, the router’s firmware settings for booting up), the last time the router was booted, the version of the IOS, the name of the IOS file, the model of the router, and the router’s amount of RAM and Flash. This command can be abbreviated shver.
#10: debug
The debug command has many options and does not work by itself. It provides detailed debugging output on a certain application, protocol, or service. For example, debug ip route will tell you every time a router is added to or removed from the router.
Article Source = www.techrepublic.com
Cisco article resource website
(http://tipsirfan.blogspot.com)
Cisco article resource website =
Cisco article resource website =
- www.cisco.com
Cisco Systems, Inc. is a multinational corporation with more than 63,000 employees and annual revenue of US$35 billion as of 2007. Headquartered in San Jose, California, it designs and sells networking and communications technology and services under five brands, namely Cisco, Linksys, WebEx, IronPort, and Scientific Atlanta. - www.ciscopress.com
Cisco Press is a publishing alliance between Cisco Systems and the Pearson Education division of Pearson PLC. Cisco Press distributes its titles through traditional resellers as well as through the Safari Books Online e-reference service.
Saturday, July 5, 2008
2 cisco book publisher
According to me, they are 2 publisher book that very good writing related with cisco certification.
- Cisco Press
This company cisco publisher. Theya are many good cisco certification books - Sybex
Thursday, July 3, 2008
Apa itu NMS ( Network Management System )
Di bawah saya ambil dari situs www.wikipedia tentang apa itu NMS.
A Network Management System (NMS) is a combination of hardware and software used to monitor and administer a network.
Individual network elements (NEs) in a network are managed by an element management system.
2 Penerbit buku cisco
2 Penerbit Buku Cisco.
by Irfansyah K.P
Menurut penulis ada 2 buah perusahaan yang bagus dalam menulis buku cisco yang berhubungan dengan Sertifikasi cisco, yaitu =
by Irfansyah K.P
Menurut penulis ada 2 buah perusahaan yang bagus dalam menulis buku cisco yang berhubungan dengan Sertifikasi cisco, yaitu =
- Cisco Press
Cisco Press is a publishing alliance between Cisco Systems and the Pearson Education division of Pearson PLC. Cisco Press distributes its titles through traditional resellers as well as through the Safari Books Online e-reference service. (www.wikipedia) - Sybex
Sertifikasi cisco
Di bawah ini adalah sertifikat - sertifikat Cisco :
- CCNA
- CCNP
- CCIE
Subscribe to:
Posts (Atom)
