Rack1SW1#show version | incl 35
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(44)SE6, RELEASE SOFTWARE (fc1)
ROM: Bootstrap program is C3550 boot loader
System image file is "flash:/c3550-ipservicesk9-mz.122-44.SE6.bin"
Cisco WS-C3550-24 (PowerPC) processor (revision G0) with 65526K/8192K bytes of memory.
Model number: WS-C3550-24-SMI
Rack1SW1#sh run | incl ipv6
ipv6 unicast-routing
ipv6 address FC00:1:0:37::7/64
ipv6 rip TEST enable
ipv6 enable
Rack1SW1#sh run int tun0
Building configuration...
Current configuration : 127 bytes
!
interface Tunnel0
no ip address
ipv6 address FC00:1:0:37::7/64
ipv6 rip TEST enable
tunnel source Loopback0
tunnel destination 150.1.3.3
end
Rack1SW1#ping fc00:1:0:37::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FC00:1:0:37::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/3/4 ms
Rack1SW1#show ipv6 neigh
Rack1SW1#show ipv6 route
IPv6 Routing Table - Default - 4 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
R - RIP, D - EIGRP, EX - EIGRP external
R 2002::/64 [120/2]
via FE80::20E:D7FF:FE10:4700, Tunnel0
C FC00:1:0:37::/64 [0/0]
via Tunnel0, directly connected
L FC00:1:0:37::7/128 [0/0]
via Tunnel0, receive
L FF00::/8 [0/0]
via Null0, receive
Rack1SW1#
Rack1SW1#ping 2002::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2002::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/2/4 ms
Rack1SW1#
Donnerstag, 14. Juli 2011
Mittwoch, 13. Juli 2011
Dienstag, 12. Juli 2011
INE WB Vol1 - 8.31 Anycast RP
Lab it up again on a small scenario
msdp originator-id should be set to unique peering loopbacks not the Anycast RP Loopback !
msdp originator-id should be set to unique peering loopbacks not the Anycast RP Loopback !
Montag, 11. Juli 2011
Sonntag, 10. Juli 2011
INE WB Vol2 - Configuration Lab 1
1. Layer 2
1.1 Layer 2 Features - 0 Points
- missed VLAN on removal
- PrivateVLANs not possible on 3550
2. IGP
2.1 OSPF - 0 Points
- missed virtual link
- missed hello multiplier (speed convergence)
- missed non-broadcast neighborship for security
2.2 IGP Features - 3 Points
2.3 BGP Bestpath Selection - 4 Points
3. IPv6
3.1 IPv6 Addressing - 4 Points
3.2. IPv6 Multicast Basics - 0 Points
- R4/R5 RP/BSR mixed-up (DAMN!)
4. MPLS VPN
4.1 LDP - 3 points
4.2 VPN - 3 points
5. IP Multicast
5.1 RP Assignment - 2 Points
5.2 Multicast Testing - 3 Points
5.3 Multicast Filtering - 0 Points
- used ip multicast boundary 1 instead of ip igmp access-group 1
6. Security
6.1 Denial of Service Tracking - 3 Points
6.2 Spoof Prevention - 2 Points
6.3 Information leaking - 0 Points
- used only unreachables not mask-reply
6.4 Control Plane Protection - 0 Points
- used a control plane policy :( instead of simple ACLs
7. Network Services
7.1 RMON - 3 Points
7.2 NTP - 2 Points
7.3 NTP Authentication 3 Points
7.4 Traffic Accounting - 3 Points
7.5 Gateway Redundancy - 3 Points
7.6 Network Address Translation - 3 Points
7.7 Embedded Event Management - 0 Points
- had absolutely no clue
8. QoS
8.1 Frame Relay Traffic Shaping - 0 Points
- had no real clue
8.2 Rate Limiting - 0 Points
- made it with rate-limit not with a policy-map
8.3 CBWFQ - 0 Points
- service-policy on physical interface not on DLCIs
8.4. Catalyst QoS - 0 Points
- no clue
(Full 79/Pass 64/My 44)
1.1 Layer 2 Features - 0 Points
- missed VLAN on removal
- PrivateVLANs not possible on 3550
2. IGP
2.1 OSPF - 0 Points
- missed virtual link
- missed hello multiplier (speed convergence)
- missed non-broadcast neighborship for security
2.2 IGP Features - 3 Points
2.3 BGP Bestpath Selection - 4 Points
3. IPv6
3.1 IPv6 Addressing - 4 Points
3.2. IPv6 Multicast Basics - 0 Points
- R4/R5 RP/BSR mixed-up (DAMN!)
4. MPLS VPN
4.1 LDP - 3 points
4.2 VPN - 3 points
5. IP Multicast
5.1 RP Assignment - 2 Points
5.2 Multicast Testing - 3 Points
5.3 Multicast Filtering - 0 Points
- used ip multicast boundary 1 instead of ip igmp access-group 1
6. Security
6.1 Denial of Service Tracking - 3 Points
6.2 Spoof Prevention - 2 Points
6.3 Information leaking - 0 Points
- used only unreachables not mask-reply
6.4 Control Plane Protection - 0 Points
- used a control plane policy :( instead of simple ACLs
7. Network Services
7.1 RMON - 3 Points
7.2 NTP - 2 Points
7.3 NTP Authentication 3 Points
7.4 Traffic Accounting - 3 Points
7.5 Gateway Redundancy - 3 Points
7.6 Network Address Translation - 3 Points
7.7 Embedded Event Management - 0 Points
- had absolutely no clue
8. QoS
8.1 Frame Relay Traffic Shaping - 0 Points
- had no real clue
8.2 Rate Limiting - 0 Points
- made it with rate-limit not with a policy-map
8.3 CBWFQ - 0 Points
- service-policy on physical interface not on DLCIs
8.4. Catalyst QoS - 0 Points
- no clue
(Full 79/Pass 64/My 44)
INE WB Vol2 - Troubleshooting Lab 1
TS1.1) 2p nni->dce
TS1.2) 2p next-hopf-self
TS1.3) 3p wrong static def.global
TS1.4) - RIP
TS1.5) 2p ospf-dead-interval
TS1.6) - WCCP
TS1.7) 2p ip rip send version 1 -> 2
TS1.8) 2p database-filter
TS1.9) - http authentication local
TS1.10) 2p drop / control-plane
----------------------------------
15 - FAIL (Passing grade 16) - but i used only 1 h and did not verify
TS1.2) 2p next-hopf-self
TS1.3) 3p wrong static def.global
TS1.4) - RIP
TS1.5) 2p ospf-dead-interval
TS1.6) - WCCP
TS1.7) 2p ip rip send version 1 -> 2
TS1.8) 2p database-filter
TS1.9) - http authentication local
TS1.10) 2p drop / control-plane
----------------------------------
15 - FAIL (Passing grade 16) - but i used only 1 h and did not verify
Donnerstag, 7. Juli 2011
[OT] TFTPD Error code 1: File not found
l33th4x0r@os390:~$ tftp 1.1.1.1
tftp> put i-hate-tftpd.txt
Error code 1: File not found
tftp>
...
my-fucking-tftpd:~# cat /etc/default/tftpd-hpa
#Defaults for tftpd-hpa
RUN_DAEMON="yes"
OPTIONS="-l -c -s /var/lib/tftpboot/"
#change to "-c" for creating files
my-fucking-tftpd:~#
my-fucking-tftpd:~# chown nobody -R /var/lib/tftpboot/
my-fucking-tftpd:~# chmod -R 777 /var/lib/tftpboot/
...
l33th4x0r@os390:~$ tftp 1.1.1.1
tftp> put i-hate-tftpd.txt
Sent 856063 bytes in 1.2 seconds
tftp>
Wow....
If you encounter problems with the tftpd-hpa package on Debian systems... here's the solution
tftp> put i-hate-tftpd.txt
Error code 1: File not found
tftp>
...
my-fucking-tftpd:~# cat /etc/default/tftpd-hpa
#Defaults for tftpd-hpa
RUN_DAEMON="yes"
OPTIONS="-l -c -s /var/lib/tftpboot/"
#change to "-c" for creating files
my-fucking-tftpd:~#
my-fucking-tftpd:~# chown nobody -R /var/lib/tftpboot/
my-fucking-tftpd:~# chmod -R 777 /var/lib/tftpboot/
...
l33th4x0r@os390:~$ tftp 1.1.1.1
tftp> put i-hate-tftpd.txt
Sent 856063 bytes in 1.2 seconds
tftp>
Wow....
If you encounter problems with the tftpd-hpa package on Debian systems... here's the solution
Abonnieren
Posts (Atom)