Full disclosure : I was lucky to be among a group of networking influencers invited to Silicon Valley to visit some networking companies and see what they were offering to the market.  I was flown out and given accommodations at the expense of Gestalt IT - the company that organized the event.  I was given some swag by each company, but I was never paid to write a positive review on the product.  Heck, I’m not even expected to write at all.

Cisco Live is obviously the biggest networking event of the year, and Cisco likes to use all the attention to show off some of their new gear.  I must say I was impressed with some of the Enterprise offerings including the 6807-XL, the 6880-X, the 4451-X, and the Sup 8-E for the 4500-E (check out the Nexus 7700, too, even though they aren’t Enterprise class).  Those boxes definitely gave me a bit of a tingle when I was checking them out, but my eyes opened up when I saw the 3850 in one of my sessions and on the show floor.

Here’s another story from the late night.  I’ve changed the details to protect the innocent, but you’ll get the idea.

I think most of you know that I started a new job late last year, and I’ve spent my waking hours getting caught up on how the new company works, how everything fits together, and all that jazz.  One of the big reasons that I (and a number of others) were brought in was to fix the biggest problem; the company doesn’t have a real central control over customer-facing technologies.  There’s a group that does central IT for the company (Exchange, SharePoint, Oracle apps, etc.), but there are dozens and dozens of applications out there.  That means there are dozens of “network teams” around the world doing their own thing.

This is a surprise, but Cisco has announced the end of life of the 6500 switches that we all know and love.  Usually Cisco gives a platform a few more years after they decide to retire it, but the schedule only gives the 6500s one more year of service.  I’m sure this goes back the success and recent expansion of the Nexus line of switches.

Here’s the lowdown from Cisco.

We’re an Avaya voice shop (for now if I have my way) and have Avaya systems of various sizes and shapes all around the Enterprise.  I was at one of our remote locations a few weeks back and helped the guys there replace a non-PoE switch so they could get the old power injector panel out of their rack.  When we moved stuff around, the phones didn’t come back and had the dreaded DHCP Ack Error.

I had a really, really bad day this past Tuesday.  I mean, a really bad day.  I guess I should have seen it coming since the last #stabbytuesday was uneventful.  Here’s what said cosmos had in for me and the lessons I took away.  Most of these are things we’ve all lived before, but, for various reasons, I got blindsided.  I expected more from myself.

More study notes.  Correct if wrong, though I hope I get some of it right since I already since I’m an R&S guy.  :$

**Switchport Configuration
**

• switchport mode access:  This config makes the port an access port that carries the primary and voice VLAN traffic
• switchport mode trunk:  This config akes the port a trunk unconditionally, but it will still send DTP messages
• switchport nonegotiate:  This config keeps the port from sending DTP messages.
• switchport mode dynamic auto:  If the port receives DTP messages, it will become a trunk.  If not, it will be an access port.
• switchport mode dynamic desirable:  The port actively sends DTP messages trying to become a trunk.  This is the default configuration on a Cisco switch.

Cisco IP Phone Boot Process

I posed the philosophical question on Twitter the other day asking if single trunk links should be in an EtherChannel bundle just in case you need to expand later.  I didn’t really expect an answer, but the ever-verbose @WannabeCCIE pointed out (in not so many words) that you should watch your IDBs.  What is that?

That’s an interface descriptor block.  I admit that I’m not intimately familiar with them, bu they’re data structs in IOS used to keep track of the interfaces on that device.  They come in two flavors - hardware and software.  HWIDBs usually represent a physical interface but they also represent tunnels, SVIs, PortChannels, subinterfaces, and any other virtual interface that you can configure.  The SWIDBs represent the layer-2 encapsulation of each HWIDB, so you’ll see entries talking about Ethernet, HDLC, PPP, etc.  That means that every interface you have on a router consumes two IDBs (there are always exceptions).  That’s important because each platform and IOS version combination has a limit to the number IDBs that device supports.

Last week, @fletcherjoyce posted an article on his blog about his positive experiences with Cisco’s 3750 switches.  If you follow my complaints tweets, you know that I’ve had quite the opposite experience with them.  I would never pick on anyone, but I had to throw in my 2 cents.

I’m guessing here, but we have about 50 3750 stacks in the enterprise.  Most of them are pairs, you wind up with roughly 120 switches.  Since we’ve done about 20 replacements over the last 5 years, that means we have a 17% failure rate.  That’s pretty horrible, isn’t it?

Just because I like giving more money to Pearson Vue, I took the BCMSN test today to see how I would do.  I passed with no problem.

In my mind, the CCNP is a technical certification, so I expect to be tested on technical topics.  Are there topics beyond technology that P-levels should know?  Of course there are, but I really don’t think whole chunks of the test should be about a preparation plan and rollback procedures.  The BCMSN had a lot more technical questions at a much higher level of expertise; it seems much better suited to the CCNP track than the SWITCH test did.

I did my standard 2ish-hour drive to the closest testing center today to take the SWTCH test (642-813).  Utter failure.  That’s 3 for those scoring at home.

The test was the absolute worst I’ve ever taken.  I know that I complain a lot, but this is totally justified in my eyes.  My 4th grade spelling tests were better than this.  I’ve seen kindergarten plays with better production value.

First of all, it was poorly written.  Whoever wrote those questions has a few pieces of information about English sentence structure missing from their skill set.  A sentence needs a verb, right?  Well, a lot of the sentences were missing those.  It’s kind of important to know what the whole point of the sentence is, or is that too much to ask?  The “drag this over here” exercise questions all started with the same 13-word phrase that left the question so long that it was unreadable.  A couple of commas would have been nice in some.  Others I just had to infer from the answers what they were trying to ask.

I’ve got a few switches daisy chained together with single links and have enabled UplinkFast on them.  This switch is not the root bridge; F0/24 is the root port and F0/23 is a blocked alternate port. I’ve got debug spanning-tree uplinkfast on to help out.

SW3#sh span | incl 0/2[34]
Fa0/23           Altn BLK 3019      128.23   P2p
Fa0/24           Root FWD 3019      128.24   P2p

Now let’s unplug F0/24 and see what happens.

I was doing some STP labs tonight and found something that caught me off guard a bit.  I had been meddling with some EtherChannels between a pair of 3750s earlier today, and I forgot to reset the configs before starting on the STP stuff.  One my secondary root switch, I ran a show spanning-tree vlan 1 to see what status the ports were in, and I noticed the root path cost.

Here’s an STP exercise for you.  Given the bridge priorities, MAC addresses, and interface types in the diagram, calculate the root bridge, root ports, designated ports, and blocked ports.  You can click on the image to enlarge it.  I’ll post a solution in the next few days.  As always, feel free to comment and ridicule my utter idiocy.  Be gentle, though; I don’t usually post exercises like this.

Send any configuration BPDUs questions my way.

I’ve decided to take on the CCNP certification, so I’m going to wind up with a few posts will be more my own notes than anything.  :)

A switch port on a 2960 comes up with a default configuration on VLAN 1.  What happens from the perspective of spanning-tree?

• First, the port comes up on blocking mode.  This is to make sure that loops aren’t created without first listening to the network to see what’s going on.
• Next, if the port may be a root or designated port, the port is moved to the listening state.  In this state, the port can send and receives BPDUs only.  It can’t send traffic, but it can discover the other switches participating in STP.
• After the forwarding delay, the port goes into the learning state.   In this state, the port can send and receive BPDUs as in listening, but it can now receive traffic.  It can’t yet send any.
• After the forwarding delay again, the port goes into the forwarding state.  The port can now send and receive data.

If the port is configured with spanning-tree portfast, the mode goes from blocking directly to forwarding without going through these steps.  Obviously you don’t want a switch plugged into a port configured for portfast since you may wind up with a loop.

SSH is more than just a shell.  You can copy files from and to a server or piece of network gear with it.  You can use it to tunnel traffic.  Possibly my favorite, though, is to use SSH to run a command on a remote box without interacting with a shell.

One of my biggest pet peeves with IOS (or pretty much any Cisco OS) is the lack of complex filtering.  Let’s say I want to look at all the downed ports and interfaces on modules 3 and 6 of my 6509.  I can’t easily do that with command from the IOS, but, on my Linux box, I can use multiple grep commands to get exactly what I want really easily.  Let’s work through the example, shall we?

Have you even noticed that your new servers all have 2 NICs on the board?  At least all of them that I’ve seen in the last 3 years have.  A lot of server admin actually use them in a NIC teaming scenario where both NICs are used as one logical device – much the same as Etherchannel on a switch.  This provides some fault tolerance and availability in case of failure, which is good idea in most cases.

We discussed SPANs earlier, but let’s talk about RSPANs for a bit.

Can anyone guess what the “R” means?  You guessed it – “Remote”.  An RSPAN is a way to get traffic from a SPAN source on one switch to a SPAN destination on another switch that’s connected via a trunk.

The basic premise is that a special VLAN is created on all the switches and allowed to traverse the trunks.  You then set up a SPAN session that copies your traffic to this special VLAN.  This VLAN then gets the traffic to the other switches through some voodoo magic to be used as source for a SPAN on another switch.

I can’t believe I haven’t blogged on this yet.  SPANs are one of my favorite things in the world.

The switched port analyzer (SPAN) is a mechanism on Cisco switches that allows you to take traffic on one port and copy it to another.  It’s generally used to get traffic to a sniffer or IDS for analysis, but it’s a great tool to use to sample traffic from a host for troubleshooting.

My home network has a Linux box running IPTables as it’s center point, and, since there are four networks, it has 4 NICs and 4 cables into the switch.  I kept running into problems with the NICs (they would reorder depending on what flavor of Linux was installed), so I wanted to consolidate the NICs down to 2 – one for the Internet link and one for the LAN segments with 802.1q tagging.

We just an HP C-class blade chassis which included two GbE2c network modules.  These modules are Nortel switches running AlteonOS that connect the blades to the rest of your network.  When I turned these guys up the other day, every VLAN stopped working, so I ran down to the data center and unplugged the uplink.  I called HP and soon found out that the GbE2c doesn’t play nice with Cisco switches out-of-the-box.  Since we have a Cisco network (not now, I guess), we can into some problems.