Thursday, October 18, 2007

Extending Ethernet Capability

To extend the Ethernet twisted-pair 10BaseT capability beyond the standard 100 meters on the Cisco 4000 platform, use the squelch interface configuration command.

squelch {normal | reduced}
no squelch {normal | reduced}
Syntax Description
ormal : Allows normal capability.
reduced : Allows extended 10BaseT capability.
Default : Normal range

The following example extends the twisted-pair 10BaseT capability on the cable attached to interface Ethernet 2:

interface ethernet 2
squelch reduced

Advance Ping

mu-t1-cr01#pi mpls ipv4 192.168.251.2/32 exp 2 repeat 5000

Sending 5000, 100-byte MPLS Echos to 192.168.251.2/32, timeout is 2 seconds, send interval is 0 msec:
Codes: \'!\' - success, \'Q\' - request not transmitted, \'.\' - timeout, \'U\' - unreachable, \'R\' - downstream router but not target, \'M\' - malformed request


Type escape sequence to abort.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (5000/5000), round-trip min/avg/max = 272/276/1646 ms

Wednesday, October 17, 2007

Configuring an 802.1Q Tunneling Port

Configuring Layer 2 Tunneling Characteristics

Beginning in privileged EXEC mode, follow these steps to configure a port for Layer 2 protocol tunneling:


Command
Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Enter the interface configuration mode and the interface to be configured as a tunnel port. This should be the edge port in the service-provider network that connects to the customer switch. Valid interfaces include physical interfaces and port-channel logical interfaces (port channels 1 to 64).

Step 3

switchport mode access
or
switchport mode dot1q-tunnel

Configure the interface as an access port or an 802.1Q tunnel port.

Step 4

l2protocol-tunnel {cdp | vtp | stp}

Enable protocol tunneling for the desired protocol.

Step 5

l2protocol-tunnel shutdown-threshold {cdp | vtp | stp}

(Optional) Configure the threshold for incoming Layer 2 PDUs to be received and encapsulated. The port is disabled if the configured threshold is exceeded. The range is 1 to 1000. The default is to have no threshold configured.

Step 6

exit

Return to global configuration mode.

Step 7

errdisable recovery cause l2ptguard

(Optional) Configure the recovery mechanism from a Layer 2 maximum rate error so that the interface can be brought out of the disabled state and allowed to try again. You can also set the time interval. Errdisable recovery is disabled by default; when enabled, the default time interval is 300 seconds.

Step 8

l2protocol-tunnel cos value

(Optional) Configure the CoS value for all tunneled Layer 2 PDUs. The range is 0 to 7; the default is the default COS value for the interface. If none is configured, the default is 5.

Step 9

end

Return to privileged EXEC mode.

Step 10

show l2protocol

Display the Layer 2 tunnel ports on the switch, including the protocols configured, the threshold, and the counters.

Step 11

copy running-config startup-config

(Optional) Save your entries in the configuration file.

This example shows how to configure Layer 2 protocol tunneling for STP and CDP and verify the configuration.

Switch(config)# interface gigabitethernet0/7
Switch(config-if)# l2protocol-tunnel stp
Switch(config-if)# l2protocol-tunnel cdp
Switch(config-if)# l2protocol-tunnel shutdown-threshold 400
Switch(config-if)# exit
Switch(config)# l2protocol-tunnel cos 6
Switch(config)# end
Switch# show l2protocol
Port   Protocol        Shutdown Threshold  Counters
                       (cos/cdp/stp/vtp)   (cdp/stp/vtp/decap)
--------------------------------------------------------------
Gi0/7   cdp stp         6/400 /400 /400     0/0/0/0

Monitoring and Maintaining Tunneling Status

Table 13-2 shows the privileged EXEC commands for monitoring and maintaining 802.1Q and Layer 2 protocol tunneling.

Table 13-2 Commands for Monitoring and Maintaining Tunneling

Command
Purpose

clear l2protocol-tunnel counters

Clear the protocol counters on Layer 2 protocol tunneling ports.

show dot1q-tunnel

Display 802.1Q tunnel ports on the switch.

show dot1q-tunnel interface interface-id

Verify if a specific interface is a tunnel port.

show l2protocol-tunnel

Display information about Layer 2 protocol tunneling ports.

show errdisable recovery

Verify if the recovery timer from a Layer 2 protocol-tunnel error disable state is enabled.

show l2protocol-tunnel interface interface-id

Display information about a specific Layer 2 protocol tunneling port.

show l2protocol-tunnel summary

Display only Layer 2 protocol summary information.

show vlan dot1q native

Display the status of native VLAN tagging on the switch.


For detailed information about these displays, refer to the Catalyst 3550 Multilayer Switch Command Reference for this release.

This example shows how to display the 802.1Q tunnel ports on the switch:

Switch# show dot1qtunnel
Port
-----
Gi0/1
Gi0/2
Gi0/3
Gi0/6
Po2

This example shows how to display the status of native VLAN tagging on the switch:

Switch# show vlan dot1q tag native
dot1q native vlan tagging is enabled

This example shows how to display information about the Layer 2 protocol tunneling on the switch:

Switch# show l2protocol-tunnel
Port   Protocol        Shutdown Threshold  Counters
                       (cos/cdp/stp/vtp)   (cdp/stp/vtp/decap)
--------------------------------------------------------------
Gi0/1   cdp vtp         5/10  /100 /5       0/0/0/0
Gi0/2   cdp stp vtp     5/----/----/----    0/0/0/0
Gi0/3   cdp stp vtp     5/----/----/----    0/0/0/0
Gi0/4   cdp stp vtp     5/----/----/----    4/173/0/5
Gi0/5   cdp stp vtp     5/----/----/----    0/0/0/11
Gi0/6   cdp stp vtp     5/----/----/----    0/0/0/0
Gi0/7   cdp vtp         5/----/----/----    0/0/0/0
Gi0/8   cdp stp vtp     5/----/----/----    0/0/0/0
Gi0/11  cdp stp vtp     5/----/----/----    0/0/0/0
Po2     cdp stp vtp     5/1000/1000/1000    8500/14855375/397/18391

This example shows how to display Layer 2 protocol tunneling summary information :

Switch# show l2protocol-tunnel summary
Port   Protocol        Shutdown Threshold
                       (cos/cdp/stp/vtp)
----------------------------------------
Gi0/1   cdp vtp         5/10  /100 /5
Gi0/2   cdp stp vtp     5/----/----/----
Gi0/3   cdp stp vtp     5/----/----/----
Gi0/4   cdp stp vtp     5/----/----/----
Gi0/5   cdp stp vtp     5/----/----/----
Gi0/6   cdp stp vtp     5/----/----/----
Gi0/7   cdp vtp         5/----/----/----
Gi0/8   cdp stp vtp     5/----/----/----
Gi0/11  cdp stp vtp     5/----/----/----
Po2     cdp stp vtp     5/1000/1000/1000

This example shows how to verify if the recovery timer from a Layer 2 protocol tunnel-error-disable state is enabled:

Switch# show errdisable recovery
ErrDisable Reason    Timer Status
-----------------    --------------
udld                 Disabled
bpduguard            Disabled
channel-misconfig    Disabled
pagp-flap            Disabled
dtp-flap             Disabled
link-flap            Disabled
l2ptguard            Enabled
psecure-violation    Disabled
gbic-invalid         Disabled

Timer interval: 300 seconds

Interfaces that will be enabled at the next timeout:

Quality of Service for Voice and Video

Quality of service (QoS) for voice over IP (VoIP) consists of providing low-enough packet loss and low-enough delay so that voice quality is not affected by conditions in the network. The brute force solution is to simply provide sufficient bandwidth at all points in the network so that packet loss and queuing delay are small. A better alternative is to apply congestion management and congestion avoidance at oversubscribed points in the network.

A reasonable design goal for end-to-end network delay for VoIP is 150 milliseconds. At this level, delay is not noticeable to the speakers. To achieve guaranteed low delay for voice at campus speeds, it is sufficient to provide a separate outbound queue for real-time traffic. The bursty data traffic such as file transfers is placed in a different queue from the real-time traffic. Because of the relative high speed of switched Ethernet trunks in the campus, it does not matter much whether the queue allocation scheme is based on weighted round robin, weighted fair, or strict priority.

If low delay is guaranteed by providing a separate queue for voice, then packet loss will never be an issue. Weighted random early detection (WRED) is used to achieve low packet loss and high throughput in any queue that experiences bursty data traffic flows.

QoS maps very well to the multilayer campus design. Packet classification is a multilayer service that applies at the wiring-closet switch, which is the ingress point to the network. VoIP traffic flows are recognized by a characteristic port number. The VoIP packets are classified with an IP type of service (ToS) value indicating "low delay voice." Wherever the VoIP packets encounter congestion in the network, the local switch or router will apply the appropriate congestion management and congestion avoidance based on the ToS value.

Tuesday, October 16, 2007

BAGIC Configuration

Pune#sh run int Gi 1/2/3
Building configuration...

Current configuration : 1160 bytes
!
interface GigabitEthernet 1/2/3
description Bajaj_Allianz_Life_Insurance/L3VPN-M/6MB-Primary
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 111,1108,1143-1146,2300-2397,2399-2402,2404-2411
switchport trunk allowed vlan add 2413-2489,2499,3040
switchport mode trunk
mtu 9216
no ip address
no keepalive
wrr-queue bandwidth 20 27 53
wrr-queue queue-limit 40 20 20
wrr-queue threshold 1 100 100 100 100 100 100 100 100
wrr-queue threshold 2 50 100 100 100 100 100 100 100
wrr-queue threshold 3 50 100 100 100 100 100 100 100
wrr-queue random-detect min-threshold 2 50 80 100 100 100 100 100 100
wrr-queue random-detect min-threshold 3 50 80 100 100 100 100 100 100
wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100
wrr-queue random-detect max-threshold 3 70 90 100 100 100 100 100 100
wrr-queue cos-map 2 1 1
wrr-queue cos-map 2 2 2
wrr-queue cos-map 3 1 3
wrr-queue cos-map 3 2 4 7
priority-queue cos-map 1 5 6
rcv-queue cos-map 1 4 1 3
rcv-queue cos-map 1 6 0 2 4 7
rcv-queue cos-map 1 8 5 6
mls qos vlan-based
no cdp enable
end

Pune#

Monday, October 15, 2007

List of Tier 1 IPv4 ISPs



The following nine (9) networks are the only Tier 1 ISPs:
Name AS Number Mid-2007 degree[1][2]
----------------------------------------------------------------------------------------------
AOL Transit Data Network (ATDN) 1668 36
AT&T 7018 2079
Global Crossing (GX) 3549 944
Level 3 3356 1393
Verizon Business (formerly UUNET) 701 2644
NTT Communications (formerly Verio) 2914 524
Qwest 209 394
SAVVIS 3561 520
Sprint Nextel Corporation 1239 1700

Securing MAC

Cat3750(config-if)#switchport mode access
!--- Sets the interface switchport mode as access.

Cat3750(config-if)#switchport port-security
!--- Enables port security on the interface.

Cat3750(config-if)#switchport port-security mac-address 0011.858D.9AF9
!--- Sets the secure MAC address for the interface.

Cat3750(config-if)#switchport port-security violation shutdown
!--- Sets the violation mode to shutdown. This is the default mode.

Cat3750#show port-security interface fastEthernet 1/0/2
Port Security : Enabled
Port Status : Secure-shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 1
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0011.8565.4B75:1
Security Violation Count : 1

down-when-looped

Use the down-when-looped interface configuration command to configure an interface to inform the system it is down when loopback is detected.

This command is valid for HDLC or PPP encapsulation on serial and HSSI interfaces.

Backup Interfaces

When an interface has a backup interface configured, it is often desirable that the backup interface be enabled when the primary interface is either down or in loopback. By default, the backup is only enabled if the primary interface is down. By using the down-when-looped command, the backup interface will also be enabled if the primary interface is in loopback.

Testing an Interface with the Loopback Command

If testing an interface with the loopback command, or by placing the DCE into loopback, down-when-looped should not be configured; otherwise, packets will not be transmitted out the interface that is being tested.

Examples

The following example configures interface serial 0 for HDLC encapsulation. It is then configured to let the system know that it is down when in loopback mode.

interface serial0
 encapsulation hdlc
 down-when-looped


How to enable cut-through framing?

To configure the interfaces on the PA-12E/2FE port adapter to use cut-through switching technology between interfaces within the same bridge group, use the cut-through interface command. To return each interface to store-and-forward switching, use the no form of this command.

cut-through [receive | transmit]

no cut-through

Syntax Description


receive

(Optional) Selects cut-through switching technology on received data.

transmit

(Optional) Selects cut-through switching technology on transmitted data.


Defaults

Store-and-forward switching technology

Cut-through

To configure the interfaces on the PA-12E/2FE port adapter to use cut-through switching technology between interfaces within the same bridge group, use the cut-through interface command. To return each interface to store-and-forward switching, use the no form of this command.

cut-through [receive | transmit]

no cut-through

Syntax Description


receive

(Optional) Selects cut-through switching technology on received data.

transmit

(Optional) Selects cut-through switching technology on transmitted data.


Defaults

Store-and-forward switching technology