Using Syslog while Studying in GNS3 (or indeed and cisco Lab)

I have been getting back in to my studying a lot lately and one thing I have found is the need to use a lot of debug commands so I can watch what is happening during things like routing updates and neighbour formation. One thing I do find though is that I am forever having to turn debug on and off, forgetting to do one or the other, and when it is on it clutters up the screen a breaks up the config I am entering making it difficult to read back.

Which got me thinking, I have used syslog servers a lot in the past, so why not send all the debugging out put to a syslog server and turn of logging to the console? This way I can have all the debugs in one place, and keep the console of the devices tidy so I can see what I am doing.

Now if you are doing this through GNS3 you will need a cloud connection so your PC can talk to your GNS3 network. If you are not sure how to do this there are lots of videos and walk though on the net, however the one below is one of the best I have found, very clear and complete.

How-To: Using the Cloud in GNS3 to Provide Internet Access from Matthew on Vimeo.

So once you have your cloud set up you then need to set up a simple GNS3 topology, Here I have set up 4 routers running OSPF connected through a switch as I am looking at the DR and BDR election process.

I have given R1 and R2 F0/1 address 192.168.10.10 and 192.168.10.20, and the loopback adapter used by the cloud is 192.168.10.254. Once the routers are booted and connected to the cloud, check they can ping the loop-back address (you may need to disable your fire wall on the loop-back connection.)

then of course you will need a SFTP server, in windows there are two good free choises, for a realy simple server that can run with out install try, http://tftpd32.jounin.net/tftpd32.html simple but does all you need, just make sure you disable dhcp and other none necessaries services in the settings. For a more complete tool try http://kiwisyslog.com/, they have a free syslog server offering that allows filtering and more.

In either case set it up and insure it is listing on the loopback interface, in the case of TFTP32d this is simple a case of choosing the interface from the drop down list.

Finale we need to change the logging setting of R1 and R2 to direct debugging message to the syslog server and not to the console. Remember debug messages are level 7 so we need to set console logging to level 6 or lower and trap logging to level 7. the following code will do just this from global config mode.

#logging 192.168.10.254
#logging console 6
#logging trap 7

So now we can enable the debugging and reset the neighbour relation ships to see what it looks like.

From the console

So not much there apart from we see the neighbours bounce as I clear the OSPF process.

So how about on the syslog server?? 

So here are all our debug messages, for us to scroll through and review at our leisure, If you have something like Kiwicat syslog server you could filer them in to views, based on device that sent it, or text with in message, ect.

You need to make sure of course that you either have the device connected directly to the syslog server network, or it has a route to get there. Directly connected is always best of course as you will insure that as long as that interface on the device is up you will catch all messages. On real hardware simply use a spare switch or create a separate VLAN and do exactly the same thing.

I have found for large labs this works great, indeed for testing setups for clients its great as well. once you have insured the correct debugging is enabled you can walk though test scripts and plans, safe in the knowledge that you have a full detailed log of every thing that has happened.

Simple to set up and hopefully some of you will find it useful.

DevilWAH

Running Unbuntu as a Diskless system.

Full Instructions from Unbuntu

Well the first question you might ask is why?

  1.  Allows you to boot a system to a second OS leaving the host hard drive untouched, this is similar to a duel boot but rather than having to set up duel boot on every device, you only need them all to have network boot enabled, and can manage the rest from a central server.
  2. Allows several hosts to boot from the same file system, very useful for some thing like “folding at home” where you might want to uses the resources of a users PC when they are away (out of hours) but do not want to have to install on to there profiles/OS. Changing the single file system updates every machine.
  3. You can build up mutiply images on the server, each streamlined for a specific job, and simply chose which one to boot to ad-hoc.

In my case I have used this for two purposes, first to run a computer cluster for disease modelling using a system called Condor, booting 16-20 users desktops to a single network image and using them to run models of disease spread for scientific papers.

And now more recently I have used the same principle for creating a GNS3 lab. I have several old laptops, as well as wife’s PC and even an old server. While at work I have access to servers and other lab equipment. I am not able to install Dynamips (GNS3’s back end), on to them all, and even if I could GNS3 runs far more stable on Linux than windows and I can’t guarantee other people will not uninstall or do any thing else that would stop it working.

The basic steps are to install Linux to a single machine, after which you copy this FS to your Server. (you need a server that supports PXE booting, TFTPD, NFS, and DHCP with PXE support)

And second set up your DHCP server to pass the name of the tftp serve along with the location on this server for a boot file.

Now there are more steps and the walk through above is a complete detailed process to get it up and running. If you have a few old boxes around you don’t know what to do with it fun to play with.  And will really help you learn the Linux FS.

DevilWAH

 

What a year!

Well its has been busy, and although I haven’t managed to post much I have managed to learn a lot this year (even if I haven’t completed my CCNP).

A lot of my time has been spent learning to script and have written a few application in the fllowing now. C#, VBA, VB.net, and perl. IF you want to get in to admin postitions I strongly suggest learning a scripting language. They all do the same thing so once you have learnt one you will find the rest easy to pick up. But they can save so much time, take away the “boring” jobs and just generally make you look good. Currently I am working on a full blown config generation tool, which once finished will turn a 2hr job in to a 5 minute one.

Apart from scripting, F5 load balancing and some fire wall stuff is where the rest of my time has gone. Oh and more recently setting up a VMware environment for lab purposes. In fact I want to right a post about setting up GNS3 using multiply load balanced external hyper-visors. of loading the process of the router emulation to a few Linux boxes allows you to create some complex network with out the issue of slowing down your desktop/laptop. So over Christmas I will post how to set up an unbuntu server, to run the Dynimaps as a demon so you can easly start and stop it. And how to set up GNS3 on your desktop machine to run them.

In a later post I will show you how to set up diskless unbuntu system. This is a great way to run identical instances of unbuntu all from the same network share/file system. This is an ideal way to run the dynamips hypervisors and allows you to use a machines resources with out affecting its install OS. Imagen booting from a Linux live cd across the network, set up exactly how you want it.

Aside from this it been about my daughter this year, this year has been truly amazing to see her grow. Watching the personality develop and her mind learning and expanding is the most fascinating and wonderful experience I have even known. 2011 has been a good year, and am looking forward to continuing in to 2012.

But 2012does come with the target of finishing CCNP and diving back head first in to CISCO. Hope every one else has had a good year and wishing you all a very merry christmas and a relaxing new year with friends and family.

DevilWAH

I need to learn more C#

Been playing around with it a lot, but come to the conclusion that I need to learn a bit more out of a book, than just using google and Microsoft sites. To be fair not done badly just a few areas I have been working on lately the code is a bit messy and I know there must be a better way to do it. So to help me on my way I have done two things.

Number one. Brought a Kindle, or to be more accurate my wife has got me one, just awaiting its arrival.

Number two. Getting hold of “Headfirst in to C#” and a few other C# books for it.

Hopefully by the end of this week I will have achieved the following in my application.

  1. Added controls to the output form for “Next config” and “Cancel”, Plus a button to copy to clipboard or download to file.
  2. Added the ability to create a single output from multiply lines in the entry form, and ability to chose a single line and out put only that config.
  3. After that I will be adding a header and footer section to the templates, that will all user to enter varibles aht are to be standard to all configs. Things like company information, user name, date, etc.

All simple stuff but just making sure it do it right now so when it comes to updating later it is all nice and clear. All about adding controls at run time at the moment and making sure its done in the most efficient way.

ConfGen update.

Spent quite a bit of time lately with this, the more I get in to C# the more impressed I become, I use to think that C# and .NET where only for people who couldn’t learn C++, but now I see the point. C++ is fun to learn, but it is very involved and I know I would be no where near as far along with this if I had decided to go down that route. OK C# requires the .NET framework to be installed on the client machine, but as for as developing goes it hit a nice sweet-spot, between the simplicity of VB, and the maze of C++. I would definitely suggest any one wanting to develop Window based applications to have a look.

As for ConfGen made a number of changes to the code to add some more functions, but still got lots more to do, see the ConfGen Page above for more details. This really is the middle application in terms of the long term goal. I also want to produce a tool that will build configs from scratch based on users specification, and a final implementation tool to deliver configuration to devices.

Also it looks like soon I should have a bit more time at work so CCNP study will be back in the picture. Thinking maybe to buy a Kindle and get the CCNP Foundation Guide as an Ebook, the hard back is just to heavy to lug around, so having it to hand on the Kindle for any spare time i get would be great.

Anyway back to some more coding now.

DevilWAH

Continuing in to C# and Automation.

So still not had much time to be studying CCNP, but have been getting my hands dirty on C# around the automation of generating configuration for cisco devices.

As mentioned before part of my job is change management which means a lot of repetitive configurations. In the past the tools I have written in VB and Excel have been limited to a single master config, what I decided was needed was a tool that could take a generic config written in notepad or other simple text editor and present the variables to the end user in a friendly form, for them to complete and generate the config.

Confgen

Screen shot of early version of Confgen

This is currently has a simple template loaded for changing the vlan and description of a port and enabling / disabling it. But the application is flexible to be able to take any length or complexly of config you can enter.

There are still lots of things to tidy up,

currently only the first row of variables entered can be parsed in to a complete script, I also want to eventually use a word template to give a professional output for the final script. And have a menu driven system that will look for files in a specified folder at start up and load them ready to be picked by the end user.

However its a start and the core of the application is working. I would say its still very much a Beta version, but am hoping over the coming weeks and months to develop it in to a much more compete tool. A few bugs to resolve and functions to add but I hope it gives people an idea of what i am looking achieveive.

I also have a stage 2 idea to add to this that will make it even mousefulull for new deployments to build up complex configurations, as well as these simple snipits.

If any one wants to try it out the zip file is below, simple extract to a folder and run, file >> open. to open the included example. (you will need .net version 3.5 framwork installed to run it)

Confgen

Please play around and let me know what you think.

Edit: added page to site to keep track of this tool and its development, see above.

DevilWAH

OK back for another shout

Well work still busy, and still struggling to find the time to study for my ROUTE exam. But that does not mean I have been doing nothing.

Work sent me on my ITIL Foundation course last week and please to say I passed, so thats one more string to the bow. I was suprised it was a lot more intresting that I thought, and while it still was in my view ‘common sence’. seeing it all togather with all the termonology, does mean I can now look back on some conversations I have had in the past and make some sence of them. For any one looking to get in to the managed service side of things, or wants a foot in the door for such company, it going to be a good cert to have.

The other thing that has been keeping me away from the CCNP is learning scripting and c#. I have already talked about writing some VB scripts to control Secure CRT. but of course to do this you need CRT installed on the PC in the first place. So taking it one step further I started looking at SecureCRT client pack, this is a instulation, that once installed on a PC, you can then call the functions when programing in any .net language, such as VB.net or C#.net This gives much more control over the application and gives the end user a much cleaner interface to use. However you still need to have the client pack installed and this costs money and the hassle of instulation.

So my next stop was Sharp SSH , this is a free SSH libuary with some simmler funcanality to the SecureCRT function pack (for what I want) and allows eaiser distribution of the final aplication.

So after a few steps, and lots of playing around, I now have the core understanding I need to start creating my vision. So as well as working on my CCNP, looking after my Daugher, and atempting to move house. Not forgetting the extra hours that come from managing at work. I am working on creating an application that will allow you to create a libruay of scripts you wish for CISCO IOS/CATOS devices. Including any pre / post checks you require and how to ack on there out comes, Plus allow you to define any varibles that will change between runs. Then allow you to feed in the varibles at run time (either manualy or via a bulk method), and carry out the work completely automated.

Really this is jsut a project for me to learn some more in depth scripting / programing, but as people who carry out mutiply changes, this can often be a repetive job, so I am hoping once complete I will end up with a tool that is very useful for my current postition.

So if you wondered where I was thats about sums it up. Life is great just very busy, and just waiting to get our house sorted, then I will be setting up a nice quiet area to study and getting stuck right back in to CCNP and getting back in to updating and adding to this blog.

night all

DevilWAH

PS. Oh and Miss Lilith is now walking, from bum shuffling to walking has taken less than 10 days, and not only is she walking but climbing to!! she is very proud to show how she can climb on to the couch, and thinks it is very funny to give Mum and Dad heart attacks by almost falling. But its a great time and wonderful watching her grow. being waved good bye to in the mornings, and greated with a huge smile and laughter when I get home, make life very special at the moment. :)

VB again

Well again its been a while since I posted, and once again I have been sidelined from CISCO studies.

A few weeks back I was asked to audit 1500 ports for a client, so thre was no way I was doing that by hand, I am a manger after all you know ;). But it was a great excuse to great a bit of scripting experience in scripting / programming.

Secure CRT has great scripting support and after a few hours playing around I had a script that can read from an excel spread sheet and carry out a list of checks and record the results.

1500 ports spread over 260 devices = 15 min, compared to the 20hr + I worked out it could have taken by hand including preparing the report.

But this lead me a bit further, what would be nice is a program that you could input any amount of code, where varibles where highlighted like.


conf t
int ***port***
description ***des***
speed ****speed****

along with a spread sheet that contained columns containing the variables, and the program could loop through the rows implementing each line as it goes.

In my job there is the potential of having to implement the same config on multiply devices with different values (ie assign ports to vlans)

So for the last few weeks, VBA, VB script and C# have been taking up my life, its been great fun and while maybe not my CCNP still good skills to have as a network engineer to be able to automate things and increase throughput.

hope to be back soon with more updates…

On and other news…. Lilith was one at the weekend, happy birthday my beautiful little girl, you are and angel and very much loved by me and your mum :) XX

DevilWAH

CCNP SWITCH EXAM

Well I was going through emails a few weeks back and came across an email for cisco with an exam voucher for the switch exam. (from back last year when the exam crashed on me). Checking it out the date was 17th march!!! (today).

With new job and baby, i havent had much time to study, as the lack of posts should tell you. But rather than wast the voucher i booked the exam and dusted of the books. After 2 weeks of sporic studying i sat the exam.

I think i might of actuly punched the air when i saw i passed at the end!!! And actuly with a half decent score.

But even better I now feel like i have the bug again, work has taken me in a slightly different direction. Still network but managment and not quite as hands on. Time to change that I and get CCNP done and dusted.

Hope that will also mean more posts as well. :)

Take care all

DevilWAH

A bit of perl while I’ve been away (Always including some CISCO of course).

Well no matter how many times I head back to post just lately I have never had the time. Studying been put on hold, house move on hold, and working falt out at the new job, but I have to say it has been fun.

Like I say not much studying done, but I have been playing with perl scripting latley. So rather than post nothing I thought I would share the results with you.

At work one of my teams jobs is to provision ports and reclaim ports on switchs. we basicaly write scritps during the day and then batch implement at night. So to make things a bit simpler, (and casue I was bored) I wrote a little web page using perl scripting as the back end.

Now I know I could use client side scripting to get a neater effect, and / or a stand alone program. But one thing about this was I wanted it as client friendly as possible, so decided to go for a web interface. And I have been meaning to learn a scripting language for ages so this seemed an good opportunity.

The web page is in two parts, one for provisioning ports and a second for reclaims, both can handle CATOS and IOS configs

They both still need some tidying up and I want to add some better functions to them soon, but Just so you don’t think i have disappeared here’s the link is you want to try them out. :) (they link to each other)

Port provisioning script

The reason it is set out as it is, is that for my job servers are duel link to two switch, so for each script we are provisioning 3 or 5 ports per server mostly. Also the second switch is normally a mirror of the first, so by ticking the copy check box you only then need to fill in the interface on the second switch, the vlan, speed, duplex, ilo (integrate lights out for use when server crashes to remote reboot and get access to the bios) and sub-net information will be copied from the first switch. Port description as set to the name of the server configured.

I want to put some error checking in the webpage so users can’t skip filling in fields, and then expand to allow users to alter the number of switch / interfaces on the fly.

But for now it seems to work OK, and definitely speeds up or scripting tasks.

Let me know what you think :) If you have any suggestions or would like to see the source code let me know. If you wold like a bit more in depth of what I did may be i can do a follow up artical at some point.

Cheers

DEVILWAH.

PS. little baby is doing great. 9 months old and I finaly understand what people mean when the say how life changing having a baby is! Miss Lilith as she is know in our house is laughing smiling and generaly making my life great. Can’t wait for the warm weather to take her out more :)