Using Syslog while Studying in GNS3 (or indeed and cisco Lab)

I have been getting back in to my studying a lot lately and one thing I have found is the need to use a lot of debug commands so I can watch what is happening during things like routing updates and neighbour formation. One thing I do find though is that I am forever having to turn debug on and off, forgetting to do one or the other, and when it is on it clutters up the screen a breaks up the config I am entering making it difficult to read back.

Which got me thinking, I have used syslog servers a lot in the past, so why not send all the debugging out put to a syslog server and turn of logging to the console? This way I can have all the debugs in one place, and keep the console of the devices tidy so I can see what I am doing.

Now if you are doing this through GNS3 you will need a cloud connection so your PC can talk to your GNS3 network. If you are not sure how to do this there are lots of videos and walk though on the net, however the one below is one of the best I have found, very clear and complete.

How-To: Using the Cloud in GNS3 to Provide Internet Access from Matthew on Vimeo.

So once you have your cloud set up you then need to set up a simple GNS3 topology, Here I have set up 4 routers running OSPF connected through a switch as I am looking at the DR and BDR election process.

I have given R1 and R2 F0/1 address and, and the loopback adapter used by the cloud is Once the routers are booted and connected to the cloud, check they can ping the loop-back address (you may need to disable your fire wall on the loop-back connection.)

then of course you will need a SFTP server, in windows there are two good free choises, for a realy simple server that can run with out install try, simple but does all you need, just make sure you disable dhcp and other none necessaries services in the settings. For a more complete tool try, they have a free syslog server offering that allows filtering and more.

In either case set it up and insure it is listing on the loopback interface, in the case of TFTP32d this is simple a case of choosing the interface from the drop down list.

Finale we need to change the logging setting of R1 and R2 to direct debugging message to the syslog server and not to the console. Remember debug messages are level 7 so we need to set console logging to level 6 or lower and trap logging to level 7. the following code will do just this from global config mode.

#logging console 6
#logging trap 7

So now we can enable the debugging and reset the neighbour relation ships to see what it looks like.

From the console

So not much there apart from we see the neighbours bounce as I clear the OSPF process.

So how about on the syslog server?? 

So here are all our debug messages, for us to scroll through and review at our leisure, If you have something like Kiwicat syslog server you could filer them in to views, based on device that sent it, or text with in message, ect.

You need to make sure of course that you either have the device connected directly to the syslog server network, or it has a route to get there. Directly connected is always best of course as you will insure that as long as that interface on the device is up you will catch all messages. On real hardware simply use a spare switch or create a separate VLAN and do exactly the same thing.

I have found for large labs this works great, indeed for testing setups for clients its great as well. once you have insured the correct debugging is enabled you can walk though test scripts and plans, safe in the knowledge that you have a full detailed log of every thing that has happened.

Simple to set up and hopefully some of you will find it useful.


CCNP Route (Part 1, Subnetting Refresh)

OK back from a weekend away with wife and daughter, and before I get in to CCNP can I just say 4 month old babies are hard work. In the end she cried so much for her own bed we came home. Thank fully the beach is only an hours drive away, and as we where going to stay at the family owned bungalow, it just meant we came home and went back again the next day… She can never say I never do any thing for her :). All in all though a lovely weekend, Babies might be hard work but walking on the beach and her face as she saw the waves was great. 🙂 Makes me think I should post some pictures of here some time..

But now back to CCNP ROUTE.

I thought before I get in to the real core parts I would do a quick recap of subnetting, I know this is CCNP and really subnetting should be out the way by the CCNA, but I thought there was no harm in covering it again briefly.

Now in my view although there are many different “quick” methods to make subnetting “easy”, The best way to learn is the long hand method. This will teach you what and how subnetting works. Once you can subnet the long way with out problem, then the “quick” methods will make more sense and become useful. Also the long method out of all of them I think is the most logical and “simple” to learn. So lets go for it.

First you need to know what class of network you are working with. (If you just want to know the number of hosts, network and broadcast address in network when an given IP address a subnetmask then you can ignore this step. This step is important when you need to know the number of possible sub networks you can create or that will be available using a given subnet mask.

I would always start by writing out the class subnet address in binary, so.

CLASS A = 1 1 1 1 1 1 1 1 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0

CLASS A = 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0

CLASS A = 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 0 0 0 0 0 0 0 0

For the next steps we can discard any octet that contains only “1’s”, as these can’t change then any subnetting we do can not affect them.

We now need to decided what is important, the number of hosts the subnet or the number of networks we want to create. One very important thing to remember here is that when creating a network with  specific number host IP addresses, some of these are not usable by hosts placed in that subnet. There are the first IP in the range, as this will become the network address, and is used along with the subnet mask to identify a network. Also the last IP address in the range that will become the broadcast address of the network. (It is common practice to state the available hosts address in a given network as the IP address range minus 2).

Let’s start with an easy example by splitting up the Class C network in to 4 equal networks.

To begin with I would always suggest you write out the octet/’s you are interested in with the decimal and binary equivalents. As I said we can ignore the octets that are all 1’s from the class divided so all we need is the last octet. which in this case is all 0’s

Decimal = 128 . 64 . 32 . 16 . 8 . 4 . 2 . 1

Binary    =  0 .   0   .  0 .   0 .  0 . 0 . 0 . 0

As we want 4 subnets we first need to work out what binary number we can use that gives us the closest to 4. The subnet must be a continues run of 1’s,  so either 1, 11, 111, 1111, 11111, 111111, 1111111, 11111111. Remembering binary starts at 0, and converting these we get 2, 4, 8 ,16 ,32, 64, 128, 256. Wanting 4 we can chose the second one from above which is 11.

So now we can put it all together, remembering network bits take the left hand positions and host bits take the right hand positions. And that in the case of subnets, where there is a 1 in the mask the bit in the IP address can’t change and where these is a 0 it can. The next step is to write out the subnet mask and the possible subnets that can go with it. here we will write all 4 octets but as you will see the first 3 will not change due to the class address. Red indicates values come from original Class mask and Blue is the two bits we have borrowed. Fell free to convert 11000000 in to binary to see how we get the 192 for the subnet mask.

Subnet Decimal = 255 . 255 . 255 . 192

Subnet Binary = 11111111.11111111.11111111.110000

IP address Decimal = 192 . 168 . 10 . 0

IP Binary = 11000000 . 10101000 . 00001010 . 00000000

Now a subnet mask of 255 means that non of the octet can change, and the 11000000 will give us four possibilities for the last octet to have.

Network A = 11000000 . 10101000 . 00001010 . 00000000

Network B = 11000000 . 10101000 . 00001010 . 01000000

Network C = 11000000 . 10101000 . 00001010 . 10000000

Network D = 11000000 . 10101000 . 00001010 . 11000000

So taking network C we can convert it back to decimal and pairing it with the new subnet mask we have created we can start working out the range of IP address that will fall in to this network.

Network Binary = 11000000 . 10101000 . 00001010 . 10000000

Subnet binary    = 11111111 . 11111111 . 11111111 . 11000000

Remember where these is a 1 in the subnet the value in the IP address can’t change. So from this we can work out the range. The bottom value is the network address we have just written above with the 4th oct of 10000000, and the top value will be 10111111. Or in decimal 128 to 191.

So all togather we have.

Network address =

Subnet mask =

Broadcast address –

And possible host are address through to 190 which is 62 in total.

And that’s subnetting. All you need to remember is that subnet masks can only be one of 8 vlaues, 128, 192, 224, 240, 248, 252, 254, 255, and must always be borrowed from the left hand side.

If you are trying to get X number of networks or Y number of hosts. Start by working out the closest match you can from the numbers 2 , 4 , 8 , 16 , 32 , 64 , 128 , 256. If you cant get an exact match go up to the next highest. (in the cast of hosts remember to add 2 t accommodate the network can broadcast address). Once you make your decision simply convert that number to binary. And the number of binary bits that produces is the number you need to “borrow”, from the left for network and from the right for hosts.

Below is a list of all the subnets that can be created from a class C and B network. I find these are the most common you need and this can be hand to have above your desk for quick reference.

Sub-netting made easy

Above Sheet in PDF Format

Well  I hope that helps some people, and next its on with EIGRP.