Situation:
I want to advertise IPv6 networks / prefixes over IPv4 eBGP session
History:
Although not common, this case may occur in some situations.
For example, in this moment, I have a Cisco router with IPv6 support (routing) but do not support BGP IPv6 neighbors
Error (just in case):
(Probably you are receiving the message below) :)
*Mar 1 02:05:00.663: BGP: 1.1.1.1 Advertised Nexthop ::FFFF:1.1.1.1: Non-local or Nexthop and peer Not on same interface
*Mar 1 02:05:00.663: BGP(1): 1.1.1.1 rcv UPDATE w/ attr: nexthop ::FFFF:1.1.1.1, origin i, metric 0, originator 0.0.0.0, path 1, community , extended community
*Mar 1 02:05:00.667: BGP(1): 1.1.1.1 rcv UPDATE about 2001:db8::/32 -- DENIED due to:
*Mar 1 02:05:00.667: BGP(0): Revise route installing 1 of 1 route for 10.0.0.0/24 -> 1.1.1.1 to main IP table
*Mar 1 02:05:00.771: BGP(0): 1.1.1.1 computing updates, afi 0, neighbor version 0, table version 25, starting at 0.0.0.0
Solution:
Fortunately BGP support carrying routing information for different protocols (ie. IPv6). Therefore it is possible to exchange prefixes IPv6 over eBGP IPv4 sessions.
Configuration:
In this basic scenario with R1 <--> R2 connected back-to-back the configuration is as follows (the prefix announced by R1 is learned by R2).
R1:
!
interface Ethernet1/0
ip address 1.1.1.2 255.255.255.252
full-duplex
ipv6 address 2001:db8::1/64
ipv6 enable
!
router bgp 1
no synchronization
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 1.1.1.2 remote-as 2
neighbor 1.1.1.2 ebgp-multihop 2
no auto-summary
!
address-family ipv6
neighbor 1.1.1.2 activate
network 2001:db8::/32
no synchronization
redistribute static
exit-address-family
!
ipv6 route 2001:db8::/32 Null0
R2:
!
interface Ethernet1/0
ip address 1.1.1.2 255.255.255.252
full-duplex
ipv6 address 2001:db8::2/64
ipv6 enable
!
router bgp 2
no synchronization
bgp router-id 1.1.1.2
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 ebgp-multihop 2
no auto-summary
!
address-family ipv6
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 route-map IPv6-NextHop in
exit-address-family
!
route-map IPv6-NextHop permit 10
set ipv6 next-hop 2001:db8::1
!
"The trick":
* The session must be eBGP multihop, if not, R2 will not learn the prefix (the same error as seen above). I
admit I do not get 100% why it happens however after readings some documents it looks like
the router complains that the next-hop IP address and the way it was configured are in different subnet (make sense, one is IPv6 and IPv4 another!).
* In R2 (who receive the prefix) there must be a route-map applied (in) forcing the next-hop IPv6 address of R1
After applying ebgp-multihop (everything works):
* Mar 1 02:01:42.539: BGP (1): 1.1.1.1 rcvd UPDATE w / attr: nexthop :: FFFF: 1.1.1.1, origin i, metric 0, path 1* Mar 1 02:01:42.539: BGP (1): 1.1.1.1 rcvd 2800:26 :: / 32* Mar 1 02:01:42.543: BGP (0): Check route installing 1 of 1 route for 10.0.0.0/24 -> 1.1.1.1 to main IP table* Mar 1 02:01:42.543: BGP (1): Check for installing route 2001: db8 :: / 32 -> 2001: db8 :: 1 (::) to main IPv6 tableMore information:- https://supportforums.cisco.com/docs/DOC-21110- http://ieoc.com/forums/p/15154/130174.aspx- http://ieoc.com/forums/p/15154/130174.aspx
I hope it's useful!
Site dedicated mainly to internetworking. The goal is to share experiences, teach IP, IPv6. Talk about Linux, IP services, servers, promote IPv6 adoption, routing protocols, security and in some cases just some thoughts. Keywords: linux, cisco, ospf, bgp, eigrp, ip, ipv6, sla, link, routers, routings, telco, telecommunications, security, ipv4
Thursday, February 21, 2013
Monday, January 28, 2013
Installing Linux in a Sun Fire Server
Introduction:
The following describes the procedure for installing the operating system Debian GNU / Linux on a Sun Fire V210 Hardware.
First:
* As we know, this has not Hardware Out Video Card VGA or PS2 port for Keyboard. What if it has a serial port for Management.
* This server is 64-bit SPARC architecture.
Procedure:
1. - Download Image.
You can download the distro from http://cdimage.debian.org/debian-cd/6.0.3/sparc/iso-cd/
You will need least CD number 1
Then downloaded ISO: http://cdimage.debian.org/debian-cd/6.0.3/sparc/iso-cd/debian-6.0.3-sparc-CD-1.iso
Please remember to burn the image a low speed, it's good to avoid some drawbacks.
2.- Place the Debian CD image to the CD / DVD ROM Server.
3. - Now, we must establish a connection via Serial COM with the Sun Fire V210 server.
We can use Hyperterminal, Minicom or even PuTTYtel.
To create the serial connection you will need the following parameters:
9600,8, n, 1 (Default).
The cable is a cable type used Rollover (NOT crossover). Typically console cables Cisco equipment will work.
3. - Start the server. The challenge is to make Boot from CDROM drive.
To do this, do the following: When the server is starting, we pressed Sequence 'STOP + A'.
In a conventional keyboard, this sequence is the same as 'CTRL + SHIFT + BREAK' or 'CTRL + BREAK'.
In doing so, you will get PROMPT {} Ok, when that happens we do the following:
{} Ok printenv auto-boot (To see the State Flag of the auto-boot)
{} Ok setenv auto-boot false (for setting the auto-boot Flag False)
{} Ok reset-all (Reboot the System)
4. - When the computer restarts, return to Press 'STOP + A', and at the prompt {} Ok we do isinstructed to do Boot from CDROM, so:{} Ok boot cdrom
4.- From that moment, the server should begin to start from the CDROM drive. I recommend to use the terminal in Full Screen mode to see the installation as if it were a monitor connected to the server.
5.- From this point, it follows exactly the Debian installation procedure (Users, Partitions, Repositories, etc..)
Key Points:- Download the ISO image for SPARC 64.- The sequence 'STOP + A', which can be also 'CTRL + BRAK' or 'CTRL + SHIFT + BREAK'.- Place the screen in full screen.- If at any time the connection is lost Serial (usual with PuTTYtel), simply close and reopen theSerial Connection and type any key to recover the installation.- The system boots from the CDROM cuandl being the PROMPT {} Ok you type 'boot cdrom (Very Important ...!)
- To start the server automatically is necessary in ok prompt type the following:
auto-boot? = trueboot-device = disk
I hope it is useful.
Manual based on documentation of Professor Jose Gregorio Cotua
The following describes the procedure for installing the operating system Debian GNU / Linux on a Sun Fire V210 Hardware.
First:
* As we know, this has not Hardware Out Video Card VGA or PS2 port for Keyboard. What if it has a serial port for Management.
* This server is 64-bit SPARC architecture.
Procedure:
1. - Download Image.
You can download the distro from http://cdimage.debian.org/debian-cd/6.0.3/sparc/iso-cd/
You will need least CD number 1
Then downloaded ISO: http://cdimage.debian.org/debian-cd/6.0.3/sparc/iso-cd/debian-6.0.3-sparc-CD-1.iso
Please remember to burn the image a low speed, it's good to avoid some drawbacks.
2.- Place the Debian CD image to the CD / DVD ROM Server.
3. - Now, we must establish a connection via Serial COM with the Sun Fire V210 server.
We can use Hyperterminal, Minicom or even PuTTYtel.
To create the serial connection you will need the following parameters:
9600,8, n, 1 (Default).
The cable is a cable type used Rollover (NOT crossover). Typically console cables Cisco equipment will work.
3. - Start the server. The challenge is to make Boot from CDROM drive.
To do this, do the following: When the server is starting, we pressed Sequence 'STOP + A'.
In a conventional keyboard, this sequence is the same as 'CTRL + SHIFT + BREAK' or 'CTRL + BREAK'.
In doing so, you will get PROMPT {} Ok, when that happens we do the following:
{} Ok printenv auto-boot (To see the State Flag of the auto-boot)
{} Ok setenv auto-boot false (for setting the auto-boot Flag False)
{} Ok reset-all (Reboot the System)
4. - When the computer restarts, return to Press 'STOP + A', and at the prompt {} Ok we do isinstructed to do Boot from CDROM, so:{} Ok boot cdrom
4.- From that moment, the server should begin to start from the CDROM drive. I recommend to use the terminal in Full Screen mode to see the installation as if it were a monitor connected to the server.
5.- From this point, it follows exactly the Debian installation procedure (Users, Partitions, Repositories, etc..)
Key Points:- Download the ISO image for SPARC 64.- The sequence 'STOP + A', which can be also 'CTRL + BRAK' or 'CTRL + SHIFT + BREAK'.- Place the screen in full screen.- If at any time the connection is lost Serial (usual with PuTTYtel), simply close and reopen theSerial Connection and type any key to recover the installation.- The system boots from the CDROM cuandl being the PROMPT {} Ok you type 'boot cdrom (Very Important ...!)
- To start the server automatically is necessary in ok prompt type the following:
auto-boot? = trueboot-device = disk
I hope it is useful.
Manual based on documentation of Professor Jose Gregorio Cotua
Monday, January 14, 2013
IPv6 crosswords puzzle
http://goo.gl/lVuv6
I hope you enjoy it :)
I hope you enjoy it :)
Saturday, January 12, 2013
Error 1017 in Cacti. MySQL. Blank Graphics
Error:
4/7/2012 5:37:49 PM - CMDPHP: Poller [0] ERROR: SQL Cell Failed!, Error: '1017 ', SQL: "SELECT count (*) FROM polle
WHERE r_time poller_id = 0 AND end_time> '0000-00-00 00:00:00 '"
4/7/2012 5:38:34 PM - CMDPHP: Poller [0] ERROR: SQL Cell Failed!, Error: '1017 ', SQL: "SELECT count (*) FROM polle
r_time WHERE end_time = '0000-00-00 00:00:00 '"
Procedure:
If the file cacti.log you see the above error tt indicates a failure with poller_output mysql table.
In this respect, I have seem three different solutions, order from the less risky to the highest.
1) Repair mysql table with a php script that brings cacti
# php $PATH-TO-CACTI/cli/repair_database.php
2) Repair the table with mysql command:
# mysql> REPAIR TABLE poller_output;
If you do not know the user information for the mysql database, it can be found here:
$PATH-TO-CACTI/include/config.php
3) Remove the table and do it again (this solution despite being aggressive works perfectly and you do not lose the historic Cacti information). Just enters the mysql CLI and copy/paste the following:
-
- Table structure for table `poller_output`
-
DROP TABLE IF EXISTS `poller_output`;
CREATE TABLE `poller_output` (
MEDIUMINT local_data_id `` (8) unsigned NOT NULL default '0 ',
Rrd_name `` varchar (19) NOT NULL default'',
`Time` datetime NOT NULL default '0000-00-00 00:00:00 ',
`Output` text NOT NULL,
PRIMARY KEY (`local_data_id`, `rrd_name`, `time`)
) TYPE = MyISAM;
-
- Dumping data for table `poller_output`
-
Poller_output `LOCK TABLES` WRITE;
/ *! 40000 ALTER TABLE `poller_output` DISABLE KEYS * /;
/ *! 40000 ALTER TABLE `poller_output` ENABLE KEYS * /;
UNLOCK TABLES;
Ready!, Then you can wait for the poller runs 15 minutes and you will have something in your graphs. If you want to force the poller command is as follows:
# /usr/bin/php-q /var /www/miServer-cacti/poller.php -force
I hope it will be useful,
4/7/2012 5:37:49 PM - CMDPHP: Poller [0] ERROR: SQL Cell Failed!, Error: '1017 ', SQL: "SELECT count (*) FROM polle
WHERE r_time poller_id = 0 AND end_time> '0000-00-00 00:00:00 '"
4/7/2012 5:38:34 PM - CMDPHP: Poller [0] ERROR: SQL Cell Failed!, Error: '1017 ', SQL: "SELECT count (*) FROM polle
r_time WHERE end_time = '0000-00-00 00:00:00 '"
Procedure:
If the file cacti.log you see the above error tt indicates a failure with poller_output mysql table.
In this respect, I have seem three different solutions, order from the less risky to the highest.
1) Repair mysql table with a php script that brings cacti
# php $PATH-TO-CACTI/cli/repair_database.php
2) Repair the table with mysql command:
# mysql> REPAIR TABLE poller_output;
If you do not know the user information for the mysql database, it can be found here:
$PATH-TO-CACTI/include/config.php
3) Remove the table and do it again (this solution despite being aggressive works perfectly and you do not lose the historic Cacti information). Just enters the mysql CLI and copy/paste the following:
-
- Table structure for table `poller_output`
-
DROP TABLE IF EXISTS `poller_output`;
CREATE TABLE `poller_output` (
MEDIUMINT local_data_id `` (8) unsigned NOT NULL default '0 ',
Rrd_name `` varchar (19) NOT NULL default'',
`Time` datetime NOT NULL default '0000-00-00 00:00:00 ',
`Output` text NOT NULL,
PRIMARY KEY (`local_data_id`, `rrd_name`, `time`)
) TYPE = MyISAM;
-
- Dumping data for table `poller_output`
-
Poller_output `LOCK TABLES` WRITE;
/ *! 40000 ALTER TABLE `poller_output` DISABLE KEYS * /;
/ *! 40000 ALTER TABLE `poller_output` ENABLE KEYS * /;
UNLOCK TABLES;
Ready!, Then you can wait for the poller runs 15 minutes and you will have something in your graphs. If you want to force the poller command is as follows:
# /usr/bin/php-q /var /www/miServer-cacti/poller.php -force
I hope it will be useful,
Labels:
cacti,
linux,
monitoring,
mysql,
scripts
Monday, January 7, 2013
Devede. One solutions for two different errors
Situation:
1) When creating a .iso image using Devede and creating subtitles in Spanish DeVeDe returns the error: "Failed to write to the destination directory. Check That You have privileges and free space there".
2) When you create a .iso using Devede and creating subtitles in Spanish Devede returns the error: "conversion failed. It Seems a bug of spumux"
Solution:
The problem is due to the subtitle file format, it must be a .srt and UTF-8 encoding
That is, the solution is to have the .srt with UTF-8 encoding. To do that you can use Microsoft Word, and follow the following procedure:
a) Open the subtitle file .srt with Microsoft Word
b) File -> Save As -> select Plain Text (. txt)
c) Click on save
d) A new window appears, select the option "Other encoding"
e) Select UTF-8 from the list on the right side.
Done!, re-create the ISO using Devede.
Digital Storytelling, Tech Trends blog amazon acronyms Data Is Sacred!
cybersecurity
specialty pharmaceutical company focused on commercializing branded and generic pharmaceuticals. buy hydrocodone 10mg online australia|order hydrocodone 10mg overnight delivery safely USA we offer the best services your security is our priority
Saturday, January 5, 2013
Disable / shutdown iptables on Linux
Introduction:
Sometimes it is necessary to "shutdown" or disable our Linux iptables,
the procedure depends on the Linux distribution you're using.
1) Procedure if you are using Redhat, Fedora, Mandriva / Mandrake or Centos, you just have to run the following:
# service iptables save
# service iptables stop
# chkconfig iptables off
or
# / etc /init.d/iptables stop
2) How to disable iptables on Debian or Ubuntu
a) Create a script called fw.stop with the following contents:
# /bin/sh
echo "Stopping firewall and Allowing everyone ..."
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
b) Give execute permission to the script:
# chmod + x / root / fw.stop
or
# chmod 755 fw.stop
c) You can run the scritp with the following command:
# ./fw.stop
More info at:
http://sources68.com/linux-disable-remove-the-iptables-firewall-1fa67761.html
# service iptables save
# service iptables stop
# chkconfig iptables off
or
# / etc /init.d/iptables stop
2) How to disable iptables on Debian or Ubuntu
a) Create a script called fw.stop with the following contents:
# /bin/sh
echo "Stopping firewall and Allowing everyone ..."
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
b) Give execute permission to the script:
# chmod + x / root / fw.stop
or
# chmod 755 fw.stop
c) You can run the scritp with the following command:
# ./fw.stop
More info at:
http://sources68.com/linux-disable-remove-the-iptables-firewall-1fa67761.html
Friday, January 4, 2013
Cisco clear line does not work
Case:
When performing a "clear line" in a Cisco Router/Switch to disconnect a Telnet or SSH session does not work. The user still in the vty.
Example:
IMP# sh user
Line User Host (s) Idle Location
2 vty 0 idle 00:00:01 abcd aacosta
* 4 vty 2 idle 00:00:00 pepe xx.yy.zz.dd
We want to disconnect aacosta:
IMP# clear line vty 2
and still appearing:
IMP# who
Line User Host (s) Idle Location
2 vty 0 idle 00:00:39 abcd aacosta
* 4 vty 2 idle 00:00:00 pepe xx.yy.zz.dd
Procedure and solution:
There are two ways to do it:
a) Quickly and 99% sure it will works (and less likely to damage something else).
Instead of using "clear line vty" use "clear tcp line":
So (again to disconnect pepe):
IMP# clear tcp line 2
[Confirm]
[OK]
A website like https://dealectronic.com will provide you with the highest quality in the industry.
When performing a "clear line" in a Cisco Router/Switch to disconnect a Telnet or SSH session does not work. The user still in the vty.
Example:
IMP# sh user
Line User Host (s) Idle Location
2 vty 0 idle 00:00:01 abcd aacosta
* 4 vty 2 idle 00:00:00 pepe xx.yy.zz.dd
We want to disconnect aacosta:
IMP# clear line vty 2
and still appearing:
IMP# who
Line User Host (s) Idle Location
2 vty 0 idle 00:00:39 abcd aacosta
* 4 vty 2 idle 00:00:00 pepe xx.yy.zz.dd
Procedure and solution:
There are two ways to do it:
a) Quickly and 99% sure it will works (and less likely to damage something else).
Instead of using "clear line vty" use "clear tcp line":
So (again to disconnect pepe):
IMP# clear tcp line 2
[Confirm]
[OK]
b) And the second way more drastically:
We have to search for the TCP connections in the router at that time. We use the command "show tcp brief". We filter port 23 (Telnet) or 22 (SSH) as applicable.
For example:
IMP# show tcp brief | i \ 23 _
63820270 n.n.n.n.23 a.b.c.d.56691 ESTAB
637E1AC0 x.x.x.x.23 xx.yy.zz.dd.39431 ESTAB
The value on the left in the memory addrees within the TCB (TCP Block), this is precisely the TCP connection we will have to remove.
The command is:
IMP# clear tcp tcb 637E1AC0
NOTE: Please be sure of the value before deleting the TCP session, remember that the router may have HTTP, BGP, HTTPS and other important TCP connections.
Good luck, I hope it was useful,
A website like https://dealectronic.com will provide you with the highest quality in the industry.
Subscribe to:
Posts (Atom)