IP Networks | Tech Blog

Wireshark 1.2.0 is now available

Wireshark 1.2.0 has been released and it’s available for download. This is suppose to be a major release according to the developer’s website, as the previous version is 1.0.8. Some new features, from the official Wireshark website, regarding the new version you can find below:

New and Updated Features

The following features are new (or have been significantly updated) since version 1.0:

Wireshark has a spiffy new start page.
Display filters now autocomplete.
A 64-bit Windows (x64) installer is now provided.
Support for the c-ares resolver library has been added. It has many advantages over ADNS.
Many new protocol dissectors and capture file formats have been added (see below for a complete list).
Macintosh OS X support has been improved.
GeoIP database lookups.
OpenStreetMap + GeoIP integration.
Improved Postscript® print output.
The preference handling code is now much smarter about changes.
Support for Pcap-ng, the next-generation capture file format.
Support for process information correlation via IPFIX.
Column widths are now saved.
The last used configuration profile is now saved.
Protocol preferences are changeable from the packet details context menu.
Support for IP packet comparison.
Capinfos now shows the average packet rate.
GTK1 is no longer supported. (Yes, this is a feature.)
Official Windows packages are now built using Microsoft Visual C++ 2008 SP1.

New Protocol Support

Anything in Anything Protocol, ATM PW, N-to-one Cell Mode, B.A.T.M.A.N. Layer 3 Protocol, BACnet MS/TP, BSS LCS Assistance Protocol, Canon BJNP, CESoPSN basic NxDS0 mode (no RTP support), Charging ASE, Cimetrics MS/TP, DECT Protocol, Digital Private Signalling System No 1 Link Layer, DOCSIS Mac Domain Description, DOCSIS Registration Request Multipart, DOCSIS Registration Response Multipart, DOCSIS Synchronisation Message, E100 Encapsulation, EHS, Enhanced Variable Rate Codec, Ethernet Global Data, Ethernet PW, Exchange 2003 Directory Request For Response, Far End Failure Detection, FCoE Initialization Protocol, GOOSE, GPEF, GPRS Tunneling Protocol V2, GSM A-I/F COMMON, GSM A-I/F GPRS Mobility and Session Management, GSM SACCH, GSM Um Interface, HDLC PW, FR port mode (no CW), HDLC-like framing for PPP, IEC 60870-5-104,Apci, IEC 60870-5-104,Asdu, IEEE 802.15.4 Low-Rate Wireless PAN non-ASK PHY, IEEE C37.118 Synchrophasor Protocol, Intelligent Platform Management Interface (Session Wrapper), Inter-Integrated Circuit, Internal TDM, IPSICTL, ISMACryp Protocol, iWARP Direct Data Placement and Remote Direct Memory Access Protocol, iWARP Marker Protocol data unit Aligned framing, Kontiki Delivery Protocol, LANforge Traffic Generator, Layer 1 Event Messages, Lb-I/F BSSMAP LE, LeCroy VICP, Link Access Procedure, Channel Dm (LAPDm), Local Download Sharing Service, LTE Radio Resource Control (RRC) protocol, MAC-LTE, Memcache Protocol, Mesh Header, MP4V-ES, Nasdaq TotalView-ITCH, Nasdaq-SoupTCP version 2.0, NAT Port Mapping Protocol, Netdump Protocol, Non-Access-Stratum (NAS)PDU, PacketLogger, Paltalk Messenger Protocol, PDCP-LTE, PW Associated Channel Header, PW Ethernet Control Word, PW Frame Relay DLCI Control Word, PW MPLS Control Word (generic/preferred), Real-Time Publish-Subscribe Wire Protocol 2.x, Remote Packet Capture, RLC-LTE, SAToP (no RTP support), SERCOS III V1.1, SIMULCRYPT Protocol, Subnetwork Dependent Convergence Protocol XID, Teamspeak2 Protocol, TTEthernet, TTEthernet Protocol Control Frame, Turbocell Aggregate Data, Turbocell Header, TURN Channel, Unreliable Multicast Inter-ORB Protocol, VCDU, Wave Short Message Protocol(IEEE P1609.3), Wireless Access Station Session Protocol, Wireshark Expert Info, World of Warcraft, Xpress Transport Protocol, ZigBee Application Framework, ZigBee Application Support Layer, ZigBee Device Profile, ZigBee Encapsulation Protocol, ZigBee Network Layer, Zipped Inter-ORB Protocol, ZRTP

New Capture File Support

Apple Bluetooth PacketLogger, Daintree’s Sensor Network Analyzer, dct3trace, Pcap-NG, TNEF (yes, those silly winmail.dat attachments)

You can download the last version from the official Wireshark download page

3G Solutions for Cisco Integrated Services Routers

[flashvideo filename=https://ipnet.xyz/vid/archive/2009/06/3GforCiscoIntegratedServicesRouters.flv image=https://ipnet.xyz/vid/archive/2009/06/3GforCiscoIntegratedServicesRouters.jpg /]

Cisco: OSPF conditional inject of a Default Route

I believe most of you are familiar how OSPF is injecting a default route in a normal area. If not, you can find here all the documentation that you need. Please be familiar with this concept before reading this article.

Now, let’s assume that we have the following topology (click on image to have a more detailed view) :

As you can see we have a BGP peering between PE and CE router, with CE router having and OSPF connection with the Core. CE router is injecting a default route to Core:

router ospf 1
default-information originate always

This configuration is OK, but we can run into the following issue. Imagine that for some reason the BGP peering between PE and CE is broken (e.g. line being down), the CE router will have no clue about this and will still propagate the default route to the Core. In this situation, the Core will still forward all the packets without specific route to CE where it will have no further route to reach the destination, as the CE does not receive any route from the BGP peer. As you can imagine is better to avoid this situation, especially if for some reasons you are not monitoring the connection between PE and CE and you cannot react to change manually the route in case of a failure. We are lucky because some smart engineers have developed a solution to avoid this problem, called Conditional inject of a default route in OSPF.

With this solution, OSPF is monitoring the reachability of the point-to-point IP connection between PE and CE. When OSPF process on CE router notice that the IP connection is not available anymore, it automatically retract the propagation of the default route to the Core. The solution is simple an assume use of an ACL or prefix-list then match this on a route-map and finally use this route-map under “router ospf” process. For step-by-step configuration check below.

First we will create and ACL matching the IP subnet between PE and CE. In this example I’m using a p2p subnet 10.10.10.0 /30:

access-list 1 permit 10.10.10.0 0.0.0.3

Then I will match this into a route-map as follow:

route-map WAN-LINK permit 10
match ip address 1

Finall, we will use this route-map to implement the OSPF conditional injection of default route to Core router (192.168.0.0 /30 is the p2p IP subnet between CE and Core):

router ospf 1
log-adjacency-changes
network 192.168.10.2 0.0.0.0 area 0
default-information originate always route-map WAN-LINK

Now, the OSPF process on CE will inject a default route to the Core as long as the IP subnet between CE and PE is reachable.
IMPORTANT NOTE: This solution might not work if your connection from CE to PE is Ethernet and not Serial like in the example. I will explain why on the next post, when I’ll achieve the same behavior but using EEM together with an Ethernet based connection instead of a Serial one.

Please check below to see a small presentation how this is working on a test environment:

Cisco Hosts Investor Webcast: Consumer Strategy

Source: http://newsroom.cisco.com

June 15, 2009 – Cisco will host a webcast for the financial community with a corresponding slide presentation to discuss the company’s Consumer strategy, highlighting its consumer vision, market opportunity and expansion of its portfolio.

Who: co-hosted by Cisco executives, Ned Hooper, senior vice president of Corporate Development and Consumer, and Guido Jouret, vice president, chief technology officer of the Emerging Technologies Group. Following a brief presentation, a question & answer session will be held.

No previously unannounced issues will be discussed in this webcast.

Date: Tuesday, June 16, 2009

Time: 2:00pm PT

Listen and watch via the Internet:
Please listen to the webcast online at http://www.cisco.com/go/investors. We will offer live and replay audio broadcast of the conference call, with synchronized slides, on this website.

RSVP:
No RSVP is necessary

Cisco: How to determine the serial number of hardware components

cisco-serial-numbers Some days ago I had to check for the serial number of a faulty fan tray that need to be exchanged in C6500 series. Now most of you I believe know the commands “show version” or “show hardware” which will get all the information that you need most of the time, but not always. I decided to put in this post some useful commands to identify the Cisco hardware components and their respective identifiers (serial nnumber) on different platforms.

I will use for my example a C6500 series switch, because this support most of the commands that I know. Also the real serial numbers will be stripped out and replace with a fake one, as I don’t want this to be used by third parties.

show version – Any network administrators who work with Cisco devices are more than likely familiar with the show version command. The most common use of this command is to determine which version of the Cisco IOS a device is running, but this command also offers different usesful information like the IOS version, ROM bootstrap, uptime, RAM quantity, FLASH capacity and many more. Coming back to our topic from this post, show version ouput the Processor board ID which should be the same serial number like the one printed on a sticker on the back of the Cisco device. This is also used as the device serial number in any service contract that you might have. You can see below an excerpt of the show version command on C6500 platform:

Cisco Internetwork Operating System Software
IOS ™ s72033_rp Software (s72033_rp-JK9SV-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 17-Aug-05 17:48 by evmiller
Image text-base: 0x4002100C, data-base: 0x42698000

ROM: System Bootstrap, Version 12.2(17r)S4, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-JK9SV-M), Version 12.2(18)SXD6, RELEASE SOFTWARE (fc1)

r8-c6500 uptime is 6 weeks, 3 days, 20 hours, 32 minutes
Time since r8-c6500 switched to active is 6 weeks, 3 days, 20 hours, 31 minutes
System returned to ROM by reload at 18:50:17 PDT Sat Apr 7 2007 (SP by reload)
System image file is “disk0:s72033-jk9sv-mz.122-18.SXD6.bin”

If you require further assistance please contact us by sending email to
[email protected].

cisco WS-C6506 (R7000) processor (revision 3.0) with 458720K/65536K bytes of memory.
Processor board ID SAL00000XXX
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from s/w reset
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
1 Virtual Ethernet/IEEE 802.3 interface(s)
42 Gigabit Ethernet/IEEE 802.3 interface(s)
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.

65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102

show module – beside giving you a list of the modules and slots where they are connected (e.g. on C6500 series), it also return status, model, hardware address, software / hardware version and the most important for us today, the serial number of each module / sub-module. Check C6500’s output of show module command:

Mod Ports Card Type                                                      Model                      Serial No.
— —– ————————————–               ——————          ———–
1    0 FRU type (0x6003, 0x450(1104))         7600-SSC-400        JAB000000XX
2    2 IPSec VPN Accelerator                                WS-SVC-IPSEC-1     SAD0000X0X
3   16 SFM-capable 16 port 1000mb GBIC     WS-X6516-GBIC      SAL0000000
4    6 Firewall Module                          WS-SVC-FWM-1       SAD000000X
5    2 Supervisor Engine 720 (Active)              WS-SUP720-3B       SAL0000XX00
6   16 SFM-capable 16 port 1000mb GBIC     WS-X6516-GBIC      SAL0000XXXX

Mod MAC addresses                                            Hw         Fw                 Sw               Status
— ———————————-                      —— ———— ————         ——-
1 0013.60a4.c688 to 0013.60a4.c6c7    1.0    Unknown      Unknown      PwrDown
2 0001.c9df.65ba to 0001.c9df.65bd      1.3    Unknown      Unknown      PwrDown
3 0009.11e3.1c84 to 0009.11e3.1c93     5.0   Unknown      Unknown      PwrDown
4 0019.5671.803a to 0019.5671.8041   4.0    7.2(1)              3.2(10)              Ok
5 0013.c347.2e90 to 0013.c347.2e93   5.3    8.4(2)          12.2(18)SXD6     Ok
6 000d.65f7.1a8c to 000d.65f7.1a9b     5.5    6.3(1)          8.3(0.156)RO     Ok

Mod Sub-Module                        Model             Serial            Hw     Status
— ————————— ——————                 ————      ——- ——-
5 Policy Feature Card 3       WS-F6K-PFC3B       SAL0000XXX 2.3     Ok
5 MSFC3 Daughterboard         WS-SUP720          SAL0000X0X0 2.6     Ok

Mod Online Diag Status
— ——————-
1 Unknown
2 Unknown
3 Unknown
4 Pass
5 Pass
6 Pass

show inventory – retrieve and display the Unique Device Identifier (UDI) information from any Cisco product that has electronically stored such identity information. A UDI consists of the following elements: Product identifier (PID), Version identifier (VID) and Serial number (SN).
The PID is the name by which the product can be ordered; it has been historically called the “Product Name” or “Part Number.” This is the identifier that one would use to order an exact replacement part.

The VID is the version of the product. Whenever a product has been revised, the VID will be incremented. The VID is incremented according to a rigorous process derived from Telcordia GR-209-CORE, an industry guideline that governs product change notices.

The SN is the vendor-unique serialization of the product. Each manufactured product will carry a unique serial number assigned at the factory, which cannot be changed in the field. This is the means by which to identify an individual, specific instance of a product.

The raw parameter on the show inventory command is useful mostly for troubleshooting purpose. Compared with the previous commands, this one give you a better overview of the full range of hardware components installed (e.g. fan-tray, power source….) Below you can see an excerpt from the command output:

NAME: “WS-C6506”, DESCR: “Cisco Systems Catalyst 6500 6-slot Chassis System”
PID: WS-C6506          , VID:    , SN: SAL00000XXX

NAME: “WS-C6K-VTT 1”, DESCR: “VTT FRU 1”
PID: WS-C6K-VTT        , VID:    , SN: SMT0000X000

NAME: “WS-C6K-VTT 2”, DESCR: “VTT FRU 2”
PID: WS-C6K-VTT        , VID:    , SN: SMT0000X000

NAME: “WS-C6K-VTT 3”, DESCR: “VTT FRU 3”
PID: WS-C6K-VTT        , VID:    , SN: SMT0000X000

NAME: “WS-C6000-CL 1”, DESCR: “C6K Clock FRU 1”
PID: WS-C6000-CL       , VID:    , SN: SMT0000X000

NAME: “WS-C6000-CL 2”, DESCR: “C6K Clock FRU 2”
PID: WS-C6000-CL       , VID:    , SN: SMT0000A000

NAME: “1”, DESCR: “7600-SSC-400 0 ports FRU type (0x6003, 0x450(1104)) Rev. 1.0”
PID: 7600-SSC-400      , VID: V01, SN: JAB000000XX

show diagbus – in order to find the serial number of port adapters that plug into the Flex WAN module, issue the show diagbus command from the MSFC command-line interface (CLI), like in the example below:

Slot 2: Logical_index 4
2 port adapter Enhanced FlexWAN controller
Board is analyzed ipc ready
HW rev 2.0, board revision A0
Serial Number: JAB0000000 Part number: 73-9539-03

Slot database information:
Flags: 0x2004 Insertion time: 0x249E4 (18w3d ago)

Controller Memory Size:
192 MBytes CPU Memory
63 MBytes Packet Memory
255 MBytes Total on Board SDRAM
Cisco IOS Software, cwlc Software (cwpa2-DW-M), Version 12.2(33)SXH3a, RELEASE SOFTWARE (fc1)

PA Bay 0 Information:
T3+ Serial PA, 1 ports
EEPROM format version 1
HW rev 1.00, Board revision B1
Serial number: 15225203 Part number: 73-3762-02
Slot 2: Logical_index 5
2 port adapter Enhanced FlexWAN controller
Board is analyzed ipc ready
HW rev 2.0, board revision A0
Serial Number: JAB0000000 Part number: 73-9539-03

Slot database information:
Flags: 0x2004 Insertion time: 0x209C0 (18w3d ago)

Controller Memory Size:
192 MBytes CPU Memory
63 MBytes Packet Memory
255 MBytes Total on Board SDRAM
Cisco IOS Software, cwlc Software (cwpa2-DW-M), Version 12.2(33)SXH3a, RELEASE SOFTWARE (fc1)

show idprom – In order to determine the serial number for the chassis and other components. This command has multiple parameter to issue in case that you want to restrict the information that is returned to you show idprom [parameter]. Some parameter option would be: backplane, fan-tray, module, interface and others which you can discover with well known help command show idprom ? . An example you can see below:

show idprom backplane
IDPROM for backplane #0
(FRU is ‘Catalyst 6500 6-slot backplane’)
OEM String = ‘Cisco Systems’
Product Number = ‘WS-C6506’
Serial Number = ‘SAL0000XXX’
Manufacturing Assembly Number = ’73-3436-03′
Manufacturing Assembly Revision = ‘B0’
Hardware Revision = 3.0
Current supplied (+) or consumed (-) = –

As i said before not all of this commands are working on every Cisco device, that’s why I choose a C6500 for the example as it support all of them. Also this are the commands that I used mostly to obtain information about Cisco hardware components, if there are another ones that you find useful please add them to the comments section and I’ll add them to this article.