Category 6 UTP

Category 6 cable, usually Cat-6, is a cable standard for Gigabit Ethernet and other network protocols that is backward compatible with the Category 5/5e and Category 3 cable standards. The main difference between Cat-6 and it’s previous versions is that CAT-6 fully utilizes all four pairs. Cat-6 features more stringent specifications for crosstalk and system noise. The cable standard provides performance of up to 250 MHz and is suitable for 10BASE-T / 100BASE-TX and 1000BASE-T / 1000BASE-TX (Gigabit Ethernet). It is expected to suit the 10GBASE-T (10Gigabit Ethernet) standard, although with limitations on length if unshielded Cat 6 cable is used.

The cable contains four twisted copper wire pairs, just like earlier copper cable standards and when used as a patch cable, Cat-6 is normally terminated in 8P8C modular connectors. Some Cat-6 cables are too large and may be difficult to attach to 8P8C connectors without a special modular piece and are technically not standard compliant. If components of the various cable standards are intermixed, the performance of the signal path will be limited to that of the lowest category. The maximum allowed length of a Cat-6 cable is 100 meters.

The cable is terminated in either the T568A scheme or the T568B scheme. It doesn’t make any difference which is used, as they are both straight through:

t586b-schemet586a-scheme

Crossover is used for hub to hub, computer to computer, wherever two-way communication is necessary. All gigabit ethernet equipment, and most new 10/100Mb equipment, supports automatic crossover, meaning that either a straight-through or crossover cable may be used for any connection. However, older equipment requires the use of a straight-through cable to connect a switch to a client device, and a crossover cable to connect a switch to a switch or a client to a client. Crossover cables can be constructed by wiring one end to the T568A scheme and the other end with the T568B scheme. This will ensure that the Transmit (TX) pins on both ends are wired through to the Receive (RX) pins on the other end.

If you are starting to build a LAN network now, it’s recommend to use already CAT-6 as it can accommodate most of the usual traffic in a network based on the fact that already NIC cards are build for the speed of 1Gbps. Some useful tips regarding the use of CAT-6 and any Ethernet cable are:

– Do run cables over distances up to 100 meters with their rated speed
– If you know how to handle some cabling tools, do make your own cable if you need lots of varying lengths
– Don’t order anything less than Cat. 5e cable
– Don’t crimp or staple cable, this can easily cause breaks in the cable which are sometimes hard to track down
– Ethernet cables are not directional in any way, you cannot install one backwards
– Lighter colored cables are usually a better choice for two reasons: They are easier to see in the dark, and it’s easier to read the cable catogory stamped on the side
– Use a patch cable when connecting a computer to a router or hub, use a cross over cable when connecting two computers directly together
– If it’s possible and you know that you need higher speed that 100Mbps do not mix different type of cables on the same network segment
– Even if all the specification are saying that the CAT-6 is protected against external factors, do not mount this cables close by cable power or any other cable that can influence the performance of Ethernet cable.

Below you can find a presentation of CAT-6 “how-to” thanks to Giganet:

[flashvideo filename=https://ipnet.xyz/vid/hardware/archive/2009/04/Category6UTPTermination.flv image=https://ipnet.xyz/vid/hardware/archive/2009/04//Category6UTPTermination.jpg width=486 height=412 /]

Resources used:
http://donutey.com/ethernet.php
http://en.wikipedia.org/wiki/Category_6_cable
http://en.wikipedia.org/wiki/TIA/EIA-568-B

Cisco Revising CCIE R&S Certification

Source: https://cisco.hosted.jivesoftware.com/docs/DOC-4605

Cisco Revising CCIE R&S Certification
The upcoming Version 4.0 of Cisco CCIE® Routing and Switching certification will test hands-on troubleshooting, Multiprotocol Label Switching (MPLS), and VPN networking

To reflect the growth of the network as a service platform, Cisco is revising the certification requirements for CCIE Routing & Switching (CCIE R&S)–the expert level certification for network engineers. The new requirements were developed with assistance from Cisco enterprise customers and reflect the expectations of employers across industries.

The competencies required for CCIE R&S v4.0 certification were released on May 5, 2009, and are available on the Cisco Learning Network under the CCIE R&S v4.0 Written Exam topics and CCIE R&S v4.0 Lab Exam topics. Exams based on the new requirements are scheduled for release on October 18, 2009, and will immediately replace the currently available v3.0 exams. Candidates who plan to take their exams on October 18, 2009, or later should prepare using the new v4.0 exam topics.

Both the written and lab exams will be refreshed with new questions and will cover MPLS and VPN networking. The written exam will add scenario-based questions to the multiple choice questions, and the lab will now require hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD$350 and the eight-hour lab at USD$1400.

A beta version of the new CCIE R&S v4.0 written exam (351-001) will be available to all customers in the July–August 2009 timeframe at a discounted price of USD$50. An announcement will be made when scheduling begins.

Cisco 360 Learning Program Updates Available

Cisco 360 Learning Program components aligned to the new CCIE R&S certification standards will be available on May 11, 2009. All current students will have access to the new materials throughout their subscription period. New materials include additional lessons on MPLS and troubleshooting, enhanced coverage of these topics in the instructor-led workshops, an updated Practice Lab Workbook for self-paced practice, and new Performance Assessments that gauge skill level and offer mentoring feedback.

CCIE Assessor, the first CCIE R&S practice lab, will be retired on June 5, 2009, and will be replaced by the 10 eight-hour assessment labs available through the Cisco 360 Learning Program.

Lab Equipment and IOS

The lab exam tests any feature that can be configured on the equipment and the IOS versions indicated below. You may see more recent IOS versions installed in the lab, but you will not be tested on the new features of a release unless indicated below.

Version 3.0 (effective through October 17, 2009)
  • 3725 series routers – IOS 12.4 mainline – Advanced Enterprise Services
  • 3825 series routers – IOS 12.4 mainline – Advanced Enterprise Services
  • Catalyst 3550 series switches running IOS version 12.2 – IP Services
  • Catalyst 3560 Series switches running IOS version 12.2 – Advanced IP Service

Version 4.0 (effective beginning October 18, 2009)
  • 1841 series routers – IOS 12.4(T) – Advanced Enterprise Services
  • 3825 series routers – IOS 12.4(T) – Advanced Enterprise Services
  • Catalyst 3560 Series switches running IOS version 12.2 – Advanced IP Services

Check here the Blueprints:
Cisco CCIE R&S Written Blueprint v4.0
Cisco CCIE R&S Lab Blueprint v4.0

Is it time to cut the Ethernet access cable?

A range of companies with wireless LANs are discovering that 50% to 90% or more of Ethernet ports now go unused, because Wi-Fi has become so prevalent.

They look at racks of unused switches, ports, Ethernet wall jacks, the cabling that connects them all, the yearly maintenance charges for unused switches, electrical charges and cooling costs. So why not formally drop what many end users have already discarded — the Ethernet cable?

“There’s definitely a rightsizing going on,” says Michael King, research director, mobile and wireless, for Gartner. “By 2011, 70% of all net new ports will be wireless. People are saying, ‘we don’t need to be spending so much on a wired infrastructure if no one is using it.”

Many of these issues were predicted in fall 2007 by Burton Group Analyst Paul DeBeasi, in a report provocatively titled “The end of Ethernet?” In it, he argued that the demand for mobility and the advent of 802.11n networks with shared throughput of 150M to 180Mbps would lead enterprises to cut the Ethernet access cord. (See our Clear Choice Test of four 802.11n vendors’ gear.)

Read the full article on NetworkWorld.com

Wireshark’s most useful display filters

wireshark-logoNow and then, especially when you expect less, the network crashes or encounter an issue and then you had to troubleshoot. Sometime the problem is right there, you can see it and it’s easy to fix, but in other cases you’ll have to put an eye in the packets that are traveling through it and search deeper for the solution. When it comes to network sniffing or packet capturing or whatever you want to call it, I believe that the name Wireshark (formerly Ethereal) ring a bell in your head.

Wireshark is one of the world’s foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. Some features of Wireshark:
– Deep inspection of hundreds of protocols, with more being added all the time
– Live capture and offline analysis
– Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
– Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
– Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and   uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
– Capture files compressed with gzip can be decompressed on the fly
– Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
– Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2

Wireshark is extremely useful when it comes to network troubleshooting as it capture the packets and you can have a detail look into them checking if everything is OK in parameters, message, format and so on. The problem is that if you capture the packets traveling through a backbone router you will end having  huge file ( yes, even up to 1G if you capture long enough) and a lot packets details in it. From this tons of information maybe you are interested in only a minor part like BGP traffic or a certain IP source and destination. Here is the part where Wireshark filters come into play.

There are 2 type of Wireshark filters:

– DISPLAY FILTERS – after you capture a lot of information, they help you to visualize only the packets that you are interested in
– CAPTURE FILTERS – from the beginning you know what is the interest for you and capture only those packets

I would recommed to use the Capture filters, when you know what are you looking for and you run the capture for more than couple of hours in a heavy traffic environment. This will help you stay in a reasonable amount on information being captured and file size.
If you run the packet capture for less time, like one or two hours, and you are not very sure what are you looking for, then I recommend to capture all the traffic and then use Display filters to visualize only the information that you are searching for.

For today I put together a list with the most useful Wireshark display filters. I compiled this list based on my personal experience and on my friends and colleagues advices. If you think that something is missing, or you are using a Display filter that might be useful for others please feel free to add it to a Comment to this topic and I will update the list. In one of the future posts I will show you how to capture the traffic and apply some of this filters.

DISPLAY FILTER EXPLANATION EXAMPLE
eth.addr source or destination mac-address eth.addr == 00:1a:6b:ce:fc:bb
eth.src source mac-address eth.src == 00:1a:6b:ce:fc:bb
eth.dst destination mac-address eth.dst == 00:1a:6b:ce:fc:bb
arp.dst.hw_mac target mac-address arp.dst.hw_mac == 00:1a:6b:ce:fc:bb
arp.dst.proto_ipv4 target IPv4 address arp.dst.proto_ipv4 == 10.10.10.10
arp.src.hw_mac sender mac-address arp.src.hw_mac == 00:1a:6b:ce:fc:bb
arp.src.proto_ipv4 sender IPv4 address arp.src.proto_ipv4 == 10.10.10.10
vlan.id vlan ID vlan.id == 16
ip.addr source or destination IPv4 address ip.addr == 10.10.10.10
ip.dst destination IPv4 address ip.addr == 10.10.10.10
ip.src source IPv4 address ip.src == 10.10.10.10
ip.proto IP protocol (decimal) ip.proto == 1
ipv6.addr source or destination IPv6 address ipv6.addr == 2001::5
ipv6.src source IPv6 address ipv6.addr == 2001::5
ipv6.dst destination IPv6 address ipv6.dst == 2001::5
tcp.port source or destination TCP port tcp.port == 20
tcp.dstport destination TCP port tcp.dstport == 80
tcp.srcport source TCP port tcp.srcport == 60234
udp.port source or destination UDP port udp.port == 513
udp.dstport destination UDP port udp.dstport == 513
udp.srcport source UDP port udp.srcport == 40000
fr.dlci Frame-Relay DLCI number fr.dlci == 112
icmp.type ICMP type code (decimal) icmp.type == 8
vtp.vlan_info.vlan_name VLAN name vtp.vlan_info.vlan_name == TEST
bgp.originator_id BGP id (IPv4 address) bgp.originator_id == 192.168.10.15
bgp.next_hop BGP Next Hop (IPv4 address) bgp.next_hop == 192.168.10.15
rip.ip RIP IPv4 address rip.ip == 200.0.2.0
ospf.advrouter OSPF advertising router ID ospf.advrouter == 192.168.170.8
eigrp.as EIGRP autonomous system number eigrp.as == 100
hsrp.virt_ip HSRP virtual IP address hsrp.virt_ip == 192.168.23.250
vrrp.ip_addr VRRP virtual IP address vrrp.ip_addr == 192.168.23.250
zebra.dest4 ZEBRA destination IPv4 address zebra.dest4 == 10.10.10.10
wlan.addr source or destination MAC address wlan.addr == 00:1a:6b:ce:fc:bb
wlan.sa source MAC address wlan.sa == 00:1a:6b:ce:fc:bb
wlan.da destination MAC address wlan.da == 00:1a:6b:ce:fc:bb

Materials that helped me for this post:
http://packetlife.net/static/cheatsheets/wireshark-display-filters.pdf – thanks Jeremy Stretch
http://www.wireshark.org/docs/dfref/ – here you can find the full list of filters – thanks developers of Wireshark