Category: Real World

Apps for a Network Engineer Part 1: MAC

Reading Time: 5 minutes

MAC for Network Engineers

I am not going to play bias in anyway towards any particular apps. I’m surely not going to get into the debate between Windows or Apple as a primary computer. In fact, I’ve spent the last 4 years using Windows exclusively for work due to work issued laptops and the lack of support for Mac in the companies I have worked with. However, I recently purchased a new Mac to get back to what I personally like best, with that, I had to rebuild my app repetoir for doing my job on a Macbook. This took some digging and searching to find apps similar to what I used on Windows. I’m still searching for all the app alternatives but I figured I could make this into a working document of my favorite apps in terms of network engineering.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/apps-for-a-network-engineer-part-1-mac/

SRT: Offline type 7 decrypt

Reading Time: < 1 minute

I was recently working on deploying a new device into our network infrastructure. I was working off a configuration template that had a standard arguments for AAA leveraging TACACS+. I was offsite and had asked a fellow colleague to enter the new device into our ACS deployment to allow authentication and command authorization. The long and short of it is, it was copied off of a different group of devices than what my configuration template was based of. The issue was a mismatch in TACACS server keys. The problem was I was currently offline as I was connecting to the device what would let me out to the network. So what is the stupid router trick? The stupid router trick consists of using the key chains to decrypt a type 7 TACACS (or other key) that is hidden via service password-encryption in your configuration template. The trick is pretty simple. Create a temporary key chain that won’t be applied anywhere, enter the key(s) into the key chain in their type 7 format, and then do a simple show key chains. Really! That’s all there is to it. See the output below.

 

R1(config)#key chain tempkeys
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string 7 06150A225E4B1D12000E
R1(config-keychain-key)#exit
R1(config-keychain)#key 2
R1(config-keychain-key)#key-st
R1(config-keychain-key)#key-string 7 095F4B0A0B0003190E15
R1(config-keychain-key)#end
R1#
R1#show key chain
Key-chain tempkeys:
key 1 -- text "secretkey"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
key 2 -- text "secretkey"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
Share this article:

Permanent link to this article: https://www.packetpilot.com/srt-offline-type-7-decrypt/

Tracked Static Default Route

Reading Time: 6 minutes

As common place in today’s networks redundancy is key. Applications are the key components to business obtaining revenue. More and more applications are becoming SaaS and ecommerce is here to stay. With that being said, many companies are moving to redundant connections to the internet. These connections could be through two different ISPs, or both connections to the same ISP. Often times these connections will be of different speeds to save on costs. The key to these connections is to maintain internet connectivity.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/tracked-static-default-route/

Overlapped IP Range in a Merger

Reading Time: 6 minutes

The Scenario is this…Company A has purchased Company B. One is an enterprise of thousands of users, the other a mid size company in the multiple hundres. However, as would happen to be the case, both companies utilize an overlapping subnet. To further complicate the issue it has been decided that both companies need to terminate at Company A’s core and utilize a single unified instance of EIGRP. As part of this scenario, both companies need to be abble to access each others networks but luckily it has been determined that neither need to be able to access each others overlapped networks. Additionally both companies advertise different bit masks on their overlapping networks. This is something that we can work with.

The following examples show the additional configuration required for the specific scenario above. The full router configurations are posted at the end of the article.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/overlapped-ip-range-in-a-merger/

Router on a Stick

Reading Time: 2 minutes

The scenario looks like this. You’ve got a branch office with a single router connecting to your corporate office over the WAN. In your branch office you have a single layer 2 switch and a desire to separate traffic into multiple broadcast domains. Maybe you want an easy way to allow only HR computers to connect to a very specific branch office server and the only place for any restriction of traffic is on that branch office router. Here is where your router on a stick comes into play.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/router-on-a-stick/

Cisco DHCP Configuration

Reading Time: 2 minutes

DHCPTOPOLOGY

Cisco routers are capable of doing many more things than simply routing packets. In fact, it can operate as a small DHCP server when needed. By no means is it a replacement for your enterprise, centrally managed DHCP server but it does have its applicable scenarios. Lets say you have a branch office that has its own server for any particular reason. Maybe it is a local file share for an engineering departments CAD program and rather than having all file traffic from opens and saves traverse the WAN during the day, you simply run backs of that server across the WAN at night. Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/cisco-dhcp-configuration/

Static Routing with Cisco

Reading Time: 3 minutes

Routing is at the core of the network infrastructure. Routing is what ultimately lets you get from point A to point B not only in your own network, but also across the entirety of the world wide web. Routing in its simplest form tells your network devices the path to get to another network device located on another network. This was originally handled by creating static routes to the required destinations.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/static-routing-with-cisco/

Cisco HSRP Example

Reading Time: 3 minutes

Todays enterprise network is heavily focused on providing as near to 100% uptime as possible. Newer technologies such as virtualization and server clusters have been a focal point in achieving this level of service for some time now. However, an often missed opportunity to provide that level of service exists in the core of your infrastructure. Many medium size organizations will implement a server monitoring resource to measure and track the uptime on their core applications and infrastructure servers such as DHCP, DNS, SharePoint, Active Directory, and so on. Often times this monitoring server is located within the data center, and likely on the same subnets as the servers themselves. This can quickly skew your uptime numbers in the sense of “can my users reach the servers?”. While true, the uptime of the servers may be near 100% from the standpoint of the monitoring system, that does not indicate the ability for your users to reach the servers, or in the same concept, your servers to reach your users. Enter default gateway redundancy.

Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/cisco-hsrp-example/

Certification Study Strategy

Reading Time: 7 minutes

I often get asked what the best way to study for an Information Technology certification is and what it entails. Throughout my career I have taken a number of certification and have developed a strategy that has been working for me with relatively good success for quite some time. While I understand that everyone has a diferrent learning style, and learns at a different pace, I believe many of the concepts can be adjusted to the individual. In fact, my process relies upon creating a timeline based on your own learning goals. In this article I am going to outline my certification preparation techniques and some of the tools I use to accomplish my training. Most of the tools I use are no-cost freeware and readily available on the internet. A quick google search should suffice in obtaining most of them.
Continue reading

Share this article:

Permanent link to this article: https://www.packetpilot.com/certification-study-strategy/

Load more