Splunking with Cisco

I have recently installed Splunk and have a spent a bit of time getting it to work with Cisco IOS devices. So here is a post of a few things I have found that may be useful to first-time Splunkers or just help make it a bit more useful.

The plan for Splunk for me is to monitor faults, track ongoing performance issues and for managing inventory. Note I have only configured this on ISR routers and switches, I haven’t tried it on any ASAs, voice gateways, servers or WLC/APs. Continue reading

CCNP – SWITCH – Study Notes #1 – VTP – Part 1

Alright, lets kick this study series off on a low note: VTP. Short for VLAN Trunking Protocol.

VTP is one of those things that is pretty horrible, really no way around that. If the idea of saving a couple of seconds of configuration time for the low low price of crippling your network in about 3 seconds sounds appealing to you, then read on. Or, if you are studying SWITCH, then also read on, because Cisco insists that you learn this.

Continue reading

Auto-Deploying Configuration

The other day I finally got around to writing a script to automatically deploy config to a bunch of devices. Finally! I have been planning on doing this for a number of years (I think eight years since I originally said I would). It just turned out that every time I kinda/sorta/maybe needed it over the last decade or so, it turned out that I could do it manually for just a little bit less effort.

Those days have a last come to an end.

Continue reading

POC – Post #3

Another small post to my ongoing POC series.

I’ve changed the title, it doesn’t really make sense to post it “day x” any more because I rarely get to work a full day on it. I also seem to spend far more days doing other projects than I do on this one.

Anyway, as usual, a bit of a pic of how it’s all looking:

POC

 

The Limits of Spanning Tree

You may notice there is a bit of copper cabling in this one (it has since been removed). This was part of my setup for upgrading all the IOSs on the CGS-2520s. I added a link between each CGS-2520 and the next one down the rack, gave each one an IP address on VLAN1 and then did a archive download-sw tftp. This seemed like the quickest way to upgrade about 64 boxes as the ports on the CGS are by default in VLAN1.

As I did this, I came across an interesting issue. Spanning tree by default on Cisco devices has a “diameter” of 7. This diameter is used to calculate the various spanning tree timers. It’s not actually the number of switches you can have in a row before it breaks. Nope, that’s 22.

I’m not even kidding. I had all the switches in one long daisy chain and when I got to switch 22 VLAN1 would continue to bounce up and down. Easy fix – I just added a link between switch #22 and the root. But it was interesting, I have never actually seen the limit before – luckily I have never had to work in an environment with 22 switches linked together in a row! So yeah, don’t do that.

Random CGS 2520 Facts

#1 Default power draw: about 500mA at 53V, or about 26W.

If you plug a CGS in with no real traffic, have a couple of SFPs inserted, no POE ports – it will draw about 26W. Which brings us too…

#2 Number of CGS 2520s you can run off a 1A C curve breaker: 2.

Just. You have to double tap em. Once on to fill the caps then again to turn it on properly. Probably not the best idea in the world. But it works if you need it to. We had mostly 1A breakers on hand.

#3 The 100MB SFP ports are by default half duplex. Er…I know 100MB ports by default negotiate to half duplex…but come on. They are fibre ports….? Just…annoying.

Random Annoyance with the CGR 2010

If you get an upgrade license for a CGR (or any other router). Get the product code right. This may seem obvious, and it is. But, damnit, it’s annoying if you don’t.

Do a show license udi and make sure you write it in exactly as the PID. We accidentally put in “CGR2010/K9” instead of “CGR-2010/K9”. And then the Cisco web page seemed to be crashing for the afternoon – so that was annoying.

Other than that, still waiting on the last couple of fibres (and by couple, I mean the last 72). All the devices have Loopback and point to point addresses. Will add basic OSPF soon (hopefully tomorrow) and then I can get going on the fun stuff.

/Tom out.

The POC – Day #3

No post for POC Day #2. Ended up only having a couple of hours in the afternoon where I installed the last of the optics and that was pretty much it.

Today I had most of the day set aside for it, so I made a bit more progress getting it all set up. We are still having some issues with fibre and power. Only approximately half the fibre patch cables arrived – some went on back order unfortunately and no new circuit breakers just yet. So still only about 8 devices powered on (of about 60).

Continue reading