RosyidLinuX

Share Everything to Everyone

Senin, 29 Januari 2024

Border Gateway Protocol (Teori)

13.03 Posted by ROSYID'S BLOG No comments

BPG menggunakan TCP port 179 untuk komunikasi.

Dalam perspektif BGP, Autonomous System (AS) adalah sekumpulan router dalam satu kontrol organisasi.

Nomor AS awalnya terdiri dari 2 bytes (16 bit) kemudian diperlebar menjadi 4 bytes (32 bit).

Ada 2 blok nomor AS Private yang dapat digunakan oleh organisasi, yaitu ASN 64.512 - 65.534 untuk range AS 16 bit dan 4.200.000.000 – 4.294.967.294 untuk extended range AS 32 bit.

BGP menggunakan path attribute untuk menentukan jalur dan diklasifikasi menjadi berikut.

  • Well-known mandatory
  • Well-known discretionary
  • Optional transitive
  • Optional non-transitive

Path atribut yang wajib ada dalam setiap advertisement adalah Well-know mandatory.

Kemudian BGP session terbagi menjadi 2 type, yaitu :

1. iBGP (Internal BGP).

- Administrative Distance 200 dan Time-to-Live 255

2. eBGP (External BGP).

- Administrative Distance 20 dan Time-to-Live 1


Sabtu, 27 Januari 2024

OSPF Versi 3 (Teori)

23.32 Posted by ROSYID'S BLOG , No comments

OSPFv3 bisa digunakan pada IPv4 maupun IPv6, dan proses komunikasinya bergantung pada IPv6 link-local address sebagai sumber alamat. Pada OSPF versi ini menggunakan protocol number 89.

OSPFv3 kurang lebih sama dengan versi sebelumnya, namun memiliki beberapa pembaharuan seperti router-id yang harus manual ditulis di bawah konfigurasi ospf dan aktivasi interface ospf secara eksplisit harus ditulis di konfigurasi interface. Jika router-id tidak ditulis maka secara default akan terisi 0.0.0.0 dan tidak dapat membentuk OSPF Adjencies.

    (config-router)# router-id 192.168.1.1

    (config-if)# ospfv3 1 ipv6 area 0

Beberapa istilah LSA mengalamai perubahan seperti.

    Network Summary => Inter-Area Prefix

    ASBR Summary => Inter-Area Router

Agar dapat saling berkomunikasi, OSPv3 menggunakan alamat multicast tujuan sebagai berikut:

  • FF02::05 OSPv3 AllSPFRouters. Semua Router mengirim pesan OSPF Hello ke alamat ini, serta DR/BDR mengirim LSUpdate dan LSAck ke All Router.

  • FF02::06 OSPv3 AllDRouters. Digunakan DRothers mengirim LSUpdate dan LSAck ke DR/BDR.







Rabu, 21 September 2022

Upgrade Cisco IOS XE

18.40 Posted by ROSYID'S BLOG No comments
Step 1

Clean-up

install remove inactive

Use this command to clean-up old installation files in case of insufficient space and to ensure that you have at least 1GB of space in flash, to expand a new image.

The following sample output displays the cleaning up of unused files, by using the install remove inactive command: 
Switch# install remove inactive
install_remove: START Mon Jul 19 17:46:18 IST 2021
Cleaning up unnecessary package files
No path specified, will use booted path flash:packages.conf
Cleaning flash:
  Scanning boot directory for packages ... done.
  Preparing packages list to delete ... 
    cat9k_lite-rpbase.17.05.01.SPA.pkg
      File is in use, will not delete.
    cat9k_lite-rpboot.17.05.01.SPA.pkg
      File is in use, will not delete.
    cat9k_lite-srdriver.17.05.01.SPA.pkg
      File is in use, will not delete.
    cat9k_lite-webui.17.05.01.SPA.pkg
      File is in use, will not delete.
    packages.conf
      File is in use, will not delete.
  done.
  
The following files will be deleted:
[switch 1]:
/flash/cat9k_lite_iosxe.17.05.01.SPA.bin

Do you want to remove the above files? [y/n]y

[switch 1]:
Deleting file flash:cat9k_lite_iosxe.17.05.01.SPA.bin ... done.
SUCCESS: Files deleted.
--- Starting Post_Remove_Cleanup ---
Performing Post_Remove_Cleanup on all members
  [1] Post_Remove_Cleanup package(s) on switch 1
  [1] Finished Post_Remove_Cleanup on switch 1
Checking status of Post_Remove_Cleanup on [1]
Post_Remove_Cleanup: Passed on [1]
Finished Post_Remove_Cleanup
SUCCESS: install_remove  Mon Jul 19 17:47:20 IST 2021
Switch#
Step 2

Copy new image to flash

  1. copy tftp:[[//location]/directory]/filenameflash:

    Use this command to copy the new image from a TFTP server to flash memory. The location is either an IP address or a host name. The filename is specified relative to the directory used for file transfers. Skip this step if you want to use the new image from a TFTP server.
    Switch# copy tftp://10.8.0.6/image/cat9k_lite_iosxe.17.06.01.SPA.bin flash:

Destination filename [cat9k_lite_iosxe.17.06.01.SPA.bin]?
Accessing tftp://10.8.0.6//cat9k_lite_iosxe.17.06.01.SPA.bin...
Loading /cat9k_lite_iosxe.17.06.01.SPA.bin from 10.8.0.6 (via GigabitEthernet0/0): 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 601216545 bytes]
 
601216545 bytes copied in 50.649 secs (11870255 bytes/sec)

  2. dir flash:

    Use this command to confirm that the image has been successfully copied to flash. 
    Switch# dir flash:*.bin
Directory of flash:/*.bin
 
Directory of flash:/
 
434184 -rw- 601216545 Jul 19 2021 10:18:11 -07:00 cat9k_lite_iosxe.17.06.01.SPA.bin
11353194496 bytes total (8976625664 bytes free)
Step 3

Set boot variable

  1. boot system flash:packages.conf

    Use this command to set the boot variable to flash:packages.conf .
    Switch(config)# boot system flash:packages.conf

  2. no boot manual

    Use this command to configure the switch to auto-boot. 
    Switch(config)# no boot manual
Switch(config)# exit

  3. write memory

    Use this command to save boot settings.
    Switch# write memory

  4. show boot

    Use this command to verify the boot variable (packages.conf) and manual boot setting (no):
    Switch# show boot
---------------------------
Switch 3
---------------------------
Current Boot Variables:
BOOT variable = flash:packages.conf;
 
Boot Variables on next reload:
BOOT variable = flash:packages.conf;
Manual Boot = no
Enable Break = yes
Boot Mode = DEVICE
iPXE Timeout = 0
Step 4

Install image to flash

install add file activate commit

Use this command to install the image.

We recommend that you point to the source image on your TFTP server or the flash drive of the switch, if you have copied the image to flash memory.

The following sample output displays installation of the Cisco IOS XE Bengaluru 17.6.1 software image in the flash memory: 
Switch# install add file flash:cat9k_lite_iosxe.17.06.01.SPA.bin activate commit
install_add_activate_commit: START Mon Jul 19 12:51:55 IST 2021
Jul 19 12:51:57.795: %INSTALL-5-INSTALL_START_INFO: R0/0: install_engine: Started install one-shot flash:cat9k_lite_iosxe.17.06.01.SPA.bininstall_add_activate_commit: Adding PACKAGE
install_add_activate_commit: Adding PACKAGE
install_add_activate_commit: Checking whether new add is allowed ....

--- Starting initial file syncing ---
Info: Finished copying flash:cat9k_lite_iosxe.17.06.01.SPA.bin to the selected switch(es)
Finished initial file syncing

--- Starting Add ---
Performing Add on all members
  [1] Add package(s) on switch 1
  [1] Finished Add on switch 1
Checking status of Add on [1]
Add: Passed on [1]
Finished Add

Image added. Version: 17.06.01.0.276
install_add_activate_commit: Activating PACKAGE

gzip: initramfs.cpio.gz: decompression OK, trailing garbage ignored
Following packages shall be activated:
/flash/cat9k_lite-webui.17.06.01.SPA.pkg
/flash/cat9k_lite-srdriver.17.06.01.SPA.pkg
/flash/cat9k_lite-rpboot.17.06.01.SPA.pkg
/flash/cat9k_lite-rpbase.17.06.01.SPA.pkg

This operation may require a reload of the system. Do you want to proceed? [y/n]y

--- Starting Activate ---
Performing Activate on all members
Jul 19 13:03:24.337: %INSTALL-5-INSTALL_AUTO_ABORT_TIMER_PROGRESS: R0/0: rollback_timer: Install auto abort timer will expire in 7200 seconds
  [1] Activate package(s) on switch 1
    --- Starting list of software package changes ---
    Old files list:
      Removed cat9k_lite-rpbase.17.05.01.SPA.pkg
      Removed cat9k_lite-rpboot.17.05.01.SPA.pkg
      Removed cat9k_lite-srdriver.17.05.01.SPA.pkg
      Removed cat9k_lite-webui.17.05.01.SPA.pkg
    New files list:
      Added cat9k_lite-rpbase.17.06.01.SPA.pkg
      Added cat9k_lite-rpboot.17.06.01.SPA.pkg
      Added cat9k_lite-srdriver.17.06.01.SPA.pkg
      Added cat9k_lite-webui.17.06.01.SPA.pkg
    Finished list of software package changes
  [1] Finished Activate on switch 1
Checking status of Activate on [1]
Activate: Passed on [1]
Finished Activate

*Jul 19 13:03:24.298 IST: %INSTALL-5-INSTALL_AUTO_ABORT_TIMER_PROGRESS: Switch 1 R0/0: rollback_timer: Install auto abort timer will expire in 7200 seconds--- Starting Commit ---
Performing Commit on all members
  [1] Commit package(s) on switch 1
  [1] Finished Commit on switch 1
Checking status of Commit on [1]
Commit: Passed on [1]
Finished Commit

Install will reload the system now!
SUCCESS: install_add_activate_commit  Mon Jul 19 13:04:23 IST 2021
Jul 19 13:04:24.586: %INSTALL-5-INSTALL_COMPLETED_INFO: R0/0: install_engine: Completed install one-shot PACKAGE flash:cat9k_lite_iosxe.17.06.01.SPA.bin

The system reloads automatically after executing the install add file activate commit command . You do not have to manually reload the system.
Step 5

Verify installation

After the software has been successfully installed, use this command to verify that the flash partition has four new .pkg files and two .conf files.

  1. dir flash:*.pkg

    The following is sample output of the dir flash:*.pkg command:
    Switch# dir flash:*.pkg

Directory of flash:/*.pkg
Directory of flash:/
48582  -rw- 298787860  Mar 20 2021 05:13:32 +00:00  cat9k_lite-rpbase.17.05.01.SPA.pkg
48585  -rw- 35713901   Mar 20 2021 05:14:12 +00:00  cat9k_lite-rpboot.17.05.01.SPA.pkg
48583  -rw- 4252692    Mar 20 2021 05:13:33 +00:00  cat9k_lite-srdriver.17.05.01.SPA.pkg
48584  -rw- 8119312    Mar 20 2021 05:13:34 +00:00  cat9k_lite-webui.17.05.01.SPA.pkg

16640  -rw- 301188116   Jul 19 2021 05:33:25 +00:00  cat9k_lite-rpbase.17.06.01.SPA.pkg
16647  -rw- 35112025    Jul 19 2021 05:34:06 +00:00  cat9k_lite-rpboot.17.06.01.SPA.pkg
16642  -rw- 4326420     Jul 19 2021 05:33:25 +00:00  cat9k_lite-srdriver.17.06.01.SPA.pkg
16643  -rw- 8328208     Jul 19 2021 05:33:25 +00:00  cat9k_lite-webui.17.06.01.SPA.pkg

  2. dir flash:*.conf

    The following is sample output of the dir flash:*.conf command. It displays the .conf files in the flash partition; note the two .conf files:

    • packages.conf—the file that has been re-written with the newly installed .pkg files

    • cat9k_lite_iosxe.17.06.01.SPA.conf— a backup copy of the newly installed packages.conf file 
      Switch# dir flash:*.conf
 
Directory of flash:/*.conf
Directory of flash:/

16631 -rw- 4882  Jul 19 2021 05:39:42 +00:00  packages.conf
16634 -rw- 4882  Jul 19 2021 05:34:06 +00:00  cat9k_lite_iosxe.17.06.01.SPA.conf
Step 6

Reload and verify version

  1. reload

    Use this command to reload the switch. When you boot the new image, the boot loader is automatically updated, but the new bootloader version is not displayed in the output until the next reload.
    Switch# reload

  2. show version

    After the image boots up, use this command to verify the version of the new image.

    The following sample output of the show version command displays the Cisco IOS XE Bengaluru 17.6.1 image on the device:
    Switch# show version
Cisco IOS XE Software, Version 17.06.01
Cisco IOS Software [Bengaluru], Catalyst L3 Switch Software (CAT9K_LITE_IOSXE), Version 17.6.1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2021 by Cisco Systems, Inc.
Compiled Mon 19-Jul-21 19:57 by mcpre
<output truncated>

Minggu, 26 Juni 2022

Create Modular QoS CLI (MQC)

00.53 Posted by ROSYID'S BLOG No comments

You wanna make QoS on your Router ? Just make using MQC.

The steps only create 3 items : Class-Map, Policy-Map, and then Apply to Interface.

Let's get into the CLI !!!


R1(config)#class-map match-any EMAIL
R1(config-cmap)#match protocol pop3
R1(config-cmap)#match protocol smtp
R1(config-cmap)#match protocol imap
R1(config-cmap)#match protocol exchange
R1(config-cmap)#exit

R1(config)#class-map VOICE
R1(config-cmap)#match protocol rtp audio
R1(config-cmap)#exit

R1(config)#class-map SCAVENGER
R1(config-cmap)#match protocol bittorrent
R1(config-cmap)#exit

R1(config)#policy-map DEMO
R1(config-pmap)#class EMAIL
R1(config-pmap-c)#bandwidth 512
R1(config-pmap-c)#random-detect dscp-based
R1(config-pmap-c)#random-detect ecn
R1(config-pmap-c)#exit

R1(config-pmap)#class VOICE
R1(config-pmap-c)#priority 256
R1(config-pmap-c)#exit

R1(config-pmap)#class SCAVENGER
R1(config-pmap-c)#police 128000 conform-action transmit exceed-action set-dscp-transmit default
R1(config-pmap-c)#exit
R1(config-pmap)#exit

R1(config)#int gig 0/2
R1(config-if)#service-policy output DEMO
R1(config-if)#end

R1#show class-map
R1#show policy-map interface gig 0/2


Reference : https://www.kwtrain.com/blog/mqc

Senin, 06 Juni 2022

GLBP in Router Cisco

21.22 Posted by ROSYID'S BLOG , No comments

OK Let's Start

Here are the minimal configuration to make GLBP on the Router.

R1#conf t
R1(config)#int gig 0/1
R1(config-if)#glbp 10 ip 10.1.1.1
R1(config-if)#glbp 10 priority 110
R1(config-if)#glbp 10 preempt
R1(config-if)#glbp 10 authentication md5 key-string $3cr3T

R2#conf t
R2(config)#int gig 0/1
R2(config-if)#glbp 10 ip 10.1.1.1
R2(config-if)#glbp 10 preempt
R2(config-if)#glbp 10 authentication md5 key-string $3cr3T

Done...!

 

GLBP is First Hop Redudancy from Cisco Propietary, and the default preemption is Disable. So, we need to explicit define to Enable. 

The higher priority make Router as Active, the lowest will make as Standby.