Linux and Networking Tips
Sunday, October 27, 2013
Life in Congo
Wednesday, October 27, 2010
Configuring an EAPS ring using Extreme Switches
Below is the configuration. It should be a breeze once you get a hold of the extreme command line.
1. create eaps roke_eaps (eaps domain)
2. create vlan roke_eaps (control vlan)
configure vlan roke_eaps tag 111
configure vlan ROKE_EAPS_111 qosprofile QP8
3. configure protected vlans
4. configure eaps roke_eaps add control vlan roke_eaps
5. configure eaps roke_eaps add protect vlan seacom
configure eaps roke_eaps add protect vlan teams
configure eaps roke_eaps add protect vlan xxxxxx
6. configure eaps roke_eaps mode master/transit
7. configure eaps roke_eaps primary port
configure eaps roke_eaps secondary port
8. configure eaps roke_eaps failtime 5**************************************optional
configure eaps roke_eaps failtimer expiry-action open-secondary-port******optional
9. configure eaps roke_eaps hellotime 2 ************************************optional
10. enable eaps
11.configure eaps fast-convergence on/off*********************************optional
12.enable eaps roke_eaps
ZAIN HOUSE
create eaps roke_eaps
create vlan ROKE_EAPS
configure vlan ROKE_EAPS_111 tag 111
configure vlan ROKE_EAPS_111 add ports 3,4 tag
configure vlan ROKE_EAPS_111 qosprofile QP8
***configure protected vlans***
[ROKE_BACKBONE, TEAMS, SEACOM, AUGERE, KJ_OLT_MGT_PORT ] –already exist
configure eaps roke_eaps add control vlan ROKE_EAPS_111
configure eaps roke_eaps add protect vlan SEACOM
configure eaps roke_eaps add protect vlan TEAMS
configure eaps roke_eaps add protect vlan AUGERE
configure eaps roke_eaps add protect vlan ROKE_BACKBONE
configure eaps roke_eaps add protect vlan KJ_OLT_MGT_PORT
configure eaps roke_eaps mode master
configure eaps roke_eaps primary port 4
configure eaps roke_eaps secondary port 3
8. configure eaps roke_eaps failtime 5**************************************optional
configure eaps roke_eaps failtimer expiry-action open-secondary-port
9. configure eaps roke_eaps hellotime 2 ************************************optional
enable eaps
configure eaps fast-convergence on
enable eaps roke_eaps
AUGERE
create eaps roke_eaps
create vlan ROKE_EAPS_111
configure vlan ROKE_EAPS_111 tag 111
configure vlan ROKE_EAPS_111 add ports 49,50 tag
configure vlan ROKE_EAPS_111 qosprofile QP8
***configure protected vlans***
[ROKE_BACKBONE, TEAMS, SEACOM, AUGERE, KJ_OLT_MGT_PORT ] – already exist
configure eaps roke_eaps add control vlan ROKE_EAPS_111
configure eaps roke_eaps add protect vlan SEACOM
configure eaps roke_eaps add protect vlan TEAMS
configure eaps roke_eaps add protect vlan AUGERE
configure eaps roke_eaps add protect vlan ROKE_BACKBONE
configure eaps roke_eaps add protect vlan KJ_OLT_MGT_PORT
configure eaps roke_eaps mode transit
configure eaps roke_eaps primary port 50
configure eaps roke_eaps secondary port 49
8. configure eaps roke_eaps failtime 5**************************************optional
configure eaps roke_eaps failtimer expiry-action open-secondary-port******optional
9. configure eaps roke_eaps hellotime 2 ************************************optional
enable eaps
configure eaps fast-convergence on
enable eaps roke_eaps
KANJOKYA
create eaps roke_eaps
create vlan ROKE_EAPS_111
configure vlan ROKE_EAPS_111 tag 111
configure vlan ROKE_EAPS_111 add ports 49,50 tag
configure vlan ROKE_EAPS_111 qosprofile QP8
***configure protected vlans***
[ROKE_BACKBONE, TEAMS, SEACOM, AUGERE, KJ_OLT_MGT_PORT ] –already exist
configure eaps roke_eaps add control vlan ROKE_EAPS_111
configure eaps roke_eaps add protect vlan SEACOM
configure eaps roke_eaps add protect vlan TEAMS
configure eaps roke_eaps add protect vlan AUGERE
configure eaps roke_eaps add protect vlan BACKBONE
configure eaps roke_eaps add protect vlan KJ_OLT_MGT_PORT
configure eaps roke_eaps mode transit
configure eaps roke_eaps primary port 50
configure eaps roke_eaps secondary port 49
8. configure eaps roke_eaps failtime 5**************************************optional
configure eaps roke_eaps failtimer expiry-action open-secondary-port******optional
9. configure eaps roke_eaps hellotime 2 ************************************optional
enable eaps
configure eaps fast-convergence on
enable eaps roke_eaps
----END----
hope that was easy.....have a great evening or whatever is left of it! :-)
Wednesday, July 14, 2010
wireless LAN for Dizayini (graphics design company in Kampala Uganda)
I used products from Level-one to setup the LAN.
- A wireless AP connecting to an Ethernet adapter on a windows XP desktop computer via cat6 cable. This Windows XP computer also acts as the gateway to the Internet using a wireless dial up 3G dongle from a local Telco (Orange Uganda). So i went ahead to share the connection on the LAN card giving it the address 192.168.0.1. DNS details are automatically picked up from Orange on dial up.
- Level one wireless cards added to three other Dell optiplex 360 desktops running windows XP and configured with static addresses in the 192.168.0.0/24 range with their gateway as 192.168.0.1. I proceeded to share folders on their D drives to allow sharing of graphic files between computers. Note that I faced a problem with the wireless cards on the Dell Optiplexes as the screens kept going blue with errors; sorted this out by eliminating the level one drivers and using Realtek drivers.
Basic solution to networking a small company in the suburbs of Kampala.
Tuesday, June 22, 2010
Thursday, June 17, 2010
Extreme CLI
Hardware
- BlackDiamond: Chassis-based high-port density switches for Carrier-Ethernet service providers and enterprise core
- Summit: Standalone switches from L2 100Mbps to L3 10Gig top-of-rack datacenter switches.
- ReachNXT: Port Extender - Manageable by an access switch via XOS
- SummitWM: Wireless controllers
- Altitude: Wireless Access Points
- Sentriant NG: Intrusion Protection System (IPS)
- Sentriant AG: Network Access Controller (NAC)
Software
- ExtremeWare is VxWorks based = first generation of Extreme networks operating system
- ExtremeXOS = 2nd Generation OS based on Linux kernel and BusyBox
- EPICenter = Network Management Tool 
Configuration
Switch CLI prompt is driven from SNMP host name value
Space bar to go to BootROM: for return to factory default configuration: config none
Extreme FDB = Forwarding Database for MAC addresses - 300 Sec Aging timer per MAC
IP FDB (L3) for IP forwarding    
    show iparp     
    show fdb      
    create fdbentry      
    delete fdbentry      
    disable learning      
    enable learning
# configure ports 1 vlan accounting unlimited-learnings     
# configure ports 1 vlan accounting learning-limit 3 (use aging timer also) (only for dynamic entries)
Lock-learning (sticky mac) 
# configure ports 1 vlan VLAN1 lock-learning 
# configure ports 1 vlan VLAN1 unlock-learning      
    show vlan default security
ELSM (Extreme Link Status monitoring)    
gets link status from other-end    
     enable elsm ports     
    disable elsm ports      
    configure elsm ports      
    clear elsm ports
VLANs
- Port-based
- 802.1Q Tagged VLAN
- Protocol-based VLAN     
 create vlan vlan_name
 delete vlan vlan_name
 configure vlan vlan_name add ports
 configure vlan vlan_name delete ports
 disable vlan vlan_name
 enable vlan vlan_name
 configure vlan vlan_nametag <tag _value>
 configure vlan default delete port 7
 configure vlan ENGINEERING add port 7 untagged
 configure vlan ENGINEERING add ports 2,3 tagged
 show vlan ENGINEERING
 BPDU –> vlan0
Port Sharing (Aggregation) LAG    
    enable sharing 1 grouping 1-4 algorithm address-based lacp     
    show port sharing
Port Settings
   enable lldp port all     
   show ports configuration no-refresh      
   enable jumbo-frame ports all     
   show vlan VLAN1 security
- spanning-tree is disabled by default
- EMI-STP Encapsulation - Extreme Multi Instance Spanning Tree - VST+ additional header
EAPS - Ethernet Automatic Protection Switching (Ring)
- Ring Topology
- L2 Protocol - Multicast MAC
- EAPS version 2 (advanced feature - EAPS shared port for preventing superloop)
- 50 ms failover
- Device Roles: Master node, Transit nodes
- Primary/secondary port on each switch
- Master blocks its secondary port
- Control VLAN and Protected VLAN (one Control VLAN per EAPS domain)
- EAPS flush FDB when there's a topology change
        create vlan control_vlan_name 
   configure vlan control_vlan_name 
   configure vlan control_vlan_name add port 
        create eaps 
        configure eaps 
        configure eaps 
        configure eaps 
        configure eaps 
        configure eaps 
        enable eaps      
        enable eaps 
        configure eaps fast-convergence [off|on] -> additional 250ms      
        configure eaps name failtime expiry-action open secondary-port 
EAPS with a Shared Port
- Configure partner
- Configure controller port
- link-id must be same on both switches
SummitStack
- Should have same image:     
 download imageslot 
- 40Gbps full duplex capacity per switch
- MAX: 8 devices     
 enable stacking
 show stacking
 show stacking configuration
 configure stacking easy-setup
IP Routing
- By default is disabled     
 enable ipforwarding
 configure iproute add x.x.x.x/x y.y.y.y
 show ipconfig
- In new vlan ip forwarding might be disabled make sure to check.     
 show iproute
 show ipstats
- icmp is enabled by default
OSPF
    enable ipforwarding     
    configure ospf routerid 1.1.1.1      
    enable loopback vlanname (if you want to have loopback)      
    configure ospf address VLAN1 area 0.0.0.0      
    configure ospf address VLAN2 area 0.0.0.0      
    enable ospf      
    show ospf      
    show ospf area 0.0.0.0      
    show ospf neighbors      
    show ospf lsdb
- Redistribution is disabled and is configurable by policy files.
- Core license required for OSPF DR/BDR function.
- on edge / advanced edge license: we can not have DRs so priority:0
ESRP
Extreme Standby Routing Protocol - ESRP is extreme protocol for redundancy something like VRRP
QOS
- No much QOS support
- Traffic shaping is called metering
- 8 queue per interface
- Queue 1 and 8 are used by default (2q)
