Category Archives: Cisco

Anything related to Cisco

Binary message in Cisco Digital Network Architecture: Intent-based Networking for the Enterprise (Networking Technology)

I’m waiting for my copy of “Cisco Digital Network Architecture: Intent-based Networking for the Enterprise (Networking Technology)” to arrive. In the meantime, I glanced at the contents on Amazon. Among the dedications, there is a binary message. Add a bit of Erlang magic and the message is revealed. Continue reading Binary message in Cisco Digital Network Architecture: Intent-based Networking for the Enterprise (Networking Technology)

Using QoS for blocking BitTorrent on Catalyst 4500E Sup8E

NBAR2 on Sup8E can assist in blocking BitTorrent. While somewhat useful, BitTorrent is mostly used for downloading pirated movies, and BitTorrent off someone’s ADSL line is usually dead slow.

Create a class map and a policy map as shown below, and attach that policy map to your ingress interfaces, and BitTorrent should be blocked.

class-map match-all QoS-Cls-BitTorrent
 match application bittorrent

policy-map QoS-Pol-BitTorrent
 class QoS-Cls-BitTorrent
  drop

interface range TenGigabitEthernet1/1 - 4
 service-policy input QoS-Pol-BitTorrent

The final questions are: Does this work at all? Is FNF needed for engaging NBAR2? Are additional licensing needed beyond the current IP Base license?

IPv6 RDNSS and DNSSL on Cisco IOS XE

The official documentation on Cisco IOS XE for Catalyst 4500E claims this is the syntax for specifying IPv6 RDNSS and DNSSL:

Switch(config)# interface Te1/1
Switch(config‑if)# ipv6 nd ra dns server 4::4
Switch(config‑if)# ipv6 nd ra dns search list aaa.cc.com

Using IOS XE 3.10.0E, the correct syntax for DNSSL is:

Switch(config)# interface Te1/1
Switch(config‑if)# ipv6 nd ra dns server 4::4
Switch(config‑if)# ipv6 nd ra dns‑search‑list domain aaa.cc.com

Sadly, the quality of Cisco’s documentation isn’t what it was back in 2006.

Cisco Catalyst 9400 Series

Cisco’s Catalyst 9400 Series introduced this summer do look promising, but it’s still missing a few highlights:

  • Complete support for redundant supervisors; unavailable according to the release notes dated July 31, 2017

    The supervisor module (hardware) supports redundancy, but the software does not. The associated route processor redundancy (RPR) and stateful switchover (SSO) features are also currently not supported. Redundacy[sic] in software will be supported in a later release.

  • Multigigabit line card
  • SFP+ line card, and possibly
  • QSFP/QSFP+ line cards
  • Visio stencils for chassis, power supplies, supervisor, and line cards

The release notes and data sheets are unclear on the supervisor’s ability to perform as a mobility agent.

So far the Catalyst 4500E Series seems more developed than the new Catalyst 9400 Series.

Long-running Windows 7 SP1, Cisco VPN Client 5.0.07.0440, and “Reason 414: Failed to establish a TCP connection”

I’ve noticed that Cisco VPN Client 5.0.07.0440 tends to fail with “Reason 414: Failed to establish a TCP connection.” on long-running Windows 7 SP1. It’s been going on for years. Continue reading Long-running Windows 7 SP1, Cisco VPN Client 5.0.07.0440, and “Reason 414: Failed to establish a TCP connection”

Logging messages from Cisco IOS 12.2(55)SE to an IPv6 enabled syslog host

While reloading a Cisco Catalyst 3560 running IOS 12.2(55)SE the other day, I noticed the switch stopped sending messages to the configured IPv6 enabled syslog host. Nothing appeared in the log files on the syslog host until I manually disabled and reenabled the log statement. Continue reading Logging messages from Cisco IOS 12.2(55)SE to an IPv6 enabled syslog host