Step1. Configure EXPORTER MAP set services flow-monitoring version9 template NETFLOW_MONITOR template-refresh-rate seconds 15 set services flow-monitoring version9 template NETFLOW_MONITOR option-refresh-rate seconds 15 set services flow-monitoring version9 template NETFLOW_MONITOR ipv4-template Step2. Configure MONITOR MAP set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 port 9991 set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 source-address 192.168.1.100 set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 version9 template NETFLOW_MONITOR set forwarding-options sampling instance NETFLOW_INSTANCE family inet output inline-jflow source-address…
Free Network Posts
Here’s the sample configuration of Netflow in Cisco running IOS and Nexus-OS. Cisco IOS-XR: The NetFlow use these 3 maps to configure Step1. EXPORTER MAP – configure parameters like export destination IP, udp port (only supported transport protocol), source interface IPv4: flow exporter-map NETFLOW-EXPORTER-MAP version v9 transport udp 9991 source Loopback0 destination 192.168.30.100 IPv6: flow exporter-map IPv6-NETFLOW-EXPORTER-MAP version v9 transport udp 9991 source Loopback0 destination 192.168.30.100 Note: destination udp port can be from <1024-65535>…
Here’s sample firewall configuration in protecting the box and its services. ICMP: ICMP message types are essential for network administration and troubleshooting. There are quite a number of ICMP parameters, you can refer to IANA ICMP Parameters for the list or if you want to learn more details about ICMP can refer to RFC792. Here’s the 4 types I consider useful for troubleshooting and need to be allowed.Type 0 — Echo Reply –> response from target to host Type 8 — Echo Request–>…
Why is considered hidden? Because you won’t see it in the command in Cisco Routers Command Line Interface (CLI). Sample output: RP/0/RSP1/CPU0:CORE1#ser? service RP/0/RSP1/CPU0:CORE1#service ? redundancy Service Director related commands. Then what it is? service unsupported-transceiver Configuration: Cisco IOS-XE Router1(config)#service unsupported-transceiver Warning: When Cisco determines that a fault or defect can be traced to the use of third-party transceivers installed by a customer or reseller, then, at Cisco’s discretion, Cisco may withhold support under warranty or a Cisco support…
Objective: The PBR policy will be removed facing Uplink-Router once it detected that the server is unreachable. Policy-based routing (PBR) is a method used to make routing decisions based on policies. Scenario: Server1 providing web caching to customers for faster web page loading. Since there is route-map in place to route their http/https traffic to the next hop which is Server1, what if this server suddenly goes down?, the expected behaviour is the customer won’t be able to access websites.…
These are the steps in upgrading Juniper Routers. This was tested using the JunOS SRX router. Assumption: JunOS is downloaded and stored in an FTP server. Step1: Download the necessary image from the FTP server. Save it in the /var/tmp folder. user1@SRX-Router1> file copy ftp://user1@172.25.11.254/junos-vsrx-x86-64-19.2R1.8.tgz /var/tmp/ Password for user1@172.25.11.254: /var/home/user1/…transferring.file………ush100% of 1127 MB 5426 kBps 00m00s Step2: Verify the software package user1@SRX-Router1> file list /var/tmp | match junos junos-vsrx-x86-64-19.2R1.8.tgz user1@SRX-Router1> file list detail /var/tmp | match junos -rw-r–r– 1 user1 …
Objective: To configure port-channel and associate it to vlan. Servers will use Juniper-Router as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Juniper-Router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Juniper-Router# configure set vlans VLAN-8 description Server-Farm set vlans VLAN-8 vlan-id 8 set vlans VLAN-8 l3-interface irb.8 set interfaces irb unit 8 description “Server Farm Vlan” set interfaces irb unit 8 family inet address 192.168.8.1/24 2. Configure…
Objective: To configure port-channel and associate it to vlan. Servers will use Cisco-NXOS as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Cisco-NXOS router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Cisco-NXOS# configure vlan 8 name Server-Farm interface Vlan8 description Server Farm Vlan no shutdown ip address 192.168.8.1/24 2. Configure port-channel interface port-channel10 description Port-channel to Server-Switch switchport access vlan 8 3. Configure…
Objective: To separate management traffic from data/customer traffic in your Cisco XR routers. Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cables (for each RSP management port in case for switchover) are connected to a network switch to access the OOB management gateway * * Management IP Configuration* * 1. Configure the vrf for management vrf management description VRF for Out-of-Band address-family ipv4 unicast 2. Set the physical IP address on each RSP management port. There are total of…
One Comment