How to find logged user informations for last two days from server ?

echo “How to find logged user informations for last two days from server:”

last | awk ‘{print $1 ” ” $5 “-” $6}’ | grep -v : > lastfile

cat lastfile | while read loguser lastdate
do
if [ “$lastdate” = `date | awk ‘{print $2 “-” $3}’` -o “$lastdate” = `date -d’-1 days’ | awk ‘{print $2 “-” $3}’` ]; then
echo $loguser ” ” $lastdate
fi
done

www.pdf24.org    Send article as PDF   

Configure a Frame-Relay Switch

 Configuring a Basic Frame Relay Switch

frame_switch#
frame_switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
frame_switch(config)#frame-relay switching
frame_switch(config)#interface serial 0
frame_switch(config-if)#encapsulation frame-relay
frame_switch(config-if)#frame-relay intf-type dce
frame_switch(config-if)#frame-relay lmi-type ansi
frame_switch(config-if)#clock rate 56000
frame_switch(config-if)#frame-relay route 101 interface s5 102
frame_switch(config-if)#exit
frame_switch(config)#
frame_switch(config)#interface serial 5
frame_switch(config-if)#encapsulation frame-relay
frame_switch(config-if)#frame-relay intf-type dce
frame_switch(config-if)#clock rate 56000
frame_switch(config-if)#frame-relay route 102 interface s0 101
frame_switch(config-if)#exit
frame_switch(config)#

 Displaying the Entire Frame Relay Configuration

hostname frame_switch
!
frame-relay switching
!
interface Ethernet0
 ip address 172.16.1.2 255.255.255.0
!
interface Serial0
 no ip address
 encapsulation frame-relay
 clockrate 56000
 frame-relay lmi-type ansi
 frame-relay intf-type dce
 frame-relay route 101 interface Serial5 102
!
<<<text omitted>>>
!
interface Serial5
 no ip address
 encapsulation frame-relay
 clockrate 56000
 frame-relay intf-type dce
 frame-relay route 102 interface Serial0 101
!
<<<text omitted>>>
!
no ip classless
!
line con 0
line aux 0
line vty 0 4
 login
!
end

frame_switch#
www.pdf24.org    Send article as PDF   

RIPv2: Unicast update using NAT

RIPv2 enabled router can send multicast (default) / unicast / broadcast updates to its neighbor. To configure RIP unicast, we can simply add a neighbor statement to point to the router in which RIP updates are to be sent and can use the passive-interface command to prevent RIP multicast/broadcast from being sent to that neighbor. But for some season if we are not allowed to use neighbor command we can still use NAT as a workaround to translate multicast update to unicast update.

Here, RIP is enabled between R1 and R2. R1 is advertising its loopback interface Lo0 – 190.1.0.1/24 to R2. Lets take a quick look at the initial configuration on these two routers:

Rack1R1#sh runn int lo0
Building configuration…

Current configuration : 84 bytes
!
interface Loopback0
ip address 190.1.0.1 255.255.255.0
ip rip advertise 10
end

Rack1R1#sh runn int fa0/0
Building configuration…

Current configuration : 116 bytes
!
interface FastEthernet0/0
ip address 160.1.12.1 255.255.255.0
ip rip advertise 10
duplex auto
speed auto
end

Rack1R1#sh runn | sec router
router rip
version 2
timers basic 10 60 60 80
passive-interface default
no passive-interface FastEthernet0/0
network 160.1.0.0
network 190.1.0.0
no auto-summary

Rack1R2#sh run int fa0/0
Building configuration…

Current configuration : 116 bytes
!
interface FastEthernet0/0
ip address 160.1.12.2 255.255.255.0
ip rip advertise 10
duplex auto
speed auto
end

Rack1R2#sh run | sec router
router rip
version 2
timers basic 10 60 60 80
passive-interface default
no passive-interface FastEthernet0/0
network 160.1.0.0
no auto-summary

Rack1R2#sh ip route rip
190.1.0.0/24 is subnetted, 1 subnets
R 190.1.0.0 [120/1] via 160.1.12.1, 00:00:08, FastEthernet0/0

From the above output, we can see that R2 is learning R1’s loopback subnet via RIP. A quick debug on R2 will reveal the multicast RIP update from R1:

Rack1R2#debug ip packet detail
…..
IP: s=160.1.12.1 (FastEthernet0/0), d=224.0.0.9, len 52, rcvd 2
UDP src=520, dst=520
IP: s=160.1.12.1 (FastEthernet0/0), d=224.0.0.9, len 52, rcvd 2
UDP src=520, dst=520
…..

Now using NAT we can configure R1 to send unicast update to R2 instead of multicast.

Rack1R1(config)#ip nat outside source static udp 160.1.12.2 520 224.0.0.9 520 extendable
Rack1R1(config)#int fa0/0
Rack1R1(config-if)#ip nat outside

Rack1R1#sh ip nat trans
Pro Inside global Inside local Outside local Outside global
udp — — 224.0.0.9:520 160.1.12.2:520
udp 160.1.12.1:520 160.1.12.1:520 224.0.0.9:520 160.1.12.2:520

On R2, we will run the same debug as before:

Rack1R2#debug ip packet detail
…..
IP: tableid=0, s=160.1.12.1 (FastEthernet0/0), d=160.1.12.2 (FastEthernet0/0), routed via RIB
IP: s=160.1.12.1 (FastEthernet0/0), d=160.1.12.2 (FastEthernet0/0), len 52, rcvd 3
UDP src=520, dst=520
IP: tableid=0, s=160.1.12.1 (FastEthernet0/0), d=160.1.12.2 (FastEthernet0/0), routed via RIB
IP: s=160.1.12.1 (FastEthernet0/0), d=160.1.12.2 (FastEthernet0/0), len 52, rcvd 3
UDP src=520, dst=520
…..

We can do the same configuration on R2 to accomplish the same result 🙂

 

Courtesy ::  http://blog.zakir.net/index.php?/archives/25-RIPv2-Unicast-update-using-NAT.html

www.pdf24.org    Send article as PDF   

RIP Basic Configuration

R1 (s1/0)  ———————- (s1/0)R2(s1/1)  ——————————- (s1/0)R3                         (lo 0 : X.X.X.X/24)

192.168.1.0/30                                                  192.128.1.0/30

 

R1

interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface Serial1/0
ip address 192.168.1.1 255.255.255.252
router rip
version 2
network 1.0.0.0
network 192.168.1.0

 

R2
interface Loopback0
ip address 2.2.2.2 255.255.255.0
interface Serial1/0
ip address 192.168.1.2 255.255.255.252

interface Serial1/1
ip address 192.168.2.2 255.255.255.252

version 2
network 2.0.0.0
network 192.168.1.0
network 192.168.2.0

R3

interface Loopback0
ip address 3.3.3.3 255.255.255.0
interface Serial1/0
ip address 192.168.2.1 255.255.255.252
router rip
version 2
network 3.0.0.0
network 192.168.2.0

 

 

 

www.pdf24.org    Send article as PDF   

VMPlayer installer showing blank screen in WIN 7 64-bit

Resolution

To resolve this issue, you must replace certain files with the original version.

To replace the files:

Open a command prompt. For more information, see Opening a command or shell prompt (1003892) .
Run these commands to re-register the necessary files and details:

If VMware Workstation is installed on a 32-bit version of Windows:

regsvr32 jscript.dll
regsvr32 vbscript.dll

If VMware Workstation is installed on a 64-bit version of Windows:

cd C:\windows\syswow64
regsvr32 C:\windows\system32\jscript.dll
regsvr32 C:\windows\system32\vbscript.dll

Restart Windows.

If these steps do not resolve the issue, edit the registry and enable ACTIVEX display:

Click Start > Run, type regedit, and click OK.

The Registry Editor window opens.

Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0.
Right-click 1200 and click Modify.
In the Value field, enter 0 or 1 and click OK.
Quit the Registry Editor.

If changing the value to 0 or 1 fails to resolve the issue, browse to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\.

In this, there are zones from 0,1,2,3,4. If there is a folder with a name of a special character, delete the folder and then try installing.    >>>>> Exactly this step made it worked for me.

www.pdf24.org    Send article as PDF   

VLANS

A VLAN consists of hosts defined as members, communicating as a logical network segment. In contrast, a physical segment consists of devices that must be connected to a physical cable segment. A VLAN can have connected members located anywhere in the campus network, as long as VLAN connectivity is provided among all members. Layer 2 switches are configured with a
VLAN mapping and provide the logical connectivity among the VLAN members.

VLAN Membership

When a VLAN is provided at an access-layer switch, an end user must have some means of
gaining membership to it. Two membership methods exist on Cisco Catalyst switches:
■ Static VLAN configuration
■ Dynamic VLAN assignment

Static VLANs – Static VLANs offer port-based membership, in which switch ports are assigned to specific VLANs. End user devices become members in a VLAN based on the physical switch port to which they are connected. No handshaking or unique VLAN membership protocol is needed for the end devices; they automatically assume VLAN connectivity when they connect to a port. Normally, the end device is not even aware that the VLAN exists. The switch port and its VLAN simply are viewed and used as any other network segment, with other “locally attached” members on the wire.

Switch ports are assigned to VLANs by the manual intervention of the network administrator, hence the static nature. Each port receives a Port VLAN ID (PVID) that associates it with a VLAN number. The ports on a single switch can be assigned and grouped into many VLANs. Even though two devices are connected to the same switch, traffic will not pass between them if they are connected to ports on different VLANs. To perform this function, you could use either a Layer 3 device to route packets or an external Layer 2 device to bridge packets between the two VLANs.

Configuring Static VLANs

First, the VLAN must be created on the switch, if it does not already exist. Then, the VLAN must be assigned to specific switch ports. VLANs always are referenced by a VLAN number, which can range from 1 to 1005.  VLANs 1 and 1002 through 1005 automatically are created and are set aside for special uses.

Catalyst IOS switches also can support extended-range VLANs, in which the VLAN number can be 1 to 4094, for compatibility with the IEEE 802.1Q standard. The extended range is enabled only when the switch is configured for VTP transparent mode with the vtp mode transparent global configuration command. This is because of limitations with VTP versions 1 and 2. VTP version 3 does allow extended range VLANs to be used and advertised.

Switch(config)# vlan vlan-num
Switch(config-vlan)# name vlan-name

Assign  switch ports to the VLAN

Switch(config)# interface type module/number
Switch(config-if)# switchport
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan vlan-num

To verify VLAN configuration, use the show vlan command to output a list of all VLANs defined
in the switch

 Dynamic VLANs
Dynamic VLANs provide membership based on the MAC address of an end-user device. When a
device is connected to a switch port, the switch must, in effect, query a database to establish VLAN
membership. A network administrator also must assign the user’s MAC address to a VLAN in the
database of a VLAN Membership Policy Server (VMPS).

www.pdf24.org    Send article as PDF   

BGP – PATH ATTRIBUTES

A Path Attribute is a characteristics of an advertised BGP route.

Four Categories of PATH Attributes.

  1. Well-Known Mandatory
  2. Well-Known Discretionary
  3. Optional Transitive
  4. Optional Non-Transitive

Well-Known Attributes – These are those BGP Path attributes which should be recognized by all BGP routers.

  • Well-Known Mandatory – Are those Well-Known attributes that must be included in all BGP Update messages.
  1. ORIGIN
  2. AS_PATH
  3. NEXT_HOP
  • Well-Known Discretionary – Are those Well-Known attribute, that may or may not include in a specific Update Messages.
  1.  LOCAL_PREF
  2. ATOMIC_AGGREGATE

Optional Attributes – There are those BGP attributes which may or not recognized or supported by a BGP router.

  • Optional Transitive – Are those optional attributes in which a BGP process should accept the PATH in which it is included and it should pass the Path in to its peers.
  1. AGGREGATOR
  2. COMMUNITY
  • Optional Non-Transitive – Are those optional attributes in which if a BGP process doesn’t recognize a attribute, it can just ignore the Update message and not need to pass to its peers.
  1. MULTI_EXIT_DISC(MED)
  2. ORGINATOR_ID
  3. CLUSTER_LIST

 

1. ORIGIN

Specifies the origin of the route. When BGP have multiple route , it uses ORIGIN as one factor to select the preferred route.

 * IGP     * EGP    * Incomplete

2. AS_PATH

It contains a list of ASs, through which the PATH will traverse to reach the destination. New AS number  prepend to the existing list.

3. NEXT_HOP

It contains the IP address of the Next-Hop router in the path specified.

Selecting Next-Hop :-

a. If the advertising peers are in different AS, NH = IP of the advertising router

b. If the advertising peers are in same AS and adv route is in same its AS, NH = IP address of the Neigbor that advertised.

c. If the advertising peers are in same AS, but adv route is in different AS, NH = IP address of the external Peer from which route is learned.

4. LOCAL_PREF

  • Used to communicate a BGP router’s degree of preference for an advertised route.
  • If an iBGP router receives multiple PATH to a same destionation, decision taking is done using this attribute.
  • Route with higest LOCAL_PREF is selected

5, MULTI_EXIT_DISC (MED)

  • When LOCAL_PREF can influence only traffic leaving the AS, MED can be used to influence the traffic that comes into AS.
  • One AS says to another AS, that which is its preferred ingress point.

 6. ATOMIC_AGGREGATE and AGGREGATOR

Atomic Aggregate attribute is used by the BGP speaking router when it advertise a aggregated route to its peer to mention that it is a less-specific route. The peers should keep this attribute when sending to its own peers.

Aggregator Attribute is used optionally to mention which the is origin router which aggregation happened and the AS which that router is residing.

 7. COMMUNITY

Simplifies policy enforcement. If a set of destinations have same properties and policies, we can make it as one Community and can be represented using COMMUNITY attribute.

COMMUNITY Attribute format :  AA:NN (Where AA – AS Number, NN – Community Identifier).

Well-Known Communities

INTERNET –  All routes advertised without any specific community by default belongs to INTERNET. It can be advertised freely without any restrictions.

NO_EXPORT – Routes received using this attributes cannot be advertised to eBGP peers.

NO_ADVERTISE – Cannot be advertised both eBGP and iBGP peers.

LOCAL_AS – Cannot advertise to eBGP peers including peers in other Autonomous System within a Confederation.

8. ORIGINATOR_ID

ORIGINATOR_ID attribute contains the RID of the originator of that specific route in the Local AS.

9. CLUSTER_LIST

Contains a sequence of Router Reflection cluster IDs through which the route have passed.

 

 

 

 

www.pdf24.org    Send article as PDF   

BGP – Finite State Machine

IDLE State

  • BGP Always beging with Idle state. All incoming connection in this state will be refused.
  • BGP Process initializes all BGP resources.
  • Start the ConnectRetry Timer
  • Initializes a TCP connection to neighbor
  • Listen for TCP initialization from neighbor.
  •  And changes its state to CONNECT.

CONNECT State

  • Waits for TCP connection to complete.
  • If TCP conn successful, it will clear ConnectRetry Timer.
  • Completes Initialization and sends a OPEN Message to neighbor.
  • And changes the state to OPENSENT State.

ACTIVE State

  • Keep on trying to initialize a  TCP connection to complete neighbor.
  • If TCP conn successful, it will clear ConnectRetry Timer.
  • Completes Initialization and sends a OPEN Message to neighbor.
  • And changes the state to OPENSENT State.

OPENSENT State

  • Send OPEN Message and Wait for a OPEN Message from neighbor too.
  • Once OPEN received its verifies the fields.
  • If any error, sent NOTIFICATION and change to IDLE state.
  • If no Error, a KEEPALIVE message is sent and keepalive timer is reset.
  • HOLD timer is negotiated by selecting the least value.
  • If negotiated HOLD is zero, keepalive and hold timer are not started.
  • Determines whether eBGP or iBGP.
  • Change the state to OPENCONFIRM.

 OPENCONFIRM State

  • Waits for either a Keepalive or Notification Message.
  • If Keepalive, change the state to ESTABLISHED state
  • If Notification,  or a TCP disconnect, or HOLD timer expires change to IDLE state.

ESTABLISHED State

  • BGP peer connection is fully established and BGP routers can exchange their UPDATE/KEEPALIVE/NOTIFICATION messages.
  • If UPDATE or KEEPALIVE Hold Timer is restarted.
  • If NOTIFICATION, changed to IDLE state.

 

www.pdf24.org    Send article as PDF