Configuring an Inter-AS Option B VPN between a Cisco and Juniper
Posted by jrowley in Cisco, Inter-AS VPNs, Juniper on March 9, 2010
One of the things I needed to put together recently is an Inter-AS VPN between a Cisco and Juniper. There isn’t much in the way of documentation on interoperability. Everything I’ve found is Cisco to Cisco or Juniper to Juniper. Hopefully this will help someone.
Parsing IP Access Lists with Cisco::Reconfig without the dreaded died at /cisco/reconfig.pm line 212 message
Since making a few posts about using Cisco::Reconfig, two of the top search results that brings people here is “died at cisco/reconfig.pm line 212″ or “died at cisco/reconfig.pm line 103″. I’ll show you what causes these as I demonstrate how to compare standard and extended ip access-lists with Cisco::Reconfig.
rtrcommander: Using scripts to push out configurations or retrieve output
rtrcommander is a script I wrote to push out configurations to multiple routers, as well as to retrieve output from the cli. It’s a part of Mr Audit (the release of Mr Audit is delayed while I prepare for the CCIE lab).
rtrcommander can be downloaded here: http://www.synacknetworks.com/scripts/rtrcommander.txt
Using NfSen and NfDump to identify DoS/DDoS attacks
If you work for any sort of provider (hosting, isp, etc), chances are that you’ve experienced a DoS/DDoS against a customer or internal system. If so, you know how frustrating it can be to track down the source of the attack unless you have an expensive platform such as from Arbor Networks.
Visio tips and tricks for documenting networks
Posted by jrowley in Network documentation, diagrams on December 24, 2009
Visio is one of my favorite documentation tools. This post will show how to use some of the tricks I’ve learned over the years to create a good looking network diagram.
You’ll notice that I don’t use vendor specific router shapes. They are fine for sales or marketing diagrams. For functional network diagrams, they are pretty useless. I’d rather have a colored box with the hostname and loopback IP inside than have that text outside and cluttering up the diagram. It’s a personal preference, use whatever you want.
Parsing cisco router configurations with Cisco::Reconfig
Cisco::Reconfig is probably my favorite Perl module, with Quantum::Superpositions being not very far behind. In this post, I’ll show you how using both of these can allow you to compare ACLs with very few lines of perl.
Backing up Cisco routers with perl
Here is a useful perl script to backup your routers. Configurations are gzipped and stored in per-hostname directories with a datestamp on each filename. This is meant to be run from cron daily. Change the database user info and the tacacs/radius user info to whatever you use internally.
Perl script to check customer interface status on Cisco routers
Overview
This utility is a simple perl script that checks all interfaces in a Cisco router. It is useful to run before and after router maintenance to ensure customers that were up prior, are up after. This script checks both VRF and non-VRF customers. It also supports /30 and /31 interface addresses.
Read the rest of this entry »