Cisco – Interface Technical Training https://www.interfacett.com Wed, 21 Jun 2017 19:26:18 +0000 en-US hourly 1 How to extract your outside IP address-without a chicken or a monkey https://www.interfacett.com/blogs/how-to-extract-your-outside-ip-address-without-a-chicken-or-a-monkey/ https://www.interfacett.com/blogs/how-to-extract-your-outside-ip-address-without-a-chicken-or-a-monkey/#respond Mon, 15 May 2017 17:47:15 +0000 https://www.interfacett.com/?post_type=infct_blogpost&p=11374 Frequently I find myself asking students in my Network+ or Cisco CCNA classes to divulge their favorite resource to use when they want to determine their external (publicly accessible) IP address. Here are some of the more popular answers: whatismyip.com Or ipchicken.com. Or perhaps even better, the ipmonkey.com: I did not include the actual IP … Continue reading How to extract your outside IP address-without a chicken or a monkey

The post How to extract your outside IP address-without a chicken or a monkey appeared first on Interface Technical Training.

]]>
Frequently I find myself asking students in my Network+ or Cisco CCNA classes to divulge their favorite resource to use when they want to determine their external (publicly accessible) IP address.

Here are some of the more popular answers: whatismyip.com

Or ipchicken.com.

Or perhaps even better, the ipmonkey.com:

I did not include the actual IP address that I obtained when I was writing this blog, not because it is some big secret, but because I suggest to readers to run the same tests themselves and compare output.  “Compare to what?” you ask.  Well what if I want to know my external IP address, but I want the results from a command prompt?  There is a way, so let’s see it in action.

This method uses the command prompt, but there is a way to do this in PowerShell as well.  I am not the originator of these methods, but I find them useful enough that I want to throw my voice into the mix and announce them to others who may find them useful also.

The command uses nslookup in non-interactive mode and looks like this:

nslookup myip.opendns.com resolver1.opendns.com

 See figure 4 to see the results:

 

 Hey!  That is the same address I found using the aforementioned web resources, but I did not have to launch a browser to get it!  Now you  can use that information as input in other scripted activities!

I did mention that it can also be done in PowerShell, so I will include that here, although I am not a guru on that topic (always willing to learn more…).

The command and output is

(Invoke-WebRequest -URI (“ifconfig.me/ip”)).Content

and is shown in figure 5:

 

Be aware that it could take up to a minute before the above command generates output, but it does work.  Hope you find this to be a useful tidbit!

Until next time….

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post How to extract your outside IP address-without a chicken or a monkey appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/how-to-extract-your-outside-ip-address-without-a-chicken-or-a-monkey/feed/ 0
How to get more comfortable with IPv6 https://www.interfacett.com/blogs/how-to-get-more-comfortable-with-ipv6/ https://www.interfacett.com/blogs/how-to-get-more-comfortable-with-ipv6/#respond Mon, 12 Dec 2016 21:30:46 +0000 http://www.interfacett.com/blogs/?p=?p=23742 If you are new to the world of networking, perhaps considering putting in the effort to achieve Network + certification, you may wish you were more comfortable with IPv6. If you are already an IPv6 guru, this may be child’s play for you. Yet it turns out that if you are already comfortable with IPv4, … Continue reading How to get more comfortable with IPv6

The post How to get more comfortable with IPv6 appeared first on Interface Technical Training.

]]>
If you are new to the world of networking, perhaps considering putting in the effort to achieve Network + certification, you may wish you were more comfortable with IPv6. If you are already an IPv6 guru, this may be child’s play for you. Yet it turns out that if you are already comfortable with IPv4, you are not far away from treating IPv6 like an old friend.  I like to make comparisons between IPv4 and IPv6 to make the connections easier.  Most of the reluctance to ‘liking’ IPv6 seems to be due to unfamiliarity. Let’s dispel some of that unfamiliarity right now.

Let’s take something we already know and use it as leverage to learn more.  Consider a Class B network in IPv4. For example, 172.16.0.0 255.255.0.0. Using CIDR notation, this can also be written as 172.16.0.0 /16, pronounced ‘slash sixteen.’  We know that in IPv4, this means that the first sixteen bits ‘belong’ to the network, or identify network bits.  The easy way to keep this straight is to imagine that these bits are now chiseled in granite, or that they cannot move.  Figure 1 shows how this looks in binary:

001-how-to-get-more-comfortable-with-ipv6

The red bits in Figure 1 are the ones that can’t move.  The black bits are free to move about. This may seem elementary, but the concept applies in IPv6 as well.  The official dirt on IPv6 is contained in RFC 4291. I want to take one small snippet from that RFC and build on it here, using the above information as a base.  Figure 2 shows section 2.4 of RFC 4291:

002-how-to-get-more-comfortable-with-ipv6

You may know that IPv6 has 128 bits, as opposed to the 32 bits in IPv4. IPv4 is usually written using dotted-decimal notation, for human consumption.  IPv6 is written in hexadecimal, which may make it seem un-human-friendly. It turns out, that is far from the truth.  Consider writing IPv6 in dotted-decimal like IPv4, what would that look like?  Let’s say we break a full IPv6 address into octets (chunks of 8 bits). Instead of four octets as in IPv4, it would take 16 octets to write an uncompressed IPv6 address. No wonder they don’t do it that way. Now back to the main topic, what does the slash notation mean in IPv6?

Figure 2 shows the link-local IPv6 address, which ends with /10.  No need to scrap any prior knowledge here – /10 means what we think it means – that the first ten bits ‘belong’ to, or identify, the network. Figure 3 shows an IPv6 chart similar to the IPv4 chart shown in Figure 2.

003-how-to-get-more-comfortable-with-ipv6

Once again, the red bits indicate bits that will not move.  The black zeroes are free to change.  This means that, much like a route summarization in IPv4, the notation FE80::/10 indicates a block of network information.  We can expand on the table in Figure 3 to see how far this block extends in the third hexadecimal quartet.  This is shown in Figure 4:

004-how-to-get-more-comfortable-with-ipv6

Like before, the red bits don’t move.  But keep an eye on the third hexadecimal quartet and the green bits.  You can see how they roll through all their possible combinations from zero to three.  However, behind the scenes, even though I am writing a (portion of) 128 bit address in binary, it is normally written in hex.  So let’s interpret that third section in hex:

 

Binary             Hexadecimal

1000                            8

1001                            9

1010                            A

1011                            B

 

This means valid link-local addresses can be represented as FE80, FE90, FEA0, and FEB0.  That being said, I have not encountered in the wild any link-local address representation other than the typical FE80 variety.  Maybe that’s because there are so many valid link local addresses that begin with FE80, there is no need to use the rest.  Maybe someday in a galaxy far far away.

If you have any thoughts on your experiences with IPv6, I would love to hear them…

This is an example of what you will learn in the CompTIA Network + Certification class at Interface Technical Training.

For instructor-led CompTIA Certification classes, see our course schedule.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post How to get more comfortable with IPv6 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/how-to-get-more-comfortable-with-ipv6/feed/ 0
Cisco Live 2016 doesn’t stay in Vegas https://www.interfacett.com/blogs/cisco-live-2016-doesnt-stay-in-vegas/ https://www.interfacett.com/blogs/cisco-live-2016-doesnt-stay-in-vegas/#respond Fri, 05 Aug 2016 20:43:10 +0000 http://www.interfacett.com/blogs/?p=?p=23178 If you have not yet been fortunate enough to attend Cisco Live, let me be the emissary of blandishments, the emperor of elocution, the ringmaster of accolades, the…wait, this isn’t the UFC. Let me just share some of my experiences from this year’s version in July from the bejeweled city of Las Vegas. Since the … Continue reading Cisco Live 2016 doesn’t stay in Vegas

The post Cisco Live 2016 doesn’t stay in Vegas appeared first on Interface Technical Training.

]]>
If you have not yet been fortunate enough to attend Cisco Live, let me be the emissary of blandishments, the emperor of elocution, the ringmaster of accolades, the…wait, this isn’t the UFC. Let me just share some of my experiences from this year’s version in July from the bejeweled city of Las Vegas.

Since the majority of the classes I teach are related to CCNA, most of my students are brand new to Cisco and have never attended Cisco Live. I do promote the event in my classes by wearing the yearly hats, sharing the pins, displaying the swag, and including tidbits that have come back with me. A person just starting off in a Cisco career path may wisely wonder what can be expected at this yearly shindig.

The main activity for good ROI is session attendance. There are hundreds of different classroom-style sessions (although the session may have a hundred or more people) covering a wide variety of topics. I usually attend sessions on OSPF, EIGRP, routing, switching, IPv6, security, firewalls, just to name a few. There are entry-level sessions, CCNP –level, CCIE-level, and presentations from select industry experts if that is not enough.  The sessions last from one to two hours, and the slides for each session are available for download so you can take them with you. There are also keynote addresses from top levels within Cisco to give a view of what is in Cisco’s future – at least as well as humans can predict future events.  Let’s see how well

Cisco-damus does this year….

I wanted to share some of the pics I took while I was there – nothing professional, just day by day random shots to capture the moments…. Figure 1 shows some sky-writing airplanes that left  messages for the earth-bound. The planes are virtually invisible, but the message is readily apparent.

Cisco-Live-2016-skywritting

Figure 1

There were at least 5 planes, and they were perfectly synchronized to leave their marks at the right place and time.

If you are not attending sessions, spend some time in the World of Solutions – a vast area where vendors vendors vendors display network measuring tools, monitoring equipment, cloud services, storage methods, all an IT pro could imagine. Oh, they also have free wine and beer and several varieties of foods. Just thought I would throw that in. Here are some of the things I saw there this year.

002-Cisco-Live-2016

Figure 2

Top left:  Look closely, there is a person camouflaged in that networking gear! Top right:  As you can imagine, drones were a big draw and a coveted prize this year. Bottom left:  Another frequently mentioned item – 3D printers, and bottom right shows some 3D printed masterpieces.

The other big prize handed out if your coupon number was called (I got within 3 of the correct number this year) was the Oculus Rift VR headset.

003-Cisco-Live-2016-Oculus-Rift

Figure 3

Every year Cisco has some top-name performers show up for the Customer Appreciation Event and this year was no exception. The opener was Elle King who did a nice set which included her best known song “X’s & O’s.”

Cisco-Live-2016-Elle-King

Figure 4

The main attraction was Maroon 5 who put on an electrically charged show. Since all the hats had blinky lights, this was a full participation event.

005-Cisco-Live-2016-Marron-5

Figure 5

Figures 4 and 5 are all shots taken from a big-screen TV. I don’t mean to brag, but that is my arm in figure 5 on the right, next to the attendee proudly wearing one of the Cisco Live commemorative hats. The venue was the T-Mobile Arena, which only opened for business on April 6, 2016 – the Cisco faithful had to break it in.

If you missed it this year, there is still a value to be had. You can watch sessions from the event if you have a login CiscoLive!.  Create one – it’s free!

I hope this little glimpse has whetted your appetite. There were 28,000 people at this event, but Mandalay Bay was easily large enough to hold everyone. The temperature hovered in the upper nineties, but (unless you wanted to) you never had to set foot outside. Put next year on your calendar – it looks like next year’s event will be in Vegas again – June 25-29, 2017.  And these happenings don’t have to stay in Vegas!

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post Cisco Live 2016 doesn’t stay in Vegas appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/cisco-live-2016-doesnt-stay-in-vegas/feed/ 0
IPv6 Port Redirection https://www.interfacett.com/blogs/ipv6-port-redirection/ https://www.interfacett.com/blogs/ipv6-port-redirection/#respond Wed, 13 Jul 2016 21:50:24 +0000 http://www.interfacett.com/blogs/?p=?p=23159 In this video, Cisco CCNA Instructor Mark Jacob demonstrates how to do port redirections in IPv6. Video Transcription:   Back in November, I wrote a blog. If you read the blogs  at InterfaceTT.com, and it was about IPv6. In fact, I’ve got it up on screen there. You can get IPv6 in your home. I … Continue reading IPv6 Port Redirection

The post IPv6 Port Redirection appeared first on Interface Technical Training.

]]>

In this video, Cisco CCNA Instructor Mark Jacob demonstrates how to do port redirections in IPv6.

Video Transcription:

 

Back in November, I wrote a blog. If you read the blogs  at InterfaceTT.com, and it was about IPv6. In fact, I’ve got it up on screen there. You can get IPv6 in your home. I even got a follow‑up question about, “Hey, I got a device that says it’s got a tab for IPv6 port forwarding, port redirection. How does it work?”

As I was researching the topic in a little bit more detail, I realized it was almost like throwing a side of beef at a crocodile pit! There’s ferocious activity on either side of this issue. There are the purists who say that, “Absolutely without fail, there should not be Net in IPv6. It’s horrible. It’s a workaround.”

There’s other people saying, “Well, jeez, I’m in a college dorm. They give me one IPv6 address and I need to make my whole…” Everybody has 10, 12 devices connected to the Internet of Things. “I’m willing to pay for it, can somebody just do it? You purists can argue over there, but can somebody just make it happen?”

I thought, “You know what? Let me take a look at this.” I’m no Linux guru, I’d certainly like to be more of a Linux guru, it’s cool, but I spent most of my time researching Cisco stuff, and teaching Cisco stuff.

I was digging into IP6 tables, and I happen to have let me bring up, couple of connections that I have going here, because what I built looks like this picture on the screen I have, and it’s over there. I’m connected to it. IPv4 connection, but it works.

What I have is a laptop, which is connected to a Raspberry Pi. The Raspberry Pi is a multi‑home device. It has Ethernet 0 and Ethernet 1. It turns out, that using IP6 tables, I was trying to see if I could…I was considering the laptop like being outside of my network, and that I had…actually I only had room for two, but I have router three, router four, router five, a router six, because I just need the targets.

If I’m a college person, with a bunch of stuff, I got my Slingbox in there, whatever I got running inside there, that I need to access. I wanted to validate this by actually hitting targets on the inside. That’s what I have here, built this, and let’s go ahead and log into the Raspberry Pi.

See I got that right here. Root, it’s running currently Linux. Let’s take a look first of all to see what I have. IP6 tables. The one I’m maneuvering, or manipulating is the NAT table, instead of the IP6 tables. Let’s go, ‑T for tables and NAT, and I’m going to say, ‑L, ‑V, ‑N, to look at what I have.

You notice, if you know Linux at all, there’s nothing extra there. This is what it looks like when I haven’t done anything. [inaudible 2:55] OK, we got that. We know what it looks like when you’re not doing anything

I want to add something to this. I want to add a command. Go back to my picture, what I’m trying to do, my initial attempt here, I want to originate from my laptop a connection. I’m going to try to reach router two via port 22, which of course is SSH. But I’m going to tell this Raspberry Pi if you get some IPv6 traffic coming in on Ethernet 0, on port 22, flip that over to port 23 and send it to this guy.

Send it to 2001DBA01 blah, blah, 12. You realize, I’m performing, don’t tell anybody, [laughs] performing that, and IPv6 port reader action, using my little $35 Raspberry Pi. That’s what I’m going to try to do.

Let’s take a look, let’s get back onto the device. If I can just leave this over here. All right. I’m going to add the command, IP6 tables, ‑T and I want to do a net, and I’m going to do a ‑A for add. I’m going to add it to the pre‑routing, if I can spell today. Again, I was saying, off of interface Ethernet 0 and I want to focus on a TCP port, and let’s say two…not two destination, not yet.

TCP dport, destination port is…When I said was 22, I’m going to come in on port 22 and I want it flipped to port 23 and sent to a new destination. Destination port 22, I want to do a jump to the DNET and to destination and put your IPv6 address in brackets. 2001:DBA:0:1::12, and I want to send it to port 23. Notice it didn’t set with that port number.

I can test that by hitting my laptop now, and see if I can attempt a SSH connection to…Notice, by the way, what IPv6 address I’m going to try to hit. I’m going to tell my laptop “Hey, try the SSH to this address here, to this DBA:1:1::2.” In other words, the IPv6 address that’s on Ethernet 0.

That’s my target. I’m going to shoot at that target and then the Raspberry Pi is going to take that, say “Not only am I going to send you that way, but I’m going to change your port as well.” Let’s get my laptop, let’s go get a command prompt. Do I not have one? Let’s go ahead and make one.

Let’s see, I’m on a…You guys have probably seen that you can Telnet, and you don’t have to Telnet to the default port of Telnet, which of course is 23. I’m going to Telnet, and I’m going to go to that 2001:DBA:0:1:1::2 and then I’m going to change the destination port because if I just “enter” now it’s going to automatically try port 23.

I’m going to put 22 there and hit “enter.” Guess what? Router two is prompting me. I know it’s router two because if I log in, R2 shows up. Notice what we did there. I did a Telnet session to an address which was the…you can imagine if this is your dorm, if you’re a college person trying to do this, this is your edge device.

This is the one address over here that your IT director at the dorm gives you so you got to make everything work from that one.

I hit that address on port 22, the Raspberry Pi flipped that over to port 23. Just a coolest thing in the world. I love that. I don’t have to do port reader action. Let’s try this, let’s go…In fact, if I just hit the up arrow and backspace and do a…By the way, I should have shown you, you can actually see that you get hits on this.

Let’s see…IP6 tables, ‑T net, and I want a ‑L, ‑V, ‑N. You’ll notice that now, there’s that entry that I just created and you see that it’s gotten hits because I’ve got 72 bytes of traffic. It’s gotten hit on that entry in the IP6 tables. Kind of cool.

Anyway, let me pull that command out, and all I got to do to get rid of it is change my Ave from Add to a D for delete. It’s gone. It was like, “OK, all that for not much.” What I want to do now is I want to put it back in but I want to change the 22 to 23, just to show you that you don’t have to do port redirection.

You can do just plain adding. I’m hitting the outside address here, the Ethernet 0, and it’s just going to kick it over to router two. Let’s test that. I don’t have to add…let me exit out of the router [inaudible 8:17] and router two, but let’s get out of it. Let’s try that same command again, but get rid of the 22.

Which means this Telnet attempt is going to happen on the default port, which is 23. Oh, could not, I must have messed it up. What did I…connect failed, port 23…I know why. [laughs] Because it’s probably trying to Telnet directly into the Raspberry Pi. It’s not being redirected.

That wasn’t much fun, but let me show you something that you’ll really think it’s cool. By the way, I found that out because I also try to do this with SSH and I kept SSH‑ing into the Raspberry Pi. That messed me up.

Let’s do this. It’s not in the picture, because I added it after the fact. But I have a R6, a router six, which is actually a 2901 series router. My R2, 3, 4 and 5 are all 2621s, like that R2 that we just logged into is a 2621XM.

Turns out that they do support HTTP connectivity IPv4, but I couldn’t get it to accept IPv6 connectivity. As I said, I have a 2901 series, and its address if you look at the pattern that I have here, notice that R2 has a 12, R3 has a 13, so following that same pattern, R6 is going to have::16.

Since I created this, I know this. It’s not like you’re expected to know that, but I have that. Let’s check, first of all, if I can reach that. I’m going to ping from my Raspberry Pi to 2001:

DB8:  0:1::16 and let’s just get five pings. See if I can…64, yeah, I’m getting replies. That router is up and ready to receive.

I can test it, let’s see if I can test it, will be a good way. Let’s go ahead and just directly try to access it. Let’s bring this guy up, and I don’t need, since it has connectivity, but I’m going to try to browse to its IPv4 address which is 10.2.1.6. Let’s see if it’s going to allow me in…”Unable to connect,” OK, so I have a configured connectivity.

But I do. Take my word, it is up and ready to receive connections. I want to see if I can access it or hit it by redirecting the port. Here’s what I want to do. If I look at this laptop, I want to try to hit this address, IPv6 wise, on…and I’m going to pick a [inaudible 10:54] like port 27, don’t even have that one memorized.

It’s just some port that my Raspberry Pi isn’t going to interfere with by accidentally listening to. I want to have it redirected not only to a different address, IPv6 address, but to a different port. Coming in on port 26, I want it to flip it over to port 80. We go back and I should just be able to hit the [inaudible 11:16] so not to have to retype all this.

Let’s change that to an 80. By the way this is kind a small. Let’s go to my options. Let’s see. There you go. A little bit larger so you can see it.

All I’ve done so far is I change that ending, the destination port to 80. Remember its 6 so this is going to be a 16.The destination port I change it to some random port like 27, no big deal. Anything else I want to get rid of the ‑D because I can’t delete something that doesn’t exist yet, so let’s add that in and I believe that’s all I need.

One last thing before I do this because if I can’t actually hit the device, I was able to ping it right up here, I was able to ping it.

Let’s review what have done, or what I am trying to do. I want to try to create a connection attempt via HTTP, but HTTP over IPv6. I’m going to point to this address and it should redirect me to router 6, which is::16 at the end.

Let’s check it. I can do that by once again I will try using Telnet. Actually, no. Let’s try this. Let’s do this. Let’s stop that. I want to go to 2001:

DB8:  And let me shrink this a little bit so you can see what I am doing.

That’s the address I want right there, so 1:1::2. That’s the address, and I want to go on, what did we say, 26 or 27. I should look at that too. Let’s see, where did you go, we changed that to a 27. That’s not at 27. I should’ve copy it and paste it.

Let’s try this again. 2001:

DB8:  1, 1, 2, 27. This time I’m going to be smart and selected so I can have it at the ready in case I do something wrong. Look at that its prompting me for logging credentials. Turns out by the way, kind of a heads up, I didn’t name this one R6 to match the other names like R2, 3, 4, 5. This is just the 2901 series router which would accept IPv6 connections.

Let’s go ahead and log in, see if it lets me. Look at that Cisco configuration professional, here I am. I am on this device, I have hit this device. According to my window, I am going to port 27. If I go back to my Raspberry Pi, I can check.

Let’s go IP6 tables ‑T is the net table. I’m going to do ‑L, ‑V, V is for both so I can see if I got any hits. Look at that, I have bytes that are going, coming in on port 27, kicking over to this IPv6 address on this port. If I really want to verify, I can even go back to my device, like my 2901 series device. Let’s see. I don’t want to do it from here, I want to do it from, let’s see if it would let me.

2001:

DB8:  1, 1, 2 and the Telnet should work. That’s right. It’s going to try the Telnet into the Pi.

Anyway, one of the things I recommend doing and it could use for debug command if you try to see if the traffic gets there. Debug IPv6 packets is a good one, or you can create an access list to watch for and since I’m having trouble hitting R6 because the Pi is getting in the way, let me show you if you really need to see the traffic.

Let’s go ahead and go into router 2 and I’m going to create IPv6 access list, and name it, I don’t know, IPv6. Let’s permit, let’s go TCP from anywhere to anywhere as long as it’s addressed to port 80. Let’s try that. Anything coming in on port 80. Now, I can do debug on this where I am watching for just that traffic cause anytime you debug IP or IPv6 packets, you are overloading the device or you are in danger of it.

Watch this, I will do a debug IPv6 packet and then I can [inaudible 16:12] the question mark one of the options is I can apply an access list. I named the access list IPv6. I don’t need the detailed options so I will just hit that. Right now, nothing’s happening because nobody is trying to access this device on port 80, but let’s go back to our Raspberry Pi and let’s put in something that redirects traffic.

Now, it’s useful to have this picture. I want to direct traffic to this address, the::12 and I want to send it to port 80.

Let’s do that. Port 80,::12 to destination and let’s do this. This is what I was showing you before. You don’t even have to do port redirection, I’ll say just 80 but, still leave it on port 80 but send it over there and I’m adding this in.

To test this I need to attempt to, from a browser on my laptop. Look at this picture, I want to open a browser on here and try to access this address on port 80. Let’s see what we get. Bringing it up and I will just do a tab and its 2001:

DB8:  And the whole reason for this is how can I verify the receiving device that anything is even happening.

DB8:  1, 1, 2 and we said port 80, so I don’t need to do anything. It’s already going to be port 80. Hit enter. Now it is not going to work. This was the issue I was having but you’ll notice if I go back to router 2. Look at all that debug traffic that is now showing up and I know for a fact that it’s the only debug I have running and that access list its only going to show hits if it’s coming in on port 80.

This is before I realize that. I can’t get my HTTP access to work on IPv6. It’s platform dependent. My 2901 can do it.

Let me just see if the traffic is getting there. This is very useful way to do that. As I said at the outset, for small $40 investment you can get yourself a Raspberry Pi running, it’s Linux. Mine is Kali Linux, and do your own IPv6 port redirection.

Do that inside your college dorm room or whenever you need to do it because where there exist a need, no matter how pure you want to keep the standard, if just people willing to purchase, the option it’s going to happen. I wanted to show you one way it could be done.

 

If you have any questions or comments, please feel free to post them.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post IPv6 Port Redirection appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/ipv6-port-redirection/feed/ 0
Cisco is going viral (VIRL actually)! https://www.interfacett.com/blogs/cisco-is-going-viral-virl-actually/ https://www.interfacett.com/blogs/cisco-is-going-viral-virl-actually/#respond Wed, 29 Jun 2016 22:56:53 +0000 http://www.interfacett.com/blogs/?p=?p=23133 Heads up!! If you haven’t already heard, Cisco has rolled out a new virtualization solution which will allow Network Administrators and Engineers, in short, IT Professional of all kinds, to design, deploy, and test network topologies before actual nuts and bolts deployment.  I saw hints and allegations about it at my last two Cisco Live … Continue reading Cisco is going viral (VIRL actually)!

The post Cisco is going viral (VIRL actually)! appeared first on Interface Technical Training.

]]>
Heads up!! If you haven’t already heard, Cisco has rolled out a new virtualization solution which will allow Network Administrators and Engineers, in short, IT Professional of all kinds, to design, deploy, and test network topologies before actual nuts and bolts deployment.  I saw hints and allegations about it at my last two Cisco Live appearances, but now it is truly available for purchase.

The new product is called VIRL.  It stands for Virtual Internet Routing Lab.  Many readers are likely already familiar with GNS3, a very robust yet free virtualization solution about which I have blogged numerous times.  VIRL is not being offered for free.  There are two (as of this writing) pricing tiers.  The personal edition is $199.99, which purchases a single install for one year.  Your money is buying you an annual license which allows topologies of up to 15 Cisco nodes to be configured.  For those who qualify, there is also an academic version available for $79.99 per year.

If you don’t mind spending some cash to advance your networking career, NetSim 10 Network Simulator is also a fantastic product offered by Boson; New NetSim 11 for ICND1 and ICND2 Labs.  They have an ICND-level simulator, and if you are studying for your CCNP, they have recently released a version specifically dedicated to CCNP lab topics.  On a side note, they also offer practice exams for Cisco, Microsoft, and even CompTIA, for those whose nerves are soothed by honing their exam-taking skills with repeated practice.

What do you get for your VIRL money?  Comparing once again with something more familiar, GNS3 allows the user to build out network environments virtually, and then test them for functionality.  It is also a fantastic study tool if you want to avoid buying actual gear and then dealing with using up space in your house, not to mention electrical and cooling requirements.  However, the user must have a copy of the IOS for each platform used in GNS3.  VIRL is considerably more capable in certain areas.  For extra coolness, VIRL will automatically create configurations for selected devices if the user desires.  At this point, GNS3 does not create configs for the user.

Don’t get me wrong.  I am a fan and proponent of GNS3, and will continue to use it.  Digging deeper into VIRL shows why I will be branching out in the future.  VIRL will allow the user to experiment with the Cisco IOS, IOS XE, IOS XR, not to mention NX-OS.  Talk about gaining experience on diverse platforms without shelling out tens of thousands of dollars to have actual gear accessible!  If you are used to the nice topology diagrams displayed in GNS3, you will not be disappointed.  The graphical interface is not just cool to see, it allows simulation control as well.

If you are already on the virtualization bandwagon (and who isn’t?) then working with virtual routers, switches, and servers will be no big deal.  I have considerable experience working with Microsoft’s virtualization solution – Hyper-V – so I thought I would have one less area to explore when I first heard about VIRL.  However, VIRL does not work with Hyper-V, at least not per the documentation on the Cisco website.  Instead, it works with the Linux KVM hypervisor. For non-hypervisor people, there is a bare metal version of VIRL.

If you want to go with the hypervisor choice, VMWare is prominently mentioned on Cisco’s list.  Either way, your hardware also must support virtualization, and the option must be enabled in BIOS.   There is even a short video about the product if you would rather watch than read.  It can be viewed at Virtual Internet Routing Lab.

Bottom line – if you would rather practice a little before committing to expensive network upgrades, or if you are studying for a certification exam, or your idea of Friday night fun is build a virtual network, you simply must check out Cisco’s VIRL solution.  I will be posting future blogs demonstrating how to use this amazing product so stay tuned!

If you have any questions or comments, please feel free to post them.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post Cisco is going viral (VIRL actually)! appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/cisco-is-going-viral-virl-actually/feed/ 0
Cisco CCNA R&S Addition – Serial Multilink Done on GNS3 https://www.interfacett.com/blogs/cisco-ccna-rs-addition-serial-multilink-done-on-gns3/ https://www.interfacett.com/blogs/cisco-ccna-rs-addition-serial-multilink-done-on-gns3/#respond Mon, 27 Jun 2016 19:43:47 +0000 http://www.interfacett.com/blogs/?p=?p=23011 If you are getting psyched for the newly added stuff in CCNA R&S v3, I have a little piece of it here for you today. It is called MLP (Multilink PPP) and it comes down to bundling multiple real links into one virtual link. It is one of the new topics and there is even … Continue reading Cisco CCNA R&S Addition – Serial Multilink Done on GNS3

The post Cisco CCNA R&S Addition – Serial Multilink Done on GNS3 appeared first on Interface Technical Training.

]]>
If you are getting psyched for the newly added stuff in CCNA R&S v3, I have a little piece of it here for you today. It is called MLP (Multilink PPP) and it comes down to bundling multiple real links into one virtual link. It is one of the new topics and there is even lab time given for it, so I wanted to see if it would also work in GNS3.

Spoiler alert – it does work successfully in GNS3, but let’s see how it is done. The topology is shown in figure 1:

001-cisco-ccna-serial-multilink-done-on-gns3

Figure 1

As you can see, there are two real interfaces connected on each router, Serial 0/0 to Serial 0/0 and Serial 0/1 to Serial 0/1. The purpose here is to bundle those real interfaces into a virtual link, so the real interfaces are configured with encapsulation ppp, no ip addresses, and the no shutdown command.

Here are some of the configuration steps:

 

R1(config)# interface multilink 1

R1(config-if)# ip address 172.16.1.1 255.255.255.0

R1(config-if)# ppp multilink

R1(config-if)# ppp multilink group 1

 

You notice after the first command is issued that a new interface is created, much like crating a loopback interface or a tunnel interface.

Now do the same on R2, allowing for the different IP address:

 

R2(config)# interface multilink 1

R2(config-if)# ip address 172.16.1.2 255.255.255.0

R2(config-if)# ppp multilink

R2(config-if)# ppp multilink group 1

 

All that remains now is to assign interfaces to the multilink bundle. Enter these commands on both R1 and R2:

 

R1(config)# interface Serial1 0/0

R1(config-if)# ppp multilink

R1(config-if)# ppp multilink group 1

R1(config)# interface Serial 0/1

R1(config-if)# ppp multilink

R1(config-if)# ppp multilink group 1

 

And R2:

 

R2(config)# interface Serial1 0/0

R2(config-if)# ppp multilink

R2(config-if)# ppp multilink group 1

R2(config)# interface Serial 0/1

R2(config-if)# ppp multilink

R2(config-if)# ppp multilink group 1

 

Once these commands have been issued, a useful show command is show ppp multilink

Figure 2 shows the output of that command on R1:

002-cisco-ccna-serial-multilink-done-on-gns3

Figure 2

 Figure 3 shows the same command output on R2:

003-cisco-ccna-serial-multilink-done-on-gns3 

Figure 3

 One thing to note is that R1 says its endpoint discriminator is R2 and vice versa on R2. Figure 4 shows if we can ping across this virtual link:

004-cisco-ccna-serial-multilink-done-on-gns3

Figure 4

That is pretty cool, plus if a single real link fails, the multilink will remain up and functioning. My main goal was to test this concept in GNS3, and per usual, GNS3 performed admirably. This is just one of the additions to the v3 of the CCNA R&S track, stay tuned for more exposure to the updates in future blogs. I would be happy to hear any questions or comments regarding this blog, so feel free to post.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post Cisco CCNA R&S Addition – Serial Multilink Done on GNS3 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/cisco-ccna-rs-addition-serial-multilink-done-on-gns3/feed/ 0
Get your CCNA R&S – it’s getting a makeover CCNA v3.0 https://www.interfacett.com/blogs/get-your-ccna-rs-its-getting-a-makeover-ccna-v3-0/ https://www.interfacett.com/blogs/get-your-ccna-rs-its-getting-a-makeover-ccna-v3-0/#respond Fri, 10 Jun 2016 16:47:34 +0000 http://www.interfacett.com/blogs/?p=?p=22962 Back in April 2013, I posted a blog about the fact that Cisco was updating the CCNA program. While this is not an uncommon occurrence, it has been a mere three short years since this happened. Get ready, because another major update has happened.  As of May 17, 2016, version 3.0 is hitting classrooms. If … Continue reading Get your CCNA R&S – it’s getting a makeover CCNA v3.0

The post Get your CCNA R&S – it’s getting a makeover CCNA v3.0 appeared first on Interface Technical Training.

]]>
Back in April 2013, I posted a blog about the fact that Cisco was updating the CCNA program. While this is not an uncommon occurrence, it has been a mere three short years since this happened. Get ready, because another major update has happened.  As of May 17, 2016, version 3.0 is hitting classrooms. If you are already on track to get your CCNA R&S certification, don’t snooze. The current version is version 2.0  The version 2.0 exams are slated to expire soon.  For ICND1 (100-101) and CCNAX (200-120), the exams expire on August 20, 2016.  For ICND2 (200-101), the exam expires on September 24, 2016.

 

Old Exam number New exam number
100-101 100-105 ICND1
200-101 200-105 ICND2
200-120 200-125 CCNAX (CCNA all-in-one exam)

 

What is changing?  Wow!  For starters, Frame Relay is going away.  I know those of you who were forced to learn it in days gone by may experience a pang of regret at this news.  Also gone are Dual Stack in the IPv6 coverage, Cisco Express Forwarding (CEF), VRRP, and GLBP.  Have they stripped it to the bone?  Not a chance.  Here are a few things that have been added:

A 50,000 foot view of firewalls, wireless access points, and wireless controllers.  Also in the knowledge pool is LLDP, a non-vendor-specific discovery protocol similar in function to CDP,  multilink serial, basic eBGP, more info on cloud services, RIPv2 (Yes, I said RIP is back), programmable networks, and QoS.

If you are well on your way to testing for Version 2, don’t delay – the end is coming quickly.  If you are content to begin your Cisco career path with CCNA R&S v3, now is the perfect time to get rolling.   The labs that are associated with Authorized Cisco Training are virtual labs, so even after the class ends, you can continue to explore the lab environment until your lab time expires.

Don’t forget, Cisco Live 2016 in Las Vegas is coming in early July, and if you get the full ride, it comes with a free certification exam.  Just another reason to put Cisco Live on your schedule.  If you are wondering, the featured performer at the customer appreciation event this year is Maroon 5.  Two thumbs up!

I hope this information has been useful for those wishing to keep up with Cisco’s rapidly changing CCNA education track, and more information can be found on cisco.com.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

 

The post Get your CCNA R&S – it’s getting a makeover CCNA v3.0 appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/get-your-ccna-rs-its-getting-a-makeover-ccna-v3-0/feed/ 0
Performance testing and monitoring using free tool NTttcp from Microsoft https://www.interfacett.com/blogs/performance-testing-and-monitoring-using-free-tool-ntttcp-from-microsoft/ https://www.interfacett.com/blogs/performance-testing-and-monitoring-using-free-tool-ntttcp-from-microsoft/#respond Tue, 19 Apr 2016 16:24:28 +0000 http://www.interfacett.com/blogs/?p=?p=22821 In my classes, whether it is a Cisco class or a CompTIA Network + class, one of the topics always considered is monitoring the network. It turns out that there is a cool tool that is available from Microsoft that allows a network admin to stress test a network connection and monitor the results. Simply … Continue reading Performance testing and monitoring using free tool NTttcp from Microsoft

The post Performance testing and monitoring using free tool NTttcp from Microsoft appeared first on Interface Technical Training.

]]>
In my classes, whether it is a Cisco class or a CompTIA Network + class, one of the topics always considered is monitoring the network. It turns out that there is a cool tool that is available from Microsoft that allows a network admin to stress test a network connection and monitor the results. Simply access your preferred search engine and look for NTttcp download. There is a help document that accompanies the download which explains in detail your options. There is even a lab in the Network+ class that performs this test, albeit in a virtual environment. In this blog I will perform similar steps to those in the lab, but on two real machines. I will not be exploring all the choices which can be executed with the tool, but enough to introduce the tool if you are unfamiliar with it.

I have two machines that are directly connected with a crossover cable and have been configured with IP addresses in the same network: PC1 is 10.100.0.1/24 and PC2 is 10.100.0.254/24. A view of the topology is shown in figure1:

 001-Network-Topology-NTttcp-from-Microsoft

Figure 1

What I like to do when I execute these steps is to title my command prompt windows to keep track of where I am. I have connected my two machines, I have launched two command prompt windows (as Administrator, of course) and I have my text files ready to paste into those windows. Here are the contents of the text files on PC1 and PC2 respectively:

PC1

paste this into the window for sending

title PC1 sender
cd {path} <- insert the path to your executable here
ntttcp -s -m 1,0,10.100.0.254 -p 10000 -d -a 4

 

paste this into the window for receiving

title PC1 receiver
cd {path} <- insert the path to your executable here
ntttcp -r -m 1,0,10.100.0.1 -p 20000 -d -a 4
PC2
title PC2 sender
cd {path} <- insert the path to your executable here
ntttcp -s -m 1,0,10.100.0.1 -p 20000 -d -a 4

title PC2 receiver
cd {path} <- insert the path to your executable here
ntttcp -r -m 1,0,10.100.0.254 -p 10000 -d -a 4

 

See Microsoft’s full documentation for a complete discussion of command line options. In the steps above, the –m switch allows the tester to specify single- or multi- thread operations and which processor to use. The –p switch specifies the beginning port number to uses to start transferring data. The –a switch specifies asynchronous data transfer with 4 outstanding I/O buffers. Execute the commands so that everything above is pasted into the window, but don’t hit Enter on anything yet. Once all windows are preloaded, make the receiver window on each machine the active window. Hit Enter in each window, then make the sender window the active window on each PC. Hit Enter simultaneously (or as close as possible) in each sender window.  Let’s take a look at the command prompt windows on PC1 after executing the commands above:

002-Command-Prompt-NTttcp-from-Microsoft

Figure 2

Figure 2 shows the receiver window on PC1. Now let’s see the sender window on PC1:

003-Command-Prompt-Network-Activity-NTttcp-from-Microsoft

Figure 2

Let’s do the same for PC2. Here is the receiver window:

004-Command-Prompt-receiver-Network-Activity-NTttcp-from-Microsoft

Figure 3

Here is the sender window:

005-Command-Prompt-sender-Network-Activity-NTttcp-from-Microsoft

Figure 4

Note the very close correlation between the sending window of one machine and the receiving window of the other machine. For instance, in the sending window of PC1, it shows Bytes: 695.750000 and the receiving window of PC2 shows 695.750122. The sending window shows Packets Received : 455535 while the receiving window shows 455356 Packets Sent. This gives the admin very good numbers on throughput success.

Another fun activity is to run Task Manager or Performance Monitor (or even Wireshark) during the test and viewing the results. Here is a screencap of PC1 which was running Performance Monitor:

006-Performance-Monitor-sender-Network-Activity-NTttcp-from-Microsoft

Figure 5

Notice that the test pegged the meter briefly. PC2 was running Task Manager:

007-Task-Manager-Network-Activity-NTttcp-from-Microsoft

Figure 6

Of course you can manipulate the counters in Performance Monitor to suit your fancy. As mentioned, there are numerous other options available, multi-threading and multi-proc, for example. I just wanted to introduce this formerly internal-only tool that Microsoft has made available in case you hadn’t seen it before. Have fun exploring the options, and if you find anything cool you wish to share, please leave your comments here.

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post Performance testing and monitoring using free tool NTttcp from Microsoft appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/performance-testing-and-monitoring-using-free-tool-ntttcp-from-microsoft/feed/ 0
Become a Cisco CCSI – no instructor cut score required https://www.interfacett.com/blogs/become-a-cisco-ccsi-no-instructor-cut-score-required/ https://www.interfacett.com/blogs/become-a-cisco-ccsi-no-instructor-cut-score-required/#comments Thu, 31 Mar 2016 17:48:10 +0000 http://www.interfacett.com/blogs/?p=?p=22777 Back in April 2014, I posted a blog – that was actually a follow-up blog – on becoming a Cisco CCSI.  In that blog I referenced a Cisco resource that provided the requirements for reaching this goal.  The resources cited mentioned the instructor cut score requirement.  In my blog, I mentioned that the instructor cut … Continue reading Become a Cisco CCSI – no instructor cut score required

The post Become a Cisco CCSI – no instructor cut score required appeared first on Interface Technical Training.

]]>
Back in April 2014, I posted a blog – that was actually a follow-up blog – on becoming a Cisco CCSI.  In that blog I referenced a Cisco resource that provided the requirements for reaching this goal.  The resources cited mentioned the instructor cut score requirement.  In my blog, I mentioned that the instructor cut score requirement had been eliminated.  (For those unfamiliar, this requirement meant that an instructor had to score higher than the Pearson VUE passing score, so ending your exam and seeing PASS was not necessarily sufficient – you had to pass at Cisco’s required score.)  Alas, I still have been unable to locate a Cisco web resource that categorically states that this requirement no longer exists.  What to do…?

I have received questions regarding this information, so I hope this posting satisfies those desirous of obtaining a CCSI certification!

In an effort to get official information, I contacted Cisco directly.  They provided me with a document and granted permission to post this document as a resource so that others could verify the information regarding removal of the higher score requirement.  Thank you Cisco!!


Cisco-CCSI-banner

Requirements to Become a Certified Cisco Systems Instructor (CCSI)

1. To become a Certified Cisco Systems Instructor (CCSI) the candidate must first be sponsored by a Cisco Learning Partner (CLP). The CCSI candidate must associate themselves to the Learning Partner in Partner Self Service.

2.  CCSI Candidate must select any authorized course to be their initial baseline course which they will be certified to teach. (i.e. ICND1, ROUTE, SWITCH)

3. CCSI Candidate must observe the class selected to be their initial baseline course taught by an authorized CCSI and must pass the associated certification exams. The CCSI candidate must have a CCNA certification or higher to enroll into the program.

4. The Sponsoring Learning Partner admin enrolls the CCSI Candidate into the Learning Partner Manager System (LPMS).

5. CCSI Candidate obtains the Student and Instructor Kits for ICND1 and ICND2 from the sponsoring Learning Partner to prepare for the ICP event. The Instructor Certification Program (ICP) Kit Membership can be purchased on the Cisco Learning Network Store. Please review member purchasing guidelines and FAQs at CCSI Program Membership/Instructor Kit Information.

6. Sponsoring Learning Partner will work with their associated Education Service Distributor (ESD) to enroll the candidate in the 2-day Instructor Certification Program (ICP) event which evaluates both presentation skills and technical/lab skills.

7. Candidates must pass both presentation and lab components of the ICP event to qualify as a CCSI.

8. The ICP Proctor must submit all candidate results to icp_results@cisco.com AFTER the ICP event is complete. Once validation has been done, ICAD Team will send a welcome email to the CCSI and the associated Learning Partner which contains the official CCSI number within one week of obtaining candidate results from ICP Proctor.

9. The CCSI must purchase the CCSI IK Membership (Base or Premium) on the Cisco Learning Network Store and accept the CCSI Agreement in order to be considered an authorized CCSI and approved to deliver Cisco training.

10. The CCSI needs to request access to the CCSI Forum. This private forum is exclusively for CCSIs to: share expertise, exchange ideas, access information and resources, gain support, and receive important announcements.


If you have any comments or questions, please feel free to post them….

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

 

The post Become a Cisco CCSI – no instructor cut score required appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/become-a-cisco-ccsi-no-instructor-cut-score-required/feed/ 1
Windows Batch File To Set Static IP Address Even if NIC is Renamed https://www.interfacett.com/blogs/windows-batch-file-to-set-static-ip-address-even-if-nic-is-renamed/ https://www.interfacett.com/blogs/windows-batch-file-to-set-static-ip-address-even-if-nic-is-renamed/#respond Wed, 23 Mar 2016 21:47:09 +0000 http://www.interfacett.com/blogs/?p=?p=22762 My blog today is not specific to Cisco technologies, but it is something that I found useful in my Cisco classes. I needed a script that would set a static IP address on the network adapter, set a DNS server, and function even if the student had renamed the NIC. Here is the solution that … Continue reading Windows Batch File To Set Static IP Address Even if NIC is Renamed

The post Windows Batch File To Set Static IP Address Even if NIC is Renamed appeared first on Interface Technical Training.

]]>
My blog today is not specific to Cisco technologies, but it is something that I found useful in my Cisco classes. I needed a script that would set a static IP address on the network adapter, set a DNS server, and function even if the student had renamed the NIC. Here is the solution that worked for me.

@ECHO OFF
title {Whatever you want to have appear as the window title}
:sn
cd\
cls
set /p sn=What is your student number (between 2 and 18)? 
Note, this script functions per student, but feel free to change your particulars
REM **************Student number error trap**************************
  if %sn% lss 2 goto sn
  if %sn% gtr 18 goto sn
REM *************************************************************

:choice
echo You have entered that
echo your student number is %sn%.

set /p yn=If this is correct, type 'y' for yes or 'n' for no and hit Enter 
The following 4 lines prevents errors if the response is upper case vs lower case
  if %yn%==y goto set
  if %yn%==Y goto set
  if %yn%==n goto sn
  if %yn%==N goto sn
cls
echo Please select 'y' or 'n'
goto choice

:set
cls
echo Prepping your computer for the troubleshooting lab.  Please wait...
The timeout is not required, I just configured it so it looked busier 
timeout 5
for /f "skip=4 tokens=5*" %%i in ('netsh int ip show int') do echo %%i %%j> tmpvar
In my case, the output I needed started at the fifth ‘chunk’, so my tokens started at 5.

You can view the output of what I am parsing on your machine by typing
netsh initerface ip show interface and locate the desired output
set /p IN= < tmpvar

netsh interface ipv4 set address name="%IN%" source=static 10.%sn%.10.100 mask=255.255.255.0 gateway=10.%sn%.10.10
netsh interface ipv4 set dnsservers "%IN%" static 8.8.8.8 primary > nul
The ‘> nul’ guarantees nothing is sent to the screen so the student sees no output besides the ‘echo’ statements.
echo Your computer is now ready for the lab
pause
exit

 

Feel free to mod this script to meet your specific needs.

If you have any comments or questions, please feel free to post them….

Until next time.

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

The post Windows Batch File To Set Static IP Address Even if NIC is Renamed appeared first on Interface Technical Training.

]]>
https://www.interfacett.com/blogs/windows-batch-file-to-set-static-ip-address-even-if-nic-is-renamed/feed/ 0