Author Archive

Jun
15

The image below says it all.

Tags: ,

Jun
07

This evening it’s topping 100 degrees in Reno, NV where our rack rental equipment is located. I’m looking at the temperature in our new data center to see how it’s holding up in regards to the high exterior temperature. We have temperature sensors for each cage in our existing data center but so far only have a few installed in our new data center. I’m looking to see what the temperature is in a couple new cages in the new data center that don’t have a temperature senor installed yet. So how can we get the temperature without a dedicated senor and only Cisco devices installed?

Relatively newer Cisco hardware has the ability to display the numerical temperature values by using the show environment command along with polling via SNMP. For the ISR G1′s (1800, 2800, 3800) the internal-ambient, CPU, intake and backplane temperature (3845) and for the ISR G2′s (1900, 2900, 3900) the intake left(bezel), intake left, exhaust right(bezel), exhaust right, CPU and power supply unit temperature can be displayed/polled. I wanted to see the temperature of the management access server (3825′s) located at the top of each cage. I assumed I would just login and issue the show environment command to see the values. Good idea but I don’t want to check it manually every few hours.

I could just login to SolarWinds and see the temperature but as we network engineers know, network management applications aren’t that fun to use. You buy them, install them, swear they are the best thing since sliced bread, drool over the fancy graphs and then two months later you never log back into them unless something is wrong. Plus my normal thought process is to always try and do whatever possible via the IOS as it’s the most fun.

To start I’ll display the values via the show environment command and then poll the values using the SNMP via TCLSH and finally wrap it up with an EEM applet to log the values.

Row8Cage1AS#show environment
 Redundant Power System is not present OR in standby mode.

 SYS PS1 is present.
        Type: AC

 AUX(-48V) PS1 is absent.

 Fan  1 OK
 Fan  2 OK
 Fan  3 OK

 Fan Speed Setting: Normal

 Alert settings:
 Intake temperature warning: Enabled, Threshold: 55
 Core temperature warning: Enabled, Threshold: 70 (CPU: 95)

 Board Temperature: Normal
 Internal-ambient temperature = 33, Normal
 CPU temperature = 50, Normal
 Intake temperature = 32, Normal

 Voltage 1(3300) is Normal, Current voltage = 3300 mV
 Voltage 2(5150) is Normal, Current voltage = 5153 mV
 Voltage 3(2500) is Normal, Current voltage = 2525 mV
 Voltage 4(1200) is Normal, Current voltage = 1215 mV 

 Nominal frequency

Row8Cage1AS#

Now I need to find the SNMP OID related to temperature for the platform. Note that SNMP has previous been setup on this router.

Row8Cage1AS#show snmp mib | in Temperature
ciscoEnvMonTemperatureStatusEntry.2
ciscoEnvMonTemperatureStatusEntry.3
ciscoEnvMonTemperatureStatusEntry.4
ciscoEnvMonTemperatureStatusEntry.5
ciscoEnvMonTemperatureStatusEntry.6
c3gModemTemperature
Row8Cage1AS#

I know it’s one of the ciscoEnvMonTemperatureStatusEntry values but which one? One should be the name, another should be the actual values and another should be the thresholds. Seems like Google should be used here but we know the values via the show environment command so we could poll them and see which one matches. We’ll learn more this way over using Google. We’ll start with the first one and walk down 99.

Row8Cage1AS#tclsh
Row8Cage1AS(tcl)#snmp_getbulk
usage: snmp_getbulk community_string non_repeaters max_repetitions oid [oid2 oid3 ...]
Row8Cage1AS(tcl)#
Row8Cage1AS(tcl)#snmp_getbulk XXXXXX 0 99 ciscoEnvMonTemperatureStatusEntry.2
{<obj oid='ciscoEnvMonTemperatureStatusEntry.2.1' val='Internal-ambient'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.2.2' val='CPU'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.2.3' val='Intake'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.1' val='33'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.2' val='50'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.3' val='32'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.4.1' val='70'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.4.2' val='95'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.4.3' val='55'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.5.1' val='0'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.5.2' val='0'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.5.3' val='0'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.6.1' val='1'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.6.2' val='1'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.6.3' val='1'/>}

Row8Cage1AS(tcl)#
Row8Cage1AS(tcl)#snmp_getbulk XXXXXX 0 3 ciscoEnvMonTemperatureStatusEntry.3
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.1' val='33'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.2' val='50'/>}
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.3' val='32'/>}
Row8Cage1AS(tcl)#

That was easy. The ciscoEnvMonTemperatureStatusEntry.3 is what we are looking for and ciscoEnvMonTemperatureStatusEntry.3.1 is a good value to use as it’s giving us the “internal ambient” temperature.

Row8Cage1AS(tcl)#snmp_getone
usage: snmp_getone community_string oid [oid2 oid3 ...]
Row8Cage1AS(tcl)#
Row8Cage1AS(tcl)#snmp_getone XXXXXX ciscoEnvMonTemperatureStatusEntry.3.1
{<obj oid='ciscoEnvMonTemperatureStatusEntry.3.1' val='33'/>}
Row8Cage1AS(tcl)#

Now how about having this value logged every 5 minutes so we can check back in the morning to see any changes overnight. An easy way to do this is to poll the SNMP OID using EEM and log the value returned using syslog if it’s above 1 degree which we know it will always be. This way EEM will always log the value to syslog.

Row8Cage1AS(tcl)#tclquit
Row8Cage1AS#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Row8Cage1AS(config)#event manager applet EEM_TEMP_MON
Row8Cage1AS(config-applet)#event snmp oid ciscoEnvMonTemperatureStatusEntry.3.1 get-type exact entry-op gt entry-val 1 poll-interval 300
Row8Cage1AS(config-applet)#action 1.0 syslog msg "Row8Cage1AS Temperature $_snmp_oid_val"
Row8Cage1AS(config-applet)#^Z
Row8Cage1AS#
Jun  7 06:53:42.011: %SYS-5-CONFIG_I: Configured from console by bdennis on vty0
Row8Cage1AS#
Jun  7 06:54:12.012: %HA_EM-6-LOG: EEM_TEMP_MON: Row8Cage1AS Temperature: 33

We could convert the value to fahrenheit if we wanted by using this TCL expression: set temp [expr {9.0*$_snmp_oid_val/5.0+32.0}].

Of course using a network management application or script on a server would be easier but doing it via the IOS was fun. There are a few other ways to do this via the IOS and one being SNMP MIB BULKSTAT.

Tags: , ,

May
28

I’m going through R&S Volume II Workbook for the final time before starting on the new R&S CCIE Version 5 labs. If you have any requests as to what you would like to see added to this final revision let me know.

The main focus of this final update will be the first 10 labs. My plan is that after the first 10 labs are done I’m going to go back and create a few different variants of these labs (one with more IP services, one with more IGP, one with just core topics, etc). Additionally I’m going to kill off the Troubleshooting porton and add in full scale Troubleshooting labs using our Troubleshooting racks (28 ISR’s and 4 switches).

Once this is released it will mean the Vol 3 and Vol 4 workbooks will be incorporated into the updated Vol 2. We will have two workbooks for the R&S version 4 blueprint at that point.

Update: I received a lot of questions as to the R&S version 5 update and this update. If you own the version 4 workbooks (Vol 2, 3 or 4) then you will receive this update free of charge. If you own any of the R&S workbooks (Vol 1, 2, 3 or 4) then you will be receive the R&S version 5 workbook when it’s released. All of the R&S version 5 material will be in a single workbook. We will start releasing the new technology focused labs for IOS 15.1T and 15.3T around July once this update is done.

Tags: , ,

May
17

Edit: The INE party will be at the Hard Rock *Hotel*, not the Hard Rock *Cafe*.

I would like to thank the over 600 people who RSVP’d for INE’s 2013 Party at the Hard Rock Hotel in Orlando during Cisco Live. Registration is closed as of today for our party but I wanted to be the first to let everyone know about the grand prize giveaway we are doing. On top of the standard giveaway prizes (iPads, MacBook Airs, AAP Memberships, Bootcamps, etc) we are giving away a Harley Davidson 2013 XL 1200X Forty-Eight to a lucky winner during our party.

Sportster Forty Eight

On top of the Harley Davidson 2013 XL 1200X Forty-Eight we’re having a second grand prize giveaway. Details on the second grand prize giveaway will be revealed after the drawing for the winner of the Harley Davidson at the party.

As a side note I don’t personally ride anymore but that bike really does look cool when it’s all blacked out.

Tags: ,

May
10

Our new CCIE Security Version 4 Technology Labs and Solutions are now available in your members’ site account for customers who owned the previous CCIE Security Volume 1 or 2 workbooks. The labs are in the new HTML format like our Data Center material to ensure you always have the most up to date material along with allowing for advanced features (bookmarking, highlight tasks, etc). The full scale mock labs are in development now and are included with the Security workbook as we are doing away with the volume naming structure (Volume I, II, III, etc) and have gone to a single workbook.

Here is what is available in your members’ site account:

Section 1: System Hardening and Availability

  • Routing Protocol Authentication with RIPv2
  • Routing Protocol Authentication with OSPF
  • Routing Protocol Authentication with EIGRP
  • Routing Protocol Authentication with BGP4
  • Route Filtering with EIGRP
  • Route Filtering with OSPF
  • Route Filtering with RIPv2
  • Control Plane Policing
  • Control Plane Protection
  • Management Plane Protection
  • Disabling Unnecessary Services
  • Controlling Device Access
  • CPU Protection Mechanisms
  • Selective Packet Discard
  • Controlling Device Services
  • Transit Traffic Control with Flexible Packet Matching
  • Congestion Management
  • IOS File System Security
  • Network Telemetry Identification and Classification of Security Events
  • BGP TTL Security Hack
  • IPv6 Selective Packet Discard
  • Continue Reading

    Tags: , ,

    May
    10

    I offered one iPad Mini but in the end I’m giving three iPad Mini’s away. The first one to the person who answered it first as stated in my original blog post. The second one to the first person to answer it and explain why point-to-multipoint resolved it which is also worthy of an iPad Mini. Finally a third to a very detailed answer that is just too good not to give an iPad Mini for. Next time we’ll do the first answer and the best answer.

    Here are the winner’s answers in order listed above:


    Continue Reading

    May
    10

    There was an interesting post on IEOC yesterday in regards to an OSPF virtual link. Below is the original post and questions to win at the bottom of this post.

    Okay, I have never came across anything like this before. On R2 and R3 connected via serial with HDLC. OSPF network type default to P2P. I configured VL using the OSPF RIDs of both routers. R3 VL comes up and R2 VL is down. I changed just about every option which makes logical sense and nothing works. I reboot and clear process and still nothing. Out of shear desperation I changed the network-types to P2MP on both sides and voila it works. I tried testing broadcast and that doesn’t work. Only difference I can find is the mask changed from /24 to /32 in the LSA…as it should. But I am not sure why this has any bearing on the VL coming up.

    Rack1R2#show ip ospf vir

    Virtual Link OSPF_VL8 to router 222.255.255.255 is down

    Rack1R3#show ip ospf vir
    Virtual Link OSPF_VL0 to router 150.1.2.2 is up

    Rack1R2(config)#int s0/1/0
    Rack1R2(config-if)#ip ospf network p
    Rack1R2(config-if)#ip ospf network point-to-m
    *May 9 15:28:40.599: %OSPF-5-ADJCHG: Process 1, Nbr 222.255.255.255 on Serial0/1/0 from FULL to DOWN, Neighbor Down: Interface down or detached
    *May 9 15:28:41.007: %OSPF-5-ADJCHG: Process 1, Nbr 222.255.255.255 on Serial0/1/0 from LOADING to FULL, Loading Done
    Rack1R2(config-if)#
    *May 9 15:28:46.815: %OSPF-5-ADJCHG: Process 1, Nbr 222.255.255.255 on OSPF_VL8 from LOADING to FULL, Loading Done
    Any thoughts??

    Continue Reading

    Tags: ,

    May
    06

    Our new “CCIE Data Center – Implementing Nexus” course is now available in AAP and members site accounts. The course is just under 18 hours in length and covers the Nexus 7k, 5k and 2k platforms. It’ll be available for direct purchase in the next few hours.

    http://www.ine.com/all-access-pass/training/playlist/ccie-dc-implementing-nexus

    Nexus

    Tags: , ,

    May
    06

    I recently added a couple Catalyst 3850′s to my development rack as we are starting to develop them internally. I’ll do a few more detailed blog posts on the Catalyst 3850 in the near future but I just wanted to show how simple it is to perform basic QoS functions using the MQC on the 3850. Below is the configuration to limit VLAN 15 traffic received on a trunk link from a router to 512k.

    class-map match-any test
      match vlan  15
    !
    policy-map test
     class test
        police cir 512000
    !
    interface GigabitEthernet1/0/5
     switchport mode trunk
     load-interval 30
     service-policy input test
    

    Not only is it extremely simple to configure and intuitive from an IOS perspective but you actually get output from the show policy-map command.

    Rack1SW1#sho policy-map interface g1/0/5
     GigabitEthernet1/0/5 
    
      Service-policy input: test
    
        Class-map: test (match-any)
          Match: vlan  15
          police:
              cir 512000 bps, bc 16000 bytes
            conformed 18935704 bytes; actions:
              transmit
            exceeded 761225593 bytes; actions:
              drop
            conformed 0000 bps, exceed 0000 bps
    
        Class-map: class-default (match-any)
          Match: any
    Rack1SW1#
    

    I can’t imagine having to use the 3750 or 3560 switch anymore after working on the 3850 much less doing QoS on them. Basically if you know the IOS then you already know how to configure the 3850.

    Rack1SW1#sho ver | in Software
    Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.02.01.SE RELEASE SOFTWARE (fc1)
    Rack1SW1#
    

    Tags:

    May
    02

    Now that we’re at 12 full Service Provider CCIE racks and going to 16 racks I’ve had the price of the rentals dropped from 30 tokens to 18 tokens to be more in line with utilization. Another reason the prices were lowered – I received a lot of requests on Twitter to lower the price ;)

    Tags: , ,

    Categories

    CCIE Bloggers