Christian Dinh
  • Male
  • South San Francisco, CA
  • United States
Share on Facebook
Share Twitter
 

Christian Dinh's Page

Latest Activity

Christian Dinh left a comment for Wesley "Nonapeptide"
"Thanks Wesley."
Jun 24, 2010
Wesley "Nonapeptide" left a comment for Christian Dinh
"Unfortunately, I don't know much about Cisco stuff. Sorry. =( I've always wanted to get into the gutsy parts of networking, but most of my responsibilities involve higher level application level stuff."
Jun 24, 2010
Christian Dinh posted photos
Jun 24, 2010
Christian Dinh left a comment for Wesley "Nonapeptide"
"Wesley, Are you a Cisco guru as well? Need some help configuring Cisco ASA...let me know if you can help. thx."
Jun 24, 2010
Christian Dinh updated their profile
Apr 28, 2010
Christian Dinh posted a blog post

Problems-Issues Installaing E2K7 Mailbox Role

Many websites/blogs/forums provided steps to upgrade from E2K/E2K3 to E2k7/E2k10, but not all of them provided the workarounds or possible problems emerged during upgrade. Credit goes to Henrik Walter (from msexchange.org) for providing detailed tutorials for transitioning Exchange 2k/2k3 to 2k7. The followings are some issues/errors I've stumbled on while transitioning from E2k3 (Ent Sp2 32-bit) to E2k7 (Ent 64-bit). Problem: Exchange 2007 SP1 may not install the ‘Mailbox Role’ under Windows…See More
Apr 15, 2010
Christian Dinh left a comment for Wesley "Nonapeptide"
"Thanks Wesley."
Apr 14, 2010
Wesley "Nonapeptide" left a comment for Christian Dinh
"Hello Christian! Welcome to the SysAdmin Network! Nice to have you here. =)"
Apr 14, 2010
Christian Dinh is now a member of The SysAdmin Network
Apr 14, 2010

Profile Information

Job title
Network Admin
Tech Interests - e.g. Virtualisation? Cisco? Etc.
Cisco, virtualization, routing/switching

Notes for my CCNA lab

Configure cisco router clock:
Router# clock set 10:50:00 Oct 26 2006
Router(config)# clock summer-time CDT recurring

Configure access-list
access-list access-list-number action protocol source source-wildcard destination destination-wildcard [log | log-input], which can be used to enable access lists;

Loopback Interface
A loopback interface is a virtual interface. One of it's uses is when you need an interface that will not go down due to a link or hardware failure.

In OSPF, the IP address of the loopback interface becomes the OSPF router ID. If a loopback interface is not used, then the IP address of a physical (real) interface is used. Should the link connected to that interface go down, then the OSPF router ID would change. Using a loopback interface is this situation insures the router ID will never change.

OSPF is one reason the use a loop back interface, but there are others. For example let’s say you have a router with redundant links, you could use the address of one of the interfaces to telnet to the router, but if that one goes down chances are you will end up having to dig up your documentation on that router to find another interface to telnet to because you are likely to only remember that one you usually use. If you use a loop back instead, you can telnet to the router using the loop back address regardless of what links are up, or down, so long as you have connectivity to it, and your routing is correct.

int loopback 0
ip address 10.1.1.9 255.255.255.255
no shutdown

Configuring and Verifying OSPF
There are a few simple commands that are used to configure and troubleshoot a Cisco router configured to use OSPF in a single area and in a multiple area network. The commands used to configure OSPF are:

. router ospf < process_number > where process_number is a number local to the router. This command configures OSPF as the routing protocol on the router.

. network network_number wildcard_mask defines the networks that are to participate in the OSPF updates and the area that they reside in.. interface loopback < interface_number > ip address < ip_address > < subnet_mask > defines a loopback interface, which is a virtual interface, on the router.

. ip ospf cost < cost > sets the default cost for the router.

. auto-cost reference-bandwidth changes the OSPF cost formula.

Note: The ip ospf cost command overrides the auto-cost reference bandwidth command.

There are a number of show ip commands that can be used when troubleshooting an OSPF network. These commands are:

. show ip ospf, which provides information about the OSPF process and its details.

. show ip ospf database, which provides information about the contents of the topological database.

. show ip ospf interface, which provides information on how OSPF has been configured on each interface.

. show ip ospf neighbor, which displays all the information about the relationship that the router has with its neighbors.

. show ip protocols, which displays the IP configuration on the router, including the interfaces and the configuration of the IP routing protocols.

. show ip route [ip-address [mask] [longer-prefixes]] | [protocol [process-id]], which provides detailed information on the networks that the router is aware of and the preferred paths to those networks. It also gives the next logical hop as the next step in the path.

. debug ip ospf events, which issues log messages for each OSPF packet.

. debug ip ospf packet, which issues log messages describing the contents of all OSPF packets.

Setting up NAT
int en0

! This is the Ethernet 0 interface on the Router- attached to the local network

ip address 10.10.10.10 255.0.0.0

ip nat inside


int s0

! This is the Serial 0 interface on the Router- attached to the Internet

ip address 11.11.11.254 255.255.255.128

ip nat outside

ip nat pool mypool 11.11.11.1 11.11.11.127 netmask 255.255.255.128

! Above is the pool of real Internet addresses which will be overloaded

access-list 1 permit 10.0.0.0 0.255.255.255

! Above is the access list which allows who from the local network can use the NAT service

ip nat inside source list 1 pool mypool overload


! Above is the command that brings all the other configs together- it says to DO IT

ip route 0.0.0.0 0.0.0.0 serial0

!the default route to the Internet

ACLs and HSRP, BGP, OSPF, VRRP, GLBP…
Here’s a handy list of ACL entries to allow your devices to speak routing protocols, availability protocols, and some other stuff. We’ll assume you have ACL 101 applied to your Ethernet inbound; your Ethernet has an IP of 192.168.0.1.

* BGP : Runs on TCP/179 between the neighbors

access-list 101 permit tcp any host 192.168.0.1 eq 179

* EIGRP : Runs on its own protocol number from the source interface IP to the multicast address of 224.0.0.10

access-list 101 permit eigrp any host 224.0.0.10

* OSPF : Runs on its own protocol number from the source interface IP to the multicast address of 224.0.0.5; also talks to 224.0.0.6 for DR/BDR routers

access-list 101 permit ospf any host 224.0.0.5
access-list 101 permit ospf any host 224.0.0.6

* HSRP : Runs on UDP/1985 from the source interface IP to the multicast address of 224.0.0.2. I’ve seen in the past that it runs on UDP/1985, but I didn’t find any evidence of that in a quick Google for it. Can someone verify?

access-list 101 permit udp any host 224.0.0.2 eq 1985

* HSRP version 2 : Runs on UDP/1985 from the source interface IP to the multicast address of 224.0.0.102.

access-list 101 permit udp any host 224.0.0.2 eq 1985

* RIP : Runs on UDP/520 from the source interface IP to the multicast address of 224.0.0.9

access-list 101 permit udp any host 224.0.0.9 eq 520

* VRRP : Runs on its own protocol number from the source interface IP to the multicast address of 224.0.0.18

access-list 101 permit 112 any host 224.0.0.18

* VRRP-E : This is a Foundary thing according to readers, and runs on UDP/8888 from the source interface IP to the multicast address of 224.0.0.2

access-list 101 permit 112 any host 224.0.0.2 eq 8888

* GLBP : Runs on UDP from the source interface IP to the multicast address of 224.0.0.102

access-list 101 permit udp any host 224.0.0.102

* DHCPD (or bootps) : Runs on UDP/67 from 0.0.0.0 (since the client doesn’t have an address yet) to 255.255.255.255 (the broadcast).

access-list 101 permit udp any host 255.255.255.255 eq 67

Christian Dinh's Photos

Loading…
  • Add Photos
  • View All

Christian Dinh's Blog

Problems-Issues Installaing E2K7 Mailbox Role

Many websites/blogs/forums provided steps to upgrade from E2K/E2K3 to E2k7/E2k10, but not all of them provided the workarounds or possible problems emerged during upgrade. Credit goes to Henrik Walter (from msexchange.org) for providing detailed tutorials for transitioning Exchange 2k/2k3 to 2k7. The followings are some issues/errors I've stumbled on while transitioning from E2k3 (Ent Sp2 32-bit) to E2k7 (Ent 64-bit). …



Continue

Posted on April 15, 2010 at 6:13pm

Comment Wall (2 comments)

At 5:09pm on April 14, 2010, Wesley "Nonapeptide" said…
Hello Christian! Welcome to the SysAdmin Network! Nice to have you here. =)
At 8:48pm on June 24, 2010, Wesley "Nonapeptide" said…
Unfortunately, I don't know much about Cisco stuff. Sorry. =(

I've always wanted to get into the gutsy parts of networking, but most of my responsibilities involve higher level application level stuff.

You need to be a member of The SysAdmin Network to add comments!

 
 
 

Sharing problems, tips, and experiences in Systems Administration, especially the human side.

Events

Photos

Loading…
  • Add Photos
  • View All

Videos

  • Add Videos
  • View All

© 2014   Created by Dan Taylor.   Powered by

Badges  |  Report an Issue  |  Terms of Service