In this post I’d like to do an introduction on how you can install KVM and the tools that allow you to easily run VMs. KVM - Kernel Virtual Machine is a Linux kernel module that enables the user space programs to use the hardware virtualization capabilities of Intel or AMD processors.
This week I was required to configure for a client a Cisco 3550 remotely, via a console cable connected between his actual router (linux with Quagga) to this new router. His setup was with 2 BGP sessions, on each having the metro table (about 15K routes) + default route - quite easy in theory, but overall, I spent more time with this project that I was planning initially.
The problems began when I asked him to connect firstly the backup cable / session, to test the functionality. Although the BGP session was UP, the console and the log were filled with messages regarding 'memory fragmentation', 'bad allocation' and stuff like that. After a quick inspection, I thought the issue was caused by the IOS version, so I changed it. When I tested again, the warnings reappeared.
Well, Cisco has some memory allocation algorithm on several equipment families, like 3550, 3750,2950 etc, called SDM - Switching Database Manager.
In this way you can allocate the memory of the router / switch based on your desired goals:
Router(config)#sdm prefer ?
access multicast and qos/acl bias, drop unicast
extended-match Using extended match for unicast routing
routing unicast bias, drop qos/acl
vlan vlan bias, drop routing
In my case, it was a gigabit 3550, so the routing template was perfect for my scenario. The last step was to reboot the router and then all was functioning without any errors. In the end, I had this memory allocation:
Router#sh sdm prefer | i route
number of unicast routes: 24K
number of multicast routes: 6K
You can find a lot of documentation on Cisco's website, regarding the differences between templates and further explanations on this topic.
This is a quick tutorial on how to install a clean FTP server with MySQL user database backend on a Debian based OS:
I was looking today for a way to set my home Cisco router to push multiple domains in the DHCP search list. I found this very useful post written by Jonathan Perkin: http://www.perkin.org.uk/posts/serving-multiple-dns-search-domains-in-ios-dhcp.html where he explains how we can achieve this by using Cisco’s hex sequence in the search option. He also provides a nice python script that converts the domain ASCII string to hex sequence.
In today’s post I will showw how you can do a basic configuration of a TACACS+ Linux server and how to enable the AAA on the networking device. To start with AAA, stands for Authentication, Authorization and Accounting. The authentication is related to the login process: users and their passwords, authorization describes what each of the users is allowed to do on the device and the accounting part logs what commands the users have issued on the device. All these are implemented as a set of attributes stored in a database that can be located locally on the device or hosted remotely on a TACACS+ or RADIUS server.