I just want to take this time to wish everyone a Merry Christmas. Im very thankful for Jesus Christ, the Savior of this world for those who will accept what He did for us. He came down to His creation who rebelled against Him. He lived as a man on this Earth perfectly, with a plan only He could do. He lived perfectly on this Earth and we rejected Him, and ultimately put Him to death. Thankfully His death meant more that what we thought. It was the sacrificial death for us all to cover us for eternity for the forgiveness of our sins. We have so much evidence that this event took place, in the Biblical records and in NON-Biblical records. No one ever disputed this during those times. And now, for the rest of this story, Im thankful that He rose 3 days later and lives today. Again, we have so much Biblical evidence for this and NON-Biblical evidence of this. Again, no one has ever disputed with any proof during those times or since. He lives today to bring forgiveness and mercy to you and to me. He lives to restore us to what we were meant to be. And He will one day, once this life in this sinful, broken world is done, will take us home for an eternity in Heaven. I have that hope, faith, and knowledge in the Truth. My prayer for you is that you will have this too. To know real peace. If you want more details on this, read my "About Me" page for a more in depth discussion on it. But I tell you today Merry Christmas! May you all be blessed beyond measure this Christmas season.
Shane Killen
Saturday, December 22, 2012
Brocade: Inline Power Power-by-class Command
I really like to change the power settings on each port to a lower rate than what the default is on the Brocade POE switches. I personally find that if I do that, I have less power issues one the switches. The default is 30W per port. I like to run them down to 7W per port. I find that most IP phones and APs generally like less than 7W. Here is a cut and paste on a ICX switch I changed today.
nt-swi-02# sh inline power
Power Capacity: Total is 740000 mWatts. Current Free is 710000 mWatts.
Power Allocations: Requests Honored 2 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
ommited for brievity...
1/1/46 On On 282 30000 Legacy n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 282 30000
nt-swi-02#config t
nt-swi-02(config)#int eth 1/1/1 to 1/1/46
nt-swi-02(config-mif-1/1/1-1/1/46)#inline power power-by-class 2
Warning: Inline power configuration on port 1/1/46 has been modified.
nt-swi-02(config-mif-1/1/1-1/1/46)#exit
nt-swi-02(config)#exit
nt-swi-02#sh inlin power
Power Capacity: Total is 740000 mWatts. Current Free is 418000 mWatts.
Power Allocations: Requests Honored 47 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
ommited for brievity...
1/1/43 On Off 0 7000 n/a n/a 3 n/a
1/1/44 On Off 0 7000 n/a n/a 3 n/a
1/1/45 On Off 0 7000 n/a n/a 3 n/a
1/1/46 On On 282 7000 Legacy n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 282 322000
nt-swi-02#
nt-swi-02# sh inline power
Power Capacity: Total is 740000 mWatts. Current Free is 710000 mWatts.
Power Allocations: Requests Honored 2 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
ommited for brievity...
1/1/46 On On 282 30000 Legacy n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 282 30000
nt-swi-02#config t
nt-swi-02(config)#int eth 1/1/1 to 1/1/46
nt-swi-02(config-mif-1/1/1-1/1/46)#inline power power-by-class 2
Warning: Inline power configuration on port 1/1/46 has been modified.
nt-swi-02(config-mif-1/1/1-1/1/46)#exit
nt-swi-02(config)#exit
nt-swi-02#sh inlin power
Power Capacity: Total is 740000 mWatts. Current Free is 418000 mWatts.
Power Allocations: Requests Honored 47 times
Port Admin Oper ---Power(mWatts)--- PD Type PD Class Pri Fault/
State State Consumed Allocated Error
--------------------------------------------------------------------------
ommited for brievity...
1/1/43 On Off 0 7000 n/a n/a 3 n/a
1/1/44 On Off 0 7000 n/a n/a 3 n/a
1/1/45 On Off 0 7000 n/a n/a 3 n/a
1/1/46 On On 282 7000 Legacy n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
1/1/47 Off Off 0 0 n/a n/a 3 n/a
--------------------------------------------------------------------------
Total 282 322000
nt-swi-02#
Wednesday, December 19, 2012
Meru Controller: Capture Of Radius And DHCP Events
I thought Id put up a capture I did on a Meru controller for Radius authentication while trying to connect to an AP. Its interesting stuff, although I dont like that you cant see the username in the radius messages. Not a fan of that, as I think it should show the username for troubleshooting purposes. You can see in the capture where I unassociated with the AP, and then re-associated, radius, then DHCP. So here is how I did the capture:
kansas(15)# station-log
Interactive Per-Station Event Logging Shell (enter "help" for help)
By default logging is Disabled (enter "enable" to Enable logging)
station-log> station add 5c:ac:4c:6a:31:6c
Added station 5c:ac:4c:6a:31:6c at position 0
station-log> enable
Logging enabled
2012-Dec-14 08:39:17.062603 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=192.168.12.21>
2012-Dec-14 08:39:17.065082 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO_ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
2012-Dec-14 08:39:24.668680 | 5c:ac:4c:6a:31:6c | 802.11 State | Disassoc received <AP_ID=1><BSSID=00:0c:e6:4a:03:6d> <Reason code=8> <RSSI=-8>
2012-Dec-14 08:39:24.669535 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Associated><new=Unauthenticated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:03:6d>
2012-Dec-14 08:39:24.669657 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> Assign Removed From <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=80211State downgraded>
2012-Dec-14 08:39:24.671715 | 5c:ac:4c:6a:31:6c | 802.11 State | Disassoc reason: Unspecified<AID=1><BSSID=00:0c:e6:4a:03:6d>
2012-Dec-14 08:39:25.230526 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=Station probed on another BSSID>
2012-Dec-14 08:39:25.230692 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=1><ESSID=kansas-rad><BSSID=00:0c:e6:4a:24:e4><reason=Station probed>
2012-Dec-14 08:39:25.230695 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=2><ESSID=kansas-rad><BSSID=00:0c:e6:4a:13:cc><reason=Station probed>
2012-Dec-14 08:39:25.353874 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Unauthenticated><new=Authenticated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.356951 | 5c:ac:4c:6a:31:6c | 1X Authentication | <EAP code=request> <EAP ID=1> <EAP type=Identity> sent
2012-Dec-14 08:39:25.357866 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Authenticated><new=Associated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.390550 | 5c:ac:4c:6a:31:6c | 1X Authentication | <auth method=WPA_EAP>:<pkt type=EAPOL_START> recvd <ESSID=kansas-rad> <BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.390553 | 5c:ac:4c:6a:31:6c | 1X Authentication | <EAP code=request> <EAP ID=1> <EAP type=Identity> sBent
2012-Dec-14 08:39:25.403648 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=1>
2012-Dec-14 08:39:25.403650 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=127> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:25.404557 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=1>
2012-Dec-14 08:39:26.093155 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=2> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.301517 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=2>
2012-Dec-14 08:39:26.301520 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=128> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.304307 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=3> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.313459 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=3>
2012-Dec-14 08:39:26.313548 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=129> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.314971 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=4> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.329452 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=4>
2012-Dec-14 08:39:26.329542 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=130> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.331165 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=5> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.339717 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=5>
2012-Dec-14 08:39:26.339802 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=131> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.341434 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=6> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.352354 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response8><EAP ID=6>
2012-Dec-14 08:39:26.352441 | 5c:ac:4c:6a:31:6c | 1X Autentication | Radius <msg code=access_request><msg ID=132> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.359052 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=7> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.370289 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=7>
2012-Dec-14 08:39:26.370379 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=133> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.371666 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=8> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.377093 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=8>
2012-Dec-14 08:39:26.377173 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=134> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.378653 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=9> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.396420 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=9>
2012-Dec-14 08:39:26.396506 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=135> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.513465 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=10> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.536170 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=10>
2012-Dec-14 08:39:26.536259 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=136> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.537897 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=11> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.545930 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=11>
2012-Dec-14 08:39:26.546015 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=137> sent <ip=192.168.1.7>:<port=1812>
201w2-Dec-14 08:39:26.571877 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius ACCESS-ACCEPT received : VLAN Tag : 0, Filter id : , CUI : None
2012-Dec-14 08:39:26.571903 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=success><EAP ID=12> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.572762 | 5c:ac:4c:6a:31:6c | 1X Authentication | <msg type=EAPOL_KEY> <key=broadcast> sent
2012-Dec-14 08:39:26.573861 | 5c:ac:4c:6a:31:6c | 1X Authentication | <msg type=EAPOL_KEY> <key=unicast> sent
2012-Dec-14 08:39:26.644597 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=REQUEST><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:26.647028 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=NACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
2012-Dec-14 08:39:26.667579 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=DISCOVER><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:28.581687 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> Assign Removed From <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=Inactivity timer expired>
2012-Dec-14 08:39:31.751032 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=DISCOVER><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:31.753338 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=OFFER><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=192.168.9.41>
2012-Dec-14 08:39:31.766158 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=REQUEST><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:31.768740 | 5c:ac:4c:6a:31:6c | IP Address Discovered | <Old IP discovery Method=none><Old IP=0.0.0.0><New IP discovery Method=dhcp><New IP=192.168.9.41>
2012-Dec-14 08:39:31.768743 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=192.168.9.41>
2012-Dec-14 08:39:37.275863 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=192.168.9.41>
2012-Dec-14 08:39:38.027778 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO_ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
station-log>
kansas(15)# station-log
Interactive Per-Station Event Logging Shell (enter "help" for help)
By default logging is Disabled (enter "enable" to Enable logging)
station-log> station add 5c:ac:4c:6a:31:6c
Added station 5c:ac:4c:6a:31:6c at position 0
station-log> enable
Logging enabled
2012-Dec-14 08:39:17.062603 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=192.168.12.21>
2012-Dec-14 08:39:17.065082 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO_ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
2012-Dec-14 08:39:24.668680 | 5c:ac:4c:6a:31:6c | 802.11 State | Disassoc received <AP_ID=1><BSSID=00:0c:e6:4a:03:6d> <Reason code=8> <RSSI=-8>
2012-Dec-14 08:39:24.669535 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Associated><new=Unauthenticated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:03:6d>
2012-Dec-14 08:39:24.669657 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> Assign Removed From <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=80211State downgraded>
2012-Dec-14 08:39:24.671715 | 5c:ac:4c:6a:31:6c | 802.11 State | Disassoc reason: Unspecified<AID=1><BSSID=00:0c:e6:4a:03:6d>
2012-Dec-14 08:39:25.230526 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=Station probed on another BSSID>
2012-Dec-14 08:39:25.230692 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=1><ESSID=kansas-rad><BSSID=00:0c:e6:4a:24:e4><reason=Station probed>
2012-Dec-14 08:39:25.230695 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> assigned to <AP_ID=2><ESSID=kansas-rad><BSSID=00:0c:e6:4a:13:cc><reason=Station probed>
2012-Dec-14 08:39:25.353874 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Unauthenticated><new=Authenticated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.356951 | 5c:ac:4c:6a:31:6c | 1X Authentication | <EAP code=request> <EAP ID=1> <EAP type=Identity> sent
2012-Dec-14 08:39:25.357866 | 5c:ac:4c:6a:31:6c | 802.11 State | state change <old=Authenticated><new=Associated><AP=00:0c:e6:09:ac:d7><BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.390550 | 5c:ac:4c:6a:31:6c | 1X Authentication | <auth method=WPA_EAP>:<pkt type=EAPOL_START> recvd <ESSID=kansas-rad> <BSSID=00:0c:e6:4a:24:e4>
2012-Dec-14 08:39:25.390553 | 5c:ac:4c:6a:31:6c | 1X Authentication | <EAP code=request> <EAP ID=1> <EAP type=Identity> sBent
2012-Dec-14 08:39:25.403648 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=1>
2012-Dec-14 08:39:25.403650 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=127> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:25.404557 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=1>
2012-Dec-14 08:39:26.093155 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=2> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.301517 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=2>
2012-Dec-14 08:39:26.301520 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=128> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.304307 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=3> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.313459 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=3>
2012-Dec-14 08:39:26.313548 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=129> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.314971 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=4> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.329452 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=4>
2012-Dec-14 08:39:26.329542 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=130> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.331165 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=5> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.339717 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=5>
2012-Dec-14 08:39:26.339802 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=131> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.341434 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=6> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.352354 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response8><EAP ID=6>
2012-Dec-14 08:39:26.352441 | 5c:ac:4c:6a:31:6c | 1X Autentication | Radius <msg code=access_request><msg ID=132> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.359052 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=7> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.370289 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=7>
2012-Dec-14 08:39:26.370379 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=133> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.371666 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=8> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.377093 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=8>
2012-Dec-14 08:39:26.377173 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=134> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.378653 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=9> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.396420 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=9>
2012-Dec-14 08:39:26.396506 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=135> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.513465 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=10> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.536170 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=10>
2012-Dec-14 08:39:26.536259 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=136> sent <ip=192.168.1.7>:<port=1812>
2012-Dec-14 08:39:26.537897 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=request><EAP ID=11> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.545930 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=response><EAP ID=11>
2012-Dec-14 08:39:26.546015 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius <msg code=access_request><msg ID=137> sent <ip=192.168.1.7>:<port=1812>
201w2-Dec-14 08:39:26.571877 | 5c:ac:4c:6a:31:6c | 1X Authentication | Radius ACCESS-ACCEPT received : VLAN Tag : 0, Filter id : , CUI : None
2012-Dec-14 08:39:26.571903 | 5c:ac:4c:6a:31:6c | 1X Authentication | <pkt type=EAP_PACKET> <EAP code=success><EAP ID=12> <info=relay eap-request from Radius> sent
2012-Dec-14 08:39:26.572762 | 5c:ac:4c:6a:31:6c | 1X Authentication | <msg type=EAPOL_KEY> <key=broadcast> sent
2012-Dec-14 08:39:26.573861 | 5c:ac:4c:6a:31:6c | 1X Authentication | <msg type=EAPOL_KEY> <key=unicast> sent
2012-Dec-14 08:39:26.644597 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=REQUEST><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:26.647028 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=NACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
2012-Dec-14 08:39:26.667579 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=DISCOVER><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:28.581687 | 5c:ac:4c:6a:31:6c | Station Assign | <AID=1> Assign Removed From <AP_ID=1><ESSID=kansas-voice><BSSID=00:0c:e6:4a:03:6d><reason=Inactivity timer expired>
2012-Dec-14 08:39:31.751032 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=DISCOVER><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:31.753338 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=OFFER><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=192.168.9.41>
2012-Dec-14 08:39:31.766158 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=REQUEST><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=0.0.0.0>
2012-Dec-14 08:39:31.768740 | 5c:ac:4c:6a:31:6c | IP Address Discovered | <Old IP discovery Method=none><Old IP=0.0.0.0><New IP discovery Method=dhcp><New IP=192.168.9.41>
2012-Dec-14 08:39:31.768743 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=192.168.9.41>
2012-Dec-14 08:39:37.275863 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO><server_ip=255.255.255.255><server_mac=ff:ff:ff:ff:ff:ff><client_ip=192.168.9.41>
2012-Dec-14 08:39:38.027778 | 5c:ac:4c:6a:31:6c | DHCP | <msg_type=INFO_ACK><server_ip=192.168.1.7><server_mac=00:1c:2e:23:6e:00><offered_ip=0.0.0.0>
station-log>
Monday, December 17, 2012
SIP Trunk Topology: A Visual
For those of you who like a visual on what a SIP trunk topology looks like, I put this together below to try to help with understanding what it looks like.
Sunday, December 16, 2012
Port 9: TCP And UDP - The Discard Packet
There are times when I need to flood a network with packets just so I can see what is going to happen under certain circumstances. I primarily do this during voice testing, but there are other occasions where I may need to do this, such as application testing, etc. I thought it would be interesting to post up some packet captures of what a flood looks like in wireshark. Im using port 9, UDP. Here is what wireshark's site says about this type of traffic:
"The discard protocol allows a client to send arbitrary data to a server. The data is then silently dropped."
ISS says this:
"This protocol is only installed on machines for test purposes. The service listening at this port (both TCP and UDP) simply discards any input (i.e. silently eats it)."
Here is what is going to look like in wireshark:
Interesting stuff!
"The discard protocol allows a client to send arbitrary data to a server. The data is then silently dropped."
ISS says this:
"This protocol is only installed on machines for test purposes. The service listening at this port (both TCP and UDP) simply discards any input (i.e. silently eats it)."
Here is what is going to look like in wireshark:
Interesting stuff!
Thursday, December 13, 2012
Cisco Router: PVDM And Memory Replacement
I had a router open the last week and I thought about showing the location of the PVDM and the RAM on the motherboard of a 2821 Cisco router. Ive circled the PVDM in Red and RAM in Yellow. All Ive done to get to this point in the picture is open up the top of the router. Look inside.
What Wireless Should Look Like
This is a great example of what wireless SHOULD look like when you view multiple SSIDs in the same area. Realistically, if this is your enterprise environment, you should really only have the amount of SSIDs you need, but in the case below, you will see a ton of them together. Its in a lab environment that we created during my Meru trip. You should see SSIDs residing on 1, 6, and 11. There shouldn't be any overlapping frequencies at all. That overlapping can cause interference, which is definitely unwanted. See below what you should see:
Wednesday, December 12, 2012
Meru Wireless - Tampa, FL Facility
Im at the Meru training facility this week for the Partner Training. Ive got a very good trainer this week and the technology is pretty good.
Sunday, December 9, 2012
Cisco 3560 And VRRP
Well, I have to say Im very disappointed in the Cisco 3560 today. I was trying to do VRRP with a between a Brocade FCX switch and a Cisco 3560 switch. I found out that the 3560 just does not support VRRP (based on my efforts). Now, with that said, I can not find this documented anywhere on Cisco. In fact, Cisco say in the 3560 switch configuration guide very specifically: "The switch supports either HSRP or VRRP, but not both."
Ive gotten in on one of my customer's 3560s running code "flash:c3560-ipservicesk9-mz.122-53.SE2.bin". I also upgraded the switch I was working on yesterday from IPBASE to "c3560-ipservicesk9-mz.122-55.SE.bin" IOS. This is what I get when trying to run a vrrp command on vlan 1:
Core3560(config-if)#v?
vtp
Core3560(config-if)#v
VTP IS MY ONLY OPTION???
This is all the 3560 switch configuration guide says about VRRP:
Configuring VRRP
VRRP is an election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on a LAN, allowing several routers on a multi-access link to use the same virtual IP address. A VRRP router is configured to run VRRP in conjunction with one or more other routers attached to a LAN. In a VRRP configuration, one router is elected as the virtual router master, and the other routers act as backups in case it fails.
VRRP Limitations
•The switch supports either HSRP or VRRP, but not both.
•The VRRP implementation on the switch does not support the MIB specified in RFC 2787.
•The VRRP implementation on the switch supports only text-based authentication.
•The switch supports VRRP only for IPv4.
For more VRRP information and configuration instructions, see Configuring VRRP.
Here are some quotes I found out there in forums that I found interesting:
1. "sorry to disappoint you but cat 3560/3750 only support HSRP for redundancy."
2. "3560G-48TS, some refurbs that just came in. According to the software advisor, there is no availability of VRRP on any feature set, nor any code train except 12.2."
3. "Why isn't there VRRP on the 3560?" Someones answer was this: "Vendor lock in."
I think the final answer is that the 3560 will do HSRP just fine (in fact Ive done that many times), but it just will not do VRRP.
Ive gotten in on one of my customer's 3560s running code "flash:c3560-ipservicesk9-mz.122-53.SE2.bin". I also upgraded the switch I was working on yesterday from IPBASE to "c3560-ipservicesk9-mz.122-55.SE.bin" IOS. This is what I get when trying to run a vrrp command on vlan 1:
Core3560(config-if)#v?
vtp
Core3560(config-if)#v
VTP IS MY ONLY OPTION???
This is all the 3560 switch configuration guide says about VRRP:
Configuring VRRP
VRRP is an election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on a LAN, allowing several routers on a multi-access link to use the same virtual IP address. A VRRP router is configured to run VRRP in conjunction with one or more other routers attached to a LAN. In a VRRP configuration, one router is elected as the virtual router master, and the other routers act as backups in case it fails.
VRRP Limitations
•The switch supports either HSRP or VRRP, but not both.
•The VRRP implementation on the switch does not support the MIB specified in RFC 2787.
•The VRRP implementation on the switch supports only text-based authentication.
•The switch supports VRRP only for IPv4.
For more VRRP information and configuration instructions, see Configuring VRRP.
Here are some quotes I found out there in forums that I found interesting:
1. "sorry to disappoint you but cat 3560/3750 only support HSRP for redundancy."
2. "3560G-48TS, some refurbs that just came in. According to the software advisor, there is no availability of VRRP on any feature set, nor any code train except 12.2."
3. "Why isn't there VRRP on the 3560?" Someones answer was this: "Vendor lock in."
I think the final answer is that the 3560 will do HSRP just fine (in fact Ive done that many times), but it just will not do VRRP.
Friday, December 7, 2012
Ping Testing
Just a little bit about ping testing. I have found over the years that sometimes a ping request will time out once during a ping -t and still not mean that it really timed out. If it fails twice in a row, then sure, it failed to get the echo-reply back. But how do you go about verifying that the one ping actually did fail (when there is only one failure)? I use two different programs. 1. CMD, by doing a ping -t and 2. using PingInfoViewer. If a ping times out in both programs, you can be sure that it was a failure. If only in one program, then it was likely not really a failure, according to what I have experienced in the past.
Tuesday, December 4, 2012
Cisco Voice: What A VoIP Call Looks Like With G.711
How much bandwidth does a voice call take up on a T1? Well, depends on the codec being used. This below was using G.711.
Subscribe to:
Posts (Atom)