Standard streams shift command

Bash script

 "$#" will expand to the number of arguments passed to the script.

Ref: http://www.ibm.com/developerworks/linux/library/l-bash2/index.html
http://www.ibm.com/developerworks/linux/library/l-bash/index.html

The shift Command

The shift command moves the current values stored in the positional parameters (command line args) to the left one position. For example, if the values of the current positional parameters are:$1 = -f $2 = foo $3 = bar
and you executed the shift command the resulting positional parameters would be as follows:
$1 = foo $2 = bar

Ref:  http://www.freeos.com/guides/lsst/ch04sec14.html

What does those mean? 

2>&1

>&2

On the unix command line, each command can print to stdout (standard output) or stderr (standard error). By convention, error messages go to stderr, and normal messages go to stdout. You usually connect stdout to the stdin (standard input) of another process. Having a long pipe of commands and this stderr/stdout convention means that the error messages from one command don't go polluting the input to the next command. It also means that you can see the error messages of the commands, since stderr is shown on your terminal (if they were printed to stdout, then you would not see the error messages, since they would be sent to the input of another command).
When writing your own little scripts, it's a good idea to print your error messages to stderr. The usual way to print in a bash script is to use the echo shell builtin command. You can "echo" to stderr like this:

echo "Your error message here" >&2

This is a normal echo (which goes to stdout), however the >&2 (which is shorthand for 1>&2), means 'mix the stdout to the stderr'. 1 is stdout, and 2 is stderr here.

Ref: http://www.kindle-maps.com/blog/how-to-echo-to-stderr.html
http://en.wikipedia.org/wiki/Standard_streams
http://en.wikipedia.org/wiki/Pipeline_%28Unix%29
http://en.wikipedia.org/wiki/File_descriptor
http://www.unix.com/shell-programming-scripting/113138-what-does-code-mean.html

Linux cut sed examples

Linux cut and sed examples:

cut -d" " -f3 
example:
echo this is cut example |cut -d" " -f3

cut

sed 's/\.$//' # cut the last . from the line
example:
echo this is sed example. | sed 's/\.$//'
this is sed example





Mix:  |cut -d" " -f3 |sed 's/\.$//'
echo this is mixexample. | cut -d" " -f3 |sed 's/\.$//'
mixexample

Ref: http://www.ibm.com/developerworks/linux/library/l-sed3/index.html
http://www.grymoire.com/Unix/Sed.html

CEF

Check CEF
http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_tech_note09186a00801e1e46.shtml

Some basic Linux scripts

Sample Shell Script

Here is what you need to put in a shell script:

#!/bin/bash
# script to send simple email
# email subject
SUBJECT="SET-EMAIL-SUBJECT"
# Email To ?
EMAIL="admin@somewhere.com"
# Email text/message
EMAILMESSAGE="/tmp/emailmessage.txt"
echo "This is an email message test"> $EMAILMESSAGE
echo "This is email text" >>$EMAILMESSAGE
# send an email using /bin/mail
/bin/mail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE

Ref: http://theos.in/shell-scripting/send-mail-bash-script/

Change sender's email address  

Use the following:

mail -s "subject" mail1@server.com -- -r "from@fromserver.com" -f </path/to/file>

Ref: http://www.linuxquestions.org/questions/linux-newbie-8/option-to-specify-senders-address-in-mail-command-374223/

Change the lines

this command: echo “first line \nsecond line” will result in the below line:
first line \nsecond line (as you can see there is no new line)
but this one: echo -e “first line \nsecond line” (with the -e) will result in what you want:
echo -e “first line \nsecond line”
first line
second line

http://techteam.wordpress.com/2008/09/25/n-not-creating-new-line-in-bash-script/

String contain test

string='My string';
if [[ $string =~ .*My.* ]]
then
   echo "It's there!"
fi

Ref: http://stackoverflow.com/questions/229551/string-contains-in-bash 

Online PDF info

http://www.yuzhigang.com/blog/share/page/2

NAT

How NAT works?

NAT: Local and Global Definitions

NAT command reference

Everything else about NAT from Cisco 

Netflow

ip route-cache flow or ip flow ingress?

ip route-cache flow will enable flows on the physical interface and all sub-interfaces associated with it.
ip flow ingress will enable flows on individual sub-interfaces, as opposed to all of them on the same interface.

Ref: http://www.plixer.com/blog/general/ip-route-cache-flow-or-ip-flow-ingress-which-do-i-use/
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_nfsub.html
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6601/prod_white_paper0900aecd80406232.html

SNMP view

Setup SNMP View

The Setup SNMP view command can block the user with only access to limited Management Information Base (MIB). By default, there is no SNMP view entry exists. This command is configured at the global configuration mode and first introduced in Cisco IOS Software version 10.3. It works similar to access-list in that if you have any SNMP View on certain MIB trees, every other tree is denied inexplicably. However, the sequence is not important and it goes through the entire list for a match before it stops.

To create or update a view entry, use the snmp-server view global configuration command. To remove the specified SNMP server view entry, use the no form of this command.

Syntax:

    snmp-server view view-name oid-tree {included | excluded}

    no snmp-server view view-name


Syntax Description:

    * view-name—Label for the view record that you are updating or creating. The name is used to reference the record.
    * oid-tree—Object identifier of the Abstract Syntax Notation One (ASN.1) subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system. Replace a single sub-identifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4.
    * included | excluded—Type of view. You must specify either included or excluded.


      This is a complete example for how to apply the MIB with community string and the output of the snmpwalk with view in place. This configuration defines a view that denies the SNMP access for the Address Resolution Protocol (ARP) table (atEntry) and allows it for MIB-II and Cisco private MIB:

          snmp-server view myview mib-2 included


          snmp-server view myview atEntry excluded


          snmp-server view myview cisco included


          snmp-server community public view myview RO 11


          snmp-server community private view myview RW 11


          snmp-server contact pvanderv@cisco.com
 
Ref:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml
http://www.netcraftsmen.net/resources/archived-articles/370-configuring-snmp-in-cisco-routers.html

Nmap

A handy Linux port scan tool

http://nmap.org/

http://en.wikipedia.org/wiki/Nmap

GRE Tunnel with VRF Configuration Example

This is from Cisco.com

Configure

In this section, you are presented with the information to configure the features described in this document.
The configuration is set up in this way:

• R1-CE and R2-CE are located in VRF BLUE.
  
• R1-CE is also located in VRF GREEN through the use of a GRE tunnel to R3-PE.
  

R1-CE uses a static host route to get to R3-PE (tunnel destination), which ensures that recursive routing does not occur for the GRE tunnel (learning the tunnel destination address through the tunnel).
VRF BLUE and VRF GREEN are owned by two different companies, and no route leaks occur between them. In addition, the access control list (ACL) on the interface between R1-CE and R2-CE can be used to only permit GRE traffic between them.
Note: To find additional information on the commands used in this document, use the Command Lookup Tool ( registered customers only) .

Network Diagram

This document uses this network setup:
Figure 1 – Physical Topology

Figure 2 – Logical VRF Topology

R3-PE# show running-config

Building configuration...
.
!
no ip domain lookup
!
ip vrf blue
 rd 1:1
 route-target export 311:311
 route-target import 411:411
!
ip vrf green
 rd 2:2
 route-target export 322:322
 route-target import 422:422
!
ip cef
!
interface Tunnel0
 ip vrf forwarding green
 ip address 200.200.200.3 255.255.255.0
 tunnel source Ethernet0/0
 tunnel destination 10.10.10.1
 tunnel vrf blue

!--- Tunnel 0 is part of VRF GREEN; but it uses the tunnel
!--- destination and source addresses from the routing
!--- table of VRF BLUE, because of this tunnel vrf blue
!--- command.

!
interface Ethernet0/0
 ip vrf forwarding blue
 ip address 20.20.20.3 255.255.255.0

!--- Connection to the VRF BLUE network and the VRF GREEN
!--- network using the GRE tunnel.

!
interface Ethernet1/0
 ip address 30.30.30.3 255.255.255.0
 tag-switching ip
!
router bgp 1
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 30.30.30.4 remote-as 1
 !
 address-family vpnv4
 neighbor 30.30.30.4 activate
 neighbor 30.30.30.4 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf green
 redistribute connected
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf blue
 redistribute connected
 no auto-summary
 no synchronization
 exit-address-family
!
ip classless
ip route vrf blue 10.10.10.1 255.255.255.255 20.20.20.2

!--- Static Host route to ensure that recursive routing
!--- does not occur.
 
no ip http server
!
.
end

Ref: http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801e1294.shtml 

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtgrevrf.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html#wp1063436
http://www.cisco.com/en/US/docs/routers/10000/10008/feature/guides/122_31sb5/fs_gripvrf.html

Buffer Tuning for all Cisco Routers

This is copied from Cisco.com

Buffer tuning allows you to modify the way a router allocates buffers from its available memory, and helps prevent packet drops during a temporary burst of traffic.
To determine whether your router needs to have its buffer tuned, use the show interfaces and show buffers commands.
If you have the output of the show interfaces and show buffers commands, or the output of the show technical-support (from enable mode) from your Cisco device, you can use Output Interpreter to display potential issues and fixes. To use Output Interpreter , you must be a registered customer, be logged in, and have JavaScript enabled.
Below is an example of the show interfaces command output:

Output queue 0/40, 1041 drops; input queue 0/75, 765 drops 
35252345 packets input, 547082589 bytes, 940 no buffer 

• The input and output drops are due to the input and output queues being overrun by a burst of traffic. This is not related to a buffer problem, but rather to a process switching performance limitation.
  
• "No buffer" represents the number of packets dropped because there is no free buffer to copy the packet.
  

Using the show buffers command, look at the buffer size corresponding to the maximum transmission unit (MTU) of the interface:

Middle buffers, 600 bytes (total 150, permanent 25):
  147 in free list (10 min, 150 max allowed) 
  61351931 hits, 137912 misses, 51605 trims, 51730 created
  91652 failures (0 no memory)

The table below explains the output:

Keyword	Description
total	The total number of buffers in the pool, including both used and unused buffers.
permanent	The permanent number of allocated buffers in the pool. These buffers are always in the pool, and cannot be trimmed away.
in free list	The number of buffers currently available in the pool that are free for use.
min	The minimum number of buffers that the router should attempt to keep "in free list." If the number of buffers "in free list" falls below the "min" value, the router should attempt to create more buffers for that pool.
max allowed	The maximum number of buffers allowed "in free list." If the number of buffers "in free list" is greater than the "max allowed" value, the router should attempt to trim buffers from the pool.
hits	The number of buffers successfully allocated from the free list.
misses	The number of times a buffer has been requested, but no buffers are available in the free list, or when there are fewer than "min" buffers in the free list.
trims	The number of buffers that have been trimmed from the pool when the number of buffers "in free list" exceeds the number of "max allowed" buffers.
created	The number of buffers that have been created in the pool when the number of buffers "in free list" was less than "min."
no memory	The number of times the router tried to create new buffers, but could not due to insufficient free memory in the router.
failures	The number of failures to grant a buffer to a requester under interrupt time (remember that the router can create new buffers at process switching level, so "failure" does not occur unless there is "no memory"). The number of "failures" represents the number of packets that have been dropped due to buffer shortage.

How Buffers Are Handled by the Router

The number of buffers "in free list" is the number of available buffers. When a buffer request comes in, a buffer from the "in free list" is allocated.
The IOS buffers are used for two major reasons:

• To handle traffic terminating at the router.
  
• When packets are being process switched.
  

If there are no buffers available, and fast switching is enabled, there is a buffer failure and the packet is dropped. When the buffer pool manager process detects a buffer failure, it "creates" a new buffer to avoid future failures.
The router does not create a new buffer if the number "in free list" equals the "max allowed" value. If there is not enough memory in the router to create a new buffer, this is recorded as "no memory". If the number "in free list" is greater than the "max allowed" number, the router "trims" some excess buffers.
The number of "failures" and "no memory" are the only areas of concern. Failures may occur, but these should stabilize after a while. The router creates or trims buffers as necessary to stabilize the number of failures. If the number of failures continues to increase, buffer tuning might be necessary.
If there is not enough memory to create new buffers, look for a buffer leak, or a more general memory problem. Buffers are not created in the fast-switching path, so if the router tries to fast-switch a packet and there is no buffer available, the packet is dropped, and a failure is reported. A new buffer is created the next time the buffer pool manager is run.

Ref: http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a00800a7b80.shtml
http://www.cisco.com/en/US/products/hw/iad/ps397/products_tech_note09186a00800a7b85.shtml

VRF Route Leaking

BGP approach

How to Import IP Prefixes from Global Table into a VRF Table

This section contains the following tasks:

•Defining IPv4 IP Prefixes to Import

•Creating the VRF and the Import Route Map

•Filtering on the Ingress Interface

•Verifying Global IP Prefix Import 

Ref: http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fs_bgivt.html
http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_i1gt.html
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gt_bgivt.html#wp1054941
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfpbr_ps1835_TSD_Products_Configuration_Guide_Chapter.html

Static approch

Route Leaking in MPLS/VPN Networks

ip route 10.0.2.0 255.255.255.252 Serial2/0
ip route vrf vpn2 10.1.2.4 255.255.255.252 Serial1/0

Ref: http://www.cisco.com/en/US/tech/tk436/tk832/technologies_configuration_example09186a0080231a3e.shtml#global

inter-VRF

http://chetanress.blogspot.com/2010/08/importing-routes-from-global-table-into.html

http://blog.ipexpert.com/2010/12/01/vrf-route-leaking/

http://mynetworkingwiki.com/index.php/Advanced_VRF_Import_and_Export_Features

http://packetlife.net/blog/2010/mar/29/inter-vrf-routing-vrf-lite/

http://packetlife.net/blog/2009/apr/30/intro-vrf-lite/ 

Network Performance, WAN Optimization

For end to end physcial links:
1. Delay
2. Jitter
3. Loss

For TCP traffic:
1. TCP RTT (Round Trip Time)
2. TCP SRT (Server Response Time)
3. TCP Re-transmission behavior

Tools

1. Cisco QoS + IP SLA 

http://www.cisco.com/en/US/technologies/tk648/tk362/tk920/technologies_white_paper09186a00802d5efe.html

http://www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsjitter.html#wp1054785

Riverbed, Bluecoat, Ipanema

Reference for configure Cisco 3G card

Some reference about configure Cisco wireless cards:

Understanding and Configuring a HWIC-3G-GSM
http://routing-bits.com/2010/05/12/hwic-3g-gsm/

Configuring 3G Wireless WAN on Modular and Fixed ISRs (HWIC-3G-GSM, HWIC-3G-HSPA, PCEX-3G-HSPA-x)

http://www.cisco.com/en/US/docs/routers/access/1800/1861/software/feature/guide/mrwlsgsm.html#wp1323053

Configuring Dial Backup Using Dialer Watch

http://www.cisco.com/en/US/docs/ios/12_2/dial/configuration/guide/dafbakdw.html

Cisco firmware

http://www.cisco.com/cisco/software/release.html?mdfid=281295483&flowid=7001&softwareid=281285585&release=H1_1_9_3&rellifecycle=&relind=AVAILABLE&reltype=all

Cisco 3G Wireless WAN (GPRS/EDGE/UMTS/HSDPA) High-Speed Wan Interface Card

archive tar /xtract source-url destination-url

microcode reload cellular pa-bay slot gsm modem-provision

 
http://www.cisco.com/en/US/docs/routers/access/1800/1861/software/feature/guide/mrwlsgsm.html

 

PING with ToS

ICMP echo messages are sent to a remote host and are returned in an echo-reply response. The primary use for these messages is to check the availability of the target machine.

1. Host A creates an ICMP echo datagram, using host A's address as the source, and host B's address as the destination.
2. The ICMP echo datagram is transmitted via the network to the destination (host B).
3. The destination system (host B) copies the echo information into a new echo-reply message datagram.
4. The destination system (host B) destroys the original ICMP echo message.
5. The destination machine (host B) now becomes the source of a new echo-reply datagram. Host B places it's own address in the source address field of the IP header, and host A's address in the destination field of the IP header.
6. The datagram is transmitted to the network and is routed to host A.

For this very simple back to back topology, the ToS value has been copied to the new IP diagram (echo-reply). However, this is not always the case especially there are networks between them. The best way is to test your ruler before use them.

R1 ------- Serial ------- R2

.1                                   .2

R1-PE1#ping ip

Target IP address: 1.1.1.2

Repeat count [5]: 

Datagram size [100]: 

Timeout in seconds [2]: 

Extended commands [n]: y

Source address or interface: 

Type of service [0]: 48

Set DF bit in IP header? [no]: 

Validate reply data? [no]: 

Data pattern [0xABCD]: 

Loose, Strict, Record, Timestamp, Verbose[none]: 

Sweep range of sizes [n]: 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:

!!!!!

R2 Debug (receives echo-request, and sends reply)

*Oct 10 13:42:54.871: IP: s=1.1.1.1 (Serial1/1), d=1.1.1.2, len 100, stop process pak for forus packet

*Oct 10 13:42:54.871:     ICMP type=8, code=0

*Oct 10 13:42:54.871: ICMP: echo reply sent, src 1.1.1.2, dst 1.1.1.1, topology BASE, dscp 12 topoid 0

R1 Debug

*Oct 10 13:42:54.868: IP: s=1.1.1.2 (Serial1/1), d=1.1.1.1, len 100, stop process pak for forus packet

*Oct 10 13:42:54.868:     ICMP type=0, code=0

*Oct 10 13:42:54.868: ICMP: echo reply rcvd, src 1.1.1.2, dst 1.1.1.1, topology BASE, dscp 12 topoid 0

Ref:
http://www.inetdaemon.com/tutorials/internet/icmp/echo.shtml
http://en.wikipedia.org/wiki/Ping
http://www.inetdaemon.com/tools/ping/how_ping_works.shtml
https://supportforums.cisco.com/thread/2090992

ISDN

Configuring Dial Backup with Dialer Profiles

Configure a Dialer Interface

To configure the dialer interface that will be used as an intermediary between a physical interface that will function as backup interface and the interfaces that will use the backup, use the following commands beginning in global configuration mode:

Step	Command	Purpose
1	interface dialer number	Create a dialer interface.
2	ip unnumbered loopback0	Specify IP unnumbered loopback.
3	encapsulation ppp	Specify PPP encapsulation.
4	dialer remote-name username	Specify the remote router's CHAP authentication name.
5	dialer string dial-string	Specify the remote destination to call.
6	dialer pool number	Specify the dialing pool to use for calls to this destination.
7	dialer-group group-number	Assign the dialer interface to a dialer group.

Configure a Physical Interface to Function as Backup

To configure the physical interface that is to function as backup, use the following commands beginning in global configuration mode:

Step	Command	Purpose
1	interface type number	Specify the interface.
2	encapsulation ppp	Specify PPP encapsulation.
3	dialer pool-member number	Make the interface a member of the dialing pool that the dialer interface will use; make sure the number arguments have the same value.
4	ppp authentication chap	Specify CHAP authentication.

Configure Interfaces to Use a Backup Interface

To configure one or more interfaces to use a backup interface, use the following commands beginning in global configuration mode:

Step	Command	Purpose
1	interface type number	Specify the interface to be backed up.
2	ip unnumbered loopback0	Specify IP unnumbered loopback.
3	backup interface dialer number	Specify the backup interface.
4	backup delay enable-delay disable-delay	Specify delay between the physical interface going down and the backup being enabled, and between the physical interface coming back up and the backup being disabled.

 

Dialer Profile for ISDN BRI Backing Up Two Leased Lines Example

The following example shows the configuration of a site that backs up two leased lines using one BRI. Two dialer interfaces are defined. Each serial (leased line) interface is configured to use one of the dialer interfaces as a backup. Both of the dialer interfaces use dialer pool 1, which has physical interface BRI 0 as a member. Thus, physical interface BRI 0 can back up two different serial interfaces and can make calls to two different sites.

interface dialer0

 ip unnumbered loopback0

 encapsulation ppp

 dialer remote-name Remote0

 dialer pool 1

 dialer string 5551212

 dialer-group 1

interface dialer1

 ip unnumbered loopback0

 encapsulation ppp

 dialer remote-name Remote1

 dialer pool 1

 dialer string 5551234

 dialer-group 1

interface bri 0

 encapsulation PPP

 dialer pool-member 1

 ppp authentication chap

interface serial 0

 ip unnumbered loopback0

 backup interface dialer 0

 backup delay 5 10

interface serial 1

 ip unnumbered loopback0

 backup interface dialer1

 backup delay 5 10

Ref:

http://www.cisco.com/en/US/docs/ios/12_0/dial/configuration/guide/dcdbakdp.html 

Bidirectional Forwarding Detection

BFD is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. In addition to fast forwarding path failure detection, BFD provides a consistent failure detection method for network administrators. Because the network administrator can use BFD to detect forwarding path failures at a uniform rate, rather than the variable rates for different routing protocol hello mechanisms, network profiling and planning will be easier, and reconvergence time will be consistent and predictable. 

A maximum 100 sessions per line card are supported for the distributed Cisco 12000 series Internet router. The minimum hello interval is 50 ms with up to three Max retries for a BFD control packet to be received from a remote system before a session with a neighbor is declared down. 

Configuring BFD Support for BGP 

SUMMARY STEPS

interface FastEthernet 0/1

 ip address 1.1.1.1 255.255.255.0

 bfd interval 50 min_rx 50 multiplier 3

1. enable

2. configure terminal

3. router bgp as-tag

4. neighbor ip-address fall-over bfd

5. end

6. show bfd neighbors [details]

7. show ip bgp neighbor 

Configuring BFD Support for IS-IS for One or More Interfaces 

SUMMARY STEPS

1. enable

2. configure terminal

3. interface type number

4. isis bfd [disable]

5. end

6. show bfd neighbors [details]

7. show clns interface 

Ref:

http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fs_bfd.html#wp1153100 

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bfd/configuration/12-2sr/Bidirectional_Forwarding_Detection.html#GUID-5EF281D7-048D-42C6-81F8-D50524CE24AD