(TIL) Today I Learned...

deanwebb · June 15, 2016, 12:33:33 PM

using it for transit traffic right now

icecream-guy · July 07, 2016, 02:14:59 PM

Today I learned how to do admin password recovery for a few of my ACS appliances using CIMC. Next I can remember how to upgrade them.

deanwebb · July 20, 2016, 07:38:09 PM

How to edit the known_hosts file on a Linux box.

http://www.linkedin.com/redir/redirect?url=http%3A%2F%2Fwww%2Ethegeekstuff%2Ecom%2F2010%2F04%2Fhow-to-fix-offending-key-in-sshknown_hosts-file&urlhash=L9UF&_t=tracking_anet

If you change a certificate on a device and have other devices set to strict checking on certificates, the strict box will refuse a connection to the box with the new cert unless one clears the appropriate line in known_hosts. Copying, editing, pasting, and then running the perl command did the trick and I was able to connect to the boxes with new certs once again.

icecream-guy · July 27, 2016, 11:45:09 AM

TIL one can get into the FEX operating system and manipulate the FEX from within (with a limited about of functionality)

Code Select


5K-SWITCH# attach fex 102
Attaching to FEX 102 ...
To exit type 'exit', to abort type '$.' 
fex-102# ?
  begin       Begin with line that matches
  clear       Reset functions
  configure   Enter configuration mode
  count       Count the number of lines in the output
  dbgexec     Execute debug shell command
  debug       Debugging functions
  diff-clean  Remove temp files created by '| diff' filters
  echo        Echo argument back to screen (useful for scripts)
  exclude     Exclude lines that match
  include     Include lines that match
  last        Display last few lines of the output
  mping       Run mping
  no          Negate a command or set its defaults
  python      Source using python script
  reload      Reboot FEX
  scripting   Configure scripting parameters
  show        Show running system information
  shutdown    Shutdown FEX
  sleep       Sleep for the specified number of seconds
  system      System management commands
  tar         Archiving operations
  tclsh       Source tclsh script
  terminal    Set terminal line parameters
  test        Test commands
  end         Go to exec mode
  exit        Exit from command interpreter
  pop         Pop mode from stack or restore from name
  push        Push current mode to stack or save it under name
  where       Shows the cli context you are in

fex-102#

Cisco had to troubleshoot weird dropping packet issue, determined that there was congestion on the links between the FEX and the 5K

deanwebb · July 27, 2016, 12:15:51 PM

TIL that trying to get something to work with an unsupported IOS version is a lot harder than upgrading it to a supported IOS version.

We are now checking versions before we start changing the configs.

NetworkGroover · July 28, 2016, 11:11:36 AM

Quote from: ristau5741 on July 27, 2016, 11:45:09 AM
TIL one can get into the FEX operating system and manipulate the FEX from within (with a limited about of functionality)

Code Select Expand
5K-SWITCH# attach fex 102 Attaching to FEX 102 ... To exit type 'exit', to abort type '$.' fex-102# ? begin Begin with line that matches clear Reset functions configure Enter configuration mode count Count the number of lines in the output dbgexec Execute debug shell command debug Debugging functions diff-clean Remove temp files created by '| diff' filters echo Echo argument back to screen (useful for scripts) exclude Exclude lines that match include Include lines that match last Display last few lines of the output mping Run mping no Negate a command or set its defaults python Source using python script reload Reboot FEX scripting Configure scripting parameters show Show running system information shutdown Shutdown FEX sleep Sleep for the specified number of seconds system System management commands tar Archiving operations tclsh Source tclsh script terminal Set terminal line parameters test Test commands end Go to exec mode exit Exit from command interpreter pop Pop mode from stack or restore from name push Push current mode to stack or save it under name where Shows the cli context you are in fex-102#

Cisco had to troubleshoot weird dropping packet issue, determined that there was congestion on the links between the FEX and the 5K

I've heard about issues with this in the past and hidden commands - but mehhhh I think it was more about hidden counters. Interesting.

that1guy15 · July 28, 2016, 01:17:43 PM

yup, yup.

At the end of the day Cisco 2Ks are just switches that shift control plane up. Pull the curtans back and you have ZTP and control all handled by a high priced 5K.

Wait, isnt this what SDN and central controllers are trying to do? yes. yes it is.

wintermute000 · July 28, 2016, 05:10:24 PM

Don't forget no local switching [emoji14] I was at a juniper presentation about vcf and presenter had a big talking point up "not a fex does local switching" LOL

icecream-guy · July 29, 2016, 08:18:21 AM

Quote from: wintermute000 on July 28, 2016, 05:10:24 PM
Don't forget no local switching [emoji14] I was at a juniper presentation about vcf and presenter had a big talking point up "not a fex does local switching" LOL

I've heard that the 2300 Series FEX can switch frames without sending up to the 5K, I didn't see anything in the date sheet I took a quick look at here, but I read it somewhere, don't remember where.

http://www.cisco.com/c/en/us/products/collateral/switches/nexus-2000-series-fabric-extenders/datasheet-c78-731663.html

config t · August 02, 2016, 04:07:23 AM

TIL..

MPLS, L3VPN, MPBGP.

Mind = blown.

Listening to Macklemore & Ryan Lewis - Thrift Shop.

Poppin' tags.. this is f&%ing

deanwebb · August 02, 2016, 08:50:48 AM

TIL how to say "hello" in Malagasy: Manahoana.

deanwebb · August 05, 2016, 10:54:54 AM

TIL about DevOps security and Docker container security.

DevOps Protip: security changes can be put in as fast as other changes, everyone has to learn how to deal with it. Also, rapidly changing code means less fun for hackers that like to sit in one place that never changes.

Docker Protip: DO NOT RUN A CONTAINER WITH ROOT PRIVILEGES. EVER.

deanwebb · August 10, 2016, 01:53:39 PM

TIL how to verify the status of a CCIE.

Get the number here: http://www.cciehof.com/

Then log in with your CCO here: https://ccie.cloudapps.cisco.com/CCIE/Schedule_Lab/CCIEOnline/jsp/VerifyCCIE_Form.jsp

The guy I just checked is valid and re-certified.

icecream-guy · August 11, 2016, 07:48:06 AM

Quote from: deanwebb on August 10, 2016, 01:53:39 PM
TIL how to verify the status of a CCIE.

Get the number here: http://www.cciehof.com/

Then log in with your CCO here: https://ccie.cloudapps.cisco.com/CCIE/Schedule_Lab/CCIEOnline/jsp/VerifyCCIE_Form.jsp

The guy I just checked is valid and re-certified.

or he can log into the cert tracker and click a few buttons and have the proof emailed to you...

deanwebb · August 11, 2016, 08:56:20 AM

Well, we'll check again after his anniversary date expires.