Networking, Security & Cloud Knowledge

Sunday, November 10, 2024

 

Cisco Nexus Switch CLI Cheat Sheet

Running Several Command on Single line.

Nexus# Conf t; int eth 1/1; no switch port; no shut

Roll back config change using checkpoint.

Create Checkpoint: Nexus# checkpoint <Check-Point-Name>
Verify Checkpoint: Nexus# show checkpoint summary
Compare Config: Nexus # show diff rollback-path checkpoint <Check-Point-Name> running-config
Rollback Config: Nexus# rollback running-config checkpoing <Check-Point-Name>

Filter Command Ouput.

Nexus# show ip int brief | grep -i vlan
Nexus# show clock | ex NTP

Working with VRF

routing-context vrf <VRF-NAME>
Show ip route
routing-context vrf default

Terminal color

Nexus# terminal color

alias

Nexus(config)# cli alias name <ALIAS-NAME> <Command>

Verify accounting log

Nexus# show accounting log | last 10

Saturday, October 26, 2024

Wireless Networking Cheat Sheet

Wireless Networking Cheat Sheet


Wireless Standards


- 802.11a: 5 GHz, up to 54 Mbps, shorter range.
- 802.11b: 2.4 GHz, up to 11 Mbps, longer range.
- 802.11g: 2.4 GHz, up to 54 Mbps, backward compatible with 802.11b.
- 802.11n: 2.4/5 GHz, up to 600 Mbps, uses MIMO technology.
- 802.11ac: 5 GHz, up to 3.46 Gbps, wider channels and MU-MIMO.
- 802.11ax (Wi-Fi 6): 2.4/5 GHz, higher efficiency and capacity.

Common Wireless Terms

- SSID: Service Set Identifier, the name of the wireless network.
- BSSID: Basic Service Set Identifier, the MAC address of the access point.
- WPA/WPA2/WPA3: Security protocols for wireless networks.
- Channel: The frequency used for communication, often overlapping in the 2.4 GHz band.
- MIMO: Multiple Input Multiple Output, technology that uses multiple antennas to improve performance.

Wireless Security Protocols

- WEP: Wired Equivalent Privacy, outdated and insecure.
- WPA: Wi-Fi Protected Access, improved security over WEP.
- WPA2: Enhanced security, uses AES encryption.
- WPA3: Latest security protocol, offers stronger encryption and protection against brute-force attacks.

Wireless Configuration Commands (Windows)

- Show available Wi-Fi networks:
  netsh wlan show networks

- Connect to a Wi-Fi network:
  netsh wlan connect name=""

- Disconnect from a Wi-Fi network:
  netsh wlan disconnect

Wireless Troubleshooting Commands

- Ping the access point:
  ping 

- Check signal strength:
  netsh wlan show interfaces

- View wireless network properties:
  netsh wlan show profile "" key=clear

Common Wireless Issues

- Weak signal: Check distance from the access point, obstacles, and interference.
- Connection drops: Update drivers, check for interference, and signal strength.
- No internet access: Verify DHCP settings, check ISP connection, and router status.

Best Practices for Wireless Networking

- Use WPA3 for better security.
- Select less crowded channels (1, 6, 11 in 2.4 GHz).
- Position access points centrally to optimize coverage.
- Limit SSID broadcasting for sensitive networks.
- Regularly update firmware on access points and routers.

Friday, October 25, 2024

Windows Command for Network Engineer

Wireless Networking Cheat Sheet

Wireless Standards

- 802.11a: 5 GHz, up to 54 Mbps, shorter range.
- 802.11b: 2.4 GHz, up to 11 Mbps, longer range.
- 802.11g: 2.4 GHz, up to 54 Mbps, backward compatible with 802.11b.
- 802.11n: 2.4/5 GHz, up to 600 Mbps, uses MIMO technology.
- 802.11ac: 5 GHz, up to 3.46 Gbps, wider channels and MU-MIMO.
- 802.11ax (Wi-Fi 6): 2.4/5 GHz, higher efficiency and capacity.

Common Wireless Terms

- SSID: Service Set Identifier, the name of the wireless network.
- BSSID: Basic Service Set Identifier, the MAC address of the access point.
- WPA/WPA2/WPA3: Security protocols for wireless networks.
- Channel: The frequency used for communication, often overlapping in the 2.4 GHz band.
- MIMO: Multiple Input Multiple Output, technology that uses multiple antennas to improve performance.

Wireless Security Protocols

- WEP: Wired Equivalent Privacy, outdated and insecure.
- WPA: Wi-Fi Protected Access, improved security over WEP.
- WPA2: Enhanced security, uses AES encryption.
- WPA3: Latest security protocol, offers stronger encryption and protection against brute-force attacks.

Wireless Configuration Commands (Windows)

- Show available Wi-Fi networks:
  netsh wlan show networks

- Connect to a Wi-Fi network:
  netsh wlan connect name=""

- Disconnect from a Wi-Fi network:
  netsh wlan disconnect

Wireless Troubleshooting Commands

- Ping the access point:
  ping 

- Check signal strength:
  netsh wlan show interfaces

- View wireless network properties:
  netsh wlan show profile "" key=clear

Common Wireless Issues

- Weak signal: Check distance from the access point, obstacles, and interference.
- Connection drops: Update drivers, check for interference, and signal strength.
- No internet access: Verify DHCP settings, check ISP connection, and router status.

Best Practices for Wireless Networking

- Use WPA3 for better security.
- Select less crowded channels (1, 6, 11 in 2.4 GHz).
- Position access points centrally to optimize coverage.
- Limit SSID broadcasting for sensitive networks.
- Regularly update firmware on access points and routers.

Windows Command Cheat Sheet for Network Engineers

Windows Command Cheat Sheet for Network Engineers

Basic Networking Commands

- Check IP configuration:
  ipconfig

- Release IP address:
  ipconfig /release

- Renew IP address:
  ipconfig /renew

- Display current TCP/IP connections:
  netstat -a

- Show routing table:
  route print

Network Diagnostics

- Ping a host:
  ping 

- Trace the route to a host:
  tracert 

- Check DNS resolution:
  nslookup 

- Check network statistics:
  netstat -s

Network Share and File Commands

- List shared folders:
  net share

- Map a network drive:
  net use : \\\

- Disconnect a network drive:
  net use : /delete

Firewall Configuration

- Check firewall status:
  netsh advfirewall show allprofiles

- Allow a program through the firewall:
  netsh advfirewall firewall add rule name="" dir=in action=allow program=""

- Block a program:
  netsh advfirewall firewall add rule name="" dir=in action=block program=""

Wi-Fi Commands

- Show Wi-Fi profiles:
  netsh wlan show profiles

- Connect to a Wi-Fi network:
  netsh wlan connect name=""

- Disconnect from a Wi-Fi network:
  netsh wlan disconnect

Network Adapter Management

- Show network adapters:
  getmac

- Disable a network adapter:
  netsh interface set interface "" admin=disabled

- Enable a network adapter:
  netsh interface set interface "" admin=enabled

Viewing and Managing Services

- List all services:
  services.msc

- Start a service:
  net start 

- Stop a service:
  net stop 

PowerShell Networking Commands

- Check IP configuration:
  Get-NetIPConfiguration

- Get DNS settings:
  Get-DnsClientServerAddress

- Get active network connections:
  Get-NetTCPConnection

Remote Connection

- Remote Desktop connection:
  mstsc /v:

- Establish a remote PowerShell session:
  Enter-PSSession -ComputerName 

Linux bash command cheat sheet

Linux Bash Command Cheat Sheet

File and Directory Commands

- List files:
  ls
- Change directory:
  cd 
- Print working directory:
  pwd
- Create a directory:
  mkdir 
- Remove a directory:
  rmdir 
- Remove a file:
  rm 
- Copy a file:
  cp  
- Move or rename a file:
  mv  
- Display file contents:
  cat 
- Display file contents page by page:
  less 

File Permissions

- Change file permissions:
  chmod  
- Change file owner:
  chown : 

Text Processing

- Search for a string in a file:
  grep  
- Count lines, words, and characters:
  wc 
- Sort lines in a file:
  sort 
- Display unique lines:
  uniq 
- Replace text in a file:
  sed 's/old_text/new_text/g' 

Networking

- Check network configuration:
  ifconfig
- Display current IP address:
  hostname -I
- Ping a host:
  ping 
- Check open ports:
  netstat -tuln
- Trace the route to a host:
  traceroute 

Process Management

- List running processes:
  ps aux
- Find a process by name:
  pgrep 
- Kill a process:
  kill 
- Kill a process by name:
  pkill 
- View system resource usage:
  top

System Information

- Show disk usage:
  df -h
- Show memory usage:
  free -h
- Show system uptime:
  uptime
- Show current users:
  who

Package Management (Debian/Ubuntu)

- Update package list:
  sudo apt update
- Upgrade installed packages:
  sudo apt upgrade
- Install a package:
  sudo apt install 
- Remove a package:
  sudo apt remove 

Miscellaneous

- Clear terminal screen:
  clear
- Display current date and time:
  date
- Get help for a command:
  man 
- Exit the terminal:
  exit
Bash Command Cheat Sheet

Bash Command Cheat Sheet

File and Directory Commands

- List files:
  ls
- Change directory:
  cd 
- Print working directory:
  pwd
- Create a directory:
  mkdir 
- Remove a directory:
  rmdir 
- Remove a file:
  rm 
- Copy a file:
  cp  
- Move or rename a file:
  mv  
- Display file contents:
  cat 
- Display file contents page by page:
  less 

File Permissions

- Change file permissions:
  chmod  
- Change file owner:
  chown : 

Text Processing

- Search for a string in a file:
  grep  
- Count lines, words, and characters:
  wc 
- Sort lines in a file:
  sort 
- Display unique lines:
  uniq 
- Replace text in a file:
  sed 's/old_text/new_text/g' 

Networking

- Check network configuration:
  ifconfig
- Display current IP address:
  hostname -I
- Ping a host:
  ping 
- Check open ports:
  netstat -tuln
- Trace the route to a host:
  traceroute 

Process Management

- List running processes:
  ps aux
- Find a process by name:
  pgrep 
- Kill a process:
  kill 
- Kill a process by name:
  pkill 
- View system resource usage:
  top

System Information

- Show disk usage:
  df -h
- Show memory usage:
  free -h
- Show system uptime:
  uptime
- Show current users:
  who

Package Management (Debian/Ubuntu)

- Update package list:
  sudo apt update
- Upgrade installed packages:
  sudo apt upgrade
- Install a package:
  sudo apt install 
- Remove a package:
  sudo apt remove 

Miscellaneous

- Clear terminal screen:
  clear
- Display current date and time:
  date
- Get help for a command:
  man 
- Exit the terminal:
  exit

BGP (Border Gateway Protocol) Cheat Sheet

BGP (Border Gateway Protocol)

 Cheat Sheet

Basic Concepts

- BGP (Border Gateway Protocol): The protocol used to exchange routing information between different autonomous systems (AS).
- Autonomous System (AS): A collection of IP networks and routers under a single organization's control.
- BGP Peers: Routers that exchange BGP routing information.
- BGP Session: TCP connection between BGP peers (port 179).

BGP States

1. Idle
2. Connect
3. Active
4. OpenSent
5. OpenConfirm
6. Established

BGP Attributes

- AS_PATH: List of ASs a route has traversed.
- NEXT_HOP: Next hop IP address for the route.
- LOCAL_PREF: Indicates the preferred exit point from the AS.
- MED (Multi-Exit Discriminator): Suggests preferred entry point to an AS.
- COMMUNITY: A way to group routes for routing decisions.

BGP Configuration Commands (Cisco)

Basic Configuration:
router bgp 
  neighbor  remote-as 
  neighbor  description 

Example:
router bgp 65001
  neighbor 192.168.1.1 remote-as 65002
  neighbor 192.168.1.1 description "Peer Router"

Advertise a Network:
network  mask 

Example:
network 10.0.0.0 mask 255.255.255.0

Viewing BGP Information (Cisco)

- Show BGP Summary:
show ip bgp summary

- Show BGP Routes:
show ip bgp

- Show BGP Neighbor Details:
show ip bgp neighbors 

BGP Route Filtering

- Disallow Specific Routes:
neighbor  filter-list  in

- Using Route Maps:
route-map  permit 
  match 
  set 

BGP Timers

Adjust BGP Keepalive and Hold Timers:
neighbor  timers  

Example:
neighbor 192.168.1.1 timers 30 90

BGP Best Path Selection Criteria

1. Highest Weight (Cisco-specific)
2. Highest Local Preference
3. Shortest AS Path
4. Lowest Origin Type (IGP < EGP < Incomplete)
5. Lowest MED
6. EBGP over IBGP
7. Lowest IGP metric to NEXT_HOP
8. Oldest route (if all else is equal)
9. Lowest BGP router ID (if all else is equal)

Common BGP Commands for Troubleshooting

- Check BGP Neighbors:
show ip bgp neighbors

- BGP Route Information:
show ip bgp 

- Check BGP Updates:
show ip bgp updates
BGP Cheat Sheet

BGP Cheat Sheet

Basic Concepts

- BGP (Border Gateway Protocol): The protocol used to exchange routing information between different autonomous systems (AS).
- Autonomous System (AS): A collection of IP networks and routers under a single organization's control.
- BGP Peers: Routers that exchange BGP routing information.
- BGP Session: TCP connection between BGP peers (port 179).

BGP States

1. Idle
2. Connect
3. Active
4. OpenSent
5. OpenConfirm
6. Established

BGP Attributes

- AS_PATH: List of ASs a route has traversed.
- NEXT_HOP: Next hop IP address for the route.
- LOCAL_PREF: Indicates the preferred exit point from the AS.
- MED (Multi-Exit Discriminator): Suggests preferred entry point to an AS.
- COMMUNITY: A way to group routes for routing decisions.

BGP Configuration Commands (Cisco)

Basic Configuration:
router bgp 
  neighbor  remote-as 
  neighbor  description 

Example:
router bgp 65001
  neighbor 192.168.1.1 remote-as 65002
  neighbor 192.168.1.1 description "Peer Router"

Advertise a Network:
network  mask 

Example:
network 10.0.0.0 mask 255.255.255.0

Viewing BGP Information (Cisco)

- Show BGP Summary:
show ip bgp summary

- Show BGP Routes:
show ip bgp

- Show BGP Neighbor Details:
show ip bgp neighbors 

BGP Route Filtering

- Disallow Specific Routes:
neighbor  filter-list  in

- Using Route Maps:
route-map  permit 
  match 
  set 

BGP Timers

Adjust BGP Keepalive and Hold Timers:
neighbor  timers  

Example:
neighbor 192.168.1.1 timers 30 90

BGP Best Path Selection Criteria

1. Highest Weight (Cisco-specific)
2. Highest Local Preference
3. Shortest AS Path
4. Lowest Origin Type (IGP < EGP < Incomplete)
5. Lowest MED
6. EBGP over IBGP
7. Lowest IGP metric to NEXT_HOP
8. Oldest route (if all else is equal)
9. Lowest BGP router ID (if all else is equal)

Common BGP Commands for Troubleshooting

- Check BGP Neighbors:
show ip bgp neighbors

- BGP Route Information:
show ip bgp 

- Check BGP Updates:
show ip bgp updates

Python Cheat Sheet

Python Cheat Sheet

Python Cheat Sheet

Basic Syntax

# Comments 
# This is a comment

# Variables 
x = 5
name = "Alice"

# Data Types 
integer = 10
float_num = 10.5
string = "Hello"
boolean = True
list_example = [1, 2, 3]
tuple_example = (1, 2, 3)
dict_example = {"key": "value"}

Control Structures

# If Statements
if x > 0:
    print("Positive")
elif x < 0:
    print("Negative")
else:
    print("Zero")

# Loops
# For Loop
for i in range(5):
    print(i)

# While Loop
while x < 5:
    x += 1

Functions

# Defining Functions
def my_function(param1, param2):
    return param1 + param2

# Lambda Functions
square = lambda x: x ** 2

Data Structures

# Lists
my_list = [1, 2, 3]
my_list.append(4)

# Dictionaries
my_dict = {"name": "Alice", "age": 25}
age = my_dict["age"]

# Sets
my_set = {1, 2, 3}
my_set.add(4)

# Tuples
my_tuple = (1, 2, 3)

List Comprehensions

squares = [x ** 2 for x in range(10)]

String Methods

# Common Methods
my_string = "Hello, World!"
my_string.lower()
my_string.upper()
my_string.split(", ")

File Handling

# Reading a File
with open('file.txt', 'r') as file:
    content = file.read()

# Writing to a File
with open('file.txt', 'w') as file:
    file.write("Hello, World!")

Exception Handling

try:
    # Code that may raise an exception
    result = 10 / 0
except ZeroDivisionError:
    print("You can't divide by zero!")
finally:
    print("This will always execute.")

Modules and Packages

# Importing Modules
import math
from datetime import datetime

Decorators

def my_decorator(func):
    def wrapper():
        print("Before the function.")
        func()
        print("After the function.")
    return wrapper

@my_decorator
def say_hello():
    print("Hello!")

Generators

def countdown(n):
    while n > 0:
        yield n
        n -= 1

for number in countdown(5):
    print(number)

Common Built-in Functions

# len(), sum(), max(), min(), sorted(), enumerate()

Useful Libraries

# NumPy, Pandas, Matplotlib, Requests, Flask/Django

Common Commands

# Install a Package
pip install package_name

# Run a Python Script
python script.py

Python Cheat Sheet

Python Cheat Sheet

Basic Syntax

# Comments 
# This is a comment

# Variables 
x = 5
name = "Alice"

# Data Types 
integer = 10
float_num = 10.5
string = "Hello"
boolean = True
list_example = [1, 2, 3]
tuple_example = (1, 2, 3)
dict_example = {"key": "value"}

Control Structures

# If Statements
if x > 0:
    print("Positive")
elif x < 0:
    print("Negative")
else:
    print("Zero")

# Loops
# For Loop
for i in range(5):
    print(i)

# While Loop
while x < 5:
    x += 1

Functions

# Defining Functions
def my_function(param1, param2):
    return param1 + param2

# Lambda Functions
square = lambda x: x ** 2

Data Structures

# Lists
my_list = [1, 2, 3]
my_list.append(4)

# Dictionaries
my_dict = {"name": "Alice", "age": 25}
age = my_dict["age"]

# Sets
my_set = {1, 2, 3}
my_set.add(4)

# Tuples
my_tuple = (1, 2, 3)

List Comprehensions

squares = [x ** 2 for x in range(10)]

String Methods

# Common Methods
my_string = "Hello, World!"
my_string.lower()
my_string.upper()
my_string.split(", ")

File Handling

# Reading a File
with open('file.txt', 'r') as file:
    content = file.read()

# Writing to a File
with open('file.txt', 'w') as file:
    file.write("Hello, World!")

Exception Handling

try:
    # Code that may raise an exception
    result = 10 / 0
except ZeroDivisionError:
    print("You can't divide by zero!")
finally:
    print("This will always execute.")

Modules and Packages

# Importing Modules
import math
from datetime import datetime

Decorators

def my_decorator(func):
    def wrapper():
        print("Before the function.")
        func()
        print("After the function.")
    return wrapper

@my_decorator
def say_hello():
    print("Hello!")

Generators

def countdown(n):
    while n > 0:
        yield n
        n -= 1

for number in countdown(5):
    print(number)

Common Built-in Functions

# len(), sum(), max(), min(), sorted(), enumerate()

Useful Libraries

# NumPy, Pandas, Matplotlib, Requests, Flask/Django

Common Commands

# Install a Package
pip install package_name

# Run a Python Script
python script.py

Friday, June 7, 2024

IEEE 802.1x (Dot1x) authentication and device-sensor configuration template for Cisco 3650

Configure dot1x

// Enable aaa//

!  
aaa new-model

!

// Create local username password for admin authentication //

!

username admin privilege 15 secret admin1

enable secret admin1

aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local

!

// Define radius server, ISE server ip = 10.10.10.10//

!

radius server ise-psn01
 address ipv4 10.10.10.10 auth-port  1812 acct-port 1813
 key Cisco123

!


// Create ISE group//

aaa group server radius ISE
 server name  ise-psn01


// AAA configuration for dot1x authentication //
aaa authentication dot1x default group ISE
aaa authorization network default group ISE
aaa accounting dot1x default start-stop group ISE

ip radius source-interface Vlan10

//Enable dot1x globally //
dot1x system-auth-control

// for Change of Authorization (CoA)" messages from the RADIUS server.//
aaa server radius dynamic-author
 client 10.10.10.10 server-key  Cisco123



// Interface configuration //
interface GigabitEthernet1/0/1
 switchport access vlan 88
 switchport mode access
 switchport voice vlan 118
 switchport port-security maximum 2
 switchport port-security
 spanning-tree portfast
 spanning-tree bpduguard enable

 authentication host-mode multi-auth
 dot1x pae authenticator
 authentication order dot1x mab
 authentication priority dot1x mab
 authentication port-control auto
 mab
 authentication event fail action next-method
 dot1x timeout tx-period 2
 end

PAE = port access entity 





#############################################################
Configure Device Sensor

device-sensor accounting
device-sensor notify all-changes

radius-server vsa send accounting


// Creates a TLV list and enters DHCP-LIST sensor configuration mode, where you can configure individual TLVs. //

device-sensor filter-list dhcp list dhcp-list
 option name host-name
 option name domain-name
 option number 50

Note:  DHCP option 50 is used to let clients request a specific IP address ;

// Creates a TLV list and enters CDP sensor configuration mode, where you can configure individual TLVs.//

device-sensor filter-list cdp list cdp-list
 tlv name device-name
 tlv name address-type
 tlv number 34

// Creates a TLV list and enters LLDP sensor configuration mode, where you can configure individual TLVs.//

device-sensor filter-list lldp list lldp-list
 tlv name chassis-id
 tlv name management-address
 tlv number 28


Command to verify 
Switch # sh device-sensor details
Switch #sh device-sensor cache all
Switch # sh device-sensor cache int g1/0/1
Switch # sh device-sensor cache mac <mac-address>

Saturday, February 17, 2024

CCNP Quick notes

CoPP

Control Plane Policing (CoPP) is a network security feature used in Cisco devices and other network equipment to protect the control plane of the device. The control plane is responsible for managing and maintaining the device's routing and switching functions, it works like Brain of network device. Protecting the control plane is essential to ensure the stability and security of a network device.

Control Plane Policing is designed to prevent unauthorized or malicious traffic from overwhelming the control plane and causing network disruptions. It involves setting limits on the amount of traffic that the control plane can process, effectively creating a policing mechanism for control plane traffic. When traffic exceeds the configured limits, CoPP can either drop or rate-limit the excess traffic to protect the control plane.

Key components of Control Plane Policing include:

  • Access Control Lists (ACLs): CoPP uses access control lists to define which types of traffic are allowed or denied access to the control plane. ACLs can be configured to match specific protocols, ports, or source/destination IP addresses.
  • Rate Limiting: CoPP enforces rate limits on control plane traffic. This ensures that the control plane only processes a specific amount of traffic within a given time frame.
  • Class Maps and Policy Maps: Control Plane Policing uses class maps and policy maps to define the traffic classification and policing actions. Class maps specify the criteria for identifying traffic, and policy maps define how the traffic is policed.
  • Logging and Monitoring: CoPP typically provides logging and monitoring capabilities so that network administrators can track control plane traffic and any actions taken by the CoPP feature.


Difference between conform-action, exceed-action and violate-action in control plane policing


In Control Plane Policing (CoPP), "conform-action," "exceed-action," and "violate-action" are actions that specify what should happen to different types of traffic based on whether they conform to, exceed, or violate the configured traffic rate limits. These actions are used to control and manage traffic that is being policed by CoPP.

Here's an explanation of each of these actions:

  • Conform-Action: This action is applied to traffic that conforms to the configured rate limits. In other words, when traffic falls within the permitted rate, it "conforms." The "conform-action" specifies what should happen to this traffic. Typically, conforming traffic is allowed to pass through without any additional restrictions. It's considered acceptable and within the defined policing parameters.
  • Exceed-Action: This action is applied to traffic that exceeds the configured rate limits but doesn't violate them. When traffic exceeds the specified rate but is still within the defined excess rate, the "exceed-action" determines what should happen. Common actions for exceeding traffic include dropping it or remarking the traffic to a lower priority or a different class of service. The idea is to handle this traffic less favorably than conforming traffic but not as harshly as violating traffic.
  • Violate-Action: This action is applied to traffic that violates the configured rate limits. When traffic exceeds the maximum rate allowed, it is considered a "violation." The "violate-action" specifies how to handle this traffic. Typically, violating traffic is either dropped or remarked to a lower priority or a different class of service. Violating traffic is generally the least desirable and may be associated with potential threats or attacks.



IPSLA

IPSLA, or Cisco IOS IP Service Level Agreements, is a feature in Cisco routers and switches that allows network administrators to measure, verify, and report on network performance.


ip sla 1 icmp-echo <target IP> frequency 60 exit


ip sla schedule 1 life forever start-time now

show ip sla statistics 1


EEM
Cisco Embedded Event Manager (EEM) is a powerful and flexible subsystem available on Cisco devices that allows you to monitor events and take automated actions in response. EEM provides a scripting language that allows you to define policies to respond to events on the device.

Basic Concepts:

  1. Event: An event is a significant occurrence or a state change that can trigger an action. Events can be related to system-level changes, interface status, SNMP traps, syslog messages, etc.

  2. Policy: A policy is a set of rules that define what action should be taken when a specific event occurs.

  3. Action: An action is a task or command that is executed when a policy is triggered by an event.

Steps to Create a Basic EEM Script:

  1. Enter EEM Configuration Mode:

enable
configure terminal
event manager applet <applet_name>

Define the Event:
event <event_type> <event_name>

Specify the Action:
action <action_type> <action_command>

Exit Configuration Mode &
Save Configuration:

Example of EEM
enable configure terminal event manager applet InterfaceUpDown event syslog pattern "LINK-3-UPDOWN" occurs 1 action 1.0 syslog priority emergencies msg "Interface is down - taking action" exit write memory




Interview question on Cisco EEM?
  1. What is Cisco EEM?

  2. Answer: Cisco EEM, or Embedded Event Manager, is a feature embedded in Cisco devices that provides a scripting interface for monitoring events and taking automated actions in response to those events.


  3. What are the key components of an EEM policy?

  4. Answer: An EEM policy consists of an event, a trigger that specifies when the policy should be executed, and an action, which defines the tasks or commands to be performed when the event occurs.


  5. Can you give an example of an event in EEM?

  6. Answer: An example of an event is "event syslog pattern," where a policy is triggered based on a specific pattern in syslog messages.


  7. How do you create a basic EEM policy?

  8. Answer: Use the event manager applet configuration mode, define an event using the event command, and specify actions using the action command.


  9. What is the purpose of the occurs keyword in an EEM policy?

  10. Answer: The occurs keyword specifies how many times an event must occur before the associated actions are executed. For example, occurs 1 means the actions will be triggered on the first occurrence of the event.


  11. Explain the use of the poll-interval keyword in an SNMP-related EEM event.

  12. Answer: The poll-interval keyword sets the interval at which an SNMP query is repeated. It defines how often the device checks the specified SNMP variable for changes.


  13. How can you view the existing EEM policies on a Cisco device?

  14. Answer: Use the show event manager policy registered command to view a list of registered EEM policies.


  15. What is the difference between an EEM applet and an EEM script?

  16. Answer: An EEM applet is a simple and single-shot policy, while an EEM script is a more complex and reusable set of policies. An EEM script can contain multiple applets.


  17. Can you explain the importance of error handling in EEM policies?

  18. Answer: Error handling is crucial to ensure the robustness of EEM policies. Proper error handling helps prevent unintended consequences and ensures that the device behaves predictably even in the face of unexpected conditions.


  19. How do you troubleshoot EEM policies that are not working as expected?

  20. Answer: Use the show event manager policy registered and show event manager policy registered detail commands to check the status and details of registered policies. Additionally, examine the syslog messages for any errors or debug EEM events using the debug event manager action cli command.


NetFlow

NetFlow is a network protocol developed by Cisco Systems for collecting IP traffic information and monitoring network traffic flow. It provides a way to collect and analyze data about the traffic flowing through a router or switch, allowing network administrators to gain insights into network utilization, identify performance issues, and enhance security. NetFlow is widely used in various network environments, including enterprise networks, service provider networks, and data centers.

Here are the key concepts and components of NetFlow:

  1. Flow: In NetFlow, a flow is a unidirectional sequence of packets that share common characteristics. It include source and destination IP addresses, source and destination port numbers, protocol, and the type of service. The flow is the basic unit of measurement in NetFlow.

  2. Flow Record: A flow record is a collection of key fields that define a flow. It include source and destination IP addresses, source and destination port numbers, protocol, and other relevant information. Flow records are used to store information about individual flows.

  3. Flow Exporter: A flow exporter is responsible for aggregating flow records and exporting them to a NetFlow collector for further analysis. The exporter formats the flow records and sends them to the collector using the NetFlow protocol (typically UDP).

  4. Flow Collector: The flow collector is a system or software that receives and stores the flow records sent by flow exporters. It is responsible for processing and analyzing the collected data. NetFlow collectors can provide insights into network traffic patterns, usage, and potential issues.

  5. Flow Sampler: In some cases, not all packets are included in the NetFlow data to reduce the processing load on routers and switches. Flow samplers are mechanisms used to sample a subset of packets to estimate the characteristics of the entire flow.

  6. NetFlow Versions: There are different versions of the NetFlow protocol, such as NetFlow v5, v9, and IPFIX (which is similar to NetFlow v9 and standardized by the IETF). Each version may have additional features and improvements over the previous ones.

Netflow configuration example:
# Enable NetFlow on an interface
interface GigabitEthernet0/0
  ip flow ingress

# Configure the NetFlow exporter
ip flow-export destination <collector-ip> <collector-port>
ip flow-export version 9