RouterNotes.com

Disk images make the perfect backup file. Without any extra software or cost, Mac OS X will compress and encrypt the data into a single file that can be copied anywhere.
While most backup programs need to be installed on a computer in order to be able to decrypt and read the backup, encrypted disk images can be opened on any Macintosh.

Creating the disk image with Disk Utility.

Disk Utility is located in the Applications/Utilities folder on the hard drive. Most people only use Disk Utility to repair disks and permissions, but it can also be used as a backup program.

Go under the File menu and select New. A pop-up menu will show up with two options: Blank Disk Image and Disk Image from Folder. Choose the Disk Image from Folder and a dialogue box comes up and asks you to select the folder that you wish to backup. After selecting the folder that you want to back up another dialogue box appears asking you to name the disk image to be created and specify the type of disk image to be created. For backups, select compressed for Image Format and 128-bit AES encryption for Encryption. Mac OS X 10.5 Leopard adds the option for 256-bit AES encryption with is more secure, but takes longer to create and open up. Next a box appears asking you to enter a password for the encrypted disk image. Choose a difficult password because disk images can be opened if someone can guess your password. Microsoft offers a free online password strength tester and notes about creating passwords that cannot be easily guessed.

Selecting the Save Password in Keychain option means that the password to the disk image will be stored under your account information on that Mac. The image can be opened up by manually entering a password. If you are the only user of that computer, then this option can save time. However, if you share the computer with other people and do not have separate user accounts, then they can open the backup file too.

Now that the file is created, the image can be moved to another computer or flash drive in case the primary hard drive fails.

Route-maps allow to you deal with traffic on your router by policy rather than traditional means.
In this example, we will route traffic by source address, or who is sending the traffic, rather than by destination, or where the traffic is going. Typically routers just look at where traffic is headed, compare that destination to their routing table and send the packets on their way. To override basic routing on a Cisco router, a route-map configuration is required.
What are route-maps?
Essentially, Route-maps are like a scripting language for routers. They define traffic and then process it according to a defined list of statements almost like a miniature computer program.
Why would you want to route by source address?
Perhaps you have internet connections from two internet service providers along with IP addresses provided by both and you want to send traffic from the IP address that belongs to each ISP to the correct internet connection. Another application of router-maps would be to migrate traffic from one firewall to another in steps rather than all at once.
Understanding the Route-Map structure
Route-maps inherit their structure from if-then statements in programming. First, it creates a step (10 and 20 in this example), matches a criteria in each step and then performs an action.
route-map permit 10
perform-action-1

route-map route-map-name permit 20
match criteria-2
set perform-action-2

Configuring the Route-Map for routing traffic by source

Step1: Define the traffic with an access-List

RouterA(config)#access-list 25 10.10.25.0 0.0.0.255

Step 2: Create a Route-Map with an action

RouterA(config)# route-map Traffic_to_ISP_A 10
RouterA(config-route-map)#match ip 25
RouterA(config-route-map)#set next hop 10.15.15.1

Step 3: Apply the Route-Map to the router interface that the traffic enters into
RouterA(config)#interface gig0/1
RouterA(config-int)#ip policy Traffic_to_ISP_A
Now all traffic from the 10.10.25.0 network will be forced to the router at 10.15.15.1 rather than looking at the routing table in the router.
Now that the traffic is routed correctly by policy, perhaps you find one server within the 10.10.25.0 network that needs to be routed normally rather than being forced to a new network by the route-map. To have the server 10.10.25.10 bypass, just create a new route-map step.

Read the rest of this entry »

Historically, creating multiple networks required multiple switches, but VLANs (Virtual Local Area Networks) changed all of that. Now, more than one network can be created on a single switch.

If the switch has 24 ports, then it can have 24 separate networks on it. In most cases, Cisco switches support 1024 or more created VLANs per switch. Cisco’s command structure for creating multiple networks and assigning them to ports is simple and straight forward.

What are VLANs anyway?
VLANs are simply a way of separating traffic logically rather than physically. Each data packet that the switch receives is labeled with a VLAN id that tells the switch which network that the packet belongs to. Sometimes the process is called “tagging” because of the VLAN id tag that is added to the data packet. The switchport access VLAN command demonstrated above tells the switch to remove the VLAN id before the data packet is forwarded onto the computer connected to that switch port.

First, create the VLANs.
switchA>en
switchA#configure terminal
switchA(config)#vlan 5
switchA(config-vlan)#description Accounting
switchA(config)#vlan 10
switchA(config-vlan)#description Marketing

This defines two separate networks on the switch that can by used for ports. VLAN 5 could be used for the Accounting department and VLAN 10 could be used for the Marketing department. After the ports are assigned to the correct VLAN, computers in the Accounting department will not be able to see the Marketing department. It will be as if each department had its own switch.

Configure the ports
switchA(config)#int fa0/1
switchA(config-if)#description Markg-1
switchA(config-if)#switchport mode acess
switchA(config-if)#switchport access vlan 5
switchA(config)#int fa0/2
switchA(config-if)#description Acctg-1
switchA(config-if)#switchport mode acess
switchA(config-if)#switchport access vlan 10

Read the rest of this entry »

CPU spikes on switches and routers can cause crazy problems in the network because of the way that traffic flowing through the network gear can be discarded or paused. Applications like Solarwinds that track network utilization only show the processor usage average rather than tracking spikes that occur periodically. Network problems can still occur when the processor spikes close to 100 percent even for a few seconds.

Thankfully, Cisco has included a new command that can track cpu spikes. You must be at the enable prompt in order to issue this command.

routerA#show process cpu history

This command will show CPU usage charts of the switch or router for the past 60 seconds, 60 minutes and 72 hours. The charts are neatly created in text format and show average CPU usage with the # sign and maximum CPU with * symbols. Note that the charts are not retained after the router or switch has rebooted. For the most part, anything above 80 percent is a concern. If the maximum CPU reaches above that point, then the network device probably created some sort of network disruption because there wasn’t enough CPU cycles leftover to process the traffic. The symptoms are unusual, unexplainable and intermittent network problems– almost like ghosts or gremlins are causing havoc in the network.

Isolating what is causing the CPU spikes

Unfortunately, most of the detective work comes after diagnosing the CPU spike. The simplest way is to watch the device and enter the following command during the processor spike.

RouterA#show process cpu sorted

The process occupying the most processor time will pop up to the top. That should isolate what type of traffic that is causing the spike. Notice that this command shows CPU utlization for the five seconds, one minute and for five minutes

Cisco gear is designed to process typical traffic in its special hardware rather than in the CPU, so a CPU spike is a sign that something atypical is occurring on the network. The exact cause can be almost anything. For example, some types of traffic are designed to be processed by the processor in newer Cisco equipment like Appletalk and IPX, which are older protocols that have been replaced by TCP/IP. An overly complicated configuration with too many Access Control Lists can cause problems too. Perhaps the device is under attack from hackers, called a Denial of Service attack, or or the network utilization is beyond the device’s capacity and an upgrade is needed.

The Groupwise client for linux comes as an .rpm file, which installs into Suse and RedHat linux just fine, but not Debian. Here’s how to install Groupwise into Debian.

First, install the rpm package installer

apt-get install alien

Next, install the necessary files to run groupwise

apt-get install gcc

apt-get install libstdc++5

Next, install java from ww.java.com following the included directions

Finally, install groupwise

alien -i –scripts novell-groupwise-gwclient.i386.rpm

A Groupwise launcher should be on the desktop now or groupwise can be called directly from /opt/novellgroupwise

With the URLfilter addon installed, an IPcop firewall can be turned into a free content-filtering web gateway perfect for a church, non-profit organization or home office. Access to inappropriate sites whether they be pornagraphic or just not work-related will be denied automatically at the firewall. Both IPcop and URLfilter are free to download and use.

Why IPcop?
IPcop differs from most internet routers and firewalls because it has proxy software built-in. At first glance, a proxy server doesn’t do anything more than a standard router. Both will allow multiple computers inside the network to access websites on the internet, but a proxy servers looks at the actual web address in order to get a web page. For example, a standard router will recognize that a computer is visiting a website out on the internet whereas a proxy server understands that a computer is visiting www.MSN.com/music or www.msn.com/jobs. By looking at the full web address, IPcop can create internet access logs accurate down to the actual web page that was visited. IPcop and other free firewalls are compared in this article.
Another handy trick that IPcop can do is proxy web traffic transparently. Most proxy servers require users to make configuration changes to Internet Explorer or Firefox to use them, but that is not the case with IPcop. Web traffic can be proxied, logged and filtered without any configuration at the workstation and most users will never know that their web traffic is being analyzed. If a network administrator is just interested in keeping a detailed web access log, then IPcop can do that by? default. URL Filter adds the filtering capability.
Why URL filter?
URL filter (Short for Universal Resource Locater Filter) just adds a module to IPcop that helps it make decisions on whether to process a computer request for a web page. It makes decisions two ways. It keeps a list of known unacceptable websites and blocks those and it keeps a list of bad words and blocks anything with one of those bad words in the name. URL filter can be configured to download new lists of bad words and sites automatically.

Read the rest of this entry »