Wednesday, 5 March 2014

Configuring HA on Juniper SRX Through JunOS

This post will cover how to conduct HA (high availability) failover configurations for the Juniper SRX. This post will only cover a simple active/passive configuration. It will not cover more advanced deployments like layer 2 HA or active/active HA.

Requirements

  • A maximum of 2 SRXs is allowed to be clustered at once.
  • Both SRX devices must have matching hardware and software. This includes having matching modules in the same slots.
  • This configuration requires the two SRXs to be directly connected to each other using two ethernet links. Generally these are simply normal ethernet ports that are on the SRX. One link is for control one link is for data.
  • A reboot is required whenever putting a device into cluster mode or taking it out of cluster mode.

Goal of Active/Passive Failover Configuration

We will be using the diagram below to configure two SRX devices in Active/Passive failover mode.
Junos HA IMG
Terminology:
  • node 0/node 1: Setting the node number distinguishes which SRX is which. Regardless of failover state, node 0 will always remain node 0 and node 1 will always be node 1. The firewalls can take turns being primary and secondary.
  • fxp0: This interface is used to manage the devices.
  • fxp1: This interface connects the two SRX’s together. This is called the ‘control-link’ and sends HA control data between the two SRXs including heartbeats and configuration synchronization. If this link goes down the secondary SRX is disabled from the cluster. It does this to avoid having 2 default gateways. To re-enable the secondary SRX you need to reboot the node. Each SRX model has a different port that is required to be used for fxp1. Review your systems documentation for details around that. Here is the documentation for SRX240 indicating the FXP1 port location.
  • fab0/fab1: On both SRX devices is a fab port. These ports are known as the data links. The packets that are sent between the two SRXs on this port are called RTOs (real time objects). These objects contain session states.
  • cluster-id: (Not displayed in diagram) The cluster-id is simply the number assigned to your cluster configuration. Cluster-id 0 is reserved. Any other number is valid.
  • reth1: Redundant Pseudo Interface. A number of reth interfaces can be configured. This is a pseudo interface which will create a virtual mac address. It will normally contain 1 physical interface on each node which are called children nodes. When sending traffic to the reth interface IP, the traffic will be picked up by the primary node.
  • RG0: (Not displayed) Redundancy Group. Within the redundancy group configuration is where weights and thresholds are configured that will trigger a failover event.
  • interface names: The device used in the diagram is an SRX5800 with 2 FPC cards plugged into it. It has a maximum of 12 FPC slots. When connected in cluster mode, the standby unit’s interfaces will be +1 more than the max number of FPC slots in the primary. In this case the primary interfaces will be ge-0/0/0 to ge-0/0/11, ge-1/0/0 to ge-1/0/11 and the secondary will be ge-12/0/0 to ge-12/0/11, ge-13/0/0 – ge-13/0/11. If we were to plug another SPC into slot 12 of both SRXs it would then show up as ge-11/0/0 and ge-23/0/0.
In this diagram, when the host at 10.20.20.2 needs to get out to the internet it will have a default gateway of 10.20.20.1 which is the IP of the reth1 interface. The reth1 interface will be on whatever node is acting as primary. That node will then forward it’s packet out the internet interface to it’s destination. That stateful connection will then be transferred over to the secondary node. In the even the primary node goes down, the secondary node will assume the IP of the reth1 interface and become primary. It will already have it’s stateful connection table and configuration synced from the old primary node.

Configuration

Removing Interfaces and Hostname

Before configuring the HA, the SRX needs to remove the config for the host-name and the interfaces that are part of the fab, reth, fx1 and fx0 ports.
delete interfaces ge-0/0/0
delete system host-name

Setting up the Nodes

The following config will need to be added to both SRX boxes.
set group node0 system hostname srx1
set group node0 interfaces fxp0 unit 0 family inet address 10.99.99.1/24

set group node1 system hostname srx2
set group node1 interfaces fxp0 unit 0 family inet address 10.99.99.2/24

set apply-groups ${node}
The last command is run so that the individual configs for each node, set by the above commands, are applied only to that node. (required)

Enabling HA

Once the nodes are set up in the previous step that is all that is needed for the very basic HA configuration. Now we just need to reboot each box telling it to go into HA mode.
This is the step where the node is tied to the device. This command indicates the system the command was executed on will be that node number in the command.
Conduct on srx1:
user@srx1> set chassis cluster cluster-id 1 node 0 reboot
Conduct on srx2:
user@srx2> set chassis cluster cluster-id 1 node 1 reboot
Once they both reboot you can check the status by issuing the command:
show chassis cluster status
Cluster ID: 1
Node                  Priority                Status      Preempt     Manual failover

Redundancy group: 0,  Failover count: 1
  node0                   1                   primary     no          no
  node1                   1                   secondary   no          no
Another show command is show chassis cluster interfaces which will indicate the status of the interfaces in the cluster.

Assign the Fabric Interfaces

At this point you will only need to conduct the configurations on the primary node. All configuration changes will be sync’d between both SRXs.
Connect the two SRX boxes together. In our example we’ll simply choose ge-0/0/3 on both boxes. Because it’s in cluster mode, the secondary SRX’s ge-0/0/3 will be ge-0/0/15. Both SRX’s have 12 ports in this case.
set interfaces fab0 fabric-options member-interfaces ge-0/0/3
set interfaces fab1 fabric-options member-interfaces ge-0/0/15
At this point, HA is on and the two SRX systems have their data link and control link up. Next we will make rules for determining when a failover will occur and then creating a pseudo interface to send traffic through the system.

Configure Redundancy Groups

By default RG0 is created which will monitor the routing engine of each SRX. However if there is a need to monitor the interfaces another RG can be created.
We’ll set up RG1 to monitor ge-0/0/0.
The formula for RG and failover is as follows:
RGx value = RGx threshold – interface weight
We’ll set the RG1 node0 threshold to be 200 and the interface to be 150. This means if that single interface goes down on node 0, the RG1 value will be 50, while the node 1 RG1 will be 100. Because of this new value the SRX cluster will failover. Because of this type of control, the admin can choose the exact scenario to cause a failover. By default the interface weight is 255.
set chassis cluster redundancy-group 1 node 0 priority 200
set chassis cluster redundancy-group 1 node 1 priority 100
set chassis cluster redundancy-group 1 interface-monitor ge-0/0/0 weight 150
RG0 refers to the routing engine. RG1 is created above.
Optional: Adjust the heartbeat intervals.
set chassis cluster heartbeat-interval <# of ms>
set chassis cluster heartbeat-threshold <# of intervals>
By setting the heartbeat levels will tune the firewalls to failover at a time you specify. A heartbeat will be sent out every # of milliseconds defined. If the firewall doesn’t hear from it’s mate after # number of intervals a failover will occur.

Configure reth1 as the Pseudo Interface

Now it’s time to create the reth1 interface. This is the interface will exist on whatever node is primary. First identify the physical interface that will be tied to reth1, then define the properties for reth1.
set interfaces ge-0/0/0 gigether-options redundant-parent reth1
set interfaces ge-12/0/0 gigether-options redundant-parent reth1
set interfaces reth1 description TRUST
set interfaces reth1 redundant-ether-options redundancy-group 1
set interfaces reth1 unit 0 family inet address 10.20.20.1/24
set chassis cluster reth-count 2
Note: The last command will tell the SRX to create 2 reth interfaces, reth0 and reth1. If we specified a reth-count of 3, it would then create a reth0, reth1 and a reth2 interface. We simply made 2 here because the diagram says reth1. If it said reth0 then we could have just had a count of 1.
At this point the SRX’s are configured in HA and have reth1 acting as the pseudo interface and the same IP will be present on whatever device is primary.

Add a Policy to reth1

You can create a policy and when you assign reth1 to a zone it will inherit those policies.
set security zones security-zone UNTRUST interfaces ge-1/0/0
set security zones security-zone UNTRUST interfaces ge-13/0/0
set security zones security-zone TRUST interfaces reth1.0 

Routing for the UNTRUST

Since our UNTRUST interfaces are pointing to the internet and in our case 2 different carriers we can set some routing for this by having the preferred route be for node 0’s default gateway.
set routing-options static route 0/0 qualified-next-hop 1.1.1.2
set routing-options static route 0/0 qualified-next-hop 2.2.2.2 preference 10
At this point the two SRXs are configured for failover, and the primary is actively accepting packets for 10.20.20.1. This completes the failover configuration.

Show Commands

See what’s going on in the logs. Failover logs will show up in the JSRP (JunOS software Services Redundancy Protocol) logs.
show log jsrp
show chassis cluster status
show chassis cluster statistics
show chassis cluster interfaces
Traceoptions:
set chassis cluster traceoptions flag cli
set chassis cluster traceoptions flag configurations
set chassis cluster traceoptions flag heartbeat

Controlling the Cluster

Conduct a manual failover
request chassis cluster failover redundancy-group 1 node 1
Fail the units backover after a manual failover. This is called resetting the cluster.
request chassis cluster failover reset redundancy-group 1
Disable cluster (requires reboot). Do this to both nodes.
set chassis cluster disable reboot
From node 0, reboot node 1
set chassis cluster cluster-id 1 node 1 reboot

With thanks to: http://www.tunnelsup.com/configuring-ha-on-juniper-srx-through-junos

SRX HA Configuration Generator

http://www.juniper.net/support/tools/srxha/

Juniper SRX 240 HA Configuration

Below is a simple config for 2 x SRX 240H in HA

IP addresses are made up:
192.168.23.12 and 192.168.23.13 are used for the Fabric
192.168.1.1/22 is the local trusted IP
10.10.10.10/24 is the untrust IP

set groups node0 system host-name srx-a
set groups node0 interfaces fxp0 unit 0 family inet address 192.168.23.12/30
set groups node1 system host-name srx-b
set groups node1 interfaces fxp0 unit 0 family inet address 192.168.23.13/30
set apply-groups "${node}"
set chassis cluster reth-count 2
set chassis cluster redundancy-group 0 node 0 priority 200
set chassis cluster redundancy-group 0 node 1 priority 100
set chassis cluster redundancy-group 1 node 0 priority 200
set chassis cluster redundancy-group 1 node 1 priority 100
set interfaces fab0 fabric-options member-interfaces ge-0/0/2
set interfaces fab1 fabric-options member-interfaces ge-5/0/2
set interfaces ge-0/0/3 gigether-options redundant-parent reth0
set interfaces ge-5/0/3 gigether-options redundant-parent reth0
set interfaces ge-0/0/4 gigether-options redundant-parent reth1
set interfaces ge-5/0/4 gigether-options redundant-parent reth1
set interfaces reth0 redundant-ether-options redundancy-group 1
set interfaces reth1 redundant-ether-options redundancy-group 1
set security zones security-zone Trusted
set security zones security-zone Untrusted
set security zones security-zone Trusted host-inbound-traffic system-services all
set interfaces reth0 unit 0 family inet address 192.168.1.1/22
set security zones security-zone Trusted interfaces reth0.0
set interfaces reth1 unit 0 family inet address 10.10.10.10/24
 set security zones security-zone Untrusted interfaces reth1.0

Saturday, 22 February 2014

iphone 4s running ios 7 displays pictures taken with filter as white

Caused by having one of the filters set on the camera.

To fix for new photos remove the filter.

For old photos or ones which are opening as blanks/ white.  Open it and tap "edit" brings it back but you have to apply another filter or magic touch for it to stick around.

Monday, 20 May 2013

Windows 8 create shutdown shortcut

create shortcut on desktop with the following path

C:\Windows\System32\shutdown.exe /s /t 10

amend icon if wanted to a shutdown button.

From here can pin to start bar or tiles

IBM Domino 6.5 export database list

Use the Catalog database. All of the info is in there, even mail files
that are set to be not listed in the catalog. You can find them in 1
of the hidden views by pressing Ctrl/Shift when opening the db. You'll
have to create a custom view to display the info you need to export.

Select what you want to export and file export selected...

I think!

Windows 8 create new link for Documents and settings

1. Open an "administrator" command prompt
2. type the following:-

C:
CD\
rmdir "Documents and Settings"
mklink /j "Documents and Settings" C:\Users

Turn off the gesture swipe on Windows 8



a. Press Windows Key +R, type Control Panel.

b. Click on Hardware and Sound, select Mouse then right click and select device settings

c. Click on Settings.

From there you can adjust a lot of track pad settings, including Disable Edge Swipes and check.

Thursday, 17 January 2013

Combine text and numbers in Excel

Let's say you want to create a grammatically correct sentence from several columns of data for a mass mailing or format numbers with text without affecting formulas that use those numbers. There are several ways to combine text and numbers.
Select the cells that you want to format.

On the Home tab, in the Number group, click the arrow, and then click More.
In the Category list, click a category, and then click a built-in format that resembles the one that you want.
In the Category list, click Custom.
In the Type box, edit the number format codes to create the format that you want.

To display both text and numbers in a cell, enclose the text characters in double quotation marks (" ") or precede the numbers with a backslash (\). Editing a built-in format does not remove the format.

To display Use this code
12 as Product #12 "Product # " 0
12:00 as 12:00 AM EST h:mm AM/PM "EST"
-12 as $-12.00 Shortage and 12 as $12.00 Surplus .00 "Surplus";$-0.00 "Shortage"

Friday, 21 December 2012

OWA Windows 7 red x when trying to send email


1.       Log onto OWA. 

2.       Once loaded click on Options

3.       Scroll down to E-Mail Security and click Install, Download or Re-install (the option may be different depending on how it initially installed).

4.       Click yes to any security warning

5.       Close OWA and try again.

Friday, 14 December 2012

CCNA practise notes Fundamentals of IP Addressing and Routing

Layer 1 defines how to transmit bits over a physical network

Layer 2 defines framing, addressing, error detection and rules for when to use the physical medium.

Layer 3 end to end delivery of data between 2 computers regardless of the type of physical network.  Defines how to forward or route the data.

1. Which is a OSI Layer 3 Protocol? Logical addressing and Path Selection.

The network layer defines logical addressing, in contrast to physical addressing.  The logical address structure allows for easy grouping of addresses, which makes routing more efficient.  Path Selection refers to the process of choosing the best routes to use in the network.  Physical addressing and arbitration typically are data link layer functions, and error recovery typically is a transport layer function.

2. PCA needs to send data to PCB.  Both are separated by several routers.  What are the largest entities that make it from PCA to PCB?   Packet, L3 PDU

3. 2 routers are connected with a point to point HDLC serial link.  Each router has an Ethernet, with a PCA sharing the Ethernet with RouterA and PCB sharing the Ethernet with RouterB.  When PCA sends to PCB what is true?
RouterA strips the Ethernet header and trailer off the frames received from PCA never to be used again.

4. Valid class C IP addresses that can be given to host? b
200.1.1.1

5. Range os values for the 1st octet for Class A? d
1 to 126

6. PCa and PCb are on 2 different Ethernet that are separated by an IP router.  PCa IP is 10.1.1.1 and no sub netting is used.  Which address can PCb use?
9.1.1.1 and 1.1.1.1.  without any subnetting in use all addresses in the same network as 10.1.1.1 all addresses in class A network 10.0.0.0 must be on the same LAN.  Addresses separated from that network by some router cannot be in the network 10.0.0.0.  So, the 2 correct answers are the only 2 answers that list a valid unicast IP address that is not in network 10.0.0.0.

7. Class b network contains how many ip addresses that can be assigned to hosts?
65,532

8. Class C network contains how many ip addresses that can be assigned to a host. f
254

9, Which of the following does a router normally use when making a decision about routing TCP/IP packets?
Destination address

10 True about LAN connected TCP/IP host and its IP routing (forwarding) choices? b c
The host sends packets to its DG if the destination IP address is in a different class of UP network than the host.

The host sends packets to its DG if the destination IP is in a different subnet than the host.

11. Functions of a routing protocol?
Advertising known routes to neighbouring routers.

Learning routes and putting those routes into the routing table for routes advertises to the routers by its neighbouring routers.

12. Protocols which allows a clients PC to discover the IP address of another computer based on that other computer name?
DNS

13. Protocols which allows a client PC to request assignment of an IP addresses as well as learn its DG?
DHCP

Tuesday, 27 November 2012

CCNA practise notes Fundamentals of WANS

OSI Layer 1 for Point to Point WANs 
Point to Point WAN Link acts like an Ethernet trunk between 2 Ethernet switches.  Which provide basis connectivity between 2 points.

Service provide would install circuit with a physical cable, with a transmit and receive twisted pair between the buildings.  The cable connects to each router which is then connected to a switch.
Leased Line
PTT public telephone and telegraph / Telco

WAN Connections from the Customer Viewpoint
Routers connect to a device called a external channel service unit/data service unit (CSU/DSU). 

Demarc is typically where the Telco physically terminated the set of 2 twisted pairs inside the customer site.
CPE Customer Premises equipment (CPE) devices at the customers site. eg Routers and CSU/DSU.

WAN Cabling Standards
Synchronous Serial Interfaces in Cisco routers use various physical connectors.  Such as 60 ping D Shell.  Cable connecting the router to the

CSU/DSU uses a connector that first the router serial interface on the router side and a standardizes WAN connector that matches the CSU/DSU interface on the CSU/DSU.
Cable between CSU/DSU and Telco CO usually use RJ-48.
Clock Rates, Synchronization, DCE and DTE.

So engineer who wants to install a new point to point leased line. 
1. Contact service provider and order a circuit.  Specifies how fast kbps.
2. Telco installs the circuit
3. engineer purchase 2 x CSU/DSU and installs at each site.
4. Purchase 2 x routers and installs at each site.
5. Connects the CSU/DSU to the routers using serial cable

Every circuit runs at a different possible predefined speed provided by the service provider.  The speed is known as clock rate, bandwidth, or link speed.  The engineer must configure the CSU/ DSU on each end of the link to match the defined speed. To make the link work the device need to synchronize their clocks so they run at exactly the same speed.  This process is called synchronization.  Synchronization occurs between the 2 CSU/DSU on a leased line by one being the Slave and one the master.  The slave adjusts its clock to match the clock rate of the master.

Lab serial link
Don't need a CSU/DSU but one router must supply clocking.
2 routers, a DTE to CDE serial cable.  Router with the DCE provides clocking. 
On one of the routers it will need the command clock rate.
 
PCM Pulse Code Modulation. Defines incoming analogy voice signal should be sampled 8000 times per second.  each sample represents by an 8 bit code.  So 64,000 bits per 1 second of voice.  64kbps.
DSO 64kbps 

DS1 (T1) 1.544 Mbps (20 DS0s, pulse 8 kbps overhead)
DS3 (T3) 44.736 Mbps (28 DS1s, plus management overhead)

E1 2.049 Mbps (32 DS0s)
E3 34.368 Mbps (16 E1s, plus management overhead)

OSI Layer 2 for Point to Point WANS

WAN protocols used for point to point serial links.
HDLC
Point to point links are relatively simple, HDLC has only a small amount of work to do.  HDLC determine if the data passed the link without errors.  HDLC discards the frame if errors occurred. 

HDLC identify the type of packet inside the HDLC frame.  So the receiving device knows the packet type.
Main goal of delivering data across the link and to check for errors and identify packet type, HDLC defines framing.  HDLC header includes an address field and a protocol type field.  With a trailer containing a FCS. 

Standard HDLC (no type field)
Bytes

1                              Flag
1                              Address
1                              Control
Variable               Data
4                              FCS

Proprietary Cisco HDLC (Adds Type Field)
Bytes
1                              Flag
1                              Address
1                              Control
2                              Type
Variable               Data
4                              FCS
 HDLC performs error detection just like Ethernet.  It uses the FCS field in the HDLC trailer.  If a received frame has errors in it, the device receiving the frame discards the frame.  with no error recovery performed by HDLC.
HDLC also identity’s the encapsulated data, just like Ethernet. 
Point to point protocol.
PPP behave much like HDLC.  There is an address field but this doesn't matter. 

PPP does discard errored frames that do not pass the FCS check. 

Because the protocol type field is part of the standard for PPP any vendor can
use PPP.  So you can use a cisco to another vendors router for PPP.  PPP is another data link layer protocol.
PPP summary

Synchronous.  The imposition of time ordering on a bit stream.  Device try to use the same speed as another device on the other end of the serial link.  Due to transition voltage changes the device can change the variation slightly. 
Clock Source.  Device which the other devices on the link adjust their speed to.
CSU/DSU. Channel Service Unit/ Data Service Unit.  Interface to the Telco. 
Telco. Telephone Company

Four wire circuit.  Line from the Telco with four wires.  2 twisted pairs.  Each pair is used to send in one direction.  Allows full duplex. 
T1 line with 1.544Mbps

E1 Used in Europe link T1 uses 2.048 Mbps and 32 64 kbps channels
Frame Relay Basics
Provides more features and benefits than simple point to point WAN links. 
But to do that frame relay protocols are more detailed.

Frame Relay Networkers are multi-access networks.  Which mean more than 2 devices can attached to the network.  Similar to LANS.  Frame Relay uses the same Layer 1 features as point to point leased line.  A leased line is installed between each router and a nearby frame relay switch.  These links are called access links.  Access links run at the same speed and use the same signalling standards as do point to point leased lines.  However instead of extending from one router to other, each leased line runs from one router to a Frame Relay switch.
Difference between frame relay and point to point links is that the equipment in the Telco actually examines the data frames sent by the router.  Frame Relay defines its own data link header and trailer.                     

Each frame relay header holds an address field called a data link connection identifier DLCI.  The WAN switch forwards the frame based on the DLCI sending through the providers network until it get to the remote sites router.
Frame relay is considered to be a form of packet switching as it can forward one frame to one site and another frame to another site.  So the service provider chooses where to send each data packet.

Frame relay switches are called DCE. Customers equipment such as routers are called DTE.
Logical path that a frame travels between each pair of routers is called a Frame Relay VC. 

Move exchange 2003 Mailbox to exchange 2010

Good Video...

http://www.youtube.com/watch?v=-NKkas5N4kY

How to Move Exchange Server 2003 to New Hardware and Keep the Same Server Name

To move an Exchange 2003 to new hardware keeping the same server name

  1. Make a full backup of all the Exchange 2003 storage groups and the Site Replication Service (SRS) database on the existing Exchange 2003 computer.
  2. Take the existing Exchange 2003 computer offline.
  3. Reset the computer account for the existing Exchange 2003 computer. To do so, follow these steps:
    1. Start Active Directory Users and Computers.
    2. Locate the computer account for the existing Exchange 2003 computer, right-click the computer account, and then click Reset Account.
  4. Bring the new computer online, and then confirm that the new computer is running the same operating system that was installed on the existing Exchange 2003 computer.
    noteNote:
    Make sure the new computer has a unique computer name on the network.
  5. Rename the new computer to the same name as the original computer, and then join this computer to the domain.
    noteNote:
    You must not delete the original computer account from the domain before you join the new computer to the domain. Additionally, do not delete the original Exchange server from Exchange System Manager.
  6. Use an Exchange 2003 Full Administrator account to log on to the new computer.
  7. Install any components that Exchange 2003 requires, such as the NNTP service, the SMTP service, and the World Wide Web service.
  8. Configure drive letters on the new server to map to or match the configuration of the old server, for drives that contained Exchange data, with sufficient space to accommodate the restored data.
  9. Run Exchange 2003 Setup with the following parameter:
    Setup /disasterrecovery
    Make sure that you click Action-Disaster Recovery for the Messaging and Collaboration services and for Exchange System Management Tools.
  10. When the Setup program has completed, install the Exchange 2003 service pack that was installed on the existing server by using the /disasterrecovery switch.
  11. Examine the registry to see if the following registry subkey exists:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\Setup
    If the HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\Setup subkey does not exist, add a DWORD value and the following hexadecimal value, based on the service pack value:
    DWORD value name: ServicePackBuild
    Hexadecimal value: number
    The number for the hexadecimal value varies based on the service pack as follows:
    • The hexadecimal number for the original release version without a service pack installed is 1B20
    • The hexadecimal number for Service Pack 1 is 1C3A
    • The hexadecimal number for Service Pack 2 is 1DD6
  12. Install any Exchange 2003 post-service pack hotfixes that were installed on the existing server.
  13. In separate restoration jobs, restore the storage groups and the Site Replication Service (SRS) database from the Exchange 2003 server backup.
  14. Mount all the stores after the restoration is complete. Make sure that clients can connect and that mail can flow.
Note If the IP address of the Exchange 2003 computer changes, make sure that you update Domain Name System (DNS) records. If you do not update DNS records, other servers may try to connect to the previous address.

http://technet.microsoft.com/en-us/library/aa997176.aspx

Monday, 26 November 2012

1 server with 2 names

I've run this on Windows2003 and Windows2008 servers with no issues.  Always best to reboot and test the settings.

From CMD run the command
NETDOM COMPUTERNAME SERVERNAME /ADD SERVERNAME2.domain
IPCONFIG /registerdns

For SERVERNAME type in the local name of the server.
For SERVERNAME2.domain type the FQDN of the new name you want to assign to the server.

NETDOM COMPUTERNAME cfile /ENUM
This cmd displays what names have been added to the server

Wednesday, 21 November 2012

Telnet Email

telnet  IPADDRESS 25
HELO
MAIL FROM:
RCPT TO:
DATA (TYPE email)
.
QUIT

Monday, 19 November 2012

CCNA practise notes Fundamentals of WANS Questions

1. Which of the following best describes the main function of OSI Layer 1 protocols?
  • Delivery of bits from one device to another
2. Which connects to a 4 wire line provided by a telco?
  • CSU/ DSU
3. Which of the following typically connects to a V.35 or RS-232 end of a cable when cabling a leased line?
  • CSU/ DSU
4. On a point to point WAN link using leased line between two routers located hundreds of miles apart, what devices are considered to be the DTE devices.
  • Routers
5. Which of the following functions of OSI Layer 2 is specified by the protocol standard for PPP, but is implemented with a Cisco proprietary header field for HDLC?
  • None of these answers are correct.  Routers, CSU/DSU, The central office equipment, a chip of the processor of each router.
6. Imagine router 1 has 3 point to point serial links, 1 link each to 3 remote routers.  Which of the following is true about the required HDLC addressing at Router 1?
  • None of these are correct...
7. What is the name of the Frame Relay field used to identify Frame Relay virtual circuits?
  • Data-Link Connection Identifier
8. Which of the following is true about Frame Relay virtual circuits (VCs)?
  • Multiple VCs can share the same access link










6.

Tuesday, 13 November 2012

Copy Data from old file Server to new Server keeping permissions

The tool I use for this is ROBOCOPY which is part of the Windows Tool kit.  You can download it manually.  I've used it from Windows 2003 to Windows 2008.

CMD
ROBOCOPY /Mir Source Target   ##############This copy’s the files/ folders
ROBOCOPY /E /Copy:S /IS IT Source Target ###This copy’s the permissions. Onto the files and Folders.
I've found if I just run ROBOCOPY Source Destination /MIR /SEC it doesn't copy the security permissions on the files just the folder...
Example in Real life
robocopy /Mir  "D:\Folder\A B\" \\Server\Share
robocopy /E /Copy:S /IT "D:\Folder\A B\" \\Server\Share

FYI... " " is needed for spaces in the path...

 

CCNA practise notes Fundamentals of LANS Notes


Overview
Term Ethernet refers to a family of standards for physical and the data link layers.

UTP unshielded twisted pair
FO Fibre optics

IEEE The institute of Electrical and Electronics Engineers
802.3 Media Access Control (MAX) sub layer
802.2 Logical Link Control (LLC) Sub layer

Name

Speed

Other Name

IEE Standard

Cable type/ Length
Ethernet
10 Mbps
10Base-T
IEEE 802.3
Copper 100m
Fast Ethernet
100 Mbps
100Base-TX
IEEE 802.3u
Copper 100m
Gigabit Ethernet
1000 Mbps
1000Base-LX
1000Base-SX
IEEE 802.3z
Fibre, 550m (SX) 5 km (LX
 
Gigabit Ethernet
1000 Mbps
1000Base-T
IEEE 802.3ab
100m

T = Twisted Pair
Carrier Sense Multiple Access with Collision Detection CSMA/CD algorithm.
  • A device that wants to send a frame waits until the LAN is silent.
  • If collision happens the device which caused the collision waits a random time before trying again.
  • Does not prevent collisions but ensure Ethernet works ok after a collision.

Ethernet Cabling
UTP Matched pairs which are twisted together, 8.
RJ45 connector
T568A Straight Through pin layout

1. G/W

2. Green
3. O/W4. Blue5. B/W6. Orange7. Brown/ W8. Brown
Crossover, pins 1 and 2 on one end of the cable connects to pin 3 and 6 on the other

Devices that transmit on 1, 2 and receive on 3,6
  • PC NICs
  • Routers
  • Wireless Access Point Ethernet interface
  • Networked Printer
Devices that transmit on 3, 6 and receive on 1, 2
  • Hubs
  • Switches
Improve performance by using switches instead of hubs

Hubs create one shared electrical bus
Hubs Repeats all signal out to all ports except the port from which the signal was received.

Hubs, If signal is sent at the same time the frame collide and both would be either completely unintelligible or full of errors.
Switch
Increase available bandwidth by using switches.
Increase collision domains by using switch
Switch Interpret the bits in the received frames and only send to the required port
If it needs to forward all multiple frames out the same port.  It buffers the frame in memory, sending one at a time to avoid collisions.
If only one device is cabled to each port of a switch no collisions can occur
Devices connected to one switch port do not share bandwidth.  So each host/ port on a 100Mbps port has 100Mbps worth of bandwidth.
Full Duplex
CSMA/CD imposes half/ duplex logic on each device.  Meaning that only one device can send at a time.  Because switches can buffer frames in memory, switches can eliminate collisions on switch ports that connect to a single device. Result LAN switches can operate in Full Duplex.  Which means a Ethernet Card can send and received concurrently.  With this CSMA/ CD can be ignored.
Ethernet Data-Link Protocols

Ethernet Addressing
Identifies either single devices or groups of devices on a LAN.
Each address is 6 bytes long usually written in Hex.
Unicast Ethernet Addresses identify a single LAN Card.  Computer use these to identify the sender and receiver of an Ethernet Frame. 
So user A sends a Frame to User b.  User A puts his own MAC address in the Ethernet Header as the source address and User B MAC as the destination.  When user B receives the frame he notices that the destination MAC is his own.  So he processes the Frame.  If User b receives  another frame with some other devices unicast address in the destination address he will ignore the frame.
IEEE defines the format and assignment of LAN addresses.  Requires globally unique unicast MAC addresses on all LAN interface cards.
On a MAC 1st Half identifies the manufacturer this is called OUI Organizationally unique identifier. 
2nd half assigned by the manufacturer which is a address which hasn’t been used before.
These are stored in ROM as a BIA or burned in address.
Broadcast Address.  FFFF.FFFF.FFFF.FFFF All devices on a Lan should process the frame.
Multicast address. Allow subset of devices on a LAN to communicate.  So 0100.5exx.xxxx

LAN Addressing Term or Feature
Description
MAC
Media Address Control 802.3 (Ethernet) defines the MAC sub layer of IEEE Ethernet
Ethernet Address NIC address, LAN address
Other names often used instead of MAN.  These terms describe the 6-bytes address of the LAN interface card
Burned in Address
The 6-Bytes address assigned by the vendor making the card
 
Unicast Address
Term used for a MAC that represents a single LAN interface
Broadcast Address
An Address that means all devices that reside on this LAN right now
Multicast address
On Ethernet, implies some subset of all devices currently on the Ethernet LAN


Ethernet Framing
Defines how a sting of binary numbers is interpreted.  Or the meaning of the bits transmitted and received over a network. 

Field
Field Length in bytes
Description
Preamble
7
Synchronization
Start Frame Delimiter (SFD)
1
Signifies that the next byte begins the Destination MAC field
Destination MAC Address
6
Identifies the intended recipient of this frame
Source MAC Address
6
Identifies the send of this frame
Length
2
Defines the length of the data field of the frame (either length or type is present, but not both)
Type
2
Defines the type of protocol listed inside the frame (either length or type is present, but not both).
Data and Pad *
46-1500
Holds data from a higher layer, typically an L3 PDU (Generic) and often an IP packet
Frame Check Sequence (FCS)
4
Provides a method for receiving NIC to determine if the frame experiences transmission errors

 Identifying the DATA inside an Ethernet frame.
Layer 3 header for example when sending IP packets the Ethernet frame has 2 additional headers.
An IEEE 802.2 Logical Link Control (LLC) header
An IEEE Sub network Access Protocol (SNAP) header
 Error detection is another Ethernet data link layer function.  Process of discovering if a frames bit changed as a result of being sent over a network. 
The Ethernet Frame Check Sequence (FCS) field in the Ethernet trailer allows a devices receiving an Ethernet frame to detect whether the bits have changed. 

Definitions of Key Terms
1000BASE-T
100Base-TX
10BASE-T
Crossover cable
CSMA/CD
Full duplex
Half Duplex
Hub
Pin out
Protocol types
Shared Ethernet
Straight Through Cable
Switch
Switched Ethernet
Twisted pair