event manager applet LineDown
event syslog occurs 5 period 60 pattern “Interface Ethernet9/15 is down"
action 1 syslog msg EEM applet LineDown Check Routing table and interface status, Capture packets in bootflash:Sniffer.cap
action 2 cli show module >> bootflash: ACD.txt
action 3 cli show ip route >> bootflash:ACD.txt
action 4 cli show interface brief >> bootflash:ACD.txt
action 5 cli config ter
action 6 cli interface e9/15
action 7 cli shutdown
action 8 cli ip route 0.0.0.0/0 3.3.3.254
action 9 cli end
action 10 cli ethanalyzer local interface inband limit-captured-frames 1000 > bootflash:rd.cap.cap
Month: 三月 2013
IOS操作顺序 Packet Process Flow
IOS操作顺序
Egress Features
1. WCCP Redirect
2. NAT Inside-to-Outside
3. Network Based Application Recognition (NBAR)
4. BGP Policy Accounting
5. Output QoS Classification
6. Output ACL check
7. Output Flexible Packet Matching (FPM)
8. DoS Tracker
9. Output Stateful Packet Inspection (IOS FW)
10. TCP Intercept
11. Output QoS Marking
12. Output Policing (CAR)
13. Output MAC/Precedence Accounting
14. IPsec Encryption
15. Egress NetFlow
16. Egress Flexible NetFlow
17. Egress RITE
18. Output Queuing (CBWFQ, LLQ, WRED) Ingress
Features
1. IP Traffic Export (RITE)
2. QoS Policy Propagation through BGP (QPPB)
3. Ingress Flexible NetFlow
4. Network Based Application Recognition (NBAR)
5. Input QoS Classification
6. Ingress NetFlow
7. IOS IPS Inspection
8. Input Stateful Packet Inspection (IOS FW)
9. Input ACL
10. Input Flexible Packet Matching (FPM)
11. IPsec Decryption (if encrypted)
12. Unicast RPF check
13. Input QoS Marking
14. Input Policing (CAR)
15. Input MAC/Precedence Accounting
16. NAT Outside-to-Inside
17. Policy Routing
QoS操作顺序
Inbound
1. QoS Policy Propagation through Border Gateway Protocol (BGP) (QPPB)
2. Input common classification
3. Input ACLs
4. Input marking (class-based marking or Committed Access Rate (CAR))
5. Input policing (through a class-based policer or CAR)
6. IP Security (IPSec)
7. Cisco Express Forwarding (CEF) or Fast Switching
Outbound
1. CEF or Fast Switching
2. Output common classification
3. Output ACLs
4. Output marking
5. Output policing (through a class-based policer or CAR)
6. Queueing (Class-Based Weighted Fair Queueing (CBWFQ) and Low Latency Queueing (LLQ)), and Weighted Random Early Detection (WRED)
Cisco Nexus NTP Server Config Example
Cisco Nexus NTP Server Config Example
之前NEXUS 7000 Switch 設定NTP Server有問題。在NX-OS 6.1之後,已經解決跨網不能同步問題。
Nexus_7000#configure terminal !--- Form an association with a server. Use the pefer keyword to make this server as preferred NTP server. Nexus_7000(config)#ntp server 129.6.15.28 prefer Nexus_7000(config)#ntp server 129.6.15.29 !--- Configure the source interface for all NTP packets. Nexus_7000(config)#ntp source-interface vlan1 !--- Configure the device as an authoritative NTP server. Nexus_7000(config)#ntp master 1 Nexus_7000(config)#interface vlan1 Nexus_7000(config-if)#no shutdown Nexus_7000(config-if)#no ip redirects Nexus_7000(config-if)#ip address 172.20.100.34/24 Nexus_7000(config-if)#ip address 172.20.100.30/24 secondary !--- Save the configurations in the device. Nexus_7000(config)#copy running-config startup-config Nexus_7000(config)#exit
Cisco Nexus 7000 MPLS VPN OSPF Sham-Link Config Example
PE4:
interface loopback14
vrf member ABC
ip address 192.168.41.4/32
!
router bgp 131112
vrf CTCB
address-family ipv4 unicast
network 192.168.41.4/32
redistribute direct route-map ABC
redistribute ospf ABC route-map ABC
default-metric 200
!
router ospf ABC
bfd
router-id 192.168.255.1
vrf ABC
router-id 10.0.0.1
area 0.0.0.0 sham-link 192.168.41.1 192.168.41.4
cost 1
redistribute bgp 131143 route-map ABC
PE1:
interface loopback14
vrf member ABC
ip address 192.168.41.1/32
!
router bgp 131112
vrf CTCB
address-family ipv4 unicast
network 192.168.41.1/32
redistribute direct route-map ABC
redistribute ospf ABC route-map ABC
default-metric 200
!
router ospf ABC
bfd
router-id 192.168.255.1
vrf ABC
router-id 10.0.0.1
area 0.0.0.0 sham-link 192.168.41.1 192.168.41.4
cost 1
redistribute bgp 131143 route-map ABC