Visio Network Stencils for Cisco Routers and Switches

burger-king

Looking for Cisco Visio Stencils — Access the entire Cisco Visio template library via the links below. I have tossed in a couple of extra links that should pretty much meet any of your Visio needs.

Since my last post on Cisco UCS Stencils seems to get a good deal of traffic each day, I figured I would toss another post out into the ether that pertained to Cisco and Visio Stencils:

Cisco: Visio Stencils

http://www.cisco.com/c/en/us/products/visio-stencil-listing.html

Cisco: Network Topology Icons:

http://www.cisco.com/web/about/ac50/ac47/2.html

Cisco: Visio Stencil How To Guide

http://www.cisco.com/c/en/us/products/microsoft-visio-stencils-faq.html

HomeLab Adventures: My HomeLab Overview

motherboard

Today I am finally going to take the time write an article about my lab. A while back, I had posted an article detailing the FreeNas server that I built to provide shared storage to my virtualization lab. However, today I am going to attempt to dive in deep and write, in at least a bit of detail, about the other components of my lab.

IMAG0490

Wall mounted network rack in lab

 

Network

Over the last few years I have collected quite a bit of network gear. My job has given me the ability to take home decommissioned equipment from time to time, and Craigslist has helped me round out my collection. Below is what I currently have deployed. Not everything is powered on currently, as its crazy loud when all those tiny fans are a’screaming.

IMAG0850

Wall mounted network rack in office

The equipment is distributed between my home office, and my lab in the next room over. Everything is racked and stacked in wall mounted telco/network racks. A patch panel, and a number of copper runs connect everything together.

Continue reading

Configure the Asus RT-AC66U Router as a Caching DNS Server with Bind

asus-rt-ac66u

Introduction

In this article I am going to walk you through the necessary steps to configure your Asus RT-AC66U as a caching dns server using bind. According to Wikipedia“Caching name servers (DNS caches) store DNS query results for a period of time determined in the configuration (time-to-live) of each domain-name record. DNS caches improve the efficiency of the DNS by reducing DNS traffic across the Internet, and by reducing load on authoritative name-servers, particularly root name-servers. Because they can answer questions more quickly, they also increase the performance of end-user applications that use the DNS. Recursive name servers resolve any query they receive, even if they are not authoritative for the question being asked, by consulting the server or servers that are authoritative for the question. “

As you must already know, the Asus RT-AC66U runs Busybox, which is a very small but powerful embedded Linux distro. Because of this there are a lot of familiar commands available via the CLI. However, don’t get to comfortable, as this is still a very foreign land.

Note that this article assumes that you have ssh or telnet working and can log into your RT-AC66U via the CLI.

Continue reading

Redhat Satellite 5: How to Clone Security Errata to a Software Channel

space_dogFirst check to see if the errata is available to your local satellite server. To accomplish this log into your organizations satellite server and click on the “Errata” tab. Then on the left side of the page click on “Advanced Search”.

In the search box enter the RHSA number (Redhat Security Advisory Number) for the errata that you want to clone/update. In this example I am searching for RHSA-2014:1924, which is a Thunderbird security update.

If your search does not return any results, you will need to manually sync your local Satellite Server with Redhat.To accomplish this you need to ssh into your local satellite server and run the command shown below. Note that this does not update any packages/errata. This does update the list of availbile packages/errata.

/usr/bin/satellite-sync
[root@myserver ~]# satellite-sync –email
10:08:09 Red Hat Satellite – live synchronization
10:08:09 url: https://satellite.rhn.redhat.com
10:08:09 debug/output level: 1
….truncated….

Once you are able to locate the specific fix in via “Erratum Search” you may proceed to the next step. In this example, as I stated above, I am searching for RHSA-2014:1924.

clone_erratta

Now that our local Satellite server is aware of our specific errata, click on “Clone Errata” on the left side of the page. Search the page “Errata Management” for the specific fix that you want to apply. Note that the “Errata Management” page does have built in search functionality — don’t ask me why — so you must search using your browser’s own page search function.

clone_thunderbird

Once you have located the correct Security Advisory, put a check in the box and spend about 5 minutes scrolling down to the bottom of the page. Stop when your arm is tired, or once you locate the “Clone Errata” button. Obviously you want to click this.

Note that your newly added and updated errata/package may not become immediatley availible to install. You nay need to run the following commands to refresh/reload your repos.

#yum clean all

Then check for updates with the command below.

#yum check-update

How to Reset Cisco Catalyst 3750 Back to Factory Defaults

cisco_3750Need to reset your Cisco Catalyst 3750 back to the factory default settings? Have you forgotten your password? Well you have come to the right place. Note that I am assuming that you have already established a console connection to the switch using a Cisco serial cable (rollover cable).

First you need to power down the switch. Once the switch is powered off, hold down the mode button, and power the switch on. The switch will boot up and you should see the switch prompt as shown below.

Connect-1

Now type flash_init. Your output should be similar to what you see below

switch: flash_init
Initializing Flash…
flashfs[0]: 547 files, 19 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 15487488
flashfs[0]: Bytes available: 17026560
flashfs[0]: flashfs fsck took 11 seconds.
…done Initializing Flash.

Check out the contents of flash and locate config.text and vlan.dat (if it exists).

switch: dir flash:
Directory of flash:/

2  -rwx  564       <date>               vlan.dat
3  -rwx  1914      <date>               private-config.text
5  drwx  192       <date>               c2960-lanbasek9-mz.122-58.SE2
6  -rwx  3096      <date>               multiple-fs
7  -rwx  2289      <date>               config.text

Now delete the vlan.dat and config.text.

switch: del flash:config.text
Are you sure you want to delete “flash:config.text” (y/n)?y
File “flash:config.text” deleted

switch: del flash:vlan.dat
Are you sure you want to delete “flash:vlan.dat” (y/n)?y
File “flash:vlan.dat” deleted

Note that you can also just rename the config.text and vlan.dat if you are not certain that you want to delete them.

switch: rename flash:config.text flash:config.old

Now type boot, to reboot the switch. Once the switch is rebooted you will see the System Configuration Dialog, and will have the opportunity “to enter the initial configuration dialog”.

Getting Started With Puppet: How to Write Your First Module

1361349665_puppet-logoThis post will walk you through the process of writing your first, albeit, a very simple Puppet module. Nothing fancy here, that can come later once we get the basics down.

Before we get started let’s take a minute to go through a couple of prerequisites.

First, we will assume that you are doing your work some sort of Linux workstation or server. Second, we will assume that you have already installed and configured a Puppet Master and a Puppet Client. In this particular case, I am working on my Fedora 20 desktop. It serves as both my master and client. Last, we are assuming that have a basic site.pp and are able to run the Puppet agent without issue or error.

Now lets get down to the meat and potato. Note we are working with opensource Puppet, not Puppet Enterprise.

First lets change directory to our Puppet module directory.

#cd /etc/puppet/modules/

Now lets create a basic manifest from a template, to do this we need to generate a module. Our very simple module is going to be called harden-cron. Run the command below to generate our bare-bones module

#puppet module generate harden-cron

Now that our module has been generated lets change directories once again. This time we need to change to the manifests directory in our newly created module.

#cd harden-cron/manifests/ && vim init.pp

Now we need to edit our manifest. This is, more or less, our playbook. It defines what “work” puppet needs to do.

Our end goal is to create a manifest that will ensure that /etc/cron.allow exists, is owned by root, and has specific file permissions. We also need to make sure that /etc/cron.deny does not exist. In order to accomplish this we use the simple code shown below. Note that we have defined our class has “harden-cron”. This is the same name that we used when creating our module above.


class harden-cron {

file {"/etc/cron.deny":
ensure => absent,
}

file {"/etc/cron.allow":
ensure => present,
owner => "root",
group => "root",
mode => "600"
}
}

Now we need to test our syntax and make sure that we have not made any errors. Use the command below to accomplish this. No output from the script below means that you do not have any syntax errors.

#puppet parser validate init.pp

Excellent, so now we have a new module, but its not going to do anything for us until we declare it in our site.pp. So lets change directories and do a bit of editing

# cd /etc/puppet/manifests/ && vi site.pp

Continue reading