We have just undertaken a project to upgrade the Checkpoint Management
server from R71.40 to R77.20. It went very smoothly, and was probably a
lot easier than I first expected.
The first thing to note is that this upgrade cannot be done direct. In
accordance with the upgrade path, you must first upgrade to R75.40.
Luckily for us, we had shiny new … Read whole post...
What you don't need while you are checking your morning emails and
drinking your first cup of coffee of the day is to receive an email
saying that the VSM for the Nexus 1k has rebooted.
By the time we logged on to the Nexus 1000v, it was back up. "show
system redundancy status" showed both VSM's (supervisors) as being up
and HA. The "show … Read whole post...
This is a very short section! I didn't see the point in harping on about
wireshark, I use it most days at work. And the IOS embedded packet
capture was discussed in length further up the blueprint (i.e. in a
previous blog post).
1.3.c Interpret packet capture
1.3.c (i) Using Wireshark trace analyzer
Packet capture can be obtained using a … Read whole post...
This is another difficult section in the blueprint to write about. I
find troubleshooting techniques and methodologies to be quite personal;
no two people's brains work the same way. I guess this is based on how I
do things and some tips I've received from a few people over the years.
1.3.b (i) Diagnose the root cause of networking issue (analyze symptoms, identify … Read whole post...
1.3.a Use IOS troubleshooting tools
1.3.a (i) debug, conditional debug
Debugs can be used on a wide range of functions (debug ?). Some debugs
can be very noisy. Debug conditions can be set to filter out some of the
noise – for example debug condition interface fa0/0 will limit the debug
information to things using that interface. Undebug all does not remove … Read whole post...
As the blueprint goes, this is, in my opinion, the most vague topic to
write about. It is dependent on the understanding of the topics, and how
the changes will impact the existing network. I have skimmed through
this really, with the intention of covering the topics in their actual
topic sections. I am pretty used to evaluating impact - I seem to spend
my entire … Read whole post...
This topic made me think about the starvation stuff. I suppose it is
pretty obvious that UDP wouldn't back off if WRED was employed, but it's
something I never really thought about.
I found a few good videos on YouTube which gave some good RTP/RTCP
1.1.f (i) Starvation
TCP Starvation / UDP Dominance is experienced in times of congestion
where UDP and … Read whole post...
TCP - I thought I'd glance over this section. Turns out there was some
stuff I'd never heard of, such as the bandwidth delay product.
1.1.e (i) IPv4 and IPv6 PMTU
Path MTU Discovery is the process of sending increasingly larger packets
with the DF bit set, until finally a ICMP Destination Unreachable
(Packet too large, DF bit set) message is received. The size … Read whole post...
1.1.d (i) ICMP unreachable, redirect
Generated by a host or gateway to indicate that the packet was discarded
as the destination is unreachable. It will not be generated for
multicast traffic. It is sub-divided into 15 types as follows:
Read whole post...
||The datagram could not be delivered to the network specified in the network ID …|