What brought FileApp to my attention was when I starting storing files in Evernote but needed a way to view Word and Excel files on my iPad/iPhone while in Evernote. The integration is very seamless. When I tap on a non pdf while in Evernote, I am present with a list of installed applications that may or may not be able to open and display the file. So far, I havent had any problems with reading either of the two document types I have mentioned. I have an excel spreadsheet that has multiple tabs that FileApp puts all on one page. Very minor issue and one that will probably get addressed in a future release of the product. I am currently using v2.5.4. The product page on iTunes indicates that version 3 is coming soon.
iPad for Engineers – FileApp
Network Toolkit – SPAN vs RPSAN vs ERSPAN
If you have been working with Cisco switches for any period of time, you are familiar with the SPAN process and what it takes to get it working. There are two other SPAN options that you may not have heard about RSPAN and ERSPAN. While related, they are enough different to warrant a little bit of discussion and planning.
With SPAN, it is pretty straight forward to setup. The main thing you need to keep in mind is the possibility of overrunning the data backplane on the switch which might cause some of the traffic you are watching and other traffic that you arent to get dropped on the switch. I havent had this happen to me yet, but it is a possibility. Earlier versions of IOS for some switches had a two SPAN session limit. Later versions dont see to have this limit but if you start going past one SPAN session that is always running, it might be a good time to consider buying a TAP and putting it in service.
RSPAN allows you to create a SPAN session on one switch but have the destination of the SPAN be on another switch entirely that is on the same network. Basically what happens is that you create a special VLAN intended only for transporting SPAN traffic across switches. This comes in handy when the problem you are working on is on a switch in another part of the building or campus that you are in versus where you are at. Doing this type of spanning is where you need to be a little more careful than when you SPAN traffic from one port to another on the same switch. The reason is that it is entirely possible that you can saturate the trunk connection between the remote switch and one or more downstream switches that are between you and the switch where the source port resides. When spanning just a port that a client is on, you should have a problem with saturating the trunk link but you do need to keep this in mind when doing a SPAN across switches.
ERSPAN is RSPAN on steroids. You also have fewer platforms that support this. According to the information I read, only 6509 chassis’s running a SUP720 switch fabric. The main reason for this is that the remotely SPAN’d traffic is sent over an encapsulated that switches such as the 3750 family simply dont have the resources to handle because they need to be able to support a Layer 3 GRE tunnel. I have seen references to the ASR 1000 router being able to support this but I dont have one in the lab to be able to confirm that.
From a previous post, you have seen me recommend the use of a TAP. While a brief outage is needed to put the device inline, the advantage is that you lessen the CPU overhead in the switch while traffic on the source port/vlan is being SPAN’d. For short term/one off situations, SPAN will probably be simpler to use. For longer term situations or where you dont want to advertise to a user or users that you are watching traffic on the port they are connected to, a TAP will be the more prudent option to use. If you would like more information about setting up SPAN or RSPAN, I will be glad to post information in a future post on the website. Click on the Contact Us button at the top of the page and sent me a note and I will get it on the schedule.
IPv6 – RFC’s to read and review
As I read more and more about IPv6, I have been coming across different RFC’s that have helped me to learn more. I am creating a post here that has those along with links to get to those RFC’s. The RFC you click on will open up in a new browser window, so you shouldn’t loose the link you are using from my site.
| RFC | Description |
| 2460 | IPv6 Specification |
| 3053 | IPv6 Tunnel Broker |
| 3056 | Connection of IPv6 Domains via IPv4 Clouds |
| 3315 | Dynamic Host Configuration Protocol for IPv6 (DHCPv6) |
| 3363 | IPv6 Prefix Options for DHCPv6 |
| 3849 | Reserved Range for documentation |
| 4193 | Unique Local IPv6 Unicast Addresses |
| 4443 | Internet Control Message Protocol (ICMPv6) |
| 4681 | Neighbor Discovery Protocol |
| 4682 | IPv6 Stateless Address Autoconfiguration |
| 5072 | IP Version 6 over PPP |
| 5569 | IPv6 Rapid Deployment on IPv4 Infrastructures |
iPad for Engineers – Dropbox
Dropbox is the evolution to the process that us old-timers called the floppy swappy. When I first got started with computers, like a lot of us, I had several wallets of different, sometimes labeled floppy disks, containing a collection of utilities and documentation that I occasionally needed to referred to. The next method of keeping your collection of files handy was the Zip Disk, followed by the CDROM and eventually the USB flash drive.
A little over a year ago, I started using a service called Dropbox (I initially became aware of it by the name dropbox.io, which later became dropbox.com). It is a very useful service that allow you to copy your files to the “cloud”. There are several options on how you can use the service. I started out with using it with just the browser interface. Where you really see the advantage is loading the client software on Mac, Windows, Linux and a collection of mobile platforms. The local client creates a directory on the machine it is installed on where any file/directory placed in that directory is periodically sync’d to your storage on the Dropbox could which is then immediately available to all the other machines on your account.
The advantages to Dropbox dont end there. I am involved in several volunteer organizations where I may take pictures at an event that are needed for the monthly newsletter or local newspaper. I can “share” the directory by sending an email to the person who needs the pictures. Where that comes in handy is that I dont have to try to email the individual pictures which depending on the mail server they may be on might reject the pictures because the size of the attachment is larger than what the email administrator has chosen to allow.
For those of you who are using GoodReader or Evernote, you also have a way to import the PDF’s in Dropbox with either of the applications. If you need for that the storage you start out with, you can either send emails when you need to share something with a friend and have them signup for the service or you can purchase larger storage amounts if you need even more. Check out Dropbox.com, the uses for it are only limited to your imagination.
IPv6 – Comparison of IPv4 with IPv6
This is a table that I have put together based on my IPv6 readings to date. In putting this together, it has helped me get a better understanding of how the two differ. As I find other differences between IPv4 and IPv6, I will look at making changes to this table. I hope it helps others new to IPv6 as it is helping me. In keeping with one of my previous entries, the IPv6 addresses listed in this post are done as outlined in RFC 3849.
| IPv4 | IPv6 | |
| Sample Address | 10.1.1.1 | 2001:0db8:3333:4444:5555:6666:7777:8888 |
| Interface Address | 10.1.1.1 255.255.255.0 | 2001:0db8:3333:4444::1/64 |
| Address Unit | Octet | Quartet |
| # Units in Address | 4 | 8 |
| # bits in Address Unit | 8 | 16 |
| Allowed Characters | 0 – 9 | 0 – F (Hex) |
| Address Length | 32 bits | 128 bits |
| Broadcast Address | .255 in the subnet | Not Used |
| Loopback Address | 127.0.0.1 | ::1/128 |
| List of Mac Addresses | Arp Table | Neighbor Table |
| DHCP Modes | Stateful Only | Stateful, Stateless, Autoconfig, Neighbor Discovery |
| Address Shorthand | None | :: for not writing a range of consecutive 0′s, dont have to put leading 0 in front of a quartet |
| Address Assignment | By ISP | By region, region ISP, local ISP |
| Address Division | Subnet | Prefix or Subnet |
| Private Address Range | RFC1918 | RFC4193 but not needed |
iPad for Engineers – Get Console
I have been using this app more than I would have expected. While there are several apps available that you can Telnet or SSH to your Cisco devices with, this one is the first I have found that lets you plug into the console port and talk directly to the device you are working on. So with one app, you have your choice of all three methods of connecting. This is a multi-platform app that is available on the iPod and iPhone platforms in addition to the iPad/iPad2.
The app is very versatile, While I wouldnt use this for doing a lot of configuring, it is very comfortable for doing minor changes and checking interface status, etc. There is a built-in command manager so that you only have to type the command in once and then it is just a screen tap or to and you have it at the ready. You also have a password manager function built in so that if you are using the strong passwords (like we all should and probably arent), you can keep the mistyping of that to a minimum. If you have other devices you need to console into such as a Sun server or systems that need to have the F keys available, you can quickly make those special keys available just type tapping on the icon you will see that the top of the screen.
If you want to keep track of what you did on a particular device or want to capture the configuration, you can record that information to a log file in Get Console for later transfer to your PC or configuration management system. I had intermittent problems with earlier versions loosing contact with the special cable you need to get from the folks at Redpark. Later versions have havent shown that particular problem nearly as often. One thing I would suggest is to plug in the cable to the iPad/iPhone/iTouch first before starting the app. It is possible that the connector on my iPad might be a little sensitive to movement. One interesting feature that I havent been able to try yet is the option to remotely access the Get Console App from servers that are available from Get-console.com. This will require that you also have Wifi or 3G access available on your iPad/iPhone so you can get access to the gear you are consoled into without being at the iPad/iPhone. If your security folks dont like you going to an external server, you have an option of putting up your own Private server to get this same functionality.
The Get Console app is available on the iTunes store for $10 – http://itunes.apple.com/us/app/get-console/id412067943?mt=8. The cable is available from Red Park for $59 plus shipping – http://www.redpark.com/c2rj45.html.
IPv6 – Creating a Tunnel Broker (Part 2)
Ran a protocol capture and noticed this error in the ASDM log – regular translation creation failed for protocol 41 src Inside:192.168.1.100 dst Outside:209.51.181.2
In looking at the rules, it appears that I need an access rule to allow the protocol 41 traffic to go outbound. There is only an access rule for inbound to outbound to allow IP.
Added these lines to the ASA config -
object-group protocol IPV6inIP
protocol-object 41
access-list inside_access_in line 2 extended permit object-group IPV6inIP any any
Still getting the above error after putting the config lines just listed. Beginning to suspect that the 8.2.5 binary doesn’t support protocol forwarding, either inbound or outbound. I have seen web postings that this did work, possibly due to a bug in the code, in 8.0.3. I am using features in 8.2.5 that I would lose if I go back to 8.0.3. As much I would prefer not to deal with a major rewrite of the ASA binary, looks like I don’t really have a choice. After doing some additional research, I will have to upgrade the ASA binary. General consensus on the Cisco Support Community forums is to go to 8.4 and skip 8.3 altogether. I have ordered the memory (found some new Cisco memory on Amazon) . Will put this in one of my ASA’s. Once this works, I might try some of the $20 bargain memory that I have seen on eBay. Just trying to err on the side of caution. I have used www.ciscomemoryupgrades.com in the past with good results. May go back to them for the memory for the second ASA.
I have checked the available ISP’s in the area, no one is offering IPv6 to residential customers at this time. A couple of them mentioned that they had been getting requests for it or were looking to offer it later this year but no firm date for ordering. Still looking at getting a secondary internet connection that will end up being the link I use the Tunnel Broker router on. Dont expect the memory until later in the week. Will have to get it installed, upgrade the binary in the ASA and verify that everything is working normally before getting back to working on the Tunnel Broker router that I already have in place. To be on the safe side, I will do this work on my backup ASA and keep my primary intact just in case there is a problem during the upgrade process.
IPv6 – RFC 3849 – IPv6 Address Prefix Reserved for Documentation
When I first started reading about IPv6, seeing what appeared to be incomplete addresses where x’s had been put in the address in place of the actual hex address made things a little confusing at times to keep up with. In building up my library of IPv6 reading materials, I came across RFC3849 (http://tools.ietf.org/html/rfc3849), I have read this RFC several times and each time I go over it, I pick up another tidbit or two. The reason behind “reserving” a range or prefix is that if a lesser experienced person is using a configuration example without changing any of the addresses using in the example, they wont cause a problem either on their network or cause one or more routes to flap elsewhere with their provider or on the internet.
The reserved prefix to use when writing documentation is 2001:0db8::/32. For those that are just getting started, the address that you would use might look something like this – 2001:0db8:baba:0000:0000:baba:1310:face. I still think in terms of IPv4 addresses, so learning the “shorthand” used with the longer IPv6 addresses will take some getting used to. Another post I am working on will be a collection of addresses I am building to be able to see on site whether an address is good or not. I have been looking for something like this as I have been reading up on IPv6 and havent quite found what I am looking for, so this will be something that I will contribute to other IPv6 newbies such as myself.
Network Toolkit – SPAN vs DIY Network TAP vs Buy ?
When to SPAN vs TAP is a discussion that everyone should have at some point in their career. Early on, I used SPAN (aka port mirroring) quite a bit and still do to this day to varying degrees. For quick one-off situations, SPAN will be the quickest and potentially least disruptive ways of seeing traffic on the network because you dont have to unplug something to connect the TAP into the network. Early on, there was a limit on Cisco switches that I ran into where if you had multiple SPAN sessions configured that you would get an error message that you were already at the limit to what the switch could handle.
Recently I ran into a problem where I didnt think I was seeing all of the traffic. After doing some digging, I confirmed that I wasnt. After doing some extensive research, I found that I wasnt the only one that had run into this situation. I was able to borrow a NetOptics TP-CU3 Tap from my good friend, Laura Chappell (http://www.chappellu.com). This gave me immediate confirmation that I hadnt been seeing all of the traffic.
Initially I had to run each test twice because you have two monitoring ports that each gives you one side of the conversation. My initial response was to either use a second laptop to do a capture on the second port at the same time and then do a “merging” of the two different capture files so see both sides of the conversation at the same time. The challenge becomes here that both laptops have to be in timesync so that the timestamps are as close as possible to the same to give you a realistic picture of what is on the wire.
I discussed this challenge with Laura and she offered up a solution that was right in front of me. Anyone who has heard one of her many presentations over the years knows to keep several hubs around for when you need to “insert” yourself into the network and be able to see all of the traffic on the wire between a workstations or server and where it connects to the network. In this case, Laura suggested to take each of the monitoring ports and plug it into a hub and then plug the laptop running wireshark into the same hub. In that way, I would have both sides of the traffic recombined with far less work.
If you need to go this way, you will need to slow down the network traffic to either 10 or 100 MB since the fast hub I have found maxes out at 100MB. In a testing situation this should be a problem. If you dont have a hub laying around (and I didnt at that time), you can go to this URL (http://wiki.wireshark.org/HubReference) and find a list of hubs that have been known to work as reported by other users. If you want to build an ultra portable network tap solution, I would like to suggest getting one or two of the Netgear DS104 (DS = Dual speed) 10/100 hubs. This particular 4 port is made of metal cabinet that can stand up to quite a bit of use and moving around.
If you have the money, you can look at getting what is called an Aggregation Tap that automatically combines both sides of the network traffic. The Aggregator version of the tap that I mentioned above is a TPA-CU3. This will cost a bit more but if you do a lot of this, there wont be a better way you can spend the money. You will save the hassle of extra wiring and a hub with the bonus being that you can capture at near 1 GB line speed if the application is running in that range (I usually find that the effective line speed runs between 300 to 450 MB with the captures I have done).
You will find plans on different websites showing you how you can build your own tap. I have done this in the past for more of a learning exercise than for actual production use. I wouldnt have a problem using something like this on a 10 MB connection and if there were no other choice, I would consider using it on a 100 MB connection. I would not use it on a Gigabit connection because you would have to be more careful with how you ran the wiring to keep electrical / magnetic interference from damaging or corrupting the packet capture you are doing. In either case, I would be very concerned about putting a DIY type of tap on a long cable run because there is nothing to reamplify the signal level to make sure that the traffic makes it all the way to the end of the wire.
As you will see by doing a bit of research, there are several companies out there. Buying a TAP isnt something that you should do without doing some research to make sure that you are getting the best one for your needs. You may find out that one TAP may not be enough
iPad for Engineers – GoodReader
This is probably the first App that I found for the iPad that I use. While I use it for reading my growing library of PDF’s, it can also be used to handle TXT files such as the pile of RFC’s that I seem to collect. Since starting to use GoodReader, it has continued to grow as I have learned new ways of using it.
To put things in perspective, I have close to 2000 PDF’s on Cisco and other technologies that I work with. You can organize your documents within GoodReader to as granular of a degree as you may need to. One thing that I would suggest is that you periodically backup the files you have in GoodReader to another system. This is easiest to do when you ave connected to iTunes via a cable. I have tried this via the Wireless Sync option and I would suggest doing that if you have as large of a PDF collection as I have – it will take quite a long time. If you dont have your sync cable handy, it is better than nothing, just dont expect to do anything with the iPad while you are backing up the directory.
You have several options for getting files into GoodReader. The option I use most is to click on the Wireless icon and then connect to the iPad using a web browser from your PC. This is the easiest way to put files on the iPad direct from one machine to another. If you dont have a wireless network where you are, another option to getting files into GoodReader is to use Dropbox. You can upload your files to Dropbox and then when you have access to a wireless connection, you can download the files from Dropbox to GoodReader using the Connect to Servers option. Another file transfer option I have used is connecting my iPad to my desktop and uploading the files via iTunes. The point I am trying to make here is that you have a variety of ways to transfer files. Check the GoodReader website to see what the different options that are available (http://www.goodiware.com/goodreader.html). If you find a pdf that you want to add to GoodReader while you are browsing using Safari, you can either open the pdf from the website and select that you want to open it in GoodReader or you can safe the file to GoodReader using instructions on the Goodware website. Bottom line here is that you can find a host of new ways to use GoodReader by going to the How-Tos tab on the website.
My favorite feature in GoodReader is the ability to “mark up” documents I am working with or using as a reference while I am studying for a new certification. A document that has been created by printing to a PDF can be marked up or highlighted very easily. If you scanned a document in, you can still mark it up but will have to do that a little differently. When you select the option of marking up a document for the first time, you are given the option of saving the changes back to the file you have opened or saving it to another file. I have always saved the changes back to the original file and havent had a problem yet. There is a modest charge for this App but it is well worth the charge.
