Bucket of pain. The 2500 series routers can have 16Mb of RAM and 16Mb of flash. It stores the OS, called IOS in the flash. The config goes in NVRAM and the boot stuff goes in the boot rom.
I have two routers with two banks of 8Mb flash and it was a mother to upgrade one of them.
The first router upgraded fine with the classic copy tftp: flash: syntax. It erased the old IOS and put the new one on over and away it went (only had to good with the conf reg once 0x2142 to get rid of a config with a password I forgot).
The second one was pain. The two Flash banks showed up seperate, the copy tftp: flash: spat back READ ONLY FILE SYSTEM... so on and so forth.
Here was the fix:
conf 0x2101 (this boots a rom or cut down IOS).
partition 1 16 (make one big 16Mb partition instead of two 8s)
copy tftp flash
conf 0x2102
The 2500 is great for a lab, but don't use one in production. The new ISR routers are quite nice.
Monday, May 29, 2006
Tuesday, May 16, 2006
Use DNS- it's good enough for the internet
I just fixed a couple boxes that didn't know what localhost was... actually they did, but it was wrong (pointing to their actual IP address, not 127.0.0.1).
Look don't mess with host files. You don't need to. Use DNS.
If you have more than one host, use DNS with Dynamic DHCP. You can reserve IP addresses so that hosts always get the same IP, you can extend lease times, you can put all kinds of things in DNS. But if you update dynamically you will always have the forward and reverse DNS correct (A record and PTR) and you won't have stupid host file troubles like I just had.
Look don't mess with host files. You don't need to. Use DNS.
If you have more than one host, use DNS with Dynamic DHCP. You can reserve IP addresses so that hosts always get the same IP, you can extend lease times, you can put all kinds of things in DNS. But if you update dynamically you will always have the forward and reverse DNS correct (A record and PTR) and you won't have stupid host file troubles like I just had.
Friday, May 12, 2006
Cisco 3005 VPN concentrator resurrection
I found an unused 3005 going through one site's material. Since the current VPN terminates on PCs, I thought I'd get the 3005 going.
While I had the 3005 on the shelf in the lab, I found a problem. The 3005 has a public and private interface. The private interface would intermittently drop physical connection. I inspected the network jack, it looked good, no bent pins. But everytime I'd wiggle the network cable (or even move the middle of the cable), the connection would drop.
So I tore the out of warranty and service 3005 apart (don't do this, it will void your warranty). I checked the posts and solder on the network jack. It looked good, so I put the 3005 back together. While I had it apart I noticed two little silver tabs on the sides inside of the jack where the pins are. I used a very fine screwdriver and bent these two tabs out on both jacks hoping it would tighten the grip on the network cable.
Sure enough it works. I'll try to get a macro picture up soon.
While I had the 3005 on the shelf in the lab, I found a problem. The 3005 has a public and private interface. The private interface would intermittently drop physical connection. I inspected the network jack, it looked good, no bent pins. But everytime I'd wiggle the network cable (or even move the middle of the cable), the connection would drop.
So I tore the out of warranty and service 3005 apart (don't do this, it will void your warranty). I checked the posts and solder on the network jack. It looked good, so I put the 3005 back together. While I had it apart I noticed two little silver tabs on the sides inside of the jack where the pins are. I used a very fine screwdriver and bent these two tabs out on both jacks hoping it would tighten the grip on the network cable.
Sure enough it works. I'll try to get a macro picture up soon.
Tuesday, May 09, 2006
Silly Juniper...
Just got the Juniper ScreenOS Product Documentation CD Version 5.0 June 2004 Rev. B in some brand new NetScreen 50 boxes.
Either the doc CDs aren't revisioned very often or these NS50's move kinda slow... any way,
The disc is CDFS or whatever, but all the directories are 444 permissions on linux and MacOS. You can't change directories to read the PDFs when anything but root. On a linux box, at least you can be root, on a Mac it is really inconveniant. In either case, why would I want to be root when I'm reading PDFs?
Looks like nobody at Juniper uses the doc CD on different architectures. Maybe they only use windows internally or have all the docs on the webserver internally.
Either the doc CDs aren't revisioned very often or these NS50's move kinda slow... any way,
The disc is CDFS or whatever, but all the directories are 444 permissions on linux and MacOS. You can't change directories to read the PDFs when anything but root. On a linux box, at least you can be root, on a Mac it is really inconveniant. In either case, why would I want to be root when I'm reading PDFs?
Looks like nobody at Juniper uses the doc CD on different architectures. Maybe they only use windows internally or have all the docs on the webserver internally.
Monday, May 08, 2006
mount loop: cd or dvd iso
if you need to use a dvd or cd iso on your linux box just mount it loop. You can even export or serve out (via http) the mount.
mount -o loop /home/fedora/FC3-i386-DVD.iso /home/fedora/pub/mirrors
and that makes gardening a little easier...
mount -o loop /home/fedora/FC3-i386-DVD.iso /home/fedora/pub/mirrors
and that makes gardening a little easier...
Subscribe to:
Posts (Atom)
Posts
