As a network engineer, there are certain things that you must do, or face the consequences. Making backups of all your network devices on a regular basis is one of those things. Plus, monitoring your network for any configuration changes (whether authorized or not) is a good thing too. If you have a very small network you could keep track of all this manually, but if not, then you NEED a tool to take care of this. I would suggest using Kiwi Cattools (part of Solarwinds).

I’ve been using Cattools for many years, way back before Solarwinds acquired Kiwi. Cattools is very comprehensive…it can track configuration changes and alert you when they occur; it will perform regular backups and archiving of device configs; and you can use it to push changes out to your devices saving you lots of time (nothing like changing all your NTP server settings to over 100 devices in just a few minutes!!!).

If you recall from my post yesterday on securing SNMP, that configuration change triggered an email alert from Cattools last night letting me know that a change occurred on the switch, and showing me what the change was. The email had an attachment in HTML format that you can review in your web browser, and it shows the before and after configuration, high-lighting the changes…

Cattools alert showing ACL #2 addition

Entries in GREEN show additions, RED is changes, and BLUE is deletions. This is very cool stuff people!! Plus, the price is very reasonable. (Note…in case you are wondering, I do not get anything from Solarwinds for recommending their products. Unfortunately.)

So, for your peace of mind, get Cattools (or similar product) for your network. You will be glad you did!

Every network engineer needs a TFTP server utility on your laptop to manage firmware upgrades and configuration files. I’ve been using the free Solarwinds TFTP server for years, and it has worked great!! Highly recommended.

Recently, I just got a new laptop at work, an awesome Dell Precision with a fast SSD drive and 32 Gigs of RAM. The system just SCREAMS, and you should see how good VMware Workstation runs….I can have a bunch of Linux systems all running at the same time!! Anyway, after installing the TFTP server, it would not work. First time I have ever had a problem. I checked both McAfee and Windows Firewall, and they were not the problem. So…what to do?

I accessed one of my CentOS Linux systems running within VMware, and had it do an NMAP scan on UDP port 69, which is what TFTP runs on by default…

NMAP results

Say what?? This shows port 69 is already in use (OPEN), and this is before I started up the TFTP server. Hmmmm. So I opened up a DOS prompt (with Admin privileges) and ran “netstat -anb” to see what was already using UDP port 69…

Running “netstat -anb”

Interesting…Solarwinds was already up and running…it must have installed itself as a service, and started up automatically upon system boot. But, it must not be binding properly or it would be working.

My fix:  I don’t want TFTP running all the time anyway, so I went into Windows Services and stopped the TFTP process, and reconfigured it as just a manual startup. Now, when I want to run TFTP, I just go to the Programs menu and run it from there. Plus, it is binding correctly now and works just fine.

An interesting problem which only took a few minutes to solve…but it’s these kinds of things that adds an enjoyable “spice” to the day!

Sometimes a great tool can be both inexpensive and very cool, all at the same time. Take a look at this…

12U Table Top Rack

This is a great tool for a network engineer….it’s a table top network rack, 12U in height. It’s about 23″ tall, and will hold a number of network devices (depending on size and weight), and will support up to 75 pounds. As you can see, I have several devices sitting in it, handling different jobs, along with a rack-mount power strip at the top.

Now, the rack isn’t perfect…although it is advertised to be the standard 19″ width of a network rack, it’s just a hair under that. (The rack is really designed to hold musicians equipment.) Network equipment does work in the rack, but you might have to squeeze it in a bit, for a certain few types of devices. Plus, I would not want to load it up to the full 75 pound limit. Otherwise, it works great.

For our lab at work, I have a 50/10 Mbps fiber Internet circuit, with a /29 public IP subnet (about 6 usable IP’s) as follows…

• The Cisco router is handling some testing I’m doing for VTI and DMVPN tunnels
• The ASA5505 firewall is handling the departments internal LAB network
• And the Linksys router allows a plain Internet port to sit at each of our PC Techs desks so they can test users laptops for VPN connectivity, and other Internet related issues.

I bought it at CablesAndKits (and here is a link to the rack). I would recommend that you check out CablesAndKits…I have used them for the last couple of years, having purchased some equipment for both my work and church, and my own lab at home. They are great to deal with, and I highly recommend them. (And no, I receive nothing for this.)

Hope you are having a great week!

There is a great network tool I’ve been using for years, from Kiwi (part of SolarWinds), called SyslogGen. I simply love this tool…it’s flexible and powerful, yet easy to use and learn. Basically it’s a tool used to send test syslog messages to a log server so you can verify proper operation of logging and alerting. I used it today at work…

I’m in the middle of troubleshooting an issue at one of my remote sites. I have a fiber Internet circuit feeding the site, and I’m seeing very intermittent short outages (about 2 each day), lasting approximately 90 seconds. During the outage, both the Internet and my VTI (Virtual Tunnel Interface) drops. I’m working with the carrier, but it’s slow going, as I have to prove to them there is actually a problem.

Continue reading →