VoIP Calculators
Posted on: February 3, 2012
Are you working as “Voice Specialist” or “VoIP Technical Designer”? The following link has four VoIP Calculators. These VoIP calculators can realy give us a good assistance in our analysis and technical design of our VoIP Network.
http://www.voip-calculator.com/calculator/
I hope that you will like it !!!
Following is the good Cisco link reference to build the Bill of Material for any given Cisco network design request by using Cisco’s Dynamic Configuration Tool.
https://apps.cisco.com/qtc/config/html/configureHomeGuest.html
Cisco IP phone is actually a three port switch. The first port provides connection to other VoIP device or to a switch. The second port carries the actual phone traffic and the third port is an access port that provides network connection to the PC.
Configuration of voice vlan on access port connected to a IP phone forms the link between IP phone to that LAN switch to carry voice traffic.
The access port connected to Cisco IP phone can be configured in two vlans. One vlan is for voice traffic and another vlan is to carry data traffic from the machine connected to that IP phone.
Following points requires to be considered for voice VLAN.
1) Voice VLAN feature is disabled by default. Manual configuration of voice VLAN is required on switch port when we need to enable the voice VLAN feature.
2) The voice VLAN configuration can be done only on layer 2 ports.
3) Similar to data VLANS, a trunk link can carry any number of voice VLANS. Therefore, voice vlan configuration is not required on trunk interfaces.
4) When the switch port is configured for voice VLAN, the “spanning-tree port fast” feature gets automatically enabled on that port. However, when we disable the voice VLAN on the switch port, the “spanning-tree port fast” feature does not get disabled.
5) The Cisco Discovery Protocol (CDP) must be enabled between access switch and connected IP phone to carry the configuration to the IP phone.
6) Related to switchport security configuration, the static secure MAC address binding cannot be configured for MAC addresses belongs to Voice VLAN.
The following steps explain the configuration of access switch port for “voice vlan.”
Switch#Configure terminal
Switch(config)#interface <interface-id>
Switch(config-if)#mls qos trust cos
Switch(config-if)# switchport voice <detect cisco-phone {full-duples} vlan {<vlan-id> |none|untagged}
“mls qos trust cos” command is used to configure the interface for incoming traffic classification based on packet Qos value. Before configuring this command, we must first enable Qos by using “mls qos ” global configuration command.
“switchport voice” command is used to configure voice vlan feature on access ports.
We can map HP, F5 and Blue Coat devices in our network drawing by using their professional Visio icons/patterns. We can download these Visio Stencils from following links.
For HP Visio Stencils
http://www.visiocafe.com/hp.htm
For F5 Visio Stencils
http://www.f5.com/solutions/resources/visio-stencils/
For Blue Coat Visio Stencils
Cisco Network Topology Icons
Posted on: January 29, 2012
Are you a Technical Designer or Solution Architect? Do you want to use professional cisco icons in your visio network diagrams?
It’s just a click away. Please follow the below cisco.com link to download the professional cisco network topology icons to be used in any professional network drawing.
Cisco network topology icons link is as here.
http://www.cisco.com/web/about/ac50/ac47/2.html
Cisco Visio stencils can be downloaded from below link.
http://www.cisco.com/en/US/products/hw/prod_cat_visios.html
Cisco Power Calculator
Posted on: January 29, 2012
Are you designing a Data center? Do you want to calculate Power requirement and Heat Dissipation for Cisco devices used in your data center? Please follow the below link to calculate your requirement by Cisco’s online power calculator.
http://tools.cisco.com/cpc/launch.jsp
Note: – it requires a CCO login to access this link.
Network Route Summarization
Posted on: January 28, 2012
Route Summarization aggregates multiple individual IP routes into a single summary route. For example 172.16.1.0/22 is a summary route which includes following individual routes.
172.16.1.0/24
172.16.2.0/24
172.16.3.0/24
or any other possible subnets within the range 172.16.1.0 – to 172.16.3.255
Some of the major facts on route summarization are as follows.
1) Summary route advertises only aggregate or summarized route of the subnets. It does not advertise individual subnets.
2) The summary route will not get advertised by the router when its routing table does not find any of the individual subnets belongs to the summary route.
3) The router that does summarization creates a local route to the summary, with destination null0, certainly to prevent routing loops.
4) Route summarization reduces the size of topology database and routing table. Therefore, indirectly improving convergence in the network.
5) Route summarization decreases the amount of specific information of routing tables. Therefore, suboptimal paths for some destination networks can be resulted.
6) The route metric assigned to a summary route is the lowest metric taken from its all individual routes.
7) The ultimate summary address is the default address 0.0.0.0/0.
Routing protocols has their specific set of methods to configure and deal with route summarization. Let’s understand some points here.
Network Route Summarization with EIGRP
1) EIGRP uses “ip summary-address eigrp <as-number> <network address> <subnet mask>” interface level command to configure route summarization.
2) EIGRP router advertises summary route out of the interface configured for route summarization when any of the individual routes belongs to that summary is found in its routing table.
3) The router doesn’t advertise AD with the route. The configured AD is used by the summarizing router to determine whether the null route for the summary should be placed into the routing table.
4) The EIGRP uses default AD 5 for summary routes.
Network Route Summarization with RIP
1) Route summarization in RIP is almost similar to EIGRP with some limitations due to the RIP defined boundaries.
2) The command “ip summary-address rip <ip-address> <ip-network-mask>” is used on interface level to summarize the routes in RIP.
3) RIP router advertises summary route out of the interface configured for route summarization when any of the individual routes belongs to that summary is found in its routing table.
4) When summary route gets advertised, individual routes belongs to that summary route doesn’t gets advertised by the interface configured for route summarization.
5) RIPv1 does not support VLSM. Therefore, RIP route summarization works only with RIPv2.
6) RIP does not support supernetting. The command “ip summary-address rip 172.20.0.0 255.254.0.0 which would combine two class B networks into one summary network is not supported by RIP.
7) RIP never allows a router to create two summary routes out of its interface. It means on any particular router’s interface, only one ip summary-address rip command is allowed per classful network.
Network Route Summarization with OSPF
1) OSPF uses following two command to configure summary routes depending on whether the summary is for inter-area or external routes.
For inter-area summary “area <area-id> range <ip-address mask> <advertise|not-advertise> cost<cost> command is used.
For external summary “summary-address <address mask> [not advertise] tag <tag>” command is used.
2) The area specified in “area range” command is the area where the individual subnet resides.
3) Instead of using the lowest cost of all individual routes used in the summary, area range command can manually set the cost for the summary route.
4) The “not-advertise” keyword in area range command can essentially be used to filter the subnets implied by the summary.
5) Similarly “not-advertise” keyword is used in summary-address command is to filter the individual routes when required.
The access control lists can be written in more elaborated fashion by matching every specific IP network in a separate ACL statement.
Let’s take a simple example here.
The requirement is to configure an ACL to permit following four source IP networks.
172.16.0.0/24
172.16.8.0/24
172.16.32.0/24
172.16.40.0/24
A simple way to match the above four network in ACL permit statements is as follows.
access-list 10 permit 172.16.0.0 0.0.0.255
access-list 10 permit 172.16.8.0 0.0.0.255
access-list 10 permit 172.16.32.0 0.0.0.255
access-list 10 permit 172.16.40.0 0.0.0.255
However, network engineer can define and calculate more efficient ways to configure the above ACL statements in order to minimize your router/switch configuration.
Moreover, let’s assume that a question is asked in a CCIE Lab to configure a route-map or simply an ACL that should permit the above list of networks. The ACL should be as efficient as possible and it must match the above list of four IP networks in one ACL statement.
In earlier example, we have used four ACL statements (each statement for every network) to match these four IP networks. However, now the condition is to match these four IP network in just single ACL statement and as efficiently as possible.
We can use logic gates AND and XOR to calculate the access-list and wildcard pair.
AND Gate:- The output is “1” only when both the inputs A and B are “1”. The AND gate table is as here mentioned.
|
Input A |
Input B |
Output |
|
0 |
0 |
0 |
|
0 |
1 |
0 |
|
1 |
0 |
0 |
|
1 |
1 |
1 |
XOR Gate:- The output is “1” only when the inputs A and B are different. The XOR gate table is as here mentioned.
|
Input A |
Input B |
Output |
|
0 |
0 |
0 |
|
0 |
1 |
1 |
|
1 |
0 |
1 |
|
1 |
1 |
0 |
The calculation for single ACL statement is based on these AND and XOR gates.
To calculate the ACL network address to allow the above four network efficiently, we will use AND logic GATE and to calculate the subsequent wildcard mask, we will use XOR logic gate.
Please refer the example below.
Step 1:-
Write down above four networks in binary first.
172.16.0.0 –> 10101100.00010000.00000000.00000000
172.16.8.0 –> 10101100.00010000.00001000.00000000
172.16.32.0 –> 10101100.00010000.00100000.00000000
172.16.40.0 –> 10101100.00010000.00101000.00000000
Step 2:-
To calculate the ACL network address to be permitted in ACL statement, do the logical AND of these above binary network addresses.
10101100.00010000.00000000.00000000
10101100.00010000.00001000.00000000
10101100.00010000.00100000.00000000
10101100.00010000.00101000.00000000 AND
_____________________________________________________________
10101100.00010000.00000000.00000000 —> 172.16.0.0
Therefore, the address to be permitted in ACL statement is “172.16.0.0”.
Step 3:-
To calculate the wildcard mask to be used in ACL statement, do the logical XOR of these binary network addresses.
10101100.00010000.00000000.00000000
10101100.00010000.00001000.00000000
10101100.00010000.00100000.00000000
10101100.00010000.00101000.00000000 XOR
___________________________________________________________
00000000.00000000.00101000.00000000 —> 0.0.40.0
Therefore, the wildcard mask to be used in ACL statement is “0.0.40.0”
Now, we can replace the four ACL statements as we configured earlier into just one ACL statement as below.
access-list 10 permit 172.16.0.0 0.0.40.0
With such calculations, we have an issue of overlapping address space. We can find the overlapping address space if any in our calculation by following simple formula.
The amount of bits “true” in the wildcard mask calculated and used here is directly corresponds to the number of addresses an access-list will match.
In our case here, we have two bits “true” in our third binary octet of wildcard mask. Therefore, the calculation is 2^2= 4. Therefore, total four addresses/networks will be matched here in the ACL.
It reveals that four combinations are allowed in the above calculated ACL statement. Therefore, the four combinations must be and are exactly the four networks we want to permit here in the ACL.
However, many a times a big address overlap can be experienced while calculating single efficient ACL statement. Let’s see one more example here.
The requirement is to create an ACL to match the following two IP addresses in one ACL statement.
IP Adrress 01 = 10.22.44.20
IP Address 02 = 10.33.20.40
Therefore, the binary equivalent of these IP addresses is
10.22.44.20 –> 00001010.00010110.00101100.00010100
10.33.20.40 –> 00001010.00100001.00010100.00101000
Perform the logical AND to find the network address to be permitted in ACL.
00001010.00010110.00101100.00010100
00001010.00100001.00010100.00101000 AND
_______________________________________________________
00001010.00000000.00000100.00000000 —> 10.0.4.0
Perform the logical XOR to find the wildcard mask to be used in ACL statement.
00001010.00010110.00101100.00010100
00001010.00100001.00010100.00101000 XOR
______________________________________________________________
00000000.00110111.00111000.00111100 —> 0.55.56.60
The result of the wildcard mask to be used here is “0.55.56.60″. Therefore, single statement ALC to permit IP addresses 10.22.4.20 and 10.33.20.40 is as below.
access-list 10 permit 10.0.4.0 0.55.56.60
This is the efficient try we did to permit these two IP addresses in single ACL statement. However, the amount of bits “true” in our calculated wildcard mask is 12.
Therefore, the calculation of overlapping address space is 2^12 = 4096. It’s a huge overlap in the address space here.
Therefore, in such circumstances, it’s always recommended to match the IP addresses/IP networks specifically in separate ACL statements. The better and efficient version of ACL for this example is two statements ACL as below.
access-list 10 permit 10.22.44.20 0.0.0.0
access-list 10 permit 10.33.20.40 0.0.0.0
Let’s consider the network infrastructure setup of big tower where several access switches are installed on different tower floors. Every floor has hundreds of access switch ports to be configured for end user workstation connections. These access ports will be configured for almost similar configuration with just one exception as the access vlan will change based on the floor where the switch will get installed.
This kind of job is tedious and boring for network engineers. Therefore, the configuration consistency may get lost while configuring these hundreds and thousands of access ports for the entire tower.
Smartport macros are used to avoid such circumstances and to efficiently manage repetitive configuration tasks in order to manage and save the time required for a switch configuration.
Let’s take an example of a twenty-storey tower’s access switch port configuration tasks. Thousands of access switch ports for end user workstations are required to be configured here.
Apart from the change in configuration of access vlan id, remaining configuration will be common for the entire tower’s access switch ports. Therefore, we can write smartport macros to deal with such situations more efficiently.
The example below shows how to define the macro for end user workstation access switch port configuration. “workstation-config” macro is configured here.
Switch(config)# macro name workstation-config
# Put the switch in access mode
switchport mode access
# Allow port to move to forwarding state quickly
spanning-tree portfast
# BPDUs should not be sent into the network
spanning-tree bpduguard enable
# Restrict the port to one MAC address — that of desktop
switchport port-security maximum 1
# Set the strom-control broadcast and multicast levels
storm-control broadcast level 20.00
storm-control multicast level 20.00
# Put all data traffic in vlan $VLAN_ID
switchport access vlan $VLAN_ID
@
Switch(config)# interface range gigabitethernet1/0/2 – 48
Switch(config-if)# macro apply workstation-config $VLAN_ID 5
Switch(config-if)# macro description workstation-config
Switch(config-if)# end
Note: – The access ports from gigabitethernet1/0/2 to gigabitethernet1/0/48 will get configured in access vlan 5 on that switch.
There are few Cisco’s default Smartports macros embedded in the Cisco switch. You can display them by running the following EXEC command.
Switch#show parser macro.
The brief about Cisco’s default macros is as follows.
Switch#show parser macro brief
default global : cisco-global
default interface: cisco-desktop
default interface: cisco-phone
default interface: cisco-switch
default interface: cisco-router
default interface: cisco-wireless
In the above list, “cisco-desktop” macro will be somewhat similar to what we have configured here in the above example as “workstation-config” macro.
In the previous blog post, we have seen that how TCL ping script saves our time to test the device reachability in IP networks. TCL scripts are only supported on Cisco routers. Therefore, a kind of alternative for TCL ping script on Cisco Catalyst switches is macro scripting for ping.
A macro can be configured on Cisco Catalyst switches to perform the device reachability by initiating sequential ping command requests to various destination networks.
Let’s consider the following destination networks are required to be tested for their reachability.
192.168.10.1
192.168.11.1
192.168.12.1
192.168.13.1
192.168.14.1
192.168.15.1
192.168.16.1
Let’s create the ping notepad file for above mentioned networks as below.
do ping 192.168.10.1
do ping 192.168.11.1
do ping 192.168.12.1
do ping 192.168.13.1
do ping 192.168.14.1
do ping 192.168.15.1
do ping 192.168.16.1
Based on the above information, we can write the macro on catalyst switches for initiating sequential ping requests as mentioned below.
Switch# Config t Switch(Config)#macro name Ping_Request Enter macro commands one per line. End with the character ‘@’.
do ping 192.168.10.1
do ping 192.168.11.1
do ping 192.168.12.1
do ping 192.168.13.1
do ping 192.168.14.1
do ping 192.168.15.1
do ping 192.168.16.1
@
Switch(Config)#
The macro configuration as mentioned above is ready and now configured on the switch. Therefore, this configuration should be applied and run from global configuration mode as shown below.
Switch(Config)#macro global apply Ping_Request
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.11.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/10/12 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/89/101 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.14.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/8/10 ms
Type escape sequence to abort.
Sending 5, 1000-byte ICMP Echos to 192.168.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 50/57/59 ms
Switch(Config)#
By configuring the above example of switch macro to initiate sequential ping, we can save the testing time required to initiate manual ping commands from every switch device to these various network destinations.
techlanguageblog 