Here is a quick time saving way to build configs for your Juniper devices when you need to enter a lot of the same commands for each interface. For example you are building a new 5 switch virtual chassis running JTAC recommended 11.4 (at the time of this post) and want to set all ge- ports to access mode and you want the config under the interface (so no interface range command or apply groups.) Simply enter the shell, paste the 5 below and file is created with all 240 lines of commands are created for you.

Here are the 5 commands:
X=0; while [ $X -lt 48 ]; do echo “set interfaces ge-0/0/$X unit 0 family ethernet-switching port-mode access” >> config.txt; X=`expr $X + 1`; done
X=0; while [ $X -lt 48 ]; do echo “set interfaces ge-1/0/$X unit 0 family ethernet-switching port-mode access” >> config.txt; X=`expr $X + 1`; done
X=0; while [ $X -lt 48 ]; do echo “set interfaces ge-2/0/$X unit 0 family ethernet-switching port-mode access” >> config.txt; X=`expr $X + 1`; done
X=0; while [ $X -lt 48 ]; do echo “set interfaces ge-3/0/$X unit 0 family ethernet-switching port-mode access” >> config.txt; X=`expr $X + 1`; done
X=0; while [ $X -lt 48 ]; do echo “set interfaces ge-4/0/$X unit 0 family ethernet-switching port-mode access” >> config.txt; X=`expr $X + 1`; done

Here is a sampling of me entering those commands and the output.

--- JUNOS 11.4R5.7 built 2013-01-05 14:23:01 UTC
{master:0}
steve@4200> start shell
% sh
$ cd /var/tmp
$ X=0; while [ $X -lt 48 ]; do echo "set interfaces ge-0/0/$X unit 0 family ethernet-switching port-mode access" >> config.txt; X=`expr $X + 1`; done
$ X=0; while [ $X -lt 48 ]; do echo "set interfaces ge-1/0/$X unit 0 family ethernet-switching port-mode access" >> config.txt; X=`expr $X + 1`; done
$ X=0; while [ $X -lt 48 ]; do echo "set interfaces ge-2/0/$X unit 0 family ethernet-switching port-mode access" >> config.txt; X=`expr $X + 1`; done
$ X=0; while [ $X -lt 48 ]; do echo "set interfaces ge-3/0/$X unit 0 family ethernet-switching port-mode access" >> config.txt; X=`expr $X + 1`; done
$ X=0; while [ $X -lt 48 ]; do echo "set interfaces ge-4/0/$X unit 0 family ethernet-switching port-mode access" >> config.txt; X=`expr $X + 1`; done
$ exit
% cd /var/tmp
% more config.txt
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/1 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/3 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/4 unit 0 family ethernet-switching port-mode access
#########SNIP#########################
set interfaces ge-3/0/42 unit 0 family ethernet-switching port-mode access
set interfaces ge-3/0/43 unit 0 family ethernet-switching port-mode access
set interfaces ge-3/0/44 unit 0 family ethernet-switching port-mode access
set interfaces ge-3/0/45 unit 0 family ethernet-switching port-mode access
set interfaces ge-3/0/46 unit 0 family ethernet-switching port-mode access
set interfaces ge-3/0/47 unit 0 family ethernet-switching port-mode access
%

You can see that all your commands are there. Be careful when generating them because when you are pasting those commands in you can type “set interface …” and it will convert it to “set interfaces …” for you but here that will not happen.

Now to load the commands all you need to do is use load set:

4200# load set config.txt
4200# commit

And now the commands are loaded. Done. Super easy time saving method. The commands above can easily be changed to any command you need. Now the catch, did you noticed I said 11.4? Well in 12.1 and up it gets even easier but many have not moved to 12.1 as 11.4 is the JTAC recommended version as of this posting. If you are on 12.1 and up here is the command:

4200# wildcard range set interfaces ge-[0-4]/0/[0-47] unit 0 family ethernet-switching port-mode access

Yep, that’s it. Don’t you wish they added that in v10.x? I do. So now that you know how to use the shell to build your config you won’t need to for very long. Hope this saves you time and you can get back to solving real network issues and not copying and pasting commands or tweaking SLAX files to get what you need.

 

 

EDIT:

Whoa, my theme makes commands look bad. Sorry about that. Will fix at some point.

2MSL Mismatch Fun

24 June 2013 — 1 Comment

One of the ways I think an engineer can separate themselves from the pack is in not in the number of commands they know or how large of a network they have worked on but how deep their understand of the protocols and technologies goes. Think about OSPF for a second. How many people do you know can get a single area up and running? A lot. How many can do multiple area’s, multiple types of areas and lots of redistribution? Still a lot of people. Now ask those people to explain a type 4 LSA and you will get a wide range of answers, lots of them wrong. Because in today’s world many people just learn how to do X. They don’t take the time to learn why. Certifications don’t always go to this level and many people only learn what is needed to pass the exam.

So now I am going to tell you a story about some TCP maximum segment lifetime fun we had and give one example of why you really need to understand the protocols. I had saved these packet captures with the intent to do a detailed blog post but that has not happened and it has been almost two years since this happened and so far no tech deep dive so you must settle for a story.

We had moved a large portion of our key business systems to a new third party which provided their own private convention into our data centers and we peered with them via BGP via public IP’s and then NAT’d to our internal systems. They did same so the private WAN was all public IP space and they NAT’d on their end as well. A fairly common setup with so nothing fancy there.

Well months after moving to this we started to get reports of one app that accessed those remote 3rd party systems acting odd. Person A would work fine for a few hours then stop working at all while person B sitting next to them had no issues using the same app hitting the same IP. Then for no apparent reason person A would start working again. Very random but it was limited to a single app using this connect and we had quite a few that worked without issue. As it was just a few users on a single app while everything else worked fine this was initially dismissed as a local network issue and pushed back to the 3rd party (who also manged the WAN) as their issue. Well they could not find the issue pushed it back to us. A packet capture was done on our side and it showed a lot of opening and closing of connections. Turns out this app would not keep a connection open. It would open the connection, do what it needed to, then send a TCP reset to close the connection. This process would take around 5 seconds so if the user was active in the app it would open and close a lot of TCP connections. While interesting and debatable if that is the right way to do it vs something more efficient it works so other the using a lot of TCP connections this is not the problem. What we would see when the connection failed is the the client sends a SYN but never get a SYN/ACK back. Because we could see the traffic leaving our network but never get a response we again pushed it back to the third party. The catch is they found the same thing, they would see the SYN come in, send a SYN,ACK but would never get an ACK back from us. So both pushed it to the WAN service provider. They did some investigation and showed no packet loss. So all sides had “proof” it was not their issue. What next?

Continue Reading…

So you are taking your spouse to Cisco Live 2011? Here are a few quick tips specific to Cisco Live 2011 but can be adjusted for most any conference:

1) Set exceptions of the time you two will spend together

Most likely your company is paying for you to go to this conference to learn something, not for your two to go on vacation. There is a lot going on at this conference to fill your time so if she is expecting to meet you for lunch or other times during the day don’t count on it. For starters your day is going to start earlier then hers. Most likely she is not going to get up  to have breakfast with you before the 8am classes. For lunch you get that included with your conference pass, she does not. You could go meet her but most the restaurants are 5-10 minute walk each way from the conference and you only have so much time for lunch. And then you are double paying for lunch. For evenings there a couple of official events to fill your time, a CCIE party (if you are an IE/DE) and the Customer Appreciation Event. If you buy a social events pass she can go to these, if not that leaves just two nights free for you to hang out together and part of those nights will be filled with at the World of Solutions. Plus this conference is a great time to network with peers so that sucks up even more potential time the two of you can spend together. Just make sure she knows this going in, will make for a better week for both of you.

2) Stay at Mandalay Bay

They have a very nice pool that she can hang out at all day. This is what my wife did last year and enjoyed it a lot. It also is within walking distance of the conference so you two are close together if needed. If you stay at MGM forget ever seeing each other until night time. The extra cost of Mandalay Bay is worth it for these reasons.

3) See if any of your peers are taking their spouse

For some other events spousetivities.com has done some great work for the spouses and you might be able to coordinate something similar. A group could go see Hoover Dam or something that takes more time then you will have.

4) Buy a social events pass, maybe

I say maybe because it is $300 which seems pricey for what it is. It allows the two of you to attend World of Solutions, Customer Appreciation Event and the IE party together. My wife’s idea of fun is not going to hang out at the World of Solutions and she was not interested in seeing Smashmouth last year. Plus all I did at the CAE was hang out with other twitter users, again not fun for her. So this one is a maybe but will allow you to attend Networkers events with your spouse.

Also, I kept saying “wife” and “she” as this applied to me, if you are going and taking your husband just do a find and replace  :)

 

 

 

Please note this will change. Not sure how much but it will change as I read more about other sessions.

Saturday
?? AM     Arrive
?? PM     Hang out, register and get the back pack, etc.

Sunday
?? AM     Tech session
?? PM     Skyjump off the Stratosphere!

Monday
9:30 - 11:30 AM     BRKRST-2311 IPv6 Planning, Deployment and Operation Considerations
12:30 - 2:30 PM     BRKARC-3471 Cisco NXOS Software – Architecture
3:00 - 5:00 PM       BRKRST-2335 IS-IS Network Design and Deployment

Tuesday
8:00 - 9:30 AM     BRKRST-3045 LISP – A Next Generation Networking Architecture
10:00 - 11:00 AM     GENKEY-4700 Keynote and Welcome Address
12:30 - 2:30 PM      BRKDCT-2081 Cisco FabricPath Technology and Design
4:00 - 6:00 PM     BRKCRS-3144 Troubleshooting Cisco Nexus 7000 Series Switches

Wednesday
8:00 AM - 10:00 AM      BRKSAN-2047 FCoE – Design, Operations and Management Best Practices
10:30 - 11:30 AM     GENKEY-4701 Cisco Technology Keynote
12:30 - 2:30 PM     BRKDCT-2121 Virtual Device Context (VDC) Design and Implementation Considerations with Ne…
4:00 PM - 6:00 PM     BRKNMS-3132 Advanced NetFlow

Thursday
8:00 - 10:00 AM      PNLRST-4000 LISP Deployment Experience: Executive Panel
10:30 - 11:30 AM     GENDCT-4642 Town Hall: Data Center
12:00 - 2:00 PM     BRKARC-3472 NX-OS Routing & Layer 3 Switching
2:30 - 3:30 PM     GENKEY-4702 Closing Keynote: William Shatner
4:00 - 5:30 PM      BRKMPL-2108 Global WAN Redesign Case Study

Friday - Depart

 

Adding Value: Twitter

11 April 2011 — 1 Comment

When I first start on twitter it was more of a group IM among friends. Very casual and great way to chat with friends then I started to realize other IT people where it. After all at first it was mainly cutting edge tech geeks. So I started to interact with other IT geeks. Being in networking I started to interact more with networking people. As time went on I got more involved with data centers. These conversations on Twitter allowed me to learn a whole lot about technologies such as VMware that I had limited experience with. In the same way I could talk to the VMware guys about networking. This was great, I have learned so much all because of Twitter. I also have got to interact with all kinds of people I never would have. Even a number of friendships have been formed all around sharing info and learning from each other. Of course we all have lives outside of networking and from time to time post non-IT related tweets. I for example am a huge sports fan. You will see me tweet from time time to time about Arsenal, Dallas Mavericks and maybe something else sports related. In fact my first Twitter name was @Arsenal. I never should have gave that up. But I digress. Now I recognize that most people that follow me do not do it for sports reasons but for networking reasons. So now I have two accounts, @steve for IT related posts and @steverossen for non-IT. Why did this was I want to make sure that I keep adding value to those people that have followed me. Now I do post non-IT tweets now and then because you are following me, not a brand, you get whatever I feel worth tweeting. The other reason post non-IT to @steve is I just forgot to change which account it went too :D

So what is the point of this post? It was just to get you thinking. Do you add value to your twitter followers or just noise? So think a little before you tweet. Are you trying to build a brand for yourself or just share what is on your mind? Nothing wrong with either. Just don’t be upset when people don’t follow you or even worse unfollow you. Would you follow your own twitter stream? If not why would someone else? I have unfollowed people because they posted too many FourSquare or other silliness. Two people that have done a great job building their brand and reducing noise are Gerg Ferro at EtheralMind and Jeremy Strech at PacketLife. They have a ton great IT follower because they post quality content. If they started posting football scores or pics of their dog or what was plating in iTunes people would stop following them. They are going for a quality stream of content that is above what most are going for.

However, don’t be too quick to unfollow people. Remember what I said about former friendships? Sometimes you put up with a few random tweets that you don’t care about. After think of the ratio of value to noise. As long as the value is high enough you deal with the random pic of their car or post about them eating at Chilis.

Recently I had been thinking about my Twitter stream as since I changed jobs I don’t think I have added much value to Twitter. I have been trying to think about how I can improve that with the change in what I feel is appropriate. Lots of times I have just not posted on industry trends or specific tech issues because of this new role. That is changing, just had to feel out the new gig. Bottom line is think about what you tweet just a little bit and you will have a far better experience on Twitter.