It really depends on which routing protocol you are talking about. In the case of RIP, for example, the routers do not know whether they are actually connected. That is part of the reason RIP is so slow to react to network failures. BGP, on the other hand, uses stateful TCP connections and is aware the instant a connection drops. EIGRP and OSPF establish neighbor/adjacency relationships and use hello messages to determine whether the connection is still active. Since these are multicast communications, an ID has to be used to determine one system from another. EIGRP uses the IP addresses of the systems whereas OSPF uses a Router ID which is typically an IP address, but doesn’t have to be. 

Configuring Port Aggregation Between Cisco Switches

This tutorial demonstrates how to maximize bandwidth and redundancy on switch uplinks by using port aggregation. The open standard LACP as well as the Cisco proprietary PAgP are covered.

In this demonstration I show how to configure a Cisco router or switch to automatically backup its configuration files to a FTP server using the kron command. The following commands are used in this demonstration:

kron policy-list <list_name>
  cli <command_to_run>
kron occurrence <job_name> at <time> recurring
  policy-list <list_name>

No problem. I just finished recording one. It is processing on Vimeo now and should be ready to watch within 15 minutes. 

Thanks,

Don

This tutorial demonstrates how to configure remote logging to a syslog server on a Cisco Router or Switch. The following commands are demonstrated in the video:

logging <server_ip>
logging buffered <size_in_bits>
logging onlogging facility <facility_level>
logging source-interface <interface>
terminal monitorservice timestamps log datetime localtime show-timezone year
service timestamps debug datetime localtime show-timezone year

Comparison of Remote Desktop Software

Here is a nice comparison chart of the various remote desktop technologies out there today. This was prepared by the people over at RemoteDesktopMac.com. 

Quickly Enable SSH on a Cisco Router or Switch

This tutorial demonstrates how to quickly and easily enable SSH on a new Cisco router or switch. This will enable secure terminal sessions to the device without the risks associated with plain text protocols like telnet.

Something happened towards the end where the video stops displaying what I am typing. Here is the command summary that I was trying to type:

hostname <name>
ip domain-name <domain>
crypto key generate rsa
<1024>
username <name> priv 15 secret <password>
aaa new-model
line vty 0 4 
transport input ssh

Remember, on a switch you need to use “line vty 0 15”.

Inactivating Tasks in Microsoft Project 2010

This short video demonstrates the new inactivate task feature in Microsoft Project 2010. I describe how it works, give a few scenarios on its usage, and throw in a couple of footnotes to keep in mind.

All too often I see people struggling to remember passwords. There are any number of password vault programs out there and they are almost all a waste of money in my opinion. Things would be much simpler with single sign on (SSO) technologies were a little more common place. Although the holy grail of one user / one password is a long way off, there are things we can do to help. For example, I used to work at an organization that had over 100 Cisco routers and over 200 Cisco switches. That is a lot of equipment. Now, imagine maintaining a separate username and password for each of those devices… it would be impossible. So, how can we simplify managing all these usernames and passwords? Well, if you have a Microsoft Windows Active Directory domain, why not just use the account you already have?

Windows Active Directory does Kerberos and NTLM authentication, neither of which are supported by Cisco’s IOS. Cisco routers and switches use local authentication by default and don’t even look to the AD. However, Cisco devices support RADIUS for authentication and so does Microsoft Windows. Microsoft does not advertise it much, but included in Windows Server 2003 called Internet Authentication Services (IAS) and in Windows Server 2008 Network Policy Services (NPS). Both of which contain a standards based implementation of RADIUS perfect for authenticating our Cisco equipment. Good bye local IOS accounts, hello AD.

So, how do you configure this? It is really not that bad.

There is a good write-up with instructions for Windows Server 2003 found here:

http://www.tech-recipes.com/rx/1478/how-to-setup-ias-to-use-radius-to-authenticate-cisco-device/

There’s an even better write-up for Windows Server 2008 found here:

http://aaronwalrath.wordpress.com/2010/06/22/install-windows-2008-r2-nps-for-radius-authentication-for-cisco-router-logins/

In the end, you will be able to authenticate on your Cisco equipment using your windows login, which means one less password to remember. Also, you get the added benefit of Windows Active Directory’s password policies now applying on your router/switch logins.

On a final note, if you have Windows Server 2003/2008 Standard Edition, you will only be able to support up to 50 routers or switches authenticating against your RADIUS server. If you want more, you will need to go to Enterprise Edition which gives you unlimited clients.

Good luck, and happy authenticating.

Ronnie is installing our new Hyper-V cluster for the student network. I hope it plays nicely with the XenServer cluster right above it :)