Monday, April 14, 2014

Packet Captures on VG204/VG202/VG224

The VGs don't support packet capture using this traffic-export commands, but do have a different way of getting all-traffic captures on its Ethernet interface.  Here are the commands:

Step 1 - Set up Packet Capture

monitor capture buffer vg max-size 9500
monitor capture point ip cef cef fastEthernet 0/0 both
monitor capture point ip process-switched switch both
monitor capture point associate cef vg
monitor capture point associate switch vg


Step 2 - Start Packet Capture

monitor capture point start  all


Step 3 - Stop Packet Capture

monitor capture point stop  all


Step 4 - Collect Packet Capture

monitor capture buffer vg export tftp:///vg.pcap

Sunday, January 29, 2012

Loading Customized Background Images on Phones

Creating the images
Each background image requires two PNG files:
  • Full size image—Version that appears on the on the phone.
  • Thumbnail image—Version that appears on the Background Images screen from which users can select an image. It must be 2 5% of "he size of the full size image.
The PNG files for background images must meet the requirements for proper display on the Cisco Unified IP Phone (see table below). You can use MS Paint and MS Office Picture Manager to create images.


Phone Model
Full-Size Image
Thumbnail Image
TFTP Directory
7941/7961
320x196
80x49
Desktops/320x196x4
7942/7962
320x196
80x49
Desktops/320xl96x4
7945/7965
320x212
80x53
Desktops/320x212xl6
7970/7971
320x212
80x53
Desktops/320x212xl2
7975
320x216
80x53
Desktops/320x216x16


Creating the List.xml file
The List.xml file defines an XML object that contains a list of background images. The
List.xml file is case sensitive and stored in the same TFTP directory as the images it is
listing on the TFTP server.
List.xml Example:


<CiscoIPPhoneImageList>
<ImageItem Image="TFTP:Desktops/320x212x12/TN-velara.png" URL="TFTP:Desktops/320x212x12/velara.png"/>
</CiscoIPPhoneImageList>




Making the File Available
Once you have the image files and the List.xml file, you need to upload the files to the TFTP
directory specified in the above table in each TFTP server manually.
Once you upload everything, you will need to restart the TFTP service so that the files are
uploaded for the IP phones.


PROCEDURE STEPS:

  • Download and Edit the List.xml file for the right format, e.g.:
(from windows CMD) tftp 10.179.168.15 get Desktops/320x216x16/List.xml


Transfer successful: 474 bytes in 1 second, 474 bytes/s
  • Log in OS Administration
  • Go to Software Upgrades\TFTP File Management
  • Click Upload File and re-upload the List.xml file
  • Click Upload File and upload the Picture Files
  • Log on to Serviceability page to restart TFTP service.

Friday, September 30, 2011

IOS Packet Captures

It's actually quite easy to do full packet captures with ACL Filters on routers.  This is at times much better than relying on debugs to troubleshoot issues.  Here's how (in this case a SIP Signaling Packet Capture):


1. Create Traffic Profile.  Here, for SIP Signaling
!in config mode

ip access-list 123 permit udp any any eq 5060
ip access-list 123 permit tcp any any eq 5060


ip traffic-export profile SIP-CAP mode capture
   bidirectional
   incoming access-list 123
   outgoing access-list 123

2. Apply to an interface
!in config mode
int g0/0
   ip traffic-export apply SIP-CAP

3. Capture the traffic
!in enable mode
 #traffic-export int g0/0 clear
 #traffic-export int g0/0 start
   
 #traffic-export int g0/0 stop

4. Export the CAP to a server using ftp or tftp
!in enable mode
 #traffic-export int g0/0 copy ftp://x.x.x.x/capture.pcap

Sunday, January 30, 2011

Packet Captures on Cisco UC Appliances

Sometimes it's not obvious about how to get things done on the Cisco Appliance platforms, especially if you're used to the Windows platforms.  But, you really can do everything you used to--you just do it differently.  For instance, to get a packet capture use the CLI and enter the following command:

utils network capture eth0 file Capture1 size all count 100000

Type CTRL-C to stop the capture.

Then, you can retrieve the packet capture by using RTMT (Real Time Monitoring Tool):

In RTMT, use the Collect Files tool.  Select Packet Capture Logs for the server.  The PCAP File will then download to your PC, and you can open it with Wireshark.

This will work with all of the Cisco UC Appliances.

Saturday, October 16, 2010

CUCM 8.0(2c) on VMWare

After much trial and error, I was able to get CUCM 8.0(2c) installed on VMWare Server. In spite of only being officially supported on ESXi, it is possible to get CUCM 8 running on VMWare Server or Workstation. The best procedure to doing this is:

1. Download OVA file from Cisco and open with Text File to see recommended settings. Some of the hardware specs in the OVA file are required (e.g., dual 80 GB Hard Drives), but others are not strictly checked for during installation, like 2304 MB of RAM (2048 MB worked for me).

2. Configure a new VM with VMWare server using Red Hat Enterprise Linux 4. Any other flavor of Red Hat will not work. The following VM settings worked for me:


  • RHEL 4
  • 1 CPU
  • Dual 80 GB SCSI Hard Drives (0:0 and 0:1)
  • 2048 MB of RAM
  • USB Controller
  • IDE CD ROM
  • Ethernet Bridged
  • No need to pre-allocate the drives (you can let them grow as needed, though performance will suffer slightly). You can pre-allocate the drives if you want, though. It just takes much longer to set up the VM and takes away a lot of disk space unnecessarily.
You'll then get the Demo license which is good for a single node and 50 DLUs.

Aaron

Wednesday, July 28, 2010

CUCM 7 Features

Cisco has been hard-at-work adding new features to CUCM.  Here's a spreadsheet I've created with descriptions of all the new features for CUCM 7.  I'll soon be publishing sheets for CUCM 7.1 and CUCM 8.  Enjoy:

https://spreadsheets.google.com/pub?key=0AjU-M37pyCMfdEFtYUlWUFZlYmF3bk5NZ1lFbzFaWkE&hl=en&single=true&gid=0&output=html

Saturday, July 17, 2010

CDP Holdtime and LabUpdate

You may have shut down a link or suspected a link failure but seen "sh cdp neigh" still displaying an active connection, well that is all due to the CDP Holdtime.  It has to run down to 0 before the neighbor is removed from the table.  The default is 180 seconds, which can certainly lead to some confusion if you are troubleshooting a recently failed link.  The default can be changed with the "cdp holdtime" global parameter.  Once you're used to looking for it, you can see that the holdtime is unusually low for the failed link, which should lead you to figure it really is down w/out waiting for the entire holdtime to expire:

Rack1SW2#scn
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater

DeviceID   Local Intrfce Holdtme Capability      Platform      Port ID
BB2            Fas 1/0           125          R S I            3725           Fas 0/0
Rack1SW1 Fas 1/9            15            R S I            3725           Fas 1/9

Notice that the Holdtime will keep decrementing and be unusually low (15 here) which indicates you may have a problem before you'll actually see the neighbor drop off completely.

As for my R&S lab, b/c I've just taken on a new large project I'm going to have to move my lab back til next Spring.  I'm just able to work through about 10 pages / day of INE Workbook 1, so it'll be a while before I finish!  Once I've finished WB 1, I'll then do full labs for a couple of months before attempting the real thing.