To enable you to view full traffic flows with either "debug flow basic" or "snoop" you need to create a policy that matches the traffic flow and disable hardware processing on it (it doesn't look like you can do this retrospectively to a policy):
ISG2000(M)-> set policy from untrust to trust host-a host-b icmp permit no-hw-sess
Thursday 11 October 2012
Thursday 23 August 2012
Linux command line file editing
Use 'tr' to replace NULL characters (^@) from files:
# tr '\000' '\n' < input.txt > output.txt
Use 'sed' to remove blank lines (^$ matches a blank line, 'd' = delete line):
# sed '/^$/d' input.txt > output.txt
or use 'grep':
# grep -v '^$' input.txt > output.txt
# tr '\000' '\n' < input.txt > output.txt
Use 'sed' to remove blank lines (^$ matches a blank line, 'd' = delete line):
# sed '/^$/d' input.txt > output.txt
or use 'grep':
# grep -v '^$' input.txt > output.txt
Monday 6 August 2012
Manually add firmware updates to Procurve Manager
I've now found a simpler way of doing this but the manual method is still shown below in case the new option doesn't work/exist.
At some point PCM has been updated to allow you to import a software image via the GUI. We're running version 3 update 20 and in that you can do the following:
Old (manual) Method:
It goes a little something like this:
At some point PCM has been updated to allow you to import a software image via the GUI. We're running version 3 update 20 and in that you can do the following:
- Extact the new software image (.swi) file into the following folder on your PCM Server: "Program Files\Hewlett-Packard\PNM\server\data\download"
- From the PCM Client, select Tools -> Preferences -> Configuration Management -> Software Image Import
- Select your device type from the drop-down list, e.g. 2810-48G
- Click on Add
- Add a description under "Software Version" and under "Software Image File Name" add in the exact name of the file that you extracted into the PCM folder, e.g. H_10_111.swi
- That's it! You should now be able to select the new software version when using the Software Update Wizard
Old (manual) Method:
It goes a little something like this:
- Browse to the ProCurve site: http://h17007.www1.hp.com/uk/en/products/switches/index.aspx
- Download the firmware version you need
- Open the following directory on the PCM server:
- Program Files\Hewlett-Packard\PNM\server\data\download
- Backup the procurve_firmware.prp file
- Open the .prp file and locate the section for the switch model you are interested in (easiest to search for the start of the firmware name e.g. N_11_)
- Update the line that starts "Latest=" to be the new firmware version
- Copy the existing latest code release "block" e.g.
N_11_25{
PackageFileName=2810-Software-N1125b.zip
FileName=N_11_25.swi
ReleaseNotes=2810-RelNotes-N1125-59916273b.pdf
ReleaseInfo=none
ReleaseDate=05/11/2010
}
and modify the appropriate parts to match the new firmware file names.
and modify the appropriate parts to match the new firmware file names.
- Do the same for each revision of the switch (e.g. 2610-24, 2610-24-POE)
- Extract the .swi file(s) and copy them into the same folder
- Copy the .prp file and the zip file into the directory
- Stop and restart the PCM services:
- HP ProCurve Datastore
- HP ProCurve Network Manager Server
- HP ProCurve Network Manager Agent
- Re-run the software update wizard
Thursday 26 July 2012
SMTP Mail Server with Windows
Don't waste time on anything else (all the custom applications are crap), just install exim with cygwin.
Run cygwin as an Administrator (to allow you to install the exim service) :
Start-> Run: "cygwin" then press Ctrl-Shift-Enter
Run "exim-config" after installation:
- "ipv6 support" : up to you
- "enter period of the queue runner" : default (15)
- "do you want to install exim daemon as a service" : yes
- "are you using cygsla" : yes
- "value of CYGWIN" : default
- "do you want to start the exim service now" : yes
Start and stop the service with :
"net stop exim"
"net start exim"
Check exim routing with:
exim -bt a@example.com
Send a test message using:
exim -v you@domain.com
From: you@domain.com
To: recipient@example.com
Subject: Testing
This is an exim test .
^D
Run cygwin as an Administrator (to allow you to install the exim service) :
Start-> Run: "cygwin" then press Ctrl-Shift-Enter
Run "exim-config" after installation:
- "ipv6 support" : up to you
- "enter period of the queue runner" : default (15)
- "do you want to install exim daemon as a service" : yes
- "are you using cygsla" : yes
- "value of CYGWIN" : default
- "do you want to start the exim service now" : yes
Start and stop the service with :
"net stop exim"
"net start exim"
Check exim routing with:
exim -bt a@example.com
Send a test message using:
exim -v you@domain.com
From: you@domain.com
To: recipient@example.com
Subject: Testing
This is an exim test .
^D
Wednesday 18 July 2012
LLDP fast start on Procurve 2810s
HP Procurve 2810 switches do not appear to support the LLDP fast-start option even on the latest firmware (N.11.52 at present)
From the Manual pages:
"An LLDP-MED device connecting to a switch port may use the data contained in the MED TLVs from the switch to configure itself. However, the lldp refresh-interval setting (default: 30 seconds) for transmitting advertisements can cause an unacceptable delay in MED device configuration.
To support rapid LLDP-MED device configuration, the lldp ast-start-count command temporarily overrides the refresh-interval setting for the fast-start-count advertisement interval. This results in the port initially advertising LLDP-MED at a faster rate for a limited time. Thus, when the switch detects
a new LLDP-MED device on a port, it transmits one LLDP-MED advertisement per second out the port for the duration of the fast-start-count interval."
From the Manual pages:
"An LLDP-MED device connecting to a switch port may use the data contained in the MED TLVs from the switch to configure itself. However, the lldp refresh-interval setting (default: 30 seconds) for transmitting advertisements can cause an unacceptable delay in MED device configuration.
To support rapid LLDP-MED device configuration, the lldp ast-start-count command temporarily overrides the refresh-interval setting for the fast-start-count advertisement interval. This results in the port initially advertising LLDP-MED at a faster rate for a limited time. Thus, when the switch detects
a new LLDP-MED device on a port, it transmits one LLDP-MED advertisement per second out the port for the duration of the fast-start-count interval."
Subscribe to:
Posts (Atom)