HowTos

CLI Error Patterns Cisco IOS-XE [     "% Ambiguous command",     "% Incomplete command",     "% Invalid input detected",     "% Unknown command", ] Cisco IOS-XR [     "% Ambiguous command",     "% Incomplete command",     "% Invalid input detected", ] Cisco NX-OS [     "% Ambiguous command",     "% Incomplete command",     "% Invalid input detected",     "% Invalid command at", ] Juniper [     "is ambiguous",     "No valid completions",     "unknown command",     "syntax error", ] Arista EOS [     "% Ambiguous command",     "% Error",     "% Incomplete command",     "% Invalid input",     "% Cannot commit",     "% Unavailable command", ]

Error Connecting to IOS-XR in the LAB I've created a new lab for testing using EVE-NG. Everything was fine.  But when I tried to connect to Cisco IOS-XR from my Jumphost, I saw the message: stack@devstack$ ssh cisco@192.168.0.7                                 Unable to negotiate with 192.168.0.7 port 22: no matching host key type found. Their offer:                                                                                                       Hmm... Their offer is nothing ! Connected to console and checked logs from the other side: RP/0/0/CPU0:May 30 10:33:08.510 : exec[65722]: %SECURITY-LOGIN-6-AUTHEN_SUCCESS : Successfully authenticat...

Intro When you spend a lot of time googling or reading documentation  trying to find a solution for some unexpected task and, at the end, it's startworking, you says "WOW! Now then I will use it next time!" But after few months you get the same task and... start from scratch. So I started writing  Tips and Tricks for every Network OS (Juniper, Cisco , Huawei etc.) in my notes.  After few years I decided to start publish my own collection. Hope it will help me and may be someone else to solve a problem in the future. Some of them are from Day One collection, some from my  everyday tasks.  Enjoy.

Linux is an amazing OS because you can do a lot inside it. Here is a bunch of Tips & Tricks I have found. Find the current time in the timezone you want: $ TZ='America/Los_Angeles' date Tue Dec 11 04:07:18 PST 2018 $ TZ='Europe/London' date Tue Dec 11 12:08:49 GMT 2018 Note: All available timezones can be found at /usr/share/zoneinfo. I recommend to view it using timedatectl list-timezones command. $ timedatectl list-timezones | grep Europe Generate random password string using  date and md5sum or sha256sum $ date | sha256sum | base64 | head -c 8 ; echo Y2RhODhh $ date | md5sum | base64 | head -c 8 ; echo YWNjYzU4 Generate pseudo-random string using OpenSSL  $ openssl rand -hex 8 d0388693bd744e0e $ openssl rand -base64 32 | head -c 12  ; echo uvics5KjODkt Generate random password string using gpg utility $ gpg --gen-random --armor 1 12

If you try to install Ubuntu at HP notebook, you will meet with some drawbacks. HP by default support Microsoft OSes only. You will find that some common things are working not as you expected. For example, you will lose your fingerprint or your touch-pad will work with limitation. But I didn't expect that such a common thing like Microphone mute/unmute key not work under Ubuntu. But it is so! To toggle mute of default microphone under Ubuntu at HP EliteBook you need an  pulseaudio and some scripting. Make sure that you have  pacmd  (from  pulseaudio-utils  package) and  notify-send  (from  libnotify-bin ). Use this script: #!/bin/sh pacmd list - sources | awk '\ BEGIN {default_found=0;} /^[\t ]*\*/ {default_found=1;} /^[\t ]*name:/ { if (default_found) { name=$2; gsub("[<>]", "", name); } } /^[\t ]*muted:/ { if (default_found) { if ($2=="yes") { mute=0; icon="mi...

IPv6 is enable in Ubuntu by default, but I have found that without experiece you can spend a lot of time to find information for IPv6 network configuration  and operation. How to change IP address permanently Make changes in  file /etc/network/interfaces iface ens4 inet static  address 192.168.0.254  netmask 255.255.255.0  gateway 192.168.0.1 iface ens4 inet6 static   address 2001:db8::254  netmask 64  gateway 2001:db8::1 Temporary IPv6 Address Assignment stack@devstack# ip address add 2001:db8::254/64 dev ens4   Temporary IPv6 Address Deletion stack@devstack#   ip address del 2001:db8::254/64 dev ens4 Verify IPv6 address configuration stack@devstack# ip address dev ens4 3: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000     link/ether 00:50:00:00:04:01 brd ff:ff:ff:ff:ff:ff     inet 192.168.0.254/24 brd 192.168.0.255 sco...

Today I created VPN to my home network. I need an access to my local resources and lab at home server from Internet. Here is how to enable OpenVPN server at ASUS router and how to configure сlient side at Windows.    First of all enable OpenVPN at  ASUS router. Step 1. Open VPN Tab in Advanced Settings Menu Step 2. In VPN Server - select OpenVPN section and enable OpenVPN Server Step 3. In Basic OpenVPN configuration change VPN details from General to Advanced Settings Here is a very useful recommendation:  You can change the default settings of the OpenVPN server to provide a custom OPVN file for a specific   connection type.  To use your own key, click the yellow link to modify settings.  Refer to the  System Log  for any error messages related to OpenVPN.  Before configuring the advanced settings of the OpenVPN server, ensure that these advanced settings options   are compatible with the...

By default EVE-NG disable console access. You can use VNC to get console access to VM. By editing  GRUB_CMDLINE_LINUX  in  /etc/default/grub I've added console=tty0 console=ttyS0,115200 to enable console access using virsh console eve-ng command. GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200 net.ifnames=0 "

As you remember I have to install Ubuntu 17.10, because 16.04LTS does not support ixgbe: Intel(R) 10 Gigabit PCI Express Network Driver - version 5.1.0-k at my Supermicro SYS-E200-9A. But... Surprise! Surprise! Community deprecated ifupdown in Ubuntu for the 17.10 release. And deliver a unified network stack of netplan and networkd/network-manager across all 17.10 images in preparation for the 18.04 LTS. Configuration is now written as YAML files to /etc/netplan instead of in /etc/network/interfaces. Goodbye my love, goodbye! These two links will be helpful for everyone who are not familiar with netplan MigratingToNetplan   https://wiki.ubuntu.com/MigratingToNetplan Netplan   https://wiki.ubuntu.com/Netplan

CentOS provides  cloud images  for various cloud environments such as Openstack, RHV, Azure, or just KVM. It is possible to alter user passwords or SSH keys on these images without using cloud-init! This is nifty for use in Jenkins, Packer, local dev work or other use cases to just write changes to the image so it is ready to go. Check this out! Pre-req: make sure to have the package libguestfs-tools installed (Debian or Fedora)! # sudo apt install  libguestfs-tools The command virt-customize can edit images in a variety of ways. Here are some examples to get you started: Set a random root password in the image # sudo virt-customize -a CentOS-7-x86_64-GenericCloud.qcow2 --root-password random [   0.0] Examining the guest ... [  11.2] Setting a random seed [  11.2] Setting passwords virt-customize: Setting random password of root to 132Tfe6cfCCr8Pv8 [  12.2] Finishing off Set a specific root password of: centos # sudo...

IPMICFG Overview IPMICFG is a utility for IPMI devices configuration. It is a command line tool providing IPMI commands and Supermicro proprietary OEM commands. It is designed for easy to use and no pre-installation required. Use it for basic IPMI configuration and BMC status reading and monitoring. Features:  Set up IPMI IP Address  Set up IPMI Configuration  Configure IPMI User Management  Configure IPMI FRU  Manage System Event Log (SEL)  Manage IPMI by node management (NM) protocol IPMICFG Linux version will automatically use linux built-in ipmi driver from ipmitool to access BMC. If there is no ipmi driver loaded, IPMICFG will use its internal API to access BMC. However, the performance will be slow. Note:  You should use root permission to launch IPMICFG. Here is a step to load ipmi driver. You should be type these command to activate openIPMI driver: # modprobe ipmi_msghandler # modprobe ipmi_devintf # modprobe ipmi_...

Quick Emulator (QEMU) is the main component of the QEMU/KVM virtualization technology suit. It provides hardware virtualization and processor emulation. QEMU runs in userspace and, without the need for kernel, drivers can still provide fast system emulation. The hardware acceleration support provided by the Kernel-based Virtual Machine (KVM) hypervisor. Perform the following steps to install QEMU from packages on Ubuntu/Debian and RHEL/CentOS distributions: On Ubuntu/Debian distributions, update your packages index: root@kvm:~# apt-get update Install the package: root@kvm:~# apt-get install -y qemu-kvm On CentOS/RHEL distributions execute: root@kvm:~# yum install qemu-kvm Installing QEMU is quite trivial, as we just saw. Let's have a look at what the QEMU metapackage installed on Ubuntu looks like: root@kvm:~# dpkg --list | grep qemu From the preceding output, we can see that there are few packages involved

I decided to replace SSL and TLS Certificates at my Supermicro IPMI (Intelligent Provisioning Management Interface). Warning:     Server will restart after cirtificate update !  There are many options how to create Certificates. Here is two options. One is for Linux and the second is for Windows. Let's start with Linux. To create certificate you need OpenSSL at your Linux installation. It's included in almost all distributives. To check version of OpenSSL use this command: #openssl version OpenSSL 1.0.2g  1 Mar 2016 I suggest to use at least 2048 bit certificate. First we create private 2048 bit RSA key. The filename can be any you wish, in this example I will store private RSA key in pvt.pem. #openssl genrsa -out pvt.pem 2048 or  you can user genpkey option #openssl genpkey -algorithm RSA -out pvt.pem -pkeyopt rsa_keygen_bits:2048 Using this private RSA key I create Certificate Request #openssl req -new -key pvt.pem -out...

Sometimes websites have non-trusted security certificates that you want to trust. In order to do this you'll have to install these certificates, for example, in Windows. Let's start: Make sure the certificate file came from a trusted source! Find certificate file you want to install and rename it to <something> .cer, then double click the certificate file (*.cer) or press right mouse button on it and select Install Certificate . New window with Certificate details will appear. Click Install Certificate... button. Certificate Import Wizard will start. Press Next > button. Select "Place All Certificates in the Following Store" and Click Browse... If it's a Root CA Certificate Select "Trusted Root Certification Authorities" .  If it's a Certificate for a webserver (e.g. www.mydomain.com) Select "Trusted Publishers" . Click OK . Click Next >   Click Finish. ...

First of all I want to mention that this server is pretty new and not all OS supported its hardware. During installation I have found that Ubuntu Server 16.04 does not support 4 ports LAN card. It's not a good idea to have a server without any network connectivity. You can try to download LAN drives from Intel or SuperMicro sites So, after a little thought I decided to install Ubuntu Server 17.10. To my hapiness this version has a built-in support drives that support this network adapter.

Few months ago I've purchased a fantastic Mini-1U server to my home Lab. It's a SuperMicro SYS-E200-9A in a small box (Width 193mm x Height 43mm x Depth 226mm) with a 4 Core Intel Atom® Processor C3558 CPU and SSD DoM. Here I  will collect my notes and useful tips How To install, configure and operate  it. So lets start.