How to find the zero subnet and broadcast address of a given IP address

I’ve just received an email asking for help.

Would you please clarify this concept for me on how to find the zero subnet and broadcast address of a given IP address.

For Example: The given IP address was 200.1.2.0/28

My Working:

255.255.255.240
200.  1.  2.  0
200.  1.  2.  0 Zero Subnet
200.  1.  2. 16
200.  1.  2. 32
200.  1.  2. 48
...
...
200.  1.  2.240

Is 200.1.2.240 the Subnet Broadcast? Or 200.255.255.240?

My reply:

Alfred,

You have exactly the correct answer (200.1.2.240)… but you have asked the wrong question! And your confusion is understandable.

Firstly there are two concepts

The subnet broadcast is the address that can be used to send information to all hosts on that subnet.

The broadcast subnet is the last subnet that can be assigned for a given subnet mask, just as the zero subnet is the first subnet that can be assigned for a given mask.

Given the context of your question, I think you meant to ask

Is 200.1.2.240 the Broadcast Subnet? Or 200.255.255.240?

To answer this question, you have to ask yourself “Am I dealing with a class A, class B or class C address?

Since you are dealing with a class C address, the first three octets are never going to change, so the 200.1.2.240 answer is correct.

If however, you were dealing with a class B address, like 150.1.2.0, only the first two octets would stay fixed, so the working (using the 255.255.255.240 mask again) would be:

255.255.255.240
150.  1.  2.  0 (Zero subnet)
150.  1.  2. 16
150.  1.  2. 32
...
150.  1.  2.240
150.  1.  3.  0
150.  1.  3. 16
...
150.  1.255.240 (Broadcast subnet)

Which would make 150.1.255.240 the broadcast Subnet.

The alternate answer you gave (200.255.255.240) is more like what you would see for a class A address, like 100.1.2.0, because with class A addresses, only the first octet is fixed.

255.255.255.240
100.  1.  2.  0 (Zero subnet)
100.  1.  2. 16
100.  1.  2. 32
...
100.  1.  2.240
100.  1.  3.  0
100.  1.  3. 16
...
100.255.255.240 (Broadcast subnet)

 

About these ads
Posted in GNS3 WorkBench | Leave a comment

Building a new GNS3 WorkBench lab

Building a new GNS3 WorkBench lab

[Note: The procedures described in this post are dependant on the reader
having a copy of GNS3 WorkBench Virtual Machine v8.7 or later]

GNS3 WorkBench comes with lots of labs, but building a new lab – with
instructions snapshots and prepared configurations is not a trivial
task.  However, I’ve added some scripts that help me create a new
lab.  If you think you’d like to build your own labs, then follow me
as I build a new lab.

Step 1: Build the topology and final configuration

I’ll start by creating a new project in GNS3 (in the GNS3 WorkBench Linux
Virtual Machine – the scripts I use are not going to run on
Windows).  The project I’m creating is called ‘ICND1
Readiness Test
‘. This will be an
ICND1 level exercise, so I want to create this project in the /home/user/GNS3/WorkBench/Projects/ICND1
Exercises
directory, therefore I change the Project
Directory
too.  And this project will have an Etherswitch
router and crypto keys, so I’ll check the Save nvrams including
EtherSwitch VLANs and crypto keys
option.

NewProject

Next I’ll build the topology that I want, and configure the routers as I
want them in the final configuration.  During this process, I keep a
copy of BlueGriffon
opened where I create the page which will later become the snapshot0.html
instructions page for the project.  When I’ve got the topology
finished, I’ll also create a script file called check-answer.vpc
for the Virtual PC Simulator (VPCS) which can be used to test most of the
configurations, but I’ll discuss that in a separate section – but if you
see references to check-answer.vpc then keep in mind the purpose
of this file.

ICND1 Readiness Test Topology

Step 2: Put the WorkBench template files in place

Once I am happy with the project, I save the project making sure that I
have the GNS3 option to [x] Include a screenshot when saving a
project
checked in Edit | Preferences <-General -
[General Settings]
– this makes sure I get a topology.png
file created which is used in several places.  IN fact, it is worth
spending some time to get the topology looking just right on the screen
before you save.

I then quit GNS3 and start using a set of scripts that are found in the /home/user/GNS3/WorkBench/Scripts/WBDev
directory.  They are:

addPWDToPATH.sh
changeIcon.py
labPreparer.sh
labRenamer.sh
replacer.sh

 

Tip:072011_0413_VMWareInter6.png The main scripts are labPreparer.sh  and 
labRenamer.sh
, but I’ll want to run these
scripts from a command window, and I don’t want to have to be
writing commands like  /GNS3/WorkBench/Scripts/WBDev/labPreparer.sh
all the time, so I run the addPWDToPATH.sh script from
this directory to begin with.  That puts the /GNS3/WorkBench/Scripts/WBDev
directory in my path, but I do have to log out and log in again
after running it.  Note, that I only ever have to do this one
on any one VM, and then you are good forever after that.

From the /home/user/GNS3/WorkBench/Projects/ICND1 Exercises/ICND1
Readiness Test
directory, I run the labPreparer.sh script.
This Script that takes a GNS3 project (in this case the ICND1 Readiness
Test
), and copies a bunch of skeletal files to the project – basic
help files (instructions), some snapshot directories and an openMeFirst.net
topology file which will replace topology.net later.  It also
copies the current configs and working directories to
the new snapshot directories.  After running this script, my
project directory looked like this (The selected files/folders are the
original files/directories):
afterRunning labPreparer.sh

The problem is, all of these template files use the word WBProjectName
both in the naming of the files, and in the files within the help
system.  Ideally, we would rather have WBProjectName
replaced by the name of the project.  That is where the next script
comes in.

Step 3: Rename files and replace text

To tidy up the copied template files, I next run the labRenamer.sh
script.  If I run the labRenamer.sh script,  all
occurrences of WBProjectName in any file or filename, will
be replaced by the name of the GNS3 project as indicated by the current
directory name – in this case ICND1 Readiness Test.

Tip:072011_0413_VMWareInter6.png The labRenamer.sh script can also be run with a
parameter if you need to rename a project.A command like  labRenamer.sh “ICND1 Challenge”
would take all occurrences of the current directory name (in this
case ICND1 Readiness Test) found in any instructions files
associated with this project, and change them to ICND1
Challenge
– including any filenames, directory names and even
the current directory. Which, by the way, will leave the script in a
state of limbo when it exits because the current directory has been
renamed.  You will be prompted to issue a cd .
command in this case to get your bash shell to workout what the
current directory is.

The labRenamer.sh script exits with a message:

Done - ready to edit instructions.

which takes me to the next step, with the project folder now looking like:

afterRunning labRenamer.sh

Step 4: Edit instructions

Looking now inside the instructions folder off my project I will
find the .html skeleton files for my project. In this example, off
the /home/user/GNS3/WorkBench/Projects/ICND1 Exercises/ICND1 Readiness
Test/instructions/
directory.  They are:

console.png
instructions.html
navigation.html
snapshot0.html
snapshot1.html
snapshot2.html
snapshot3.html
snapshot9.html
snapshotHelp.html
start.png
topology.html
topologyicon.png
topology.png

Opening the instructions.html file in my browser shows
me the general layout of these files in the system:

instruntions.htmlRoadmap

What I will have to do now is edit these html files in the instructions
directory to suit your project.  I could do this by hand using a text
editor, but I’m going to use the BlueGriffon
html editor.  The files I’ll have to edit are:

File Purpose
snapshot0.html This is the default content that is shown
when the project is opened or the user chooses Help |
Instructions
.  It describes the main scenario, and
should always include a link to the topology.html file
that will display the topology. It should describe the exercise.
snapshot1.html Once the final configurations are worked out, it is a relatively
simple task to create a troubleshooting
exercise based on the same configurations.  I typically use snapshot1
as the troubleshooting exercise, but it could be set up as another
exercise based on the same configuration.
snapshot2.html snapshot3.html

…etc

It is possible of course keep adding as many variations and
exercises as needed.  If the original exercise had some routers
already configured, I often make a challenge exercise where the user
has to configure all the routers from scratch.By default, you get templates for snapshot2.html and
snapshot3.html
.  If you want to use a 4th or more
snapshots, you will have to create them yourself by copying one of
these, as well as edit navigation.html (see below)
snapshot9.html If I make a set of solution configurations, I’ll make them
available as snapshot 9 (Completed WBProjectName exercise).
If there are two different solutions, I’ll make the second solution
available as snapshot 8 (Completed Alternate WBProjectName
exercise)
etc.  snapshot9.html will
probably only need minimal editing – I usually find that the default
setup is just fine.
navigation.html If I plan on having any more or less than four snapshots plus a
solution, then I will have to edit the navigation.html
file to add/remove links to the other snapshot instructions.Also, if my project requires special pages, I can add links to them
here.
topology.html I probably won’t need to edit this file, because it is
automatically set up to display your saved topology.png,
but if I needed to add more topology detail, I could add it here.

I’ll start by opening snapshot.0.html as an individual file in
BlueGriffon.
Pretty soon, it begins to look like:

snapshot0.htmlInBlueGriffonText

or in Wyswyg view:

snapshot0.htmlInBlueGriffonWysiwyg

I make sure I get the instructions for snapshot0 quite polished
before I try any of the other variations.  But by this stage I have
to be careful, because I’ve already created my base snapshots (not by
using the File | Manage snapshots option in GNS3, but by
copying files in the GNS3 snapshot format).  My final configurations
are actually living in the snapshot folder called topology_9
(Completed ICND1 Readiness Test)_snapshot_191013_000000
, so it is
the topology.net file in this directory that I’ll have to work
with from now on if I need to make any further changes to the final
configurations!

finding topology.net

Step 5: Create the snapshot scenarios

Recall back in Step 2, there were three snapshot scenarios copied
created, based on the current configuration at the time you ran the labPreparer.sh
script.  This gave your project five snapshots/scenarios which are
virtually identical. It is time to sort them out.

For this exercise, I’ll only want the basic topology_0, topology_1
(Troubleshooting)
and topology_9 (Completed) snapshots,
so I’ll delete the other snapshot folders (topology_2* and topology_3*).

I leave topology_9 as the “solution” to the exercise, so it is
almost already prepared.  The configs directory with the
prepared router configurations and startup.vpc file is
ready.  The only other change I make is that I open the topology in
GNS3 and add a textual comment to remind me that this is the final
configuration.  Now, if I ever forget which snapshot I have restored,
I have my message to remind me:

annotaed topology_9.net
Next, I will re-visit the base snapshot topology – topology_0.
Again, I’ll do this by directly working with the files within the snapshots
directory, rather than via GNS3’s File | Mange snapshots.
Since topology_0 (ICND1 Readiness Test) is the initial
configuration, all I need to do is to delete the configs for the routers
that need to be configured for the exercise – but one of these routers is
actually a EhterSwitch router, so I’ll need to do
something special about the working directory.

Firstly, I’ll look inside the topology_0 snapshot:

insideThe topology_0 Snapshot

I have four tasks I need to do here.

    1. Firstly, I need to open the topology.net file and add my
      comment to identify this as topology_0 as I did with topology_9
      above.

annotaed topology_0.net

    1. Next, I need to edit R1.cfg, R2.cfg and SW1.cfg
      files.  The ServiceProvider.cfg file needs to be kept
      intact, so no changes there.  One option would be to actually
      delete these files, but that would mean that users would then start with
      partially configured routers (based on the baseconfig.txt file
      for the IOS being used).  So instead, I edit the router configs to
      say simply:
do setup

but the SW1.cfg file is a bit more tricky, because it need to
keep some of the basic config (in particular, the duplex and speed
settings for the interface range fa1/0 – 15) so for this file I change the
config to:

interface FastEthernet0/0
 description *** Unused for Layer2 SW ***
!
interface FastEthernet0/1
 description *** Unused for Layer2 SW ***
!
interface range FastEthernet1/0 - 15
 duplex full
 speed 100
!
do setup
    1. However, that is not quite enough to completely erase the config on
      the switch – because there were VLANs and crypto keys created.  To
      deal with them, I have to remove all the files in the working
      directory, or at least the three files that have SW1
      in their names:
c3725_SW1_rom
c3725_SW1_slot0
c3725_SW1_slot1

In actual fact, I remove all the files in the snapshot’s working
directory, because I also want to remove the crypto keys for the other
routers too.

    1. The final task is to edit the startup.vpc file.
      Configuring the VPCS is one of the tasks that will be required in this
      exercise, but the Virtual PC representing http://www.example.com
      will need to have its configuration preserved.  Also, I like to add
      a few extra messages to the startup.vpc file, so that it will
      look like this:
# The startup file of VPCS
# 
9
set pcname www
ip 93.184.216.119 93.184.216.1 24
ip 2001:db8:dead::2/64
1
show ip all
echo
echo When you have completed the exercise, check your answer by issuing the following command:
echo load check-answer.vpc
echo

I will now repeat this process more or less as appropriate for topology_1,
except that if I’m doing a troubleshooting exercise I will leave the
configs intact apart from one or two changes, and probably leave the working
directory alone.  And if I wanted a second troubleshooting exercise,
I’d just make a copy of topology_1 snapshot, rename it and
adjust.

Of course there is one more thing that I need to do to complete the
troubleshooting snapshot – I will have to edit the snapshot1.html
file in the instructions directory to describe the nature of the
troubleshooting exercise that I want.  And of course repeat for as
many snapshots that I want to appear in the list.

I will also have to edit the navigaion.html file in the instructions
directory to add new links or remove unwanted links to snapshots.

editing navigation.html

Step 6: Create the check-answer.vpc script (optional)

In actual fact, I normally do this step as part of Step 1, but since it
is optional, I didn’t want to get too deep too early.  The whole idea
of a check-answer.vpc is to give the user a way of checking the
connectivity aspects of the exercise.  VPCS is especially good at
checking access control lists (ACLs), so in the exercise I’m building
here, it is essential that I have a good script.

Note: Since I’m creating the script after setting up
the skeleton snapshots, I’ll have to copy the completed check-answer.vpc
to the configs directory within each snapshot when I’m
finished.

This script has to created by hand in a text editor, and the way I start
is actually with the text of the snapshot0.html file – because
that is where I will find descriptions of the tasks that have to be
carried out.  I want to be sure that I echo messages to the console
as the tests are taken. I won’t be able to check every detail, but I’ll
check the ones that I can.  Here is the first section of check-answer.vpc
that I created for the ICND1 Readiness Test project:

set echo off
echo ***************************************************************************
echo This is the check-answer.vpc script for the ICND1 Readiness Test.
echo It will NOT test all completion criteria, you will have to assess some
echo items by yourself.
echo
echo ***************************************************************************
echo Press <ctrl+c> (multiple times) to stop, <enter> to continue.
sleep 0
echo ***************************************************************************
echo Checking dhcp address assignment for VPCS 1. You should see output similar to:
echo DDORA IP x.x.x.x/xx GW x.x.x.x
1
ip dhcp
echo Checking DNS and DOMAIN NAME assignments:  You should see the lines:
echo DNS         : 192.0.2.192
echo DOMAIN NAME : rednectar.net 
echo in the output of the following 'show ip' command
set echo on
show ip
set echo off
echo ***************************************************************************
echo Press <Ctrl+c> (multiple times) to stop, <enter> to continue to obtain the
echo dhcp addresses for VPCS 2-5
sleep 0
set echo on
echo Checking dhcp address assignment for VPCS 2.
echo
2
ip dhcp
echo ***************************************************************************
echo Checking dhcp address assignment for VPCS 3.
echo
3
ip dhcp
echo Checking dhcp address assignment for VPCS 4.
echo
4
ip dhcp
echo ***************************************************************************
echo Checking dhcp address assignment for VPCS 5.
echo
5
ip dhcp
echo Checking DNS and DOMAIN NAME assignments:  You should see the lines:
echo DNS         : 192.0.2.192
echo DOMAIN NAME : rednectar.net 
echo in the output of the following 'show ip' command
show ip
set echo off
echo ***************************************************************************
echo Now would be a really great time to check your DHCP server and issue a
echo 'show ip dhcp bindings' command on R2
echo Press Press <Ctrl+c> (multiple times) to stop, <enter> to continue testing NAT
sleep 0

As you can see, creating a thorough VPCS script can take some time.
To give your VPCS devices access to the script, it must be saved in the configs
directory of the appropriate snapshot(s).

Step 7: Tidy up

There are four things remaining before the project becomes a
fully-fledged GNS3 WorkBench Project.  I have to:

  1. Setup the folder icon for the ~/GNS3/WorkBench/Projects/ICND1
    Exercises/ICND1 Readiness Test
    directory
  2. Create script files in the ~/GNS3/WorkBench/Projects/ICND1
    Exercises/ICND1 Readiness Test
    directory to run each of the
    snapshots.  These scripts are used by the shortcuts on the GNS3
    WorkBench desktop
  3. Create the above mentioned desktop shortcut for the new project
  4. Clear the development configuration so the first-time user is forced
    to load a snapshot if they open the project from within GNS3 or by
    double-clicking the topology.net file.

And of course, there are scripts to do all of the above:

Task 1: Setup the folder icon for the project’s base directory

I’ll start by opening a command prompt in the project’s base directory ~/GNS3/WorkBench/Projects/ICND1
Exercises/ICND1 Readiness Test
.  From here I run the command:

changeIcon.py . instructions/topologyicon.png

Note carefully the period (.) character in the middle of that command -
it tells the script to update the icon of the current directory.
I could have of course typed the command as:

~/GNS3/WorkBench/Scripts/WBDev/changeIcon.py ~/GNS3/WorkBench/Projects/ICND1\ Exercises/ICND1\ Readiness\ Test ~/GNS3/WorkBench/Projects/ICND1\ Exercises/ICND1\ Readiness\ Test/instructions/topologyicon.png

 

Tip:072011_0413_VMWareInter6.png Alternatively I could have run the updateIcons.sh script
found in the ~/GNS3/WorkBench/Scripts/Administrative directory
– which would have done the same job – but would have also updated
EVERY other icon in the GNS3 WorkBench system.

This script changes the folder icon from looking like this:

folderIconPreScript

to this:

folderIconAfterScript

Task 2: Create script files in the project’s base directory

Each project gets a series of script files created in the project’s base
directory that, when run, copy the contents of one of the snapshots into
the base directory, including the configs and working
directories and then runs GNS3. The purpose of these scripts is
twofold.  One is to make it easy for users to load a snapshot from
the command line or the file browser, the other is to make it possible to
create shortcuts on the desktop that achieve the same purpose.

From the command prompt in the project’s base directory ~/GNS3/WorkBench/Projects/ICND1
Exercises/ICND1 Readiness Test
I run the command:

createRunSnapshotLaunchers.sh

This script actually copies a template script once for every snapshot, so
if I have three snapshots called:

0 (ICND1 Readiness Test)
1 (ICND1 Readiness Test Troubleshooting)
9 (Completed ICND1 Readiness Test)

then the script will create launchers called:

runSnapshot.0 (ICND1 Readiness Test)
runSnapshot.1 (ICND1 Readiness Test Troubleshooting)
runSnapshot.9 (Completed ICND1 Readiness Test)

 

Tip: The createRunSnapshotLaunchers.sh script can be run with
a -all option, which will create ‘runSnapshot.x….
scripts for the entire GNS3 WorkBench and GNS3 Vault structure.

Task 3: Create a shortcut on the Desktop

Now that I have created a new IDND1 WorkBench Project, I’ll want it to
appear in the ICND1 Exercises (Shorcuts) folder on the Desktop.
The script to create the Desktop shortcuts will actually re-create all
the Desktop shortcuts, and must be run from the ~/GNS3/WorkBench/Scripts/Administrative
directory like this:

cd ~/GNS3/WorkBench/Scripts/Administrative
updateIcons.sh

This script examines all of the project directories under the base GNS3
WorkBench directory (~/GNS3/WorkBench/Projects) and searches
first for a directory on the Desktop with a similar name to one
of the directories under ~/GNS3/WorkBench/Projects. If it
finds a folder that hasn’t got the equivalent shortcut folder on the
desktop, it offers to create it.  Next, is searches for a ‘runSnapshot.0...’
script in each project directory, which would have been created by the ‘createRunSnapshotLaunchers.sh
script I ran earlier.  Each time it finds a ‘runSnapshot.0…
script, it creates a desktop shortcut to run that script, or if there is
none, it will offer to create a shortcut to a ‘runSnapshot.continue
script. It also updates the icons for the folders on the Desktop.

Having run the script, I now see the shortcut when I open the Desktop
folder called ICND1 Exercises (Shortcuts)

desktopShortcutIcon

Task 4: Clear the development configuration

The final step is to save confusion if the exercise is loaded the first time
from within GNS3 or by opening topology.net from the file
browser.  I want to force the user to load one of the snapshots, so I
have a special copy of topology.net that I use for that purpose.  It
was copied to the project directory back in Step 2 and is called openMeFirst.net.
To make sure this topology is indeed opened first, I copy it over the
original topology.net like so:

cd ~/GNS3/WorkBench/Projects/ICND1 Exercises/ICND1\ Readiness\ Test
cp openMeFirst.net topology.net

Now if anyone opens the topology.net file before a
snapshot has been restored will see:

openMeFirst

And like most of the other tasks, I have a script that will repeat this
job for all projects if I want to refresh the system ready for a new
user.  The script file is found in the ~/GNS3/WorkBench/Scripts
directory and is called prepForNewuser.sh.  When you run
this script, it will not only copy over all the primary topology.net
files in every project’s base directory, but will also wipe out any files
in any configs directory working directory
or qemu-flash-drives directory ready for fresh files to be
copied into these directories whenever a snapshot is restored.  Here
is a sample of the output of prepForNewuser.sh

user@GNS3WB86 ~/GNS3/WorkBench/Scripts $ ./prepForNewUser.sh 
********************************************************************************
              Copying base topologies to GNS3 WorkBench Projects.               
This script prepares a GNS3 WorkBench environment for a new user by:
a) deleting any configurations saved by the current user, and 
b) copying /home/user/GNS3/WorkBench/Scripts/Templates/openMeFirst.net 
to be the base topology.net for all GNS3 WorkBench projects, and by copying
/home/user/GNS3/WorkBench/Scripts/Templates/openMeFirst.vault.net. 
to be the base topology.net for all GNS3 Vault projects so that users know that
they need to load a snapshot before commencing.
It will destroy any topology.net files saved in the GNS3 WorkBench/GNS3 Vault
directory structure as well as deleting any saved configurations
********************************************************************************
 

Do you want to continue? Y/N [y] y
Updating GNS3 WorkBench topology.net files
Updating GNS3 Vault topology.net files

Step 8: Enjoy and distribute

If anyone would like to create their own exercises and distribute them,
complete the step up till the end of Step 6.  Then you can compress
your project file and submit it – either send it to me,
or submit it on the GNS3
Forum
.  Either way, I’m sure there will be some folk who will
appreciate your efforts.

 

RedNectar

Posted in Cisco, dynamips, GNS3, GNS3 WorkBench | Tagged , , , , , , | Leave a comment

Cisco UCS has had a baby (Mother and Daughterboard doing well)

RedNectar Chris Welsh:

Good post from UCSGuru.com

Originally posted on UCSguru.com:

As many of you know I am now in full CCIE Datacenter study mode, and as such have not had as much time to blog and answer posted questions as I would like. However I felt compelled to take a break from my studies to write a post on the new Cisco UCS generation 3 Fabric Interconnect.

I noticed the other day that Cisco have released the data sheet on the latest member of the Cisco UCS family, the Cisco 6324 Fabric Interconnect, which is great because I can now finally blog about it.

http://www.cisco.com/c/en/us/products/collateral/servers-unified-computing/ucs-6300-series-fabric-interconnects/datasheet-c78-732207.html

Having been waiting for this for a long time, I immediately contacted our purchasing team to get a quote, with the view to getting one in for our Lab so I can have a good play with it, and I was again pleased to see it was listed on Cisco Commerce Workspace (CCW) all-be-it still…

View original 503 more words

Posted in GNS3 WorkBench | Leave a comment

Why configuring NTP demands patience

I noticed that my router’s clock was about half an hour off, so I decided to configure NTP. However, it proved much more frustrating that I though, due mainly to my impatience.

In this article I hope to explain to you why you need multiple NTP servers and how to interpret the output of the show ntp associations command as we explore the workings of NTP on a Cisco router.

Note: Jeremy Stretch has a great article on configuring NTP

NTP and the software clock

Firstly, I already knew that NTP wasn’t going to work if my clock was too far out of sync, so I set my clock to something close to the correct time using the privileged clock set command. (This article tells me that my clock needs to be within 4000 sec=66 min, so I should have been OK). Next, I configured NTP using the ntp server pool.ntp.org command, and checked to see if my router had synchronised its time:

router#show ntp association
 
  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.

What? No synchronisation? NEVER updated??? But I’ve been waiting more than two minutes now!! Being impatient, I decided that I should perhaps add another server, to see if that would speed things up. So I added:

ntp server 0.au.pool.ntp.org
ntp server 1.au.pool.ntp.org
ntp server 3.au.pool.ntp.org
ntp server 2.au.pool.ntp.org

And got:

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
 ~130.102.128.23  .INIT.          16      -     64     0  0.000   0.000 16000.
 ~128.184.34.53   .INIT.          16      -     64     0  0.000   0.000 16000.
 ~129.250.35.250  .INIT.          16      -     64     0  0.000   0.000 16000.
 ~129.250.35.251  .INIT.          16      -     64     0  0.000   0.000 16000.
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.01 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.

Still no synchronisation. But then I noticed in Jeremy’s article a note that said:

For a protocol so obsessed with correct time, NTP certainly is slow: it can take upwards of five minutes to synchronize with an upstream server. This is due to the NTP poll timer of 64 seconds.

So I decided to find out a bit more about this poll timer and how it works. Firstly, it turns out that adding the extra NTP servers was a good idea. NTP doesn’t just take the first timestamp packet it sees to set the clock. Instead, it build a database of information built up from successive polls to multiple servers.  I found this diagram that gives a nice picture: NTP Daemon Process and Algorithms [Source: http://www.eecis.udel.edu/~mills/ntp/html/warp.html - a cleaned up copy of the original text-graphics version of Figure 2 in RFC5905] Secondly, to avoid overwhelming the NTP servers, the default polling interval is 64 seconds, so it takes a while to build up the database – and in my case, well before the clock was finally synchronised  I could see the database building: (by the way, it took 13 minutes to synchronise)

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
 ~130.102.128.23  216.218.254.20   2     57     64     1 51.977 104342. 7937.5
 ~128.184.34.53   169.254.0.1      3     61     64     1 49.092 104342. 7937.5
 ~129.250.35.250  133.243.238.24   2     13     64     3 261.55 104321. 3937.9
 ~129.250.35.251  133.243.238.24   2     46     64     1 255.13 104329. 7937.5
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.01 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.

I can now see that the stratum and when columns for my ntp servers show that some of the servers have been contacted, and indeed are of varying status – a stratum 2 server is considered to be more accurate than a stratum 3. In fact, stratum 3 servers synchronise with stratum 2 servers, stratum 2 servers synchronise with stratum 1 and stratum 0 servers are the atomic clocks that drive the whole system. [ref] A stratum of 16 indicates that the device is unsynchronised – so it looks like my first choice of ntp server (pool.ntp.org) is not giving up any information. I can also tell from the output of the show ntp association command how many of the last polls have been successful, but to do this I have to understand that the reach column displays its output in octal, then translate that to binary. The binary bit pattern then shows the status of the last 8 polls. Not too hard for the output above, the 0 indicating there has never been a successful poll, the 1 indicating the last poll was successful, and 3 (00000011 in binary) show the last two polls were successful. When this number shows 377 (octal) it means the last 8 polls were good. But I can also see values appearing in the delay, offset, and dispersion columns, showing that NTP is building its database. Delay is the round-trip delay in ms, and offset is clock time difference between the peers or between the master and client. This value is the correction that is applied to a client clock in order to synchronize it. A positive value indicates the server clock is higher. A negative value indicates the client clock is higher. Dispersion, reported in seconds, is the maximum clock time difference that was ever observed between the local clock and server clock. This value should come down over time, and if it ever reaches 16000, the client will not accept the time from that server. [ref]. After thirteen minutes of impatience, I finally saw what I was looking for (from the output of debug ntp all :)

Jun 17 01:20:15.337: NTP Core(INFO): system event 'event_sync_chg' (0x03) status 'leap_none, sync_ntp, 6 events, event_peer/strat_chg' (0x664)
Jun 17 01:20:15.337: NTP Core(NOTICE): Clock is synchronized.

And a look at the status finally shows that the clock is synchronised:

router#show ntp status
Clock is synchronized, stratum 3, reference is 129.250.35.250
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is D74A164F.57258397 (11:20:15.340 UTC+10 Tue Jun 17 2014)
clock offset is 0.0079 msec, root delay is 0.26 msec
root dispersion is 0.48 msec, peer dispersion is 0.06 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000030 s/s
system poll interval is 64, last update was 139 sec ago.

Now my NTP has synchronised, but that is not the end of the story. By repeating the show ntp association command periodically, you can see things are still happening.

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .STEP.          16      -     64     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     25     64    77 51.267  32.537 189.39
 ~128.184.34.53   169.254.0.1      3     64     64   122 49.115  29.474 1939.5
*~129.250.35.250  133.243.238.24   2     14     64   177 261.47   7.906 65.514
+~129.250.35.251  133.243.238.24   2     55     64    77 255.70  13.942 190.86
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

The first change I noticed was that the unreachable server changed its output from .INIT. to .STEP. in the ref clock column. I’m not sure what this means, but I’m trying to find out. Next, I saw that some of the peers had + and * markers next to them, indicating that they were being considered in the time calculation. With NTP, multiple candidates can be combined to minimise the accumulated error. And I also noticed that the reachability numbers were steadily increasing, remembering that 0o77 is 0b00111111, 0o177 is 0b01111111 and 0o122 is 0b01010010, then we can see that the server reporting the 122 is missing a few replies – and note that it has not been selected as a candidate. Over time I continued observing the output of show ntp association

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.192.20   2     33     64   377 51.168  45.696  3.644
-~128.184.34.53   169.254.0.1      3     14     64   377 48.056  49.073  1.733
+~129.250.35.250  133.243.238.24   2     26     64   377 261.09  25.027  3.675
*~129.250.35.251  133.243.238.24   2      4     64   377 254.66  34.519  2.626
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the last four servers have had the past eight queries replied to (because the reachability is 0o377 or 0b11111111 in binary) but the 128.184.34.53 server is still not considered a candidate, but an outlyer (normally spelled outlier) that will not be considered in the calculation. The next time I looked, I could see that the polling interval had changed to 128 seconds for the last four servers.

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     59    128   377 51.895  54.913  6.592
-~128.184.34.53   169.254.0.1      3    110    128    55 49.449  56.680 196.53
*~129.250.35.250  133.243.238.24   2    121    128   377 261.25  36.705  4.196
+~129.250.35.251  133.243.238.24   2     98    128   377 256.22  41.049  7.129
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

This change of polling interval is part of the normal process. When things have completely settled down, I expect this to read 1024 for all servers. Although I do note that the 128.184.34.53 server is back to dropping a few replies. However, that doesn’t seem to matter that much, because next time I looked I saw that this server had become a candidate server and 129.250.35.250 had dropped to being an outlyer(sic).

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     41    128   377 50.666  61.893  4.294
+~128.184.34.53   169.254.0.1      3     94    128   157 49.045  61.049 69.038
-~129.250.35.250  133.243.238.24   2    100    128   377 261.25  36.705  7.135
*~129.250.35.251  133.243.238.24   2     77    128   377 256.23  51.167  3.032
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

To understand why this change had taken place is still way beyond my understanding. I tried to read RFC 5905 but had to stop before my head exploded. As the day wore on, the polling interval gradually increased and the candidate servers changed around a bit. This was the situation about 90 mins after I first configured NTP:

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
 ~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
-~130.102.128.23  132.163.4.101    2     14    256   377 51.692  80.578  8.526
+~128.184.34.53   169.254.0.1      3    196    256   377 49.238  68.183  7.904
+~129.250.35.250  133.243.238.24   2    200    256   377 261.65  55.852  5.636
*~129.250.35.251  133.243.238.24   2     47    256   377 255.26  66.107  8.174
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

And then something interesting turned up in the debug, at about the 2 hour mark. The recalcitrant NTP server at 27.54.95.11 became social:

Jun 17 03:30:47.154: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:30:47.238: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

And sure enough, 1024 seconds (17 minutes) later:

Jun 17 03:30:47.154: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:30:47.238: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

The next message was only 512 seconds later, so clearly the polling interval was changed:

un 17 03:56:23.164: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:56:23.248: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

And after six successful polls, the story looked like this:

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
+~27.54.95.11     101.231.167.21   2    489    512   177 84.762 151.517 70.749
*~130.102.128.23  216.218.192.20   2    219    512   377 51.678 155.438 11.281
+~128.184.34.53   169.254.0.1      3    144    512   377 49.342 151.303 12.239
-~129.250.35.250  133.243.238.24   2    154    512   377 262.04 140.283  7.412
-~129.250.35.251  133.243.238.24   2      9    512   377 256.34 144.174  9.323
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the newly connected server has become a candidate already! By now (it’s five hours since I setup the NTP) all servers are talking, and for the first time I have seen more than two candidate servers and a system peer.

router#show ntp association

  address         ref clock       st   when   poll reach  delay  offset   disp
+~27.54.95.11     101.231.167.21   2    113   1024   327 85.808 249.651 14.515
*~130.102.128.23  216.218.254.20   2    360   1024   377 51.738 251.118 18.597
+~128.184.34.53   169.254.0.1      3    287   1024   177 51.886 246.250 17.000
-~129.250.35.250  133.243.238.24   2    297   1024   377 269.41 219.283 16.942
+~129.250.35.251  133.243.238.24   2    663   1024   377 255.84 235.492 13.132
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the polling has stepped to 1024 seconds, which means we only poll each of these servers every 17 minutes, and we’ve only lost a couple of polls, as indicated by the 327 and 177 values in the reachability column.

The Hardware Clock

This whole exercise started because I noticed that my clock was about half an hour out. By default, your router gets its time from its internal hardware clock when it boots up. [ref]. To allow NTP to update my hardware clock, I added the following to my configuration:

ntp update calendar

Conclusion

I now have a fairly stable NTP environment – and the key things that tell me that from the output of show ntp association are:

  1. There are multiple servers configured.  NTP works best with several servers.
  2. At least one NTP candidate (indicated by a + to the left of the peer address) or a system peer (indicated by a * to the left of the peer address – sometimes called a master) must exist before your clock will synchronise
  3. The stratum of at least some of those servers is fairly low – the closer to 0 the better
  4. The polling interval has stepped back to 1024 seconds on all servers, indicting that the system has enough information to poll infrequently
  5. The reachability for most servers is showing 377, meaning the past eight polls have been successful.

So you can see that NTP is not just a simple protocol that gets it time from a single lookup. There is a simpler implementation of NTP called SNTP, and I could have configured that instead, but I couldn’t have configured both NTP and SNTP at the same time. Understanding that you need to configure MULTIPLE servers and getting to understand the output of the show ntp association command are the key points I hope I’ve made. RedNectar Reading: http://packetlife.net/blog/2011/mar/28/cisco-ios-clocks-and-ntp/ http://www.eecis.udel.edu/~mills/ntp/html/warp.html http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html http://www.cisco.com/c/en/us/support/docs/availability/high-availability/19643-ntpm.html http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-110/15171-ntpassoc.html http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/12-4t/bsm-12-4t-book/bsm-time-calendar-set.html http://en.wikipedia.org/wiki/Network_Time_Protocol http://www.ciscopress.com/articles/article.asp?p=2013217&seqNum=2 http://www.ntp.org/ntpfaq/NTP-s-def.htm

Posted in CCIE, Cisco, NTP | Tagged , , , | Leave a comment

Q&A on GNS3 WorkBench v8.6

I got some great questions from Rob Methven so I thought I’d answer them here in the form of a “Q&A”.

Q. I got the Etherswitches and VPCs pinging each other no problem. However, when I do a show mac-address table on the switches, the CAM table either show up as completely empty or with just the last couple of MAC addresses. Repeated show mac-address-table show that the table gradually removes the entries until it’s empty, normally within 30 seconds. I’m using the recommended IOS for the c3725 (T10), but I’ve also tried with the T14 release and observed the same behaviour.

A. This is a known problem with dynamips and has been reported on the GNS3 Forum. I’ve asked Flàvio (maintainer of dynamips) to look into it again.

Q. RE VPCS: When I load the exercises, am I right in thinking that I have to manually configure the IP addresses on the individual VPCs? I’ve done it no problem, and saved the config so I can quickly load it, but I’m just checking that I’m not doing anything wrong!

A. Some exercises will require that the IP addresses for the VPCs, others will have pre-configured exercises. To be honest, there are a couple of places where I meant to have IPs already configured but didn’t. What happens when you load a snapshot is that the contents of the snapshot’s configs directory gets copied to the current project’s configs directory. If I remembered to put the relevant startup.vpc file in the snapshot’s configs directory then the VPCs will start with the correct addresses.

Q. When I load a snapshot for a topology, I get a message saying that the IOS image can’t be found. I get an option to choose the correct image, which is invariably the same file. The only difference that I can see is the path. The images that I can use have the full paths (C:\Users\Rob\GNS3\Images\imageName.image) to the image listed in the dialog , even though it’s in my specified “Images” folder. I can fix this by editing the topology file to point to the full path, so again, it’s not a massive issue. Just wondering if I’m doing something wrong!

A. This is a real bummer – this problem was solved back in GNS3 0.8.3 and re-introduced somewhere between v0.8.3 and v0.8.6 – and since Jeremy is now busy working on GNS3 v1.0, I’m guessing there won’t ever be a real fix for this. Unfortunately going back to GNS3 v0.8.3 is NOT an option, because that version doesn’t support he Help features and the Snapshot features that GNS3 WorkBench now relies on. If you look at the toplology.net files that are supplied in the Windows/OS X version of GNS3 you will see that there is NO path specified in the

image = c3725-adventerprisek9-mz.124-15.T10.image

lines in all the exercises and snapshots. I’ve just written a script to allow a user fix this for Linux based systems (may work on OS X) but don’t have anything for Windows yet (any Windows script writers out there wanting to take a bash script and “Windoize” it please contact me!).

What you need to do is the windows equivalent of the linux command:

find . -type f -name topology.net -exec sed -i "s#c3725-adventerprisek9-mz.124-15.T10.image#C:\full\path\to\c3725-NEWIMAGE.image#" {} \;

but I don’t know if Windows has such commands.

Q. Just show me where to donate!

A. I do this to help the community. I had at one stage thought of trying to set up a link to a charity, but it got too hard. You could of course buy my book if you think it will be useful, or sign up for SlideShark using this link where you’ll get an extra 25MB free for using the link.

Posted in dynamips, GNS3, GNS3 WorkBench | Tagged , , , , , | 11 Comments

GNS3 WorkBench v8.6 is finally out

Executive OverviewSample3

The next version of GNS3 WorkBench is out.  You can download it several forms:

  • An entire Virtual Machine as a single blob (although split into two files 2.5G-3G in size)
  • The same Virtual Machine as individual files (in case you can’t get the big files)
  • A “self-serve” script to allow you to install everything you need to create your own Appliance on whatever flavour of Linux you like (so long it is Mint 16.0)
  • Just the WorkBench labs and exercises along with their instruction files.  These can be added to your existing Windows or OS X install of GNS3 to give you the essential elements of the WorkBench in the comfort of your own favourite Operating System.  This version is only possible because of the great work Jeremy did in fixing the Snapshot function and Instructions features in GNS3 v8.6

The Features in a Nutshell

  • Labs are now based on GNS3 Snapshots – so you don’t need to run a script to load the appropriate exercise, you can open exercises/labs from within GNS3
  • The help system is now html based, and is integrated into the Help | Instructions feature that was introduced into GNS3 v0.8.5
  • Since GNS3 now has VPCS incorporated into the Tools | VPCS menu, there is no need to load VPCS via a startup script to run labs/exercises.
  • The above three features have removed now make it possible to deliver a Windows/OS X version of GNS3 WorkBench.
  • Labs have been updated to more closely reflect the September 2013 changes to the CCNA exams.
  • Over 20 new labs/extensions to labs.  Mostly troubleshooting exercises added to tried and true labs.
  • Total of 50 different Labs/Scenarios
  • Total of approx 140 different exercises/solutions (Snapshots) shared between these labs.
  • Ability to add your own exercises – just save your own snapshots and add your own instructions.

More Details for the Nerd at Heart

When I first published GNS3 WorkBench, I had four objectives in mind:

  1. To produce a set of exercises/labs that could be loaded into GNS3
  2. To be able to present a page of instructions to accompany each exercise/lab
  3. To be able to reset the exercise/labs after use
  4. To integrate VPCS into the process

Thanks to the changes made to the Snapshot function, the Tools | VPCS option and the  and Instructions features in GNS3 v0.8.6, my objectives 2-4 above have been pretty much integrated into GNS3 (at last – thanks Jeremy).  So I’ve had to completely re-focus on what I want GNS3 WorkBench to be.

So the new GNS3 WorkBench is mostly about supplying the instructions in a much nicer web-based format, and re-working every lab to create snapshots, more instructions and VPCS startup files to fit the new format.  And while creating these, keeping in mind that I’d like to make the set of exercises/labs device independent – in other words to be able to produce a set of exercises/labs that could work on Windows or OS X.  I also wanted to add some automation to the addition of ASA and Juniper routers, so scripts to help in this regard are part of the package.  And finally, I wanted some of the Open Source extensions built into GNS3 WorkBench – like Linux running under Qemu and Vyatta routers running under Oracle VirtualBox.

And the results don’t look too bad either! (Even if I do say so myself).

Screen Shot 2014-04-07 at 11.39.38

I’ve created three flavours of GNS3 WorkBench comes this time, including an all-time-first Windows/OS X version.

Flavour #1 – The VM Appliance.

Everyone’s favourite. I built the Appliance on Linux Mint 15.0.  You can download it as a monolithic 5.6G file (in two parts because SourceForge won’t allow files larger than 5G) or as the individual VM files.  If you want a ready-made VM appliance then choose either method, the end result is exactly the same.

I built the appliance on Linux Mint v15.0 – because Mint just had the feel and features that I expect from Linux.  Like being able to right-click in a file-browser and choose “Open in Terminal” and “Open as Root“.  That’s my kind of environment.

Flavour #2 – Self-serve script.  The Bespoke Linux install.

When I was building the master copy of the Appliance I built a GNS3 environment which had copies of several routers, including Juniper, ASA and Vyatta routers as well as Microcore Linux running under Qemu.  To achieve this I had to install many applications on my copy of Linux Mint.  By to keep a record of what I had installed, I  built a script that could reproduce the environment again from a fresh Linux install – so that script became the second way to install GNS3 WorkBench.  And I used it over and over to test fresh copies of GNS3 WB.  In fact, I created the master copy of the Appliance by running my script on a fresh install of Linux Mint 15.0.

The self-serve script allows you to choose various features that you might want to add to GNS3, like installing Qemu, Wireshark and even downloading some prepared Qemu and VirtualBox Images.  Originally it was designed and tested on Linux Mint 15.0 but unfortunately, Mint 15.0 is based on Ubuntu Raring…. “unfortunately support for raring has been dropped from Launchpad (the peril of a 3rd party system!), as support ended in January.” (http://forum.gns3.net/topic6426-28.html) Which means that my self-serve install suddenly stopped working about March 28 – the day after I had finalised my script! However, the good news is that it seems that the script works OK on Linux Mint 16.0 (32 bit), and that there might be some changes afoot to give the GNS3 repository a more permanent home which will make the script work agin on Mint 15 (and probably Ubuntu Raring as well).

The install script carries out the following tasks:

  • Updates your Linux OS with the latest patches and adds the repository where GNS3 resides.
  • Downloads and installs the scripts to enable support for ASA and Juniper
  • If you have downloaded the ASA image, it will be prepared for use in GNS3
  • Downloads and installs the following:
    • NIO tap adapter
    • Qemu
    • open-ssh server
    • CPU Limit utility
    • Oracle VirtualBox emulator
    • Wireshark
    • terminal applications Xterm, PuTTY and Konsole
    • dynamips
    • GNS3
    • the Virtual PC Simulator (VPCS)
    • a specially prepared Qemu freeBSD image for use with Juniper routers
  • if you have Juniper image available, the script then takes you through the tedious Juniper install process.
  • Downloads a collection of Virtual Box VMs that are used in the GNS3 WorkBench
  • Downloads the GNS3 WorkBench exercises and sets up the default settings in GNS3 and your desktop
  • Fixes file permissions so you can run the labs smoothly

The script is pretty rough – very little error checking, and if you end up with a wrong version of something or some application fails to install, then… well… you are welcome to re-write the script!

Flavour #3 – Windows/OS X Install.

Not exactly the full GNS3 WorkBench (it will not put pretty icons on your desktop) but so long as you have GNS3 installed along with Qemu and Virtual Box, you will get all the exercises/labs – except you are on your own to make the Juniper/ASA labs work.

So good luck. Let me know if you have any problems – rednectar.chris is my gmail account.

RedNectar
Chris Welsh

Posted in CCNA, Certifications, Cisco, dynamips, GNS3, GNS3 WorkBench, ICND1, ICND2, Labs, Mac OS X, Microsoft, Routing, Wireshark | Tagged , | 7 Comments

Using an iPad to improve Webex presentations – especially the Whiteboard

I had to do some Webex presentations recently – and I found the Webex interface clunky and dated – especially the annotation functions and the Whiteboard function.  Here is how I managed to at least spruce up the Whiteboard function using a free iPad app and a cheap application on my laptop.

Firstly, understand that Webex is an ancient online video collaboration tool with enough basic features to allow you to present PowerPoint slides (so long as they are saved in the correct format) to a live online audience who either listen online or over the telephone after signing in to the meeting online.  When you present slides in Webex, your PowerPoint slides loose all animation and the best annotation tool available is a pointer that displays your name. 

WebexInterface

Fig 1: Webex Interface. The best annotation tool available is a pointer that displays your name.

While presenting your PowerPoint slides, you can click on part of your slide to make you pointer visible to the other participants.  The presenter also has the power to grant other meeting participants privileges to also click their pointers on the screen, or use the basic annotation tools which consist of typing text, drawing lines and boxes and a highlighter/scribbler.  However, it is particularly the annotation tools that fall down.  You can click on your slide and drag to draw a line, but neither you or any other participant sees the line until you lift your mouse/finger to finish the line.  And once drawn, you can’t move it, change its colour or direction.  Copy and paste the line to another part of the screen? Not supported.  Typing text is even more frustrating – you create a text box and begin typing.  Now even ancient NetMeeting (think Windows 95) had the ability to present the text you were typing in real time to the other participants in the meeting, but not Webex – oh no, with Webex, the typing does not appear on the other participants’ screens until you click away from the text.  Need to change the text, correct a spelling mistake? Increase the font size?  Too bad – Webex does not allow any of that.  The most useful tool is the eraser, which at least allows you to delete an entire block of text or object in a single click.  Oops! Wrong one deleted?  Too bad there is no “undo”.

EvenNetMeetingLetYouSeeTextTypedInRealTime

Fig 2: Even ancient NetMeeting (think Windows 95) had the ability to present the text you were typing in real time to the other participants in the meeting

The Webex Whiteboard function gives you exactly the same ugly animation tools but on a blank canvas.  And it was this lack of functionality that made me think of using a shared whiteboard drawing tool that I might be able to access from my iPad.

My search for a decent “whiteboard” application let me down a couple of paths.  At first I thought I’d found the perfect answer – http://awwapp.com/draw.html – I could draw on my iPad with simple tools and share this content with anyone by sending them a link like http://awwapp.com/draw.html#47e146d0.  And since Webex has a “Share Web Content” option I thought this would be ideal – I could share this webpage just like the whiteboard and presentations, but be doing the drawing on my iPad.

appdraw

Fig 3: At first I thought I’d found the perfect answer – http://awwapp.com/draw.html

But of course my first mistake was that I expected it to work.  Sure – Webex lets you share a webpage like http://rednectar.net, but NOT a page like http://awwapp.com/draw.html#47e146d0 – the hosting computer sees “404-not found”, while remote PC clients see a blank whiteboard.  Remote iPad clients using the iPad Webex app see an informative message saying “The content of the presentation is not supported” – or translated “You should have more sense than to expect Webex to support html content on the iPad – after all, the iPad has only been around for four years“.  (The iPad Webex app can’t even display pages like http://cisco.com if shared on Webex from another computer).

Result of sharing awwapp.com

Fig 4: My first mistake was that I expected the Webex “Share Webpage” to work.  Sure – Webex lets you share a webpage like http://rednectar.net, but NOT a page like http://awwapp.com/draw.html#47e146d0 – the hosting computer sees “404-not found”

Next stop – share my browser instead.  I’d have my iPad displaying the shared awwapp page, and my Webex host PC displaying the same page – which was shared over Webex.  Now the result was “successful” but less than “satisfactory”. The content shared OK, but the drawing was a little laggy – and well, the web based app had less drawing options than Webex – but at a pinch – if you really wanted to draw on your iPad and display in your Webex meeting, you could.

Undaunted, I thought I’d explore the iPad Webex app a little further, and passed the host role to where I was logged in on my iPad to see if the animation tools and Whiteboard would be better on the iPad.  As it turns out, they are not only “not better” they are “non-existant”.  The iPad Webex app simply does not even have the most basic of annotation tools available.  In fact it is worse than bad – the iPad can’t even take control of an already uploaded presentation – all it can do is share content (not apps – so I couldn’t share a whiteboard app).  And when you do share a PowerPoint presentation, it gets turned into a continuous scrolling pdf file, so it not only looses animations, gets reformatted so that only about 90% of the slide fits on the screen and, it looses the ability to move through a “page” at a time.  This lack of pagination means that if you are presenting from the iPad, be prepared to wait minutes for your remote screens to catch up if you scroll through a lot of pages quickly.  The one good thing about sharing from the iPad is that it does have a very neat and responsive “laser pointer” that shows up on the participants screen when you touch your finger on the screen.

Webex On iPad

Fig 5: Only about 90% of the slide fits on the screen using the Webex iPad app, but it does have a very neat and responsive “laser pointer”

So I gave up on the iPad Webex app. I had to find a better approach.  I began thinking “Is there a way to display my iPad screen on my computer?” Because if I could do that, I’d be able to share the app that did that on Webex.  And I know there is a plethora of drawing applications for the iPad.

Enter “Reflector“.  What a great little app this turned out to be.   After trialling it for a few minutes, I forked out the $12.99 and bought it.  I have a Mac, but it is available for Windows as well.  And it turns your computer into an Airplay device – and of course it is dead easy to send the screen of your iPad to any Airplay device (so long as both are connected to the same wireless network).

So now I can tell Webex to share my Reflector application, and my audience sees my iPad screen – and if I display a whiteboard application on my iPad, my audience can see it – there is a bit of a lag, so it is not as good as if Webex had have provided the tools their customers deserve, but it is still streets ahead of the native Webex whiteboard – so long as you can find a good Whiteboard app for your iPad.  I found several, and have a summary of them at the end of this article.

ScreeenSharing

Fig 6: Now I can tell Webex to share my Reflector application, and my audience sees my iPad screen

An added bonus is that I can now use Slideshark on my iPad to present my slides (including animations) – just like I do in a face to face class. SlideShark also has some basic annotation tools – not brilliant, but easier to use than Webex because they are finger/stylus controlled on the iPad rather than mouse controlled on your computer.  The disadvantage of this approach as apposed to uploading your PowerPoint slides to Webex is that there is a longer lag between switching slides than there is if the slides are uploaded – but at least your slide animations will work!  SlideShark also has a feature where you can hold down your finger on a slide to produce a moving “laser dot” pointer – but to be honest I found the lag so bad I didn’t use it.

I’m sure there are better web based lesson presentation tools out there, (GoToMeeting?) but I have to use the tools that my customer wants, and the customer that wants me to use Webex is not going to want to use anything else, so I’m stuck with Webex.  So my recommendation for using Webex are:

  • Use a computer rather than an iPad to present slides.
  • Upload your slides and any other content you want to share before the meeting starts.
  • Use Webex to present slides unless you have slides that have animations.
  • Buy Reflector so you can send content from your iPad to your computer via AirPlay (assumes you have access to a wireless network and an iPad of course)
  • Find a good whiteboard/drawing app for your iPad, and use it via the shared “Reflector” application to present whiteboard materials.

Here’s the iPad whiteboard/drawing applications I tried.  You may find something better, but you can see the features that I wanted listed in the table.  I’ll do a more thorough review of the these apps in a future post.

 

Feature/App InkPad ShowMe Jot!Free Vittle Free Educreations WB Mojo
Price

Free

Free

Free

Free

Free

$2

Simple UI

5/10

10/10

9/10

9/10

10/10

8/10

Realtime Typing

Edit Text

Undo

Redo

Shapes

Snap to grid

Select and move

✔(Text)

Zoom/scroll

✔(Scroll)

Resize

Multiple Boards

Record

Save

No Adds

ShowMe has the closest feel to a real whiteboard.  A good selection of colours a single tap away, and flicking between multiple whiteboards is easy – unless you have too many of them.  Apart

InkPad is quite powerful, but typing text and drawing shapes is clumsy – you have to change tools after drawing a shape or text if you want to resize it – once you get used to it is pretty good if you want to work with shapes – so long as you don’t want to resize them.  It has support for multiple drawings, but you have to return to a gallery page to change drawings.  I’ve used it to produce semi-animated content where I fill and empty shapes to show how flash memory works.  Inkpad takes a bit of getting used to, but is quite powerful once you are.

Jot!Free has adds, and no amount of cajoling would let me even pay for an upgraded version – the link from the free app didn’t work.  However, I guess if you pay the $5.49, you’d loose the adds.  You have to know the secret code (tap two fingers) to be able to add text, but doing so is easy.  And line or text can be easily moved about or deleted by holding down a finger on the object/text

Vittle Free has by far the most awesome resize feature.  You use a tool to select an area by dragging your finger around, and you can then either move, rotate or resize the selected portion.  The paid for version ($8.49) probably has more features, but the free version wasn’t bad.

Educreations is also a great app – and free.  It has a scroll up/down function, but no zoom – so it is possible to scroll your work off the screen, and can be a bit hard to find it again.  Its text writing and moving capabilities are great, but you can’t cut or move any drawing lines.  Lines are of fixed size – just like a whiteboard, so to me that’s not a problem.  Having a few more feat

WB Mojo is the only drawing app I paid money for – a whole $1.99.  But it has a powerful set of features as well as being able to do simple drawing stuff easily enough.

So if you have to use Webex, and want to use some of the features of your iPad, there is an answer, use the Reflections app on your computer, and send the output of your iPad to your computer screen using AirPlay.  By sharing your Reflections app on Webex, people can see whatever you display on the iPad.

Happy Webexing

CW

Posted in Webex | Tagged , , , , , , , , , , , | 4 Comments