## Why configuring NTP demands patience

I noticed that my router’s clock was about half an hour off, so I decided to configure NTP. However, it proved much more frustrating that I though, due mainly to my impatience.

In this article I hope to explain to you why you need multiple NTP servers and how to interpret the output of the show ntp associations command as we explore the workings of NTP on a Cisco router.

Note: Jeremy Stretch has a great article on configuring NTP

### NTP and the software clock

Firstly, I already knew that NTP wasn’t going to work if my clock was too far out of sync, so I set my clock to something close to the correct time using the privileged clock set command. (This article tells me that my clock needs to be within 4000 sec=66 min, so I should have been OK). Next, I configured NTP using the ntp server pool.ntp.org command, and checked to see if my router had synchronised its time:

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.00 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.

What? No synchronisation? NEVER updated??? But I’ve been waiting more than two minutes now!! Being impatient, I decided that I should perhaps add another server, to see if that would speed things up. So I added:

ntp server 0.au.pool.ntp.org
ntp server 1.au.pool.ntp.org
ntp server 3.au.pool.ntp.org
ntp server 2.au.pool.ntp.org

And got:

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
~130.102.128.23  .INIT.          16      -     64     0  0.000   0.000 16000.
~128.184.34.53   .INIT.          16      -     64     0  0.000   0.000 16000.
~129.250.35.250  .INIT.          16      -     64     0  0.000   0.000 16000.
~129.250.35.251  .INIT.          16      -     64     0  0.000   0.000 16000.
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.01 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.


Still no synchronisation. But then I noticed in Jeremy’s article a note that said:

For a protocol so obsessed with correct time, NTP certainly is slow: it can take upwards of five minutes to synchronize with an upstream server. This is due to the NTP poll timer of 64 seconds.

So I decided to find out a bit more about this poll timer and how it works. Firstly, it turns out that adding the extra NTP servers was a good idea. NTP doesn’t just take the first timestamp packet it sees to set the clock. Instead, it build a database of information built up from successive polls to multiple servers.  I found this diagram that gives a nice picture: [Source: http://www.eecis.udel.edu/~mills/ntp/html/warp.html - a cleaned up copy of the original text-graphics version of Figure 2 in RFC5905] Secondly, to avoid overwhelming the NTP servers, the default polling interval is 64 seconds, so it takes a while to build up the database – and in my case, well before the clock was finally synchronised  I could see the database building: (by the way, it took 13 minutes to synchronise)

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .INIT.          16      -     64     0  0.000   0.000 15937.
~130.102.128.23  216.218.254.20   2     57     64     1 51.977 104342. 7937.5
~128.184.34.53   169.254.0.1      3     61     64     1 49.092 104342. 7937.5
~129.250.35.250  133.243.238.24   2     13     64     3 261.55 104321. 3937.9
~129.250.35.251  133.243.238.24   2     46     64     1 255.13 104329. 7937.5
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

router#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is 00000000.00000000 (10:00:00.000 UTC+10 Mon Jan 1 1900)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.01 msec, peer dispersion is 0.00 msec
loopfilter state is 'FSET' (Drift set from file), drift is 0.000000000 s/s
system poll interval is 64, never updated.


I can now see that the stratum and when columns for my ntp servers show that some of the servers have been contacted, and indeed are of varying status – a stratum 2 server is considered to be more accurate than a stratum 3. In fact, stratum 3 servers synchronise with stratum 2 servers, stratum 2 servers synchronise with stratum 1 and stratum 0 servers are the atomic clocks that drive the whole system. [ref] A stratum of 16 indicates that the device is unsynchronised – so it looks like my first choice of ntp server (pool.ntp.org) is not giving up any information. I can also tell from the output of the show ntp association command how many of the last polls have been successful, but to do this I have to understand that the reach column displays its output in octal, then translate that to binary. The binary bit pattern then shows the status of the last 8 polls. Not too hard for the output above, the 0 indicating there has never been a successful poll, the 1 indicating the last poll was successful, and 3 (00000011 in binary) show the last two polls were successful. When this number shows 377 (octal) it means the last 8 polls were good. But I can also see values appearing in the delay, offset, and dispersion columns, showing that NTP is building its database. Delay is the round-trip delay in ms, and offset is clock time difference between the peers or between the master and client. This value is the correction that is applied to a client clock in order to synchronize it. A positive value indicates the server clock is higher. A negative value indicates the client clock is higher. Dispersion, reported in seconds, is the maximum clock time difference that was ever observed between the local clock and server clock. This value should come down over time, and if it ever reaches 16000, the client will not accept the time from that server. [ref]. After thirteen minutes of impatience, I finally saw what I was looking for (from the output of debug ntp all :)

Jun 17 01:20:15.337: NTP Core(INFO): system event 'event_sync_chg' (0x03) status 'leap_none, sync_ntp, 6 events, event_peer/strat_chg' (0x664)
Jun 17 01:20:15.337: NTP Core(NOTICE): Clock is synchronized.

And a look at the status finally shows that the clock is synchronised:

router#show ntp status
Clock is synchronized, stratum 3, reference is 129.250.35.250
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**32
reference time is D74A164F.57258397 (11:20:15.340 UTC+10 Tue Jun 17 2014)
clock offset is 0.0079 msec, root delay is 0.26 msec
root dispersion is 0.48 msec, peer dispersion is 0.06 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000030 s/s
system poll interval is 64, last update was 139 sec ago.

Now my NTP has synchronised, but that is not the end of the story. By repeating the show ntp association command periodically, you can see things are still happening.

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .STEP.          16      -     64     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     25     64    77 51.267  32.537 189.39
~128.184.34.53   169.254.0.1      3     64     64   122 49.115  29.474 1939.5
*~129.250.35.250  133.243.238.24   2     14     64   177 261.47   7.906 65.514
+~129.250.35.251  133.243.238.24   2     55     64    77 255.70  13.942 190.86
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

The first change I noticed was that the unreachable server changed its output from .INIT. to .STEP. in the ref clock column. I’m not sure what this means, but I’m trying to find out. Next, I saw that some of the peers had + and * markers next to them, indicating that they were being considered in the time calculation. With NTP, multiple candidates can be combined to minimise the accumulated error. And I also noticed that the reachability numbers were steadily increasing, remembering that 0o77 is 0b00111111, 0o177 is 0b01111111 and 0o122 is 0b01010010, then we can see that the server reporting the 122 is missing a few replies – and note that it has not been selected as a candidate. Over time I continued observing the output of show ntp association

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.192.20   2     33     64   377 51.168  45.696  3.644
-~128.184.34.53   169.254.0.1      3     14     64   377 48.056  49.073  1.733
+~129.250.35.250  133.243.238.24   2     26     64   377 261.09  25.027  3.675
*~129.250.35.251  133.243.238.24   2      4     64   377 254.66  34.519  2.626
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the last four servers have had the past eight queries replied to (because the reachability is 0o377 or 0b11111111 in binary) but the 128.184.34.53 server is still not considered a candidate, but an outlyer (normally spelled outlier) that will not be considered in the calculation. The next time I looked, I could see that the polling interval had changed to 128 seconds for the last four servers.

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     59    128   377 51.895  54.913  6.592
-~128.184.34.53   169.254.0.1      3    110    128    55 49.449  56.680 196.53
*~129.250.35.250  133.243.238.24   2    121    128   377 261.25  36.705  4.196
+~129.250.35.251  133.243.238.24   2     98    128   377 256.22  41.049  7.129
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

This change of polling interval is part of the normal process. When things have completely settled down, I expect this to read 1024 for all servers. Although I do note that the 128.184.34.53 server is back to dropping a few replies. However, that doesn’t seem to matter that much, because next time I looked I saw that this server had become a candidate server and 129.250.35.250 had dropped to being an outlyer(sic).

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
+~130.102.128.23  216.218.254.20   2     41    128   377 50.666  61.893  4.294
+~128.184.34.53   169.254.0.1      3     94    128   157 49.045  61.049 69.038
-~129.250.35.250  133.243.238.24   2    100    128   377 261.25  36.705  7.135
*~129.250.35.251  133.243.238.24   2     77    128   377 256.23  51.167  3.032
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

To understand why this change had taken place is still way beyond my understanding. I tried to read RFC 5905 but had to stop before my head exploded. As the day wore on, the polling interval gradually increased and the candidate servers changed around a bit. This was the situation about 90 mins after I first configured NTP:

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
~27.54.95.11     .STEP.          16      -   1024     0  0.000   0.000 15937.
-~130.102.128.23  132.163.4.101    2     14    256   377 51.692  80.578  8.526
+~128.184.34.53   169.254.0.1      3    196    256   377 49.238  68.183  7.904
+~129.250.35.250  133.243.238.24   2    200    256   377 261.65  55.852  5.636
*~129.250.35.251  133.243.238.24   2     47    256   377 255.26  66.107  8.174
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

And then something interesting turned up in the debug, at about the 2 hour mark. The recalcitrant NTP server at 27.54.95.11 became social:

Jun 17 03:30:47.154: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:30:47.238: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

And sure enough, 1024 seconds (17 minutes) later:

Jun 17 03:30:47.154: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:30:47.238: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

The next message was only 512 seconds later, so clearly the polling interval was changed:

un 17 03:56:23.164: NTP message sent to 27.54.95.11, from interface 'Dialer1' (58.105.232.94).
Jun 17 03:56:23.248: NTP message received from 27.54.95.11 on interface 'Dialer1' (58.105.232.94).

And after six successful polls, the story looked like this:

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
+~27.54.95.11     101.231.167.21   2    489    512   177 84.762 151.517 70.749
*~130.102.128.23  216.218.192.20   2    219    512   377 51.678 155.438 11.281
+~128.184.34.53   169.254.0.1      3    144    512   377 49.342 151.303 12.239
-~129.250.35.250  133.243.238.24   2    154    512   377 262.04 140.283  7.412
-~129.250.35.251  133.243.238.24   2      9    512   377 256.34 144.174  9.323
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the newly connected server has become a candidate already! By now (it’s five hours since I setup the NTP) all servers are talking, and for the first time I have seen more than two candidate servers and a system peer.

router#show ntp association

address         ref clock       st   when   poll reach  delay  offset   disp
+~27.54.95.11     101.231.167.21   2    113   1024   327 85.808 249.651 14.515
*~130.102.128.23  216.218.254.20   2    360   1024   377 51.738 251.118 18.597
+~128.184.34.53   169.254.0.1      3    287   1024   177 51.886 246.250 17.000
-~129.250.35.250  133.243.238.24   2    297   1024   377 269.41 219.283 16.942
+~129.250.35.251  133.243.238.24   2    663   1024   377 255.84 235.492 13.132
* sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Note that the polling has stepped to 1024 seconds, which means we only poll each of these servers every 17 minutes, and we’ve only lost a couple of polls, as indicated by the 327 and 177 values in the reachability column.

### The Hardware Clock

This whole exercise started because I noticed that my clock was about half an hour out. By default, your router gets its time from its internal hardware clock when it boots up. [ref]. To allow NTP to update my hardware clock, I added the following to my configuration:

ntp update calendar

### Conclusion

I now have a fairly stable NTP environment – and the key things that tell me that from the output of show ntp association are:

1. There are multiple servers configured.  NTP works best with several servers.
2. At least one NTP candidate (indicated by a + to the left of the peer address) or a system peer (indicated by a * to the left of the peer address – sometimes called a master) must exist before your clock will synchronise
3. The stratum of at least some of those servers is fairly low – the closer to 0 the better
4. The polling interval has stepped back to 1024 seconds on all servers, indicting that the system has enough information to poll infrequently
5. The reachability for most servers is showing 377, meaning the past eight polls have been successful.

So you can see that NTP is not just a simple protocol that gets it time from a single lookup. There is a simpler implementation of NTP called SNTP, and I could have configured that instead, but I couldn’t have configured both NTP and SNTP at the same time. Understanding that you need to configure MULTIPLE servers and getting to understand the output of the show ntp association command are the key points I hope I’ve made. RedNectar Reading: http://packetlife.net/blog/2011/mar/28/cisco-ios-clocks-and-ntp/ http://www.eecis.udel.edu/~mills/ntp/html/warp.html http://www.cisco.com/c/en/us/support/docs/ip/network-time-protocol-ntp/116161-trouble-ntp-00.html http://www.cisco.com/c/en/us/support/docs/availability/high-availability/19643-ntpm.html http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-110/15171-ntpassoc.html http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/12-4t/bsm-12-4t-book/bsm-time-calendar-set.html http://en.wikipedia.org/wiki/Network_Time_Protocol http://www.ciscopress.com/articles/article.asp?p=2013217&seqNum=2 http://www.ntp.org/ntpfaq/NTP-s-def.htm

## Q&A on GNS3 WorkBench v8.6

I got some great questions from Rob Methven so I thought I’d answer them here in the form of a “Q&A”.

Q. I got the Etherswitches and VPCs pinging each other no problem. However, when I do a show mac-address table on the switches, the CAM table either show up as completely empty or with just the last couple of MAC addresses. Repeated show mac-address-table show that the table gradually removes the entries until it’s empty, normally within 30 seconds. I’m using the recommended IOS for the c3725 (T10), but I’ve also tried with the T14 release and observed the same behaviour.

A. This is a known problem with dynamips and has been reported on the GNS3 Forum. I’ve asked Flàvio (maintainer of dynamips) to look into it again.

Q. RE VPCS: When I load the exercises, am I right in thinking that I have to manually configure the IP addresses on the individual VPCs? I’ve done it no problem, and saved the config so I can quickly load it, but I’m just checking that I’m not doing anything wrong!

A. Some exercises will require that the IP addresses for the VPCs, others will have pre-configured exercises. To be honest, there are a couple of places where I meant to have IPs already configured but didn’t. What happens when you load a snapshot is that the contents of the snapshot’s configs directory gets copied to the current project’s configs directory. If I remembered to put the relevant startup.vpc file in the snapshot’s configs directory then the VPCs will start with the correct addresses.

Q. When I load a snapshot for a topology, I get a message saying that the IOS image can’t be found. I get an option to choose the correct image, which is invariably the same file. The only difference that I can see is the path. The images that I can use have the full paths (C:\Users\Rob\GNS3\Images\imageName.image) to the image listed in the dialog , even though it’s in my specified “Images” folder. I can fix this by editing the topology file to point to the full path, so again, it’s not a massive issue. Just wondering if I’m doing something wrong!

A. This is a real bummer – this problem was solved back in GNS3 0.8.3 and re-introduced somewhere between v0.8.3 and v0.8.6 – and since Jeremy is now busy working on GNS3 v1.0, I’m guessing there won’t ever be a real fix for this. Unfortunately going back to GNS3 v0.8.3 is NOT an option, because that version doesn’t support he Help features and the Snapshot features that GNS3 WorkBench now relies on. If you look at the toplology.net files that are supplied in the Windows/OS X version of GNS3 you will see that there is NO path specified in the

image = c3725-adventerprisek9-mz.124-15.T10.image

lines in all the exercises and snapshots. I’ve just written a script to allow a user fix this for Linux based systems (may work on OS X) but don’t have anything for Windows yet (any Windows script writers out there wanting to take a bash script and “Windoize” it please contact me!).

What you need to do is the windows equivalent of the linux command:

find . -type f -name topology.net -exec sed -i "s#c3725-adventerprisek9-mz.124-15.T10.image#C:\full\path\to\c3725-NEWIMAGE.image#" {} \;

but I don’t know if Windows has such commands.

Q. Just show me where to donate!

A. I do this to help the community. I had at one stage thought of trying to set up a link to a charity, but it got too hard. You could of course buy my book if you think it will be useful, or sign up for SlideShark using this link where you’ll get an extra 25MB free for using the link.

Posted in dynamips, GNS3, GNS3 WorkBench | Tagged , , , , , | 11 Comments

# Executive Overview

The next version of GNS3 WorkBench is out.  You can download it several forms:

• An entire Virtual Machine as a single blob (although split into two files 2.5G-3G in size)
• The same Virtual Machine as individual files (in case you can’t get the big files)
• A “self-serve” script to allow you to install everything you need to create your own Appliance on whatever flavour of Linux you like (so long it is Mint 16.0)
• Just the WorkBench labs and exercises along with their instruction files.  These can be added to your existing Windows or OS X install of GNS3 to give you the essential elements of the WorkBench in the comfort of your own favourite Operating System.  This version is only possible because of the great work Jeremy did in fixing the Snapshot function and Instructions features in GNS3 v8.6

# The Features in a Nutshell

• Labs are now based on GNS3 Snapshots – so you don’t need to run a script to load the appropriate exercise, you can open exercises/labs from within GNS3
• The help system is now html based, and is integrated into the Help | Instructions feature that was introduced into GNS3 v0.8.5
• Since GNS3 now has VPCS incorporated into the Tools | VPCS menu, there is no need to load VPCS via a startup script to run labs/exercises.
• The above three features have removed now make it possible to deliver a Windows/OS X version of GNS3 WorkBench.
• Labs have been updated to more closely reflect the September 2013 changes to the CCNA exams.
• Over 20 new labs/extensions to labs.  Mostly troubleshooting exercises added to tried and true labs.
• Total of 50 different Labs/Scenarios
• Total of approx 140 different exercises/solutions (Snapshots) shared between these labs.

# More Details for the Nerd at Heart

When I first published GNS3 WorkBench, I had four objectives in mind:

1. To produce a set of exercises/labs that could be loaded into GNS3
2. To be able to present a page of instructions to accompany each exercise/lab
3. To be able to reset the exercise/labs after use
4. To integrate VPCS into the process

Thanks to the changes made to the Snapshot function, the Tools | VPCS option and the  and Instructions features in GNS3 v0.8.6, my objectives 2-4 above have been pretty much integrated into GNS3 (at last – thanks Jeremy).  So I’ve had to completely re-focus on what I want GNS3 WorkBench to be.

So the new GNS3 WorkBench is mostly about supplying the instructions in a much nicer web-based format, and re-working every lab to create snapshots, more instructions and VPCS startup files to fit the new format.  And while creating these, keeping in mind that I’d like to make the set of exercises/labs device independent – in other words to be able to produce a set of exercises/labs that could work on Windows or OS X.  I also wanted to add some automation to the addition of ASA and Juniper routers, so scripts to help in this regard are part of the package.  And finally, I wanted some of the Open Source extensions built into GNS3 WorkBench – like Linux running under Qemu and Vyatta routers running under Oracle VirtualBox.

And the results don’t look too bad either! (Even if I do say so myself).

I’ve created three flavours of GNS3 WorkBench comes this time, including an all-time-first Windows/OS X version.

### Flavour #1 – The VM Appliance.

Everyone’s favourite. I built the Appliance on Linux Mint 15.0.  You can download it as a monolithic 5.6G file (in two parts because SourceForge won’t allow files larger than 5G) or as the individual VM files.  If you want a ready-made VM appliance then choose either method, the end result is exactly the same.

I built the appliance on Linux Mint v15.0 – because Mint just had the feel and features that I expect from Linux.  Like being able to right-click in a file-browser and choose “Open in Terminal” and “Open as Root“.  That’s my kind of environment.

Flavour #2 – Self-serve script.  The Bespoke Linux install.

When I was building the master copy of the Appliance I built a GNS3 environment which had copies of several routers, including Juniper, ASA and Vyatta routers as well as Microcore Linux running under Qemu.  To achieve this I had to install many applications on my copy of Linux Mint.  By to keep a record of what I had installed, I  built a script that could reproduce the environment again from a fresh Linux install – so that script became the second way to install GNS3 WorkBench.  And I used it over and over to test fresh copies of GNS3 WB.  In fact, I created the master copy of the Appliance by running my script on a fresh install of Linux Mint 15.0.

### The self-serve script allows you to choose various features that you might want to add to GNS3, like installing Qemu, Wireshark and even downloading some prepared Qemu and VirtualBox Images.  Originally it was designed and tested on Linux Mint 15.0 but unfortunately, Mint 15.0 is based on Ubuntu Raring…. “unfortunately support for raring has been dropped from Launchpad (the peril of a 3rd party system!), as support ended in January.” (http://forum.gns3.net/topic6426-28.html) Which means that my self-serve install suddenly stopped working about March 28 – the day after I had finalised my script! However, the good news is that it seems that the script works OK on Linux Mint 16.0 (32 bit), and that there might be some changes afoot to give the GNS3 repository a more permanent home which will make the script work agin on Mint 15 (and probably Ubuntu Raring as well).

The install script carries out the following tasks:

• Downloads and installs the scripts to enable support for ASA and Juniper
• If you have downloaded the ASA image, it will be prepared for use in GNS3
• Qemu
• open-ssh server
• CPU Limit utility
• Oracle VirtualBox emulator
• Wireshark
• terminal applications Xterm, PuTTY and Konsole
• dynamips
• GNS3
• the Virtual PC Simulator (VPCS)
• a specially prepared Qemu freeBSD image for use with Juniper routers
• if you have Juniper image available, the script then takes you through the tedious Juniper install process.
• Downloads a collection of Virtual Box VMs that are used in the GNS3 WorkBench
• Downloads the GNS3 WorkBench exercises and sets up the default settings in GNS3 and your desktop
• Fixes file permissions so you can run the labs smoothly

The script is pretty rough – very little error checking, and if you end up with a wrong version of something or some application fails to install, then… well… you are welcome to re-write the script!

### Flavour #3 – Windows/OS X Install.

Not exactly the full GNS3 WorkBench (it will not put pretty icons on your desktop) but so long as you have GNS3 installed along with Qemu and Virtual Box, you will get all the exercises/labs – except you are on your own to make the Juniper/ASA labs work.

So good luck. Let me know if you have any problems – rednectar.chris is my gmail account.

RedNectar
Chris Welsh

| Tagged , | 7 Comments

## Using an iPad to improve Webex presentations – especially the Whiteboard

I had to do some Webex presentations recently – and I found the Webex interface clunky and dated – especially the annotation functions and the Whiteboard function.  Here is how I managed to at least spruce up the Whiteboard function using a free iPad app and a cheap application on my laptop.

Firstly, understand that Webex is an ancient online video collaboration tool with enough basic features to allow you to present PowerPoint slides (so long as they are saved in the correct format) to a live online audience who either listen online or over the telephone after signing in to the meeting online.  When you present slides in Webex, your PowerPoint slides loose all animation and the best annotation tool available is a pointer that displays your name.

Fig 1: Webex Interface. The best annotation tool available is a pointer that displays your name.

While presenting your PowerPoint slides, you can click on part of your slide to make you pointer visible to the other participants.  The presenter also has the power to grant other meeting participants privileges to also click their pointers on the screen, or use the basic annotation tools which consist of typing text, drawing lines and boxes and a highlighter/scribbler.  However, it is particularly the annotation tools that fall down.  You can click on your slide and drag to draw a line, but neither you or any other participant sees the line until you lift your mouse/finger to finish the line.  And once drawn, you can’t move it, change its colour or direction.  Copy and paste the line to another part of the screen? Not supported.  Typing text is even more frustrating – you create a text box and begin typing.  Now even ancient NetMeeting (think Windows 95) had the ability to present the text you were typing in real time to the other participants in the meeting, but not Webex – oh no, with Webex, the typing does not appear on the other participants’ screens until you click away from the text.  Need to change the text, correct a spelling mistake? Increase the font size?  Too bad – Webex does not allow any of that.  The most useful tool is the eraser, which at least allows you to delete an entire block of text or object in a single click.  Oops! Wrong one deleted?  Too bad there is no “undo”.

Fig 2: Even ancient NetMeeting (think Windows 95) had the ability to present the text you were typing in real time to the other participants in the meeting

The Webex Whiteboard function gives you exactly the same ugly animation tools but on a blank canvas.  And it was this lack of functionality that made me think of using a shared whiteboard drawing tool that I might be able to access from my iPad.

My search for a decent “whiteboard” application let me down a couple of paths.  At first I thought I’d found the perfect answer – http://awwapp.com/draw.html – I could draw on my iPad with simple tools and share this content with anyone by sending them a link like http://awwapp.com/draw.html#47e146d0.  And since Webex has a “Share Web Content” option I thought this would be ideal – I could share this webpage just like the whiteboard and presentations, but be doing the drawing on my iPad.

Fig 3: At first I thought I’d found the perfect answer - http://awwapp.com/draw.html

But of course my first mistake was that I expected it to work.  Sure – Webex lets you share a webpage like http://rednectar.net, but NOT a page like http://awwapp.com/draw.html#47e146d0 – the hosting computer sees “404-not found”, while remote PC clients see a blank whiteboard.  Remote iPad clients using the iPad Webex app see an informative message saying “The content of the presentation is not supported” – or translated “You should have more sense than to expect Webex to support html content on the iPad – after all, the iPad has only been around for four years“.  (The iPad Webex app can’t even display pages like http://cisco.com if shared on Webex from another computer).

Fig 4: My first mistake was that I expected the Webex “Share Webpage” to work.  Sure – Webex lets you share a webpage like http://rednectar.net, but NOT a page like http://awwapp.com/draw.html#47e146d0 – the hosting computer sees “404-not found”

Next stop – share my browser instead.  I’d have my iPad displaying the shared awwapp page, and my Webex host PC displaying the same page – which was shared over Webex.  Now the result was “successful” but less than “satisfactory”. The content shared OK, but the drawing was a little laggy – and well, the web based app had less drawing options than Webex – but at a pinch – if you really wanted to draw on your iPad and display in your Webex meeting, you could.

Undaunted, I thought I’d explore the iPad Webex app a little further, and passed the host role to where I was logged in on my iPad to see if the animation tools and Whiteboard would be better on the iPad.  As it turns out, they are not only “not better” they are “non-existant”.  The iPad Webex app simply does not even have the most basic of annotation tools available.  In fact it is worse than bad – the iPad can’t even take control of an already uploaded presentation – all it can do is share content (not apps – so I couldn’t share a whiteboard app).  And when you do share a PowerPoint presentation, it gets turned into a continuous scrolling pdf file, so it not only looses animations, gets reformatted so that only about 90% of the slide fits on the screen and, it looses the ability to move through a “page” at a time.  This lack of pagination means that if you are presenting from the iPad, be prepared to wait minutes for your remote screens to catch up if you scroll through a lot of pages quickly.  The one good thing about sharing from the iPad is that it does have a very neat and responsive “laser pointer” that shows up on the participants screen when you touch your finger on the screen.

Fig 5: Only about 90% of the slide fits on the screen using the Webex iPad app, but it does have a very neat and responsive “laser pointer”

So I gave up on the iPad Webex app. I had to find a better approach.  I began thinking “Is there a way to display my iPad screen on my computer?” Because if I could do that, I’d be able to share the app that did that on Webex.  And I know there is a plethora of drawing applications for the iPad.

Enter “Reflector“.  What a great little app this turned out to be.   After trialling it for a few minutes, I forked out the $12.99 and bought it. I have a Mac, but it is available for Windows as well. And it turns your computer into an Airplay device – and of course it is dead easy to send the screen of your iPad to any Airplay device (so long as both are connected to the same wireless network). So now I can tell Webex to share my Reflector application, and my audience sees my iPad screen – and if I display a whiteboard application on my iPad, my audience can see it – there is a bit of a lag, so it is not as good as if Webex had have provided the tools their customers deserve, but it is still streets ahead of the native Webex whiteboard – so long as you can find a good Whiteboard app for your iPad. I found several, and have a summary of them at the end of this article. Fig 6: Now I can tell Webex to share my Reflector application, and my audience sees my iPad screen An added bonus is that I can now use Slideshark on my iPad to present my slides (including animations) – just like I do in a face to face class. SlideShark also has some basic annotation tools – not brilliant, but easier to use than Webex because they are finger/stylus controlled on the iPad rather than mouse controlled on your computer. The disadvantage of this approach as apposed to uploading your PowerPoint slides to Webex is that there is a longer lag between switching slides than there is if the slides are uploaded – but at least your slide animations will work! SlideShark also has a feature where you can hold down your finger on a slide to produce a moving “laser dot” pointer – but to be honest I found the lag so bad I didn’t use it. I’m sure there are better web based lesson presentation tools out there, (GoToMeeting?) but I have to use the tools that my customer wants, and the customer that wants me to use Webex is not going to want to use anything else, so I’m stuck with Webex. So my recommendation for using Webex are: • Use a computer rather than an iPad to present slides. • Upload your slides and any other content you want to share before the meeting starts. • Use Webex to present slides unless you have slides that have animations. • Buy Reflector so you can send content from your iPad to your computer via AirPlay (assumes you have access to a wireless network and an iPad of course) • Find a good whiteboard/drawing app for your iPad, and use it via the shared “Reflector” application to present whiteboard materials. Here’s the iPad whiteboard/drawing applications I tried. You may find something better, but you can see the features that I wanted listed in the table. I’ll do a more thorough review of the these apps in a future post.  Feature/App InkPad ShowMe Jot!Free Vittle Free Educreations WB Mojo Price Free Free Free Free Free$2 Simple UI 5/10 10/10 9/10 9/10 10/10 8/10 Realtime Typing ✔ ✗ ✗ ✗ ✔ ✔ Edit Text ✔ ✗ ✗ ✗ ✔ ✔ Undo ✔ ✔ ✔ ✔ ✔ ✔ Redo ✔ ✗ ✔ ✔ ✔ ✔ Shapes ✔ ✗ ✗ ✗ ✗ ✔ Snap to grid ✔ ✗ ✗ ✗ ✗ ✗ Select and move ✔ ✗ ✗ ✔ ✔(Text) ✔ Zoom/scroll ✔ ✗ ✗ ✔ ✔(Scroll) Resize ✔ ✗ ✗ ✔ ✗ ✔ Multiple Boards ✔ ✔ ✗ ✗ ✔ ✔ Record ✗ ✔ ✗ ✔ ✔ ✗ Save ✔ ✗ ✗ ✗ ✗ ✔ No Adds ✔ ✔ ✗ ✔ ✔ ✔

ShowMe has the closest feel to a real whiteboard.  A good selection of colours a single tap away, and flicking between multiple whiteboards is easy – unless you have too many of them.  Apart

InkPad is quite powerful, but typing text and drawing shapes is clumsy – you have to change tools after drawing a shape or text if you want to resize it – once you get used to it is pretty good if you want to work with shapes – so long as you don’t want to resize them.  It has support for multiple drawings, but you have to return to a gallery page to change drawings.  I’ve used it to produce semi-animated content where I fill and empty shapes to show how flash memory works.  Inkpad takes a bit of getting used to, but is quite powerful once you are.

Jot!Free has adds, and no amount of cajoling would let me even pay for an upgraded version – the link from the free app didn’t work.  However, I guess if you pay the $5.49, you’d loose the adds. You have to know the secret code (tap two fingers) to be able to add text, but doing so is easy. And line or text can be easily moved about or deleted by holding down a finger on the object/text Vittle Free has by far the most awesome resize feature. You use a tool to select an area by dragging your finger around, and you can then either move, rotate or resize the selected portion. The paid for version ($8.49) probably has more features, but the free version wasn’t bad.

Educreations is also a great app – and free.  It has a scroll up/down function, but no zoom – so it is possible to scroll your work off the screen, and can be a bit hard to find it again.  Its text writing and moving capabilities are great, but you can’t cut or move any drawing lines.  Lines are of fixed size – just like a whiteboard, so to me that’s not a problem.  Having a few more feat

WB Mojo is the only drawing app I paid money for – a whole \$1.99.  But it has a powerful set of features as well as being able to do simple drawing stuff easily enough.

So if you have to use Webex, and want to use some of the features of your iPad, there is an answer, use the Reflections app on your computer, and send the output of your iPad to your computer screen using AirPlay.  By sharing your Reflections app on Webex, people can see whatever you display on the iPad.

Happy Webexing

CW

Posted in Webex | | 4 Comments

## What is 100Base-Tx and 1000Base-TX

I came across a question in the Cisco Learning Network which highlighted a source of confusion that many people have.

Call me pedantic, but I thought I’d set the record straight – and let you know that when people refer to 1000Base-TX, they are PROBABLY referring to the IEEE 1000BASE-T standard. NOT the TIA (the people who set cabling standards) version of the standard which they cleverly called “1000BASE-TX”, and “standardised” it as ANSI/TIA-854:

“A Full Duplex Ethernet Physical Layer Specification for 1000Mbit/s (1000BASE-TX) Operating over Category 6 Balanced Twisted-Pair Cabling,” published in March 2001, provides a data rate of 1000 Megabits/second, similar to the IEEE 802.3ab Gigabit Ethernet standard. The main difference is that it requires category 6 cabling instead of category 5e cabling.  http://www.leviton.com/OA_HTML/ibcGetAttachment.jsp?cItemId=22256&label=IBE&appName=IBE

The TIA were banking on the price of the 1000BASE-TX transceivers falling, and therefore justifying selling people more expensive Category 6 cable rather than Cat5e.  I’m afraid this is one of those things that get my goat up – Why would you run Category 6 cabling to the desktop when category 5 (the IEEE standard says 5, the TIA say 5e) is more appropriate?  Do you REALY believe you will need 10Gb/s to those desktops in the life of the building?  Category 6 is soooo much harder to terminate that you probably end up with a sub-cat5 cabling system anyway even after paying all that money.

But I digress – what I really wanted to discuss is that the Ethernet standards are set by the IEEE, and a little history will help.  All quotes are from the freely downloadable IEEE standards for 802.3 Ethernet

In the beginning was 10BASE5. The “IEEE 802.3 Physical Layer specification for a 10 Mb/s CSMA/CD local area network over coaxial cable (i.e., thicknet). (See IEEE Std 802.3, Clause 8.)”

Later came 10BASE-T. The “IEEE 802.3 Physical Layer specification for a 10 Mb/s CSMA/CD local area network over two pairs of twisted-pair telephone wire. (See IEEE Std 802.3, Clause 14.)”

Note that there is no such standard as 10BASE-TX.  Note also that the IEEE specifies the cabling specifications as nBASEyy – the BASE is in ALL CAPS.  I don’t know why – especially when you think that BASE refers to “Baseband”.  IEEE thing I guess.

So the T is for “Twisted Pair”.  Fair enough.  So why is there both a 100BASE-T and a 100BASE-TX specification?

The standards spell it out:

100BASE-T is the “IEEE 802.3 Physical Layer specification for a 100 Mb/s CSMA/CD local area network. (See IEEE Std 802.3, Clause 22 and Clause 28.)”  A closer look at Clause 21 gives more insight: “100BASE-T uses the existing IEEE 802.3 MAC layer interface, connected through a Media-Independent Interface layer to a Physical Layer entity (PHY) sublayer such as 100BASE-T4, 100BASE-TX, or 100BASE-FX.”

Curious to note that 100BASE-FX is included, so we can’t assume that the “T” in 100BASE-T has anything to do with “twisted pair”

100BASE-TX is the “Physical Layer specification for a 100 Mb/s CSMA/CD local area net- work over two pairs of Category 5 twisted-pair cabling. (See IEEE Std 802.3, Clause 24 and Clause 25.) ” but it is not the ONLY twisted pair cabling standard for 100BASE-T.

100BASE-T4 is the “Physical Layer specification for a 100 Mb/s CSMA/CD local area net- work over four pairs of Category 3, 4, and 5 twisted-pair cabling. (See IEEE Std 802.3 Clause 23.)”.  However, very few vendors produced equipment to match this standard.

Now, at the same time at the 100Mb/s standards were released, the auto-negotiation specs were published. Or more precisely, “Physical Layer link signaling for 10 Mb/s and 100 Mb/s Auto-Negotiation on twisted pair”.   Mostly this was implemented as negotiation of 10BASE-T/100BASE-TX – although the standard specifies the “Auto-Negoti- ation function also provides a Parallel Detection function to allow 10BASE-T, 100BASE-TX, and 100BASE-T4 compatible devices to be recognized, even though they may not provide Auto-Negotiation”

Not surprisingly, vendors took to abbreviating the auto-speed negotiated Ethernet as 10/100BASE-T or 10/100BASE-TX – or often as 10/100Base-TX.

When the 1000BASE-T gigabit “Physical Layer specification for a 1000 Mb/s CSMA/CD LAN using four pairs of Category 5 balanced copper cabling. (See IEEE Std 802.3, Clause 40.)” case out, it was added to the auto-negotiation clause and vendors began referring to 10/100/1000Base-TX.

But there is no IEEE 1000BASE-TX standard

Posted in 1000BASE-T, 1000BASE-TX, 100BASE-T, 100BASE-TX, 802.3, Ethernet, IEEE | 3 Comments

## Big Data Defined

OK – I stole it. But it was too good not to share:

## Big data defined:

Big data is like teenage sex:

Nobody really knows how to do it

Everyone thinks everybody else is doing it..

so everyone claims they are doing it.!

If anyone knows who I should attribute this to – let me know.  The earliest reference  (although not complete) I could find was here.

Posted in big data, blog

## FCoE versus FC Farce

Tony Bourke has just posted a great leveller to shed some illumination on the flawed methods used by the Evaluator Group in their report “￼Comparing Enterprise Storage Networking Options FC vs. FCoE Lab Validation”

Originally posted on The Data Center Overlords: