Tag Archives: network troubleshooting

New Versions of NMAP and Wireshark

If you have not already heard, new versions of NMAP and Wireshark have been released recently. These are my favorite open source programs, and to be honest, pretty much my favorite programs period. They are both maintained and managed by a dedicated team of people, and the quality of the software shows. Plus, the main authors (Gerald Combs for Wireshark, and Fyodor for NMAP) are both class acts…

NMAP is THE tool for running forensics on your network…to find the weaknesses before the bad guys do. It has MANY parts, which all work together in a very seamless manner, and should be in every network engineers tool kit. If you are not using it, stop what you are doing and get it now!! (Enough said!!) New version is 7.00.

Same thing about Wireshark. I’ve said it before and I’ll say it again…if you don’t have a network analyzer, then you’re not really a full and complete network engineer. Get it and learn it. There are plenty of resources on the Internet, for free, to help you get started (Google is your friend), and if you want to pay a little bit of money, Laura Chappell has a great website devoted to Wireshark training.

I just downloaded the updated Wireshark today (version 2.0.0), and I have to say the default screen is spartan, to say the least. Not sure if this is temporary in this initial v2 build, but either way, it does not look like it’s predessor. Note how clean (and empty) the startup screen is…

Initial Wireshark startup screen

Initial Wireshark startup screen

Here is some info from Gerald about this new version. I’m looking forward to learning what it has to offer!

DHCP Scope Configuration – Oops

So for the last couple of days, I’ve been in Nevada at one of our remote sites. (On a side note, the “middle of nowhere” pretty much describes all of Nevada!!) I was setting up a wireless bridge to connect separate parts of a large aggregate plant…it was a very busy few days. We kept running into problems, which took up a lot of time to resolve, but eventually we got things working. As I was testing the new subnet hanging off the bridge, I noticed that DHCP was not working…hmmm, very strange. I’ve configured DHCP many times over the years, and it just works. Time to troubleshoot…

First test was easy…I configured a static IP on my laptop and everything worked great. Next I drove over to the other end which housed the main switch and router, and plugged into a port configured for the new VLAN….and no DHCP. Say what? Hmmm…I must have made a mistake on my configuration…but the DHCP pool looks good…

Config for the DHCP pool

Config for the DHCP pool

And the subinterface configuration looks good too…

Sub-interface config looks good too

Sub-interface config looks good too

Very interesting…the only thing left was the DCHP excluded-address config, but that’s so easy, I know that’s not the problem.  But I checked it out anyways…

DHCP excluded-address config....oops

DHCP excluded-address config….oops

Say what?? How could I have messed that up? But I have to say, the configuration was doing exactly what I asked it to do…basically not handing out any IP’s!! So after a quick edit, everything was working properly…

The proper excluded-address configuration

The proper excluded-address configuration

So remember, most of the time, it will be the simple things that get you.

Cisco VWIC3-1MFT-T1/E1 Controller PRI Issue

Hats off to Dan, my co-worker….he’s been chasing a PRI issue at one of our new sites. He has a Cisco 2951 router with a VWIC3-1MFT-T1/E1 card installed, and when the PRI circuit is un-plugged and plugged back in, the circuit refuses to come up. However, if you reboot the router, the circuit will come up. (Rebooting the router is not a good fix, just in case you are wondering.)

As part of his troubleshooting, he replaced the VWIC3 card with a VWIC2 card and it works just fine…no issues. After working with Cisco TAC, he found out he was hitting a known bug with this VWIC3 card and IOS software (15.3(3)M6). At least the fix was easy…he simply had to add the command “hwic_t1e1 equalize” under the controller T1 interface…like this…

Adding in the hidden controller T1 command

Adding in the hidden controller T1 command

What’s interesting is it’s a hidden command…if you list the available commands under controller T1 0/0/0, you won’t see this command…

A hidden command...interesting!

A hidden command…interesting!

And I just bet there are a bunch more hidden commands that we don’t know about!!