Month: May 2016

Cisco QOS

Blenheim Resident Uncategorized

(Taken from the excellent Pluralsight website: https://www.pluralsight.com/blog/it-ops/qos-quality-of-service-configuration )

 

When it comes to configuring Quality of Service (QoS) on Cisco equipment there are a couple of main concepts which must be understood.

Cisco QoS is typically configured on modern equipment using the Modular QoS Command-line interface (MQC). With MQC, traffic is classified using the class-map and match commands, traffic policy is defined using the policy-map, class and set commands and policies are assigned using the service-policy command.

Another method which can be used is through the use of AutoQoS. AutoQoS takes much of the manual configuration out of the process and creates class and policy maps which are typical of most traffic (as defined by which version of AutoQoS you are using) and sets up policies on the interfaces you specify in a guided setup.

Let’s take a look at what the configuration looks like for both MQC and AutoQoS.

MQC Configuration

Here are a few of the MQC commands mentioned above; keep in mind that there are more match and set commands available, below is just a sampling.

class-map

router(config)#class-map class-map-name

This command is used to create a specific class-map. The class-map-name parameter is used to specify the name of the class-map and can be up to 40 alphanumeric characters.

match protocol

router(config-cmap)#match protocol protocol-name

This command is used to match a specific protocol. The protocol-nameparameter is used to specify the protocol name to be matched, there are several which can be used including dhcp, eigrp, h323, http and irc.

match cos

router(config-cmap)#match cos cos-value [cos-value]

This command is used to match a specific Class of Service (CoS) value. The cos-value parameter is used to specify the CoS value carried in the frame to be matched; multiple cos-value‘s can be specified in one command.

match dscp

router(config-cmap)#match dscp dscp-value [dscp-value]

This command is used to match a specific Differentiated Services Code Point (DSCP) value. The dscp-value is used to specify the DSCP value carried in the packet to be matched; multiple dscp-value‘s can be specified in one command.

policy-map

router(config)#policy-map policy-map-name

This command is used to create a specific policy map. The policy-map-name parameter is used to specify the name of the policy-map and can be up to 40 alphanumeric characters.

class

router(router-pmap)#class {class-name | class-default}

This command is used to link a policy to a specific class-map. The class-name is used to match the class-map-name configured in the class-mapcommand. The class-default parameter is used to specify the default class-map.

set cos

router(config-pmap-c)#set cos cos-value

This command is used to set a specific CoS value. The cos-valueparameter is used to specify the Class of Service value which will be set in the frame.

set dscp

router(config-pmap-c)#set dscp dscp-value

This command is used to set a specific DSCP value. The dscp-value is used to specify the DSCP value which will be set in the packet.

service-policy

router(config-if)#service-policy {input | output} policy-map-name

This command is used to link a policy map to an interface The input andoutput parameters are used to specify in which direction the policy is to be evaluated. The policy-map-name parameter is used to specify the matching policy-map name.

MQC Example

To wrap this up together a bit, the following is a sample configuration which matches all H.323 traffic and gives it a DSCP value of EF (Expedited Forwarding). The configuration will then be configured to be evaluated on traffic coming into an interface.

router(config)#class-map h323router(config-cmap)#match protocol h323

router(config)#policy-map h323-policy

router(config-pmap)#class h323

router(config-pmap-c)#set dscp EF

router(config-if)#service-policy input h323-policy

AutoQoS Configuration

There are actually two different types of AutoQos: AutoQoS for VoIP (which was the first iteration) and AutoQoS in the Enterprise (which detects the traffic types and builds policy based on this data).

auto qos voip

router(config-if)#auto qos voip

This command is used to install the AutoQoS configuration onto a specific interface.

auto discovery qos

router(config-if)#auto discovery qos

This command is used to start the traffic discovery portion of AutoQoS in the Enterprise. This command should be run for an amount of time to properly detect traffic types before using the next command.

auto qos

router(config-if)#auto qos

This command is used to install AutoQoS in the Enterprise configuration onto a specific interface.

QoS Resources

To learn more about Qos Configuration take a look at this QoS Whitepaper from Cisco and if you’re interested in going as far as the Cisco QOS (642-642) Exam then I’d definitely recommend the Cisco QOS Exam Certification Guide.

************************************************************************

Another example, prioritising VOIP traffic

class-map match-all voip-traffic
match access-group name voip-traffic
!
!
policy-map voip
class voip-traffic
priority 512
set dscp ef
class class-default
fair-queue
policy-map parent
class class-default
shape average 512000 5120 0
service-policy voip

Cisco: Configuring secondary IP addresses on an interface.

Blenheim Resident Uncategorized

Secondary IP addressing:  Borrowed from the excellent OverBlog:  http://cisco2960.over-blog.com/2014/03/assigning-multiple-ip-addresses-to-network-interfaces.html

Why would we configure secondary ip on an interface

Answer:

With secondary addressing, multiple IP subnets coexist in the same LAN.  It’s a handy tool for non-disruptively adding IP addresses to an existing LAN, without making changes to the LAN itself, and without having to renumber IP interfaces in existing subnet(s) on that LAN.

ip address 192.168.1.1 255.255.255.0

ip address 192.168.2.1 255.255.255.192 secondary

Is it like creating subinterfaces for router on the stick?

Sort of. But unlike router-on-a-stick those subnets won’t be divided by vlans.

But we bridging 2 subnets together and it is going to be one broadcast domain I suspect.

Exactly. However many subnets you create within a single interface, they will all be in the same vlan and broadcast domain. So if for instance host 192.168.1.5 sends a broadcast, all hosts in both 192.168.1.0/24 and 192.168.2.0/24 will receive it.

Do we have to configure VLANS on the switches and trunk port between router and switch?

No. This will be an untagged port which knows nothing about vlans.

Cisco IOS software supports multiple IP addresses per interface. You can specify an unlimited number of secondary addresses. Secondary IP addresses can be used in a variety of situations. The following are the most common applications:

•There might not be enough host addresses for a particular network segment. For example, suppose your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you must have 300 host addresses. Using secondary IP addresses on the routers or access servers allows you to have two logical subnets using one physical subnet.

•Many older networks were built using Level 2 bridges, and were not subnetted. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can easily be made aware that many subnets are on that segment.

•Two subnets of a single network might otherwise be separated by another network. You can create a single network from subnets that are physically separated by another network by using a secondary address. In these instances, the first network is extended, or layered on top of the second network. Note that a subnet cannot appear on more than one active interface of the router at a time.

Note If any router on a network segment uses a secondary address, all other routers on that same segment must also use a secondary address from the same network or subnet.
To assign multiple IP addresses to network interfaces, use the following command in interface configuration mode:

Router(config-if)# ip address ip-address mask secondary

To find status of user in Active Directory: gpresult /r

Blenheim Resident Uncategorized

Other useful windows commands:
(  SS64  )
CMD
Syntax

A categorized list of Windows CMD commands

Active Directory
ADmodcmd Active Directory Bulk Modify
CSVDE    Import or Export Active Directory data
DSACLs   Active Directory ACLs
DSAdd    Add items to active directory (user group computer)
DSGet    View items in active directory (user group computer)
DSQuery  Search for items in active directory (user group computer)
DSMod    Modify items in active directory (user group computer)
DSMove   Move an Active directory Object
DSRM     Remove items from Active Directory

Batch Files
CALL     Call one batch program from another•
CHOICE   Accept keyboard input to a batch file
CLIP     Copy STDIN to the Windows clipboard
CLS      Clear the screen•
CMD      Start a new CMD shell
COLOR    Change colors of the CMD window•
DOSKEY   Edit command line, recall commands, and create macros
ECHO     Display message on screen•
ENDLOCAL End localisation of environment changes in a batch file•
EVENTCREATE Add a message to the Windows event log
EXIT     Quit the current script/routine and set an errorlevel•
FOR /F   Loop command: against a set of files•
FOR /F   Loop command: against the results of another command•
FOR      Loop command: all options Files, Directory, List•
GOTO     Direct a batch program to jump to a labelled line•
IF       Conditionally perform a command•
IFMEMBER Is the current user a member of a Workgroup
LOGTIME  Log the date and time in a file
MAPISEND Send email from the command line
MORE     Display output, one screen at a time
PAUSE    Suspend processing of a batch file and display a message•
PROMPT   Change the command prompt•
REM      Record comments (remarks) in a batch file•
RUN      Start | RUN commands
RUNAS    Execute a program under a different user account
SET      Display, set, or remove session environment variables•
SETLOCAL Control the visibility of environment variables•
SETX     Set environment variables
SORT     Sort input
SHIFT    Shift the position of batch file parameters•
SLEEP    Wait for x seconds
START    Start a program, command or batch file•
TIMEOUT  Delay processing of a batch file
TITLE    Set the window title for a CMD.EXE session•
WAITFOR  Wait for or send a signal
WMIC     WMI Commands
::       Comment / Remark•

Disk Management
BOOTCFG  Edit Windows boot settings
BCDBOOT  Create or repair a system partition
BCDEDIT  Manage Boot Configuration Data
CONVERT  Convert a FAT drive to NTFS
CHKDSK   Check Disk – check and repair disk problems
CHKNTFS  Check the NTFS file system
DEFRAG   Defragment hard drive
DISKPART Disk Administration
DISKSHADOW Volume Shadow Copy Service
DriverQuery Display installed device drivers
FORMAT   Format a disk
FREEDISK Check free disk space (in bytes)
LABEL    Edit a disk label
MOUNTVOL Manage a volume mount point
NTBACKUP Backup folders to tape
SFC      System File Checker
VOL      Display a disk label•

Files and Folders
ASSOC    Change file extension associations•
ASSOCIAT One step file association
ATTRIB   Change file attributes
BITSADMIN Background Intelligent Transfer Service
CACLS    Change file permissions
CD       Change Directory – move to a specific Folder•
CIPHER   Encrypt or Decrypt files/folders
COMP     Compare the contents of two files or sets of files
COMPACT  Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
COPY     Copy one or more files to another location•
CSCcmd   Client-side caching (Offline Files)
DEL      Delete one or more files•
DELTREE  Delete a folder and all subfolders
DIR      Display a list of files and folders•
ERASE    Delete one or more files•
EXPAND   Uncompress files
EXTRACT  Uncompress CAB files
FC       Compare two files
FIND     Search for a text string in a file
FINDSTR  Search for strings in files
FORFILES Batch process multiple files
FSUTIL   File and Volume utilities
FTP      File Transfer Protocol
FTYPE    File extension file type associations•
iCACLS   Change file and folder permissions
MD       Create new folders•
MOVE     Move files from one folder to another•
MKLINK   Create a symbolic link (linkd)
OPENFILES Query or display open files
POPD     Return to a previous directory saved by PUSHD•
PsFile   Show files opened remotely
PUSHD    Save and then change the current directory•
QGREP    Search file(s) for lines that match a given pattern
RECOVER  Recover a damaged file from a defective disk
REN      Rename a file or files•
REPLACE  Replace or update one file with another
RD       Delete folder(s)•
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
SHARE    List or edit a file share or print share
SHORTCUT Create a windows shortcut (.LNK file)
SUBINACL Edit file and folder Permissions, Ownership and Domain
TAKEOWN  Take ownership of a file
TOUCH    Change file timestamps
TREE     Graphical display of folder structure
TYPE     Display the contents of a text file•
WHERE    Locate and display files in a directory tree
WINDIFF  Compare the contents of two files or sets of files
XCACLS   Change file and folder permissions
XCOPY    Copy files and folders

Group Policy/Windows Installer
DevCon   Device Manager Command Line Utility
GPRESULT Display Resultant Set of Policy information
GPUPDATE Update Group Policy settings
MSIEXEC  Microsoft Windows Installer
PsInfo   List information about a system
PsShutdown Shutdown or reboot a computer
REGSVR32 Register or unregister a DLL
SHUTDOWN Shutdown the computer
SLMGR    Software Licensing Management (Vista/2008)
WUAUCLT  Windows Update

Networking
ARP      Address Resolution Protocol
BROWSTAT Get domain, browser and PDC info
DNSSTAT  DNS Statistics
GETMAC   Display the Media Access Control (MAC) address
IPCONFIG Configure IP
NET      Manage network resources
NETDOM   Domain Manager
NETSH    Configure Network Interfaces, Windows Firewall & Remote access
NBTSTAT  Display networking statistics (NetBIOS over TCP/IP)
NETSTAT  Display networking statistics (TCP/IP)
NSLOOKUP Name server lookup
PATHPING Trace route plus network latency and packet loss
PsPing   Measure network performance
PING     Test a network connection
ROUTE    Manipulate network routing tables
TRACERT  Trace route to a remote host

Processes
PATH     Display or set a search path for executable files•
PsExec   Execute process remotely
PsKill   Kill processes by name or process ID
PsList   List detailed information about processes
PsGetSid Display the SID of a computer or a user
PsSuspend Suspend processes
SCHTASKS Schedule a command to run at a specific time
SYSMON   Monitor and log system activity to the Windows event log
TASKLIST List running applications and services
TASKKILL End a running process
TSKILL   End a running process
TLIST    Task list with full path

Printing
MODE     Configure a system device
PRINT    Print a text file
PRINTBRM Print queue Backup/Recovery
PRNCNFG  Display, configure or rename a printer
PRNMNGR  Add, delete, list printers and printer connections
RUNDLL32 Run a DLL command (add/remove print connections)

Registry
REG      Registry: Read, Set, Export, Delete keys and values
REGEDIT  Import or export registry settings
REGINI   Change Registry Permissions

Remote Desktop
CHANGE   Change Terminal Server Session properties
Query Process    Display processes (TS/Remote Desktop)
Query Session    Display all sessions (TS/Remote Desktop)
Query TermServer List all servers (TS/Remote Desktop)
Query User       Display user sessions (TS/Remote Desktop)
MSTSC    Terminal Server Connection (Remote Desktop Protocol)
RASDIAL  Manage RAS connections
RASPHONE Manage RAS connections
Reset Session – Delete a Remote Desktop Session
TSDISCON Disconnect a Remote Desktop Session
TSSHUTDN Remotely shut down or reboot a terminal server
WINRM    Windows Remote Management
WINRS    Windows Remote Shell

Services
CASPOL   Code Access Security Policy Tool.
PORTQRY  Display the status of ports and services
PsService View and control services
SC       Service Control

System Information
NOW      Display the current Date and Time
DATE     Display or set the date•
HELP     Online Help
LOGMAN   Manage Performance Monitor logs
MBSAcli  Baseline Security Analyzer
MEM      Display memory usage
MSINFO32 System Information
NTRIGHTS Edit user account rights
PERFMON  Performance Monitor
PsLogList  Event log records
SYSMON   Monitor and log system activity to the Windows event log
SYSTEMINFO List system configuration
TIME     Display or set the system time•
TypePerf Write performance data to a log file
VER      Display version information•
VERIFY   Verify that files have been saved•
WHOAMI   Output the current UserName and domain

User Administration
ADDUSERS Add or list users to/from a CSV file
CERTREQ  Request certificate from a certification authority
CleanMgr Automated cleanup of Temp files, recycle bin
CON2PRT  Connect or disconnect a Printer
CMDKEY   Manage stored usernames/passwords
DELPROF  Delete user profiles
DIRUSE   Display disk usage
LOGOFF   Log a user off
MOVEUSER Move a user from one domain to another
MSG      Send a message
PERMS    Show permissions for a user
POWERCFG Configure power settings
PsLoggedOn Who’s logged on (locally or via resource sharing)
PsPasswd   Change account password
SUBST    Associate a path with a drive letter

Commands marked • are Internal commands only available within the CMD shell.
All other commands (not marked with •) are external commands.
External commands may be used under the CMD shell, PowerShell, or directly from START-RUN.

See also: An A-Z Index of the Windows CMD command line
Microsoft Help pages: Windows XP – 2003 Server – 2008 Server
Discussion forum
Links to other sites, books etc…
Back to the Top
© Copyright SS64.com 1999-2016
Some rights reserved