To set up netflow on a Cisco router (in our case a Cisco 3750 with IOS 12.2) we need to tell it where to send the netflow data to. In the example below the destination (172.17.1.1) should have a netflow listener or capture running on udp port 9696.

• Router#enable
• Router#configure terminal
• Router(config)#ip flow-export
  
• Router(config-if)#version 5
• Router(config)#ip flow-export destination 172.17.1.1 9696

Next we have to set up each interface for which we want the netflow data from. In the case where the interface is not part of a defined VLAN

• Router(config)#interface GigabitEthernet1/0/1
• Router(config-if)#ip route-cache flow
• Router(config-if)#ip flow ingress

In the case of VLANs and trunking the set up is slightly different (just to confuse myself I put in all the gory details). First we define the interface/port that we are interested in.

• Router(config-if)#interface GigabitEthernet1/0/2
• Router(config-if)# description a VLANed interface
• Router(config-if)# switchport access vlan 2
• Router(config-if)# switchport trunk encapsulation dot1q
• Router(config-if)# switchport trunk native vlan 2
• Router(config-if)# switchport mode trunk
• Router(config-if)# speed 1000
• Router(config-if)# duplex full

Then we define the VLAN interface

• Router(config-if)#interface Vlan2
• Router(config-if)# description a VLAN for our interface
• Router(config-if)# ip address 172.17.1.2 255.255.255.0
• Router(config-if)# ip flow ingress
• Router(config-if)# ip route-cache flow
  

Exit from the configure mode and then do:

• Router(config-if)#show ip flow export

You should get something like:

Flow export v5 is enabled for main cache
Exporting flows to 172.17.1.1 (6969)
Exporting using source IP address 172.17.1..249
Version 5 flow records
853478 flows exported in 66526 udp datagrams
0 flows failed due to lack of export packet
0 export packets were sent up to process level

Other useful commands are:

• Router(config-if)#show ip flow interface
• Router(config-if)#show ip cache flow

NMS Inventory - for quite a while I have been meaning to document an NMS (Network Management System) which is currently running at a clients site.

The base operating system is currently FreeBSD 6.1 with a whole lot of useful tools as well as SMS alerting system. The base install includes Apache 1.3 (good old reliable stuff!), MySQL 5.1, Perl and PHP.

In the following pages I will attempt to describe several of the packages which I find very useful, such as:
- cacti
- NeDi (Network Discovery tools)
- netflow tools

.....

Hard drive miniaturization technology wins physics Nobel

Albert Fert and Peter Gruenberg won the 2007 Nobel Prize for physics for discoveries allowing the miniaturization of hard disks in electronic devices.

I must admit I have never ever given a second thought about what format I used on my USB flash drive, that is until I spotted the following article at IronGeek website entitled: File Systems and thumb drives: Choosing between FAT16, FAT32 and NTFS to get a faster USB Flash Drive . Fascinating stuff (really!) and just something I had never thought to try out.

Here's a link to an interesting article I spotted on the ComputerWorld website entitled "Does testing still matter?"

It's expensive and time consuming for IT managers to conduct extensive product evaluations. But columnist Craig Mathias argues that tests are still essential, particularly when it comes to wireless networking.

Link to full article

Yes, testing, despite the costs still matters!

There are days when I wonder whatever became of common sense, in particular when it comes to the IT side of things.

Some time last week a client asked for a static route to be placed into the routing table of our DMZ for a new subnet they were building. I informed them that the route was now in place and that they should test it. Their System Administrator e-mailed me telling me that they couldn't ping one of my servers and they were sure that everything was configured correctly on their side. I requested that he check on weather or not their ISA server was correctly configured as this problem seemed to be related to routing within their network.

A few days went by and then the e-mail dialog began...... no everything was configured correctly on their side, no they still could not ping my servers. Again tried to explain that he must check on weather the ISA server was correctly configured, in the end I asked for copy of the ISA servers router table and configuration.

Now, let me explain something here, I have nothing against Microsoft software or even their ISA server. However I do have problems when these are not properly configured! Microsoft have done a great job in coming out with software that just about anyone can configure. The MS ISA server is a good example, you can do all sorts of things with it. *BUT* the moment you want to get 'fancy' and try to configure it as a all singing and dancing firewall/router/proxy server you really need an administrator who has some experience! At the very least an understanding of basic routing.

Of course when making changes to a live production network, be sure you know what you are doing. Other wise strange and bad things can happen, as was the case here. Applications needing access to resources on the network will be disrupted and users will complain! And lo and behold I get an e-mail from the System Administrator telling me to stop doing what ever it was that I was doing that was disrupting their network!

To cut the sorry story short, there was a routing entry missing on their ISA server! Argh! And to top it all someone was playing around with the ISA server causing the network to become unstable.

Where have all the good administrators gone? How can anyone be an administrator on any network connected device and not understand how a network works?

Started off with installing the WUSB300N first on the Dell Inspiron 5150 (I disabled the internal wireless card).

Installing the software went smoothly, nice and easy to follow. But when it came to finding a wireless network, it just didn't happen! At first I used the Linksys Wireless Network Monitor to configure it, but it failed to find the local 802.11G wireless network. Switching over the Windows Wireless manager didn't make any difference! Going thru the documentation didn't help, but I found an updated driver at the Linksys Website.

Installing it as well as a new version of the Monitor software doesn't seem to have made any difference at all 8-(

I must be missing something here as the documentation does state "but can also connect to Wireless-G and -B networks". I knew I should have set up the Linksys WRT350N Wireless-N Gigabit Router with Storage Link first! Oh well...

Just got a box from Linksys 8-)

More goodies I picked up at Networkers,

• Linksys WUSB300N Wireless-N USB Network Adapter
• Linksys WRT350N Wireless-N Gigabit Router with Storage Link
• Linksys WPC300N Wireless-N Notebook Adapter

Common features are:

• High-speed Wireless-N (draft 802.11n) networking for your notebook computer
• MIMO technology uses multiple radios to create a robust signal that travels up to 4 times farther and reduces dead spots
• Up to 12 times faster than Wireless-G, but can also connect to Wireless-G and -B networks
• Advanced wireless security with up to 256-bit encryption