Setting up an IPv6 tunnel via 6to4

You must have a static IP address for this to work.

This is some necessary information: 

 Static IPv4 address: 62.157.9.98
 Static IPv6 address: 2002:3e9d:0962:1::1    
Usable /48: 2002:3e9d:0962::/48

Note: A 6to4 calculator is available at grox.net - select IPv4 to 6to4 address

6to4.gif

Setup the 6to4 interface 

   /interface 6to4 add mtu=1280 name=ipng-tunnel local-address=62.157.9.98 remote-address=192.88.99.1 disabled=no


Add your client IPv6 address to the new interface 

   /ipv6 address add address=2002:3e9d:0962:1::1/3 interface=ipng-tunnel

Add a default route to the global IPv6 Internet through the tunnel interface using the anycast IPv4 address: 

ipv6 route add dst-address=2000::/3 gateway=::192.88.99.1,ipng-tunnel

Syntax for RouterOS v4.x, or RouterOS 3.x with routing-test: 

ipv6 route add dst-address=2000::/3 gateway=::192.88.99.1%ipng-tunnel

You can now add your IPv6 addresses as required for your internal network.

Example: 

   /ipv6 address add address=2002:3e9d:0962:2::1/64 interface=ether1 advertise=yes disabled=no

Sumber : http://wiki.mikrotik.com/wiki/Setting_up_an_IPv6_tunnel_via_6to4

Crontab – Quick Reference

http://adminschoice.com/crontab-quick-reference
Setting up cron jobs in Unix and Solaris

cron is a unix, solaris utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon. These tasks are often termed as cron jobs in unix , solaris. Crontab (CRON TABle) is a file which contains the schedule of cron entries to be run and at specified times.

This document covers following aspects of Unix cron jobs
1. Crontab Restrictions
2. Crontab Commands
3. Crontab file – syntax
4. Crontab Example
5. Crontab Environment
6. Disable Email
7. Generate log file for crontab activity

1. Crontab Restrictions
You can execute crontab if your name appears in the file /usr/lib/cron/cron.allow. If that file does not exist, you can use
crontab if your name does not appear in the file /usr/lib/cron/cron.deny.
If only cron.deny exists and is empty, all users can use crontab. If neither file exists, only the root user can use crontab. The allow/deny files consist of one user name per line.

2. Crontab Commands

export EDITOR=vi ;to specify a editor to open crontab file.

crontab -e Edit your crontab file, or create one if it doesn’t already exist.
crontab -l Display your crontab file.
crontab -r Remove your crontab file.
crontab -v Display the last time you edited your crontab file. (This option is only available on a few systems.)

3. Crontab file
Crontab syntax :
A crontab file has five fields for specifying day , date and time followed by the command to be run at that interval.

* * * * * command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)

* in the value field above means all legal values as in braces for that column.
The value column can have a * or a list of elements separated by commas. An element is either a number in the ranges shown above or two numbers in the range separated by a hyphen (meaning an inclusive range).
Notes
A. ) Repeat pattern like /2 for every 2 minutes or /10 for every 10 minutes is not supported by all operating systems. If you try to use it and crontab complains it is probably not supported.

B.) The specification of days can be made in two fields: month day and weekday. If both are specified in an entry, they are cumulative meaning both of the entries will get executed .

4. Crontab Example
A line in crontab file like below removes the tmp files from /home/someuser/tmp each day at 6:30 PM.

30 18 * * * rm /home/someuser/tmp/*

Changing the parameter values as below will cause this command to run at different time schedule below :
min hour day/month month day/week Execution time
30 0 1 1,6,12 * – 00:30 Hrs on 1st of Jan, June & Dec.
0 20 * 10 1-5 –8.00 PM every weekday (Mon-Fri) only in Oct.
0 0 1,10,15 * * – midnight on 1st ,10th & 15th of month
5,10 0 10 * 1 – At 12.05,12.10 every Monday & on 10th of every month
:

Note : If you inadvertently enter the crontab command with no argument(s), do not attempt to get out with Control-d. This removes all entries in your crontab file. Instead, exit with Control-c.

5. Crontab Environment
cron invokes the command from the user’s HOME directory with the shell, (/usr/bin/sh).
cron supplies a default environment for every shell, defining:
HOME=user’s-home-directory
LOGNAME=user’s-login-id
PATH=/usr/bin:/usr/sbin:.
SHELL=/usr/bin/sh

Users who desire to have their .profile executed must explicitly do so in the crontab entry or in a script called by the entry.

6. Disable Email
By default cron jobs sends a email to the user account executing the cronjob. If this is not needed put the following command At the end of the cron job line .

>/dev/null 2>&1

7. Generate log file
To collect the cron execution execution log in a file :

30 18 * * * rm /home/someuser/tmp/* > /home/someuser/cronlogs/clean_tmp_dir.log

CCNA Router and Catalyst Switch IOS Command Reference

By Jamison Schmidt

Router Commands
Terminal Controls:

  • Config# terminal editing - allows for enhanced editing commands
  • Config# terminal monitor - shows output on telnet session
  • Config# terminal ip netmask-format hexadecimal|bit-count|decimal - changes the format of subnet masks

    • Host Name:
  • Config# hostname ROUTER_NAME

    • Banner:
  • Config# banner motd # TYPE MESSAGE HERE # - # can be substituted for any character, must start and finish the message

    • Descriptions:
  • Config# description THIS IS THE SOUTH ROUTER - can be entered at the Config-if level

    • Clock:
  • Config# clock timezone Central -6
    # clock set hh:mm:ss dd month yyyy     - Example: clock set 14:35:00 25 August 2003

    • Changing The Register:
  • Config# config-register 0x2100 - ROM Monitor Mode
  • Config# config-register 0x2101 - ROM boot
  • Config# config-register 0x2102 - Boot from NVRAM

    • Boot System:
  • Config# boot system tftp FILENAME SERVER_IP - Example: boot system tftp 2600_ios.bin 192.168.14.2
  • Config# boot system ROM
  • Config# boot system flash - Then - Config# reload

    • CDP:
  • Config# cdp run - Turns CDP on
  • Config# cdp holdtime 180 - Sets the time that a device remains. Default is 180
  • Config# cdp timer 30 - Sets the update timer.The default is 60
  • Config# int Ethernet 0
  • Config-if# cdp enable - Enables cdp on the interface
  • Config-if# no cdp enable - Disables CDP on the interface
  • Config# no cdp run - Turns CDP off

    • Host Table:
  • Config# ip host ROUTER_NAME INT_Address - Example: ip host lab-a 192.168.5.1
    • -or-
  • Config# ip host RTR_NAME INT_ADD1 INT_ADD2 INT_ADD3 - Example: ip host lab-a 192.168.5.1 205.23.4.2 199.2.3.2 - (for e0, s0, s1)

    • DNS:
  • Config# ip domain-lookup - Tell router to lookup domain names
  • Config# ip name-server 122.22.2.2 - Location of DNS server
  • Config# ip domain-name cisco.com - Domain to append to end of names

    • Clearing Counters:
  • # clear interface Ethernet 0 - Clears counters on the specified interface
  • # clear counters - Clears all interface counters
  • # clear cdp counters - Clears CDP counters

    • Static Routes:
  • Config# ip route Net_Add SN_Mask Next_Hop_Add - Example: ip route 192.168.15.0 255.255.255.0 205.5.5.2
  • Config# ip route 0.0.0.0 0.0.0.0 Next_Hop_Add - Default route
    • -or-
  • Config# ip default-network Net_Add - Gateway LAN network

    • IP Routing:
  • Config# ip routing - Enabled by default
  • Config# router rip
    • -or-
  • Config# router igrp 100
  • Config# interface Ethernet 0
  • Config-if# ip address 122.2.3.2 255.255.255.0
  • Config-if# no shutdown

    • IPX Routing:
  • Config# ipx routing
  • Config# interface Ethernet 0
  • Config# ipx maximum-paths 2 - Maximum equal metric paths used
  • Config-if# ipx network 222 encapsulation sap - Also Novell-Ether, SNAP, ARPA on Ethernet. Encapsulation HDLC on serial
  • Config-if# no shutdown

    • Access Lists:
    IP Standard1-99
    IP Extended100-199
    IPX Standard800-899
    IPX Extended900-999
    IPX SAP Filters1000-1099

    IP Standard:
  • Config# access-list 10 permit 133.2.2.0 0.0.0.255 - allow all src ip’s on network 133.2.2.0
    • -or-
  • Config# access-list 10 permit host 133.2.2.2 - specifies a specific host
    • -or-
  • Config# access-list 10 permit any - allows any address

  • Config# int Ethernet 0
  • Config-if# ip access-group 10 in - also available: out

    IP Extended:
  • Config# access-list 101 permit tcp 133.12.0.0 0.0.255.255 122.3.2.0 0.0.0.255 eq telnet
    -protocols: tcp, udp, icmp, ip (no sockets then), among others
    -source then destination address
    -eq, gt, lt for comparison
    -sockets can be numeric or name (23 or telnet, 21 or ftp, etc)
    • -or-
  • Config# access-list 101 deny tcp any host 133.2.23.3 eq www
    • -or-
  • Config# access-list 101 permit ip any any

  • Config# interface Ethernet 0
  • Config-if# ip access-group 101 out


    • IPX Standard:
  • Config# access-list 801 permit 233 AA3 - source network/host then destination network/host
    • -or-
  • Config# access-list 801 permit -1 -1 - “-1” is the same as “any” with network/host addresses

  • Config# interface Ethernet 0
  • Config-if# ipx access-group 801 out


    • IPX Extended:
  • Config# access-list 901 permit sap 4AA all 4BB all
    - Permit protocol src_add socket dest_add socket
    -“all” includes all sockets, or can use socket numbers
    • -or-
  • Config# access-list 901 permit any any all any all
    -Permits any protocol with any address on any socket to go anywhere

  • Config# interface Ethernet 0
  • Config-if# ipx access-group 901 in


    • IPX SAP Filter:
  • Config# access-list 1000 permit 4aa 3 - “3” is the service type
    -or-
  • Config# access-list 1000 permit 4aa 0 - service type of “0” matches all services

  • Config# interface Ethernet 0
  • Config-if# ipx input-sap-filter 1000 - filter applied to incoming packets
    -or-
  • Config-if# ipx output-sap-filter 1000 - filter applied to outgoing packets


    • Named Access Lists:
  • Config# ip access-list standard LISTNAME
    -can be ip or ipx, standard or extended
    -followed by the permit or deny list
  • Config# permit any

  • Config-if# ip access-group LISTNAME in
    -use the list name instead of a list number
    -allows for a larger amount of access-lists


    • PPP Setup:
  • Config-if# encapsulation ppp
  • Config-if# ppp authentication chap pap
    -order in which they will be used
    -only attempted with the authentification listed
    -if one fails, then connection is terminated
  • Config-if# exit
  • Config# username Lab-b password 123456
    -username is the router that will be connecting to this one
    -only specified routers can connect
    • -or-
  • Config-if# ppp chap hostname ROUTER
  • Config-if# ppp chap password 123456
    -if this is set on all routers, then any of them can connect to any other
    -set same on all for easy configuration

    ISDN Setup:
  • Config# isdn switch-type basic-5ess - determined by telecom
  • Config# interface serial 0
  • Config-if# isdn spid1 2705554564 - isdn “phonenumber” of line 1
  • Config-if# isdn spid2 2705554565 - isdn “phonenumber” of line 2
  • Config-if# encapsulation PPP - or HDLC, LAPD


    • DDR - 4 Steps to setting up ISDN with DDR
    1. Configure switch type

      2. Config# isdn switch-type basic-5ess - can be done at interface config

    2. Configure static routes

      3. Config# ip route 123.4.35.0 255.255.255.0 192.3.5.5 - sends traffic destined for 123.4.35.0 to 192.3.5.5
      Config# ip route 192.3.5.5 255.255.255.255 bri0 - specifies how to get to network 192.3.5.5 (through bri0)

    3. Configure Interface

      4. Config-if# ip address 192.3.5.5 255.255.255.0
      Config-if# no shutdown
      Config-if# encapsulation ppp
      Config-if# dialer-group 1 - applies dialer-list to this interface
      Config-if# dialer map ip 192.3.5.6 name Lab-b 5551212
      connect to lab-b at 5551212 with ip 192.3.5.6 if there is interesting traffic
      can also use “dialer string 5551212” instead if there is only one router to connect to

    4. Specify interesting traffic

      5. Config# dialer-list 1 ip permit any
      -or-
      Config# dialer-list 1 ip list 101 - use the access-list 101 as the dialer list

    5. Other Options

      6. Config-if# hold-queue 75 - queue 75 packets before dialing
      Config-if# dialer load-threshold 125 either
      -load needed before second line is brought up
      -“125” is any number 1-255, where % load is x/255 (ie 125/255 is about 50%)
      -can check by in, out, or either
      Config-if# dialer idle-timeout 180
      -determines how long to stay idle before terminating the session
      -default is 120
    Frame Relay Setup
  • Config# interface serial 0
  • Config-if# encapsulation frame-relay - cisco by default, can change to ietf
  • Config-if# frame-relay lmi-type cisco - cisco by default, also ansi, q933a
  • Config-if# bandwidth 56
  • Config-if# interface serial 0.100 point-to-point - subinterface
  • Config-if# ip address 122.1.1.1 255.255.255.0
  • Config-if# frame-relay interface-dlci 100
    -maps the dlci to the interface
    -can add BROADCAST and/or IETF at the end
  • Config-if# interface serial 1.100 multipoint
  • Config-if# no inverse-arp - turns IARP off; good to do
  • Config-if# frame-relay map ip 122.1.1.2 48 ietf broadcast
    -maps an IP to a dlci (48 in this case)
    -required if IARP is turned off
    -ietf and broadcast are optional
  • Config-if# frame-relay map ip 122.1.1.3 54 broadcast

    • Show Commands
  • Show access-lists - all access lists on the router
  • Show cdp - cdp timer and holdtime frequency
  • Show cdp entry * - same as next
  • Show cdp neighbors detail - details of neighbor with ip add and ios version
  • Show cdp neighbors - id, local interface, holdtime, capability, platform portid
  • Show cdp interface - int’s running cdp and their encapsulation
  • Show cdp traffic - cdp packets sent and received
  • Show controllers serial 0 - DTE or DCE status
  • Show dialer - number of times dialer string has been reached, other stats
  • Show flash - files in flash
  • Show frame-relay lmi - lmi stats
  • Show frame-relay map - static and dynamic maps for PVC’s
  • Show frame-relay pvc - pvc’s and dlci’s
  • Show history - commands entered
  • Show hosts - contents of host table
  • Show int f0/26 - stats of f0/26
  • Show interface Ethernet 0 - show stats of Ethernet 0
  • Show ip - ip config of switch
  • Show ip access-lists - ip access-lists on switch
  • Show ip interface - ip config of interface
  • Show ip protocols - routing protocols and timers
  • Show ip route - Displays IP routing table
  • Show ipx access-lists - same, only ipx
  • Show ipx interfaces - RIP and SAP info being sent and received, IPX addresses
  • Show ipx route - ipx routes in the table
  • Show ipx servers - SAP table
  • Show ipx traffic - RIP and SAP info
  • Show isdn active - number with active status
  • Show isdn status - shows if SPIDs are valid, if connected
  • Show mac-address-table - contents of the dynamic table
  • Show protocols - routed protocols and net_addresses of interfaces
  • Show running-config - dram config file
  • Show sessions - connections via telnet to remote device
  • Show startup-config - nvram config file
  • Show terminal - shows history size
  • Show trunk a/b - trunk stat of port 26/27
  • Show version - ios info, uptime, address of switch
  • Show vlan - all configured vlan’s
  • Show vlan-membership - vlan assignments
  • Show vtp - vtp configs


    •  Catalyst Commands For Native IOS - Not CatOS
    Switch Address:
  • Config# ip address 192.168.10.2 255.255.255.0
  • Config# ip default-gateway 192.168.10.1

    • Duplex Mode:
  • Config# interface Ethernet 0/5 - “fastethernet” for 100 Mbps ports
  • Config-if# duplex full - also, half | auto | full-flow-control

    • Switching Mode:
  • Config# switching-mode store-and-forward - also, fragment-free

    • MAC Address Configs:
  • Config# mac-address-table permanent aaab.000f.ffef e0/2 - only this mac will work on this port
  • Config# mac-address-table restricted static aaab.000f.ffef e0/2 e0/3
    -port 3 can only send data out port 2 with that mac
    -very restrictive security
  • Config-if# port secure max-mac-count 5 - allows only 5 mac addresses mapped to this port

    • VLANS:
  • Config# vlan 10 name FINANCE
  • Config# interface Ethernet 0/3
  • Config-if# vlan-membership static 10

    • Trunk Links:
  • Config-if# trunk on - also, off | auto | desirable | nonegotiate
  • Config-if# no trunk-vlan 2
    -removes vlan 2 from the trunk port
    -by default, all vlans are set on a trunk port

    • Configuring VTP:
  • Config# delete vtp - should be done prior to adding to a network
  • Config# vtp server - the default is server, also client and transparent
  • Config# vtp domain Camp - name doesn’t matter, just so all switches use the same
  • Config# vtp password 1234 - limited security
  • Config# vtp pruning enable - limits vtp broadcasts to only switches affected
  • Config# vtp pruning disable

    • Flash Upgrade
  • Config# copy tftp://192.5.5.5/configname.ios opcode - “opcode” for ios upgrade, “nvram” for startup config

    Delete Startup Config:
  • Config# delete nvram
    • Subscribe to: Posts (Atom)