Using Ping Feature More Effectively

Ping is one of the network troubleshooting technique that I can't go without these days.  In this post, I'll show you how to take advantage of all the extras that you don't have in the Command Window.  

• Ping Multiple Hosts: Press F1 to bring up the Add Host Address dialog.  Enter hosts/IP addresses which can be separated by space, comma, semi-colon, tab or a line feed.
• Reduce/Increase # of Rows Displayed For Ping Result: By default, Pinkie will show you 4 lines of ping results.  This can fill up the window pretty quick if you ping multiple hosts at the same time.  To reduce the # of rows, press F3 or increase it by F4.
• Check Ping Statistics For a Host: Select a host by clicking on it, the status bar at the bottom will change to show the ping statistics for the selected host which includes packets sent/received, lost count & percentage, last ping RTT along with Min, Max & Avg RTTs.
• Start/Stop a Ping: Right click on the host you want to start/stop pinging, select Ping first menu item in the context menu will change to Start/Stop as appropriate.  Clicking on it will stop a ping in progress or start it if it's not started yet.
• Reset Ping Statistics: Right click on a host you want to reset statistics, select Ping then click on Reset Statistics.
• Copy Ping Results: When troubleshooting network or server issues, you might have the need to send the ping result to someone.  This can be done by simply right click on the host and select Copy Result to Clipboard. then paste it to an email or wherever you wish.
• Logging Ping Results to Disk: If you wish to log ping results to a file to analyze later or send it to someone else, right click on the host, select Ping then in the context menu, click on Start Logging or Stop Logging as appropriate.  By default, the ping results will be saved in C:\Users\[username]\Documents\ipUptime.net\Pinkie_Logs.  You can change this path in the Settings menu.

That's not all all the extras that comes with the Ping functionality in Pinkie but it will definitely make you like and use Pinkie more (or shy away from the Command Prompt more).

If you can come up with a better way to use Ping or wish to have enhancements added to it, please let me know.  And last but not least, if you haven't used Pinkie yet, give it a try, you might like it.

Finally, an IPv6 calculator

In an effort to update Pinkie to support IPv6, I postponed my other projects to spend sometime on IPv6 and as the result, we have yet another IP Address Calculator.

When I finished integrating the IP calculator into the next release of Pinkie, I realized there wasn't one online that had the functionalities I wanted; I figured I wasn't the only one like that so I spend yet more time working to bring it online and now we have another IPv6 calculator.

This one is a little bit different than all the others in a sense that it supports both IPv4 & IPv6 on the same user interface (just because I hate having to go to different site for different types of IP address like I hate having the functionalities of Pinkie in multiple programs or windows for that matter). It also help you convert and identify different type of IPv6 addresses.

Hope you can use it!

Last but not least, I hope you support my sponsors.

Online IP Address Calculator

Earlier this week, I released a suite of Windows network troubleshooting utilities called Pinkie through a website named ipUptime.net.

Everything went well. The public seems to welcome it and as I monitor the statistics for the site as well as the download counts from other download sites, I realized that something is wrong with my site statistics; the numbers don't match up and my number came up short.

As I found out, if people download the Pinkie through the link on my site then the download count is incremented. But if they had download it from other sites, using the URL I had published then the download is not accounted for.

Changing the published URL for all other sites will be time consuming so I was looking for a better solution to the issue. Then I remember ASP.net 2.0 supports URL Mappings. So by using URL Mappings, within a minute or two, my problem is solved.

Here's the syntax for URL Mappings:

<urlmappings>
<add url="~/newurl.aspx" mappedurl="~/oldURL.aspx"></add>
</urlmappings>

Best use for URL Mappings are for shortening long, hard to remember URL to something short & easy to remember or in my case, correct a mistake and save time.

Blogging again!!!

It's been a long while since I posted a blog. Well, apparently, I had forgotten my password and was unable to recover it since the email account I registered with Google wasn't active. Therefore, I wasn't able to login to the site.

In a recent Networking project called Pinkie, I needed to activate the web hosting account again and finally able to reset the password to the blogger account.

So in the comming days, I'll start blogging again when I get some free time.

Virtual Private Networks Troubleshooting - Part I

I've seen quite a number of posts asking why VPN users are not able to access their network even though they have been successfully connected.

Let's try to troubleshoot what happens here. A very common VPN setup is to use 2 NICs and run Routing and Remote Access on one of them. The benefits of this would be that you can isolate VPN traffic and keeping it from overloading the NIC that handles the internal network traffic. One thing to note for is that the two NICs have to be assigned IPs from different networks or subnets. For example:

1st NIC (VPN): 192.168.1.2 /24
2nd NIC(internal network): 192.168.2.2 /24

(Don't worry if you don't understand the /24. It's called the slash notation for the subnet mask which is the equivalent of 255.255.255.0)

Through the initial RRAS setup, users will be able to connect to the VPN just fine and will be assigned an IP address of one of the networks. The problem arise when they try to connect to network resources on through the 2nd NIC (the other network). This is due to the fact that Windows doesn't know how to route the packets from the 192.168.1.0 network to 192.168.2.0 network.

You can tell Windows how to route traffic between the two NICs by configuring a static route with the "Route" command. Type "Route /?" at the Command Prompt for more information.

And as usual, I have a second way to accomplish the job by turning on Routing using RIP or OSPF and add the two NICs to it.

One thing that I see lacking from most Windows Administrators is the understanding of TCP/IP and network routing. I would recommend Windows Administrators to take CCNA anytime. Even though it might seem so remote from their daily tasks, one can walk away from a CCNA class with so much helpful information that makes their job much easier to do.

Configure DHCP on a Cisco Router or Switch

When it comes to configuring DHCP, you have a number of ways to do it. You can run DHCP service on a Windows or a Linux box or as most networking professionals prefer, run it on an existing router or a switch.

The advantage of this is that you can leverage existing hardware, provide DHCP locally at each site and reduce the dependency on the WAN link.

To configure DHCP on a Cisco router or switch, follow these steps:

1. Configure an IP address on the router's Ethernet port

Router(config)# interface e0/0
Router(config-if)#ip address 172.16.1.1 255.255.255.0
Router(config-if)# no shut

2. Create a DHCP IP address pool for the IP addresses you want to use.

Router(config)# ip dhcp pool dhcppoolname

3. Specify the network and subnet for the addresses you want to use from the pool.

Router(dhcp-config)# network 172.16.1.0 255.255.255.0

4. Specify the DNS domain name for the clients.

Router(dhcp-config)#domain-name yourdomain.com

5.Specify the DNS server.

Router(dhcp-config)#dns-server 172.16.1.2

6. Specify the defaut router (or default gateway)

Router(dhcp-config)#default-router 172.16.1.1

7. Specify the lease duration.

Router(dhcp-config)#lease 7

8. Let's say that you've decided that all IP addresses between .30 and .40 will be used for static IP devices such as mail servers and database servers and you don't want them to be available in the DHCP pool, you can exclude them using "exclude-address" command:

Router(config)#ip dhcp excluded-address 172.16.1.30 172.16.1.40

Now any device that requires an DHCP address on the 172.16.1.0 network will be able to send a DHCP request to 172.16.1.1.

The Day The Routers Die

Those of us that are in the networking field might find this video amusing.

Note: In the song, the performer (Gary Feldman) mentioned RIPE55 quite a few times. RIPE stands for Réseaux IP Européens (European IP Networks) which is a forum open to all parties who are interested in the technical development of internet and 55 is the meeting number during which he performed the song.

Gary sung in native English accent so it might be a bit hard to understand. Here's a to link the lyrics.

Configure DNS or Disable DNS lookup

If you mistype a command in the Privileged Mode on Cisco router, by default, the router thinks you're trying to connect to a remote host through Telnet. So it performs a DNS lookup on the information you entered.

If you haven't configured DNS on the router, the command prompt will hang until the DNS lookup timeouts. This is one of the thing that really bothers me so to resolve it, I have two options:

The first option is to disable DNS using the "domain-lookup" command as in:

Router(config)# no ip domain-lookup

The second option is to properly configure DNS and point it to a valid DNS server. Here's an example:

Router(config)# ip name-server 4.2.2.1

By configure the router using one of the two options above it will save you a bit of time and cut a bit of frustration out of your daily routines.

Download File with Visual Basic

My.Computer.Network namespace provides the DownloadFile method which can be used for downloading a remote file to a specific location.

The basic syntax for calling DownloadFile method is to specify the file's location as a string or URI and the location to store the file as seen below:

My.Computer.Network.DownloadFile("http://www.server.com/readme.txt", "c:\docs\readme.txt")

The overloaded methods allow you to specify more advanced parameter like timeout, username & password for protected file. The example below downloads password protected file.

My.Computer.Network.DownloadFile("http://www.server.com/readme.txt", "c:\docs\readme.txt", "myusername", "mypassword")

Note that FTP protocol is used by the DownloadFile method to send information including username & password in plain text. It should not be used to transmit sensitive information.

Show Running-Configuration

One of the most commonly used command when troubleshooting a switch or router is the "Show Run" command. It gives you an insight into the currently running configuration.

Sometimes, this command yields so much output one would be overwhelm with the amount of text on the screen and have to keep pressing the space key to scroll down to see more information.

Well, if you know what you are looking for then you could add a command prefix " begin keyword" and it'll start showing the configuration from that where the keyword occurs.

SwitchA# Show runn | begin spanning-tree

In the example above, the switch will show the current configuration from the line where it finds the first occurrence of the word "spanning-tree".

Using this command can really save you all the trouble of spacing through all the text only to find that you go too fast and miss the relevant information and have to scroll back to look for it.

Changing IP on Cisco/ProCurve Switch

Let's say we have the IP address 10.10.10.1/24 assigned to vlan 1 and want to change it to 10.10.10.2. On a Cisco switch, you can telnet in and send these commands to the switch:

conf t
interface vlan 1
ip address 10.10.10.2 255.255.255.0

The Cisco switch will update the IP address and disconnect your session. On a ProCurve switch, if you issue the same commands it will spit out an error saying:

"The IP address (or subnet) 10.10.10.2/24 already exists."

If you were going through the console port, you can set the new IP using the following commands:

conf t
vlan 1
no ip address 10.10.10.1/24
ip address 10.10.10.2/24

However, you can't do that if you connect to the switch remotely. As soon as the "no ip address" command is received and processed by the switch, your session will be disconnected and you won't be able to get to the switch.

The trick to get around this issue is to make this IP address change through the switch's built-in menu system instead of using the plain old CLI.

1. Type "menu", hit Enter
2. Select "Switch Configuration"
3. Select "IP Configuration"
4. Navigate to Edit, hit Enter
5. Change the IP and then Save

You will be disconnected once you save it but you will be able to reconnect using the new IP.

Cisco Switch - TFTP IOS Upgrade

Update, Copy, Backup, Restore IOS and startup-config are pretty much done in the same manner. First, you've got to configure the switch and the PC to talk then run the TFTP or FTP server and start the copy process.

Let's walk though how you can update Cisco IOS on a 6500.

Router> enable
Router# configure terminal
Router(config)# interface gig 9/1
Router(config-int)# switchport
Router(config-int)# switchport mode access
Router(config-int)# switchport access vlan 1
Router(config-int)# no shutdown
Router(config-int)# exit

At this point, we have turn port 9/1 into a layer 2 port on vlan 1. Now we need to assign an ip address to this default vlan so we can communicate to it.

Router(config)# interface vlan 1
Router(config-int)# ip address 10.10.10.1 255.255.255.0
Router(config-int)# no shutdown
Router(config-int)# exit

The next thing we need to do is to configure the network adapter on your PC or laptop and give it an address that's on the same network as the switch. In this case, I set it to be 10.10.10.2 255.255.255.0.

Plug in the cable from the PC to the port we just configured; and to make sure the PC can talk to the 6500 we can try pinging it:

Router(config)# do ping 10.10.10.2

If you have a successful ping reply then you should be good to go. Launch the TFTP server and start the copy process. To copy from data from TFTP server to the switch use:

Router# copy tftp: disk0:

After you issue either of this command, you will be prompted for the FTFP server address and filename. Enter 10.10.10.2 and the filename you want to copy, then confirm it to start the copy process.

And to copy data from flash to FTFP server use the command:

Router# copy disk0: tftp:

If you are copying a rather large file then you should use FTP instead of TFTP and issue the command:

Router# copy FTP: Disk0:

I have run into some issue while moving a large file to the Cisco 6509. See this blog for more details.

ProCurve Switch - TFTP Flash Update

To update the IOS on the HP's ProCurve switches you first need to configure an access port so it can communicate to the TFTP Server.

ProCurve Switch 3500yl-48G> enable
ProCurve Switch 3500yl-48G# configure terminal
ProCurve Switch 3500yl-48G(config)# vlan 1
ProCurve Switch 3500yl-48G(vlan-1)# ip address 10.10.10.1/24
ProCurve Switch 3500yl-48G(vlan-1)# exit

Next, you will need to configure the network adapter on your PC or laptop and give it an address that's on the same network as the switch. In this case, I set it to be 10.10.10.2 255.255.255.0.

Then the next step is to connect your machine to the switch; plug a cable from your laptop or PC to the switch. And just to make sure that the data can travel from one end to another, we'll go ahead and try to send a ping to the server:

ProCurve Switch 3500yl-48G# ping 10.10.10.2

If the ping is successful, you need to launch your TFTP Server, then you can go ahead and update the flash by issuing the copy command and pass to it the server address and the filename:

ProCurve Switch 3500yl-48G# copy tftp flash 10.10.10.2 k_12_02.swi

And if you need to update the secondary flash, then issue this command:

ProCurve Switch 3500yl-48G# copy tftp flash 10.10.10.2 k_12_02.swi secondary

I make a habit of using scripts to make the whole process easier to manage and make the update faster so here's the entire script:

enable
configure terminal
vlan 1
no ip add
ip address 10.10.10.1/24
exit
ping 10.10.10.2
copy tftp flash 10.10.10.2 k_12_02.swi
y
copy tftp flash 10.10.10.2 k_12_02.swi secondary
y

Note: If you use this script, make sure that you update the ip address and change the filename.

Cisco TFTP - Flash Update Problem

I was upgrading the IOS for the Cisco 6509s. I got Cisco TFTP Server setup and connected to it to download the file. The file was around 80Mb. TFTP Server threw an exception and shutdown. Upon restart, the file started to get downloaded but a few seconds later Cisco TFTP Server threw another error. This time I was able to view the error message and it said the transfer failed due to Synchronization Error.

I switched to SolarWinds TFTP Server and got a more detailed error saying the file was too large to be transferred through TFTP.

As an alternative, I used FTP Server from 3CDaemon and issued the command:

copy FTP: Disk0:

and it worked like a champ.

I had IIS running on my laptop so I turned off 3CDaemon and used IIS's FTP server. It worked out just fine.

So if you are transferring a large file you should use FTP and not TFTP to avoid potential problems and I also recommend 3CDaemon as it's got TFTP Server, FTP Server, Syslog as well as TFTP client all in one package.

OSPF - Wild Card Mask

Open Shortest Path First (OSPF) is an open standard, internal routing protocol, capable of supporting large network spanning multiple sites. Routers running OSPF are aware of their network topology; they get update of changes in the network through HELLO packets.

Some of OSPF's strengths include:

It converges quickly, compared to distance-vector protocol.
Routing update packets are small, and only reflect the change (it doesn't send the whole routing table).
It's not prone to routing loops.
It scales very well for large networks.
Bandwidth is taken into account when it selects a link to install in the routing table.
It support Variable-Length Subnet Masks (VLSM)

While many people get confused by the Wild Card Mask that is required in the Network statement, I find it's not that difficult at all.

Let's say you need to advertise the network 172.30.105.84 255.255.255.252 and wants to find the wild card mask. All you have to do is take 255 and subtract each octet of the subnet mask. So in this case you would advertise the network as:

Router(config)# router ospf {process number}
Router(config-router)# network 172.30.105.84 0.0.0.3 area 0

Where do you get the 0.0.0.3? Using the rule above, you take 255 - 255 = 0 (in the first 3 octets) and 255 - 252 = 3 (in the last octet). See, it's not that hard to find the wild card mask at all.

Where do I get 255 from, you ask? Each octet is made up of 8 bits and 255 is the maximum value that 8 bits can hold.

Here are some common OSPF commands that are very useful in checking the status of OSPF configuration:

show ip ospf
show ip ospf neighbor
show ip ospf interface
show ip route ospf

Further readings:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hirp_r/rte_osph.htm#wp1001842
http://en.wikipedia.org/wiki/Open_Shortest_Path_First

Updating IOS on ProCurve Switches

Updating IOS software on HP's ProCurve switches are pretty simple and straight forward. All you need to do is run a TFTP server, log into the switch, add an IP to the switch, specified a default gateway so the switch can talk to the TFTP server and download the new IOS.

SwitchA# vlan 1
SwitchA# ip address 192.168.1.9 255.255.255.0
SwitchA# exit
SwitchA# ip default-gateway 192.168.1.1
SwitchA# copy tftp flash 192.168.1.8 filename.swi

Note that when you do this the switch will download the new software and reboots itself when it's done processing the file. If you need to update both primary and secondary flash then you should find out whether the switch boots from primary flash or secondary flash and copy the other one first.

Let's say the switch boots from primary flash then the sequence of commands should be:

SwitchA# copy tftp flash 192.168.1.8 filename.swi secondary
SwitchA# y
SwitchA# copy tftp flash 192.168.1.8 filename.swi
SwitchA# y

This will let you update the IOS on both primary and secondary flashes before the switch reboots itself and save you some time. Plus you can script this and cut down the update time. If you do it otherwise, the switch will update primary flash, reboot and then you have to manually update the secondary flash.

Routing Information Protocol (RIP)

Routing Information Protocol (RIP) at one time was one of the most commonly used routing protocols on small, internal network. With the availability of other routing protocol such as IGRP, EIGRP, OSPF, IS-IS, BGP... plus the lack of support for large network the usage of RIP has been decreased and it is considered obsolete. For this reason, it's often referred to as "Rest In Peace" protocol.

Nonetheless, Cisco and other networking vendors are still making RIP & RIPv2 available today in their IOS models. I like RIP for the fact that it's very simple and easy to setup. You can get a small network running RIP up in just a few minutes. RIP is also a very good choice of protocol to get one familiarized with routing protocols.

Besides its infamous Pros and Cons, one lesser known fact about RIP is that you can also use it to load balance your network. However, beware of the fact that RIP does not take bandwidth into consideration when it installs learned routes into the routing table.

So let's say you have two ways to send a packet from A to B and the first path is going through a 128k line while the second goes through a T1 line; RIP will treat both paths equally as if they have the same bandwidth.

Suggested Readings:

http://en.wikipedia.org/wiki/Routing_Information_Protocol
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rip.htm

Programmatically Ping A Networking Device

I would say Ping is one of the most popular software tool used to troubleshoot network issue. When a networking device or server goes down, one of the first things network engineers or system admininistrator do is try to ping it and see if it can be reached.

This blog will show you two ways to ping a device so you can integrate the ping feature into your application.

The first and easiest way to issue a ping command is to call the Ping method in the My.Computer.Network class:

If my.Computer.Network.Ping("www.google.com") Then
MsgBox("device up")
Else
MsgBox("device down")
End If

The drawback of this method is that it only gives you a boolean as the result to indicate whether the device is up or down.

The second way is to call the Ping.Send() method in the System.Net.NetworkInformation namespace which returns a PingReply through which you could get more detailed information about the ping:

Dim myPing As New System.Net.NetworkInformation.Ping
Dim PR As System.Net.NetworkInformation.PingReply
PR = myPing.Send("www.yahoo.com")
If PR.Status = IPStatus.Success Then
MsgBox("Reply from " & PR.Address.ToString & ": BYTES=" & PR.Buffer.Length & " TIME<" & PR.RoundtripTime & "ms TTL=" & PR.Options.Ttl)
Else
MsgBox(PR.Status.ToString)
End If

There you have it. Two ways of pinging a networking device. I recommend that you further study the PingReply object to get more information from the ping reply.

Optimize Your Website For Performance

Performance can affect the number of visitors come to your site. The faster the site load, the better experience the visitors will get and the chances of them coming back will also be higher.

Network latency, congestion, packet drops... are already reducing your application performance. If you, the developer, can do anything to speed up content delivery, by all means, you should do it.

Unfortunately, most developers often neglect to pay attention to this are since it's not something they can really visually see and fix because there is no error that will popup and say "Hey, I am slow... fix me..." or something like that.

Here are a few tips that any developer can use to help speed up their web pages:

Put CSS code at the top of the page: if you put CSS at the top of the page, the browser will read it first. When the browser renders a web page, it doesn't have to search up and down looking for the style rules.

Move JavaScript code down to the bottom of the page: JavaScript’s are mostly run on the client side AFTER the page has been rendered. Moving them to the bottom of the page will allow the browser to render other markup tags first and present the UI to the client faster.

Compress java scripts & remove white space: The browser doesn't care if you name your function with a single character nor does it care if the name is 50 characters as long as they are valid. White spaces might make your code look good but will not help when it comes to speed. The less data your server has to spit out the faster your page will be delivered over the wire.

Remove duplicate and/or unused scripts: If it's not being used, remove it. If anything, it will cause more load on your network and create more confusion having it there when it comes time to troubleshoot some problems.

Do not mix Javascripts and HTML markups: Sometimes, you will need to use Javascripts to produce HTML markups. But try to reduce this to a minimum and let the browser finish one thing before it starts the next one (ie: complete HTML render before executing javascript...)

Move CSS & Javascripts out of HTML markups: Don't make the browser go back and forth between HTML markups and javascripts when it renders the page as there is a performance cost to this.

Add expires header: The browser save the pages onto the hard disk so that it can load the same site faster next time around. If there isn't a need for this, add expires header to it doesn't write the pages to disk.

Disable viewstates: ASP.net pages have viewstate enabled by default which adds a bunch of encrypted code to the page. If viewstate is not required, disable it and it will improve the page performance.

These tips will not significantly improve the performance of your web site as that will also depend upon how you compose your application but it will definitely improve the delivery of the page to the visitors. This is especially true if you have high traffic on your site.

If you get the opportunity, you should examine the HTML output for well known sites like Yahoo or Google and see how they optimize their site for performance. Chances are you will see these tips in action.

Smurf Attack

A smurf attack is a Denial of Service (DoS) attacked that uses spoofed broadcast ping messages to flood the target system with ping replies. The attack method gets its name after its exploit program.

In this attack, an attacker sends out a large number of ICMP Echo Request packets to IP broadcast addresses with all requests having a spoofed source address of the intended victim. Once the routing device receives this type of request, it will broadcast it to all hosts on its network. When the hosts reply, they will overwhelm the targeted's network with so much traffic that it will effectively shut out the network from the rest of the world.

Using a Cisco router, one can issue the command:

no ip directed-broadcast

to secure their network from this type of attack.

Note that this does not prevent a network from becoming the target of a smurf attack; it just prevent the network from taking part in an attack agains other networks.