Last weekend around 2 AM I got a call from a Help Desk guy stating that one of Unix Server is not reachable from certain parts of my client network. And my first reaction was :
but it's all part of job and entertainment. So few minutes later I logged into the network using my VPN access to see what's going on. So as I logged in into the network, I found ..... "Nothing". I mean everything was looking ok and there wasn't any log into the ACS (Used For AAA based Access) suggesting someone made changes into the network on Friday. Also no log into local log of concerned devices stating any reason.
So after this initial investigation I was pretty sure now that there wasn't any change made in the network since Friday. Which leads to conclusion that it's either problem with the Unix server itself or there is some configuration issues with the server.
Next I dropped any email back to unix guy stating I didn't find anything unusual, please confirm if:
> Any changes were made into the configuration of Unix Server recently ?
> Restart the network Services of the Unix Server
> Send me "ifconfig -a" command output from Unix Server command prompt.
BTW... "ifconfig -a" is equivalent to "sh protocols" in Cisco IOS world and "ipconfig /all" from Windows OS world.
and just a minute later the Unix guy replied me back stating:
> There were no changes made into the configuration since last few days
> Restarting network services didn't help
> ifconfig -a results attached
# ifconfig -a
lo0: flags=2001000849LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
bge0: flags=1000843BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.136.110.149 netmask ff000000 broadcast 10.255.255.255
ether 0:3:ba:f8:2e:39
bge1: flags=1000843BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 172.17.1.132 netmask ffff0000 broadcast 172.17.255.255
ether 0:3:ba:f8:2e:3a
So as you guys can see, the E0 Ethernet interface is Running fine and even IP was looking good from my prospective since I already had checked the VLAN subnet for it. But did you see the mask highlighted with YELLOW color ? Isn't that looking weird ? I mean did you ever know that there are some devices out there which takes netmask/subnet mask into Hexadecimal format ?
At-least I didn't....
So next step was to determine the subnet mask into Decimal format to see if it matches my network device configuration. So I quickly took the windows calculator and tried to conver ff000000 into binary. Though It took a min or two to figure out how many digits from Hex needs to be picked up for each decimal block. And the answer was "Two"
so finally I had answer that subnet mask was put by unix administrator was "255.0.0.0" where my vlan subnet configuration was configured for different subnet mask. So I quickly replied unix administrator suggesting to change the subnet mask to the correct one and of course that fixed the issue.
After that next morning I did some research on Subnet mask in Hex format and found that some old Unix box use to support it in that format only.
But one interesting thing I found was that our very own Cisco IOS also supports that format. And I was like :
Yes. So I quickly did some test and here are results:
R1#terminal ip netmask-format hexadecimal
R1#sh run | i terminal
R1#
R1(config-line)#ip netmask-format hexadecimal
R1(config-line)#end
R1#sh run | b netmask
ip netmask-format hexadecimal
line aux 0
line vty 0 4
!
HTH...
Deepak Arora
Evil CCIE
but it's all part of job and entertainment. So few minutes later I logged into the network using my VPN access to see what's going on. So as I logged in into the network, I found ..... "Nothing". I mean everything was looking ok and there wasn't any log into the ACS (Used For AAA based Access) suggesting someone made changes into the network on Friday. Also no log into local log of concerned devices stating any reason.
So after this initial investigation I was pretty sure now that there wasn't any change made in the network since Friday. Which leads to conclusion that it's either problem with the Unix server itself or there is some configuration issues with the server.
Next I dropped any email back to unix guy stating I didn't find anything unusual, please confirm if:
> Any changes were made into the configuration of Unix Server recently ?
> Restart the network Services of the Unix Server
> Send me "ifconfig -a" command output from Unix Server command prompt.
BTW... "ifconfig -a" is equivalent to "sh protocols" in Cisco IOS world and "ipconfig /all" from Windows OS world.
and just a minute later the Unix guy replied me back stating:
> There were no changes made into the configuration since last few days
> Restarting network services didn't help
> ifconfig -a results attached
# ifconfig -a
lo0: flags=2001000849
inet 127.0.0.1 netmask ff000000
bge0: flags=1000843
inet 10.136.110.149 netmask ff000000 broadcast 10.255.255.255
ether 0:3:ba:f8:2e:39
bge1: flags=1000843
inet 172.17.1.132 netmask ffff0000 broadcast 172.17.255.255
ether 0:3:ba:f8:2e:3a
So as you guys can see, the E0 Ethernet interface is Running fine and even IP was looking good from my prospective since I already had checked the VLAN subnet for it. But did you see the mask highlighted with YELLOW color ? Isn't that looking weird ? I mean did you ever know that there are some devices out there which takes netmask/subnet mask into Hexadecimal format ?
At-least I didn't....
So next step was to determine the subnet mask into Decimal format to see if it matches my network device configuration. So I quickly took the windows calculator and tried to conver ff000000 into binary. Though It took a min or two to figure out how many digits from Hex needs to be picked up for each decimal block. And the answer was "Two"
so finally I had answer that subnet mask was put by unix administrator was "255.0.0.0" where my vlan subnet configuration was configured for different subnet mask. So I quickly replied unix administrator suggesting to change the subnet mask to the correct one and of course that fixed the issue.
After that next morning I did some research on Subnet mask in Hex format and found that some old Unix box use to support it in that format only.
But one interesting thing I found was that our very own Cisco IOS also supports that format. And I was like :
Yes. So I quickly did some test and here are results:
R1#sh ver | i IOS
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T5, RELEASE SOFTWARE (fc4)
R1#sh ip int brief | e una|do
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 20.20.20.20 YES manual up up
FastEthernet0/1 30.30.30.30 YES manual up up
Loopback0 10.10.10.10 YES manual up up
R1#sh protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 20.20.20.20/8
FastEthernet0/1 is up, line protocol is up
Internet address is 30.30.30.30/16
Loopback0 is up, line protocol is up
Internet address is 10.10.10.10/30
R1#terminal ip netmask-format ?
bit-count Display netmask as number of significant bits
decimal Display netmask in dotted decimal
hexadecimal Display netmask in hexadecimal
R1#terminal ip netmask-format hexadecimal
R1#sh protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 20.20.20.20 0xFF000000
FastEthernet0/1 is up, line protocol is up
Internet address is 30.30.30.30 0xFFFF0000
Loopback0 is up, line protocol is up
Internet address is 10.10.10.10 0xFFFFFFFC
R1#sh run int f0/0
Building configuration...
Current configuration : 92 bytes
!
interface FastEthernet0/0
ip address 20.20.20.20 255.0.0.0
duplex auto
speed auto
end
R1#terminal ip netmask-format decimal
R1#sh protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 20.20.20.20 255.0.0.0
FastEthernet0/1 is up, line protocol is up
Internet address is 30.30.30.30 255.255.0.0
Loopback0 is up, line protocol is up
Internet address is 10.10.10.10 255.255.255.252
R1#sh run int f0/0
Building configuration...
Current configuration : 92 bytes
!
interface FastEthernet0/0
ip address 20.20.20.20 255.0.0.0
duplex auto
speed auto
end
R1#terminal ip netmask-format bit-count
R1#sh protocols
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 20.20.20.20/8
FastEthernet0/1 is up, line protocol is up
Internet address is 30.30.30.30/16
Loopback0 is up, line protocol is up
Internet address is 10.10.10.10/30
R1#sh run int f0/0
Building configuration...
Current configuration : 92 bytes
!
interface FastEthernet0/0
ip address 20.20.20.20 255.0.0.0
duplex auto
speed auto
end
Few other interesting facts I found were :
> If you ever change the netmask format from global mode, it never shows up into the running config
R1#sh run | i terminal
R1#
> You can change the format for particular line (VTY Vs Aux Vs Con) And this time it will reflect into the running configuration.
R1(config)#line con 0
R1(config-line)#ip netmask-format ?
bit-count Display netmask as number of significant bits
decimal Display netmask in dotted decimal
hexadecimal Display netmask in hexadecimal
R1(config-line)#end
R1#sh run | b netmask
ip netmask-format hexadecimal
line aux 0
line vty 0 4
!
Deepak Arora
Evil CCIE
2 comments:
Is the loopback running (highlighted in white), a normal status?
Thissubnet calculator will calculate the subnet mask to use, given a TCP/IP network address and the number of subnets or nodes per subnet required.
To create the subnet mask, first remember that the purpose of the subnet mask is to separate the (32 bit) ip address into the network prefix and the host number. If a bit in the subnet mask is 1, the corresponding bit in the IP address is part of the network address; if the bit in the subnet mask is 0, the corresponding bit in the IP address is part of the host address.
First depict the ip address in binary. Take 61.246.19.18 and convert to binary:
ip address: 00111101.11110110.00010011.00010010
First we determine what class of address it is:
If the first bit is 0 it is a Class A address If the first two bits are 10 it is a Class B address If the first three bits are 110 it is a Class C address If the first four bits are 1110 it is a Class D multicast address If the first four bits are 1111 it is a Class E experimental address
Your example is a Class A address. The default subnet mask for a Class A address is:
subnet mask: 11111111.00000000.00000000.00000000
The formula for figuring out the number of 'host' bits in a subnet mask is
2^n=(number of nodes ) (2^n means '2' to the power of 'n')
Since you know the number of nodes, you need to find 'n'.
Because you want 64 node(s), you want to leave 6 - '0' bits in the subnet mask since 64 = 2 ^ 6.
This will give you the following subnet mask:
subnet mask: 11111111.11111111.11111111.11000000
Which is referred to as /26 or in dotted decimal notation as 255.255.255.192
Post a Comment