Занимательные факты о cisco waas

• страничка продукта http://cisco.com/go/waas
• система куплена вместе с компанием actona
• на WAE есть tcpdump и wireshark:

WAE1#tcpdump -h

tcpdump version 3.8.1 (jlemon)

libpcap version 0.8

Usage: tcpdump [-aAdDeflLnNOpqRStuUvxX] [-c count] [ -C file_size (kB) ]

[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]

[ -s snaplen ] [ -T type ] [ -w file ] [ -y datalinktype ]

[ -M max_log_files ] [ expression ]

WAE1#tcpdump -D

1.eth0

2.eth2

3.eth4

4.eth5

5.any (Pseudo-device that captures on all interfaces)

6.lo

WAE1#tcpdump -i eth4 -n

tcpdump: WARNING: eth4: no IPv4 address assigned

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth4, link-type EN10MB (Ethernet), capture size 96 bytes

19:38:30.642777 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39

 0100 0ccc cccd 001e 79c4 e681 8100 e00a

 0032 aaaa 0300 000c 010b 0000 0000 0080

 0000 02fd a7d6 c000 0000 1380 0a00 1e79

 c4e6 8080 0101

19:38:30.834835 00:1e:79:c4:e6:81 > 01:00:0c:cc:cc:cc sap aa ui/C len=35

19:38:31.849711 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39

 0100 0ccc cccd 001e 79c4 e681 8100 e00b

 0032 aaaa 0300 000c 010b 0000 0000 0080

 0b00 1e79 c4e6 8000 0000 0080 0b00 1e79

 c4e6 8080 0100

19:38:32.648268 01:00:0c:cc:cc:cd > 00:1e:79:c4:e6:81 sap aa ui/C len=39

 0100 0ccc cccd 001e 79c4 e681 8100 e00a

 0032 aaaa 0300 000c 010b 0000 0000 0080

 0000 02fd a7d6 c000 0000 1380 0a00 1e79

 c4e6 8080 0101

19:38:33.492675 

WAE1#tethereal -h

TShark 1.0.0

Dump and analyze network traffic.

See http://www.wireshark.org for more information.

Copyright 1998-2008 Gerald Combs and contributors.

This is free software; see the source for copying conditions. There is NO

warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Usage: tshark [options] ...

Capture interface:

  -i  interface         name or idx of interface (def: first non-loopback)

  -f filter     packet filter in libpcap filter syntax

  -s snaplen            packet snapshot length (def: 65535)

  -p                       don't capture in promiscuous mode

  -y link-type           link layer type (def: first appropriate)

  -D                       print list of interfaces and exit

  -L                       print list of link-layer types of iface and exit

Capture stop conditions:

  -c packet-count       stop after n packets (def: infinite)

  -a autostop  ...  duration:NUM - stop after NUM seconds

                           filesize:NUM - stop this file after NUM KB

                              files:NUM - stop after NUM files

Capture output:

  -b ringbuffer ... duration:NUM - switch to next file after NUM secs

                           filesize:NUM - switch to next file after NUM KB

                              files:NUM - ringbuffer: replace after NUM files

Input file:

  -r infile             set the filename to read from (no pipes or stdin!)

Processing:

  -R read-filter        packet filter in Wireshark display filter syntax

  -n                        disable all name resolutions (def: all enabled)

  -N name-resolution-flag enable specific name resolution(s): "mntC"

  -d layer-type==selector,decode-as-protocol ...

                           "Decode As", see the man page for details

                           Example: tcp.port==8888,http

Output:

  -w output          set the output filename (or '-' for stdout)

  -C config     start with specified configuration profile

  -F outout-type

   set the output file type, default is libpcap

                           an empty "-F" option will list the file types

  -V                       add output of packet tree        (Packet Details)

  -S                       display packets even when writing to a file

  -x                       add output of hex and ASCII dump (Packet Bytes)

  -T pdml|ps|psml|text|fields

                           format of text output (def: text)

  -e field              field to print if -Tfields selected (e.g. tcp.port);

                           this option can be repeated to print multiple fields

  -E option=value set options for output when -Tfields selected:

     header=y|n            switch headers on and off

     separator=/t|/s| select tab, space, printable character as separator

     quote=d|s|n           select double, single, no quotes for values

  -t ad|a|r|d|dd|e         output format of time stamps (def: r: rel. to first)

  -l                       flush standard output after each packet

  -q                       be more quiet on stdout (e.g. when using statistics)

  -X key:value         eXtension options, see the man page for details

  -z stats           various statistics, see the man page for details

Miscellaneous:

  -h                       display this help and exit

  -v                       display version info and exit

  -o option:value ...    override preference setting

WAE1#tethereal -i eth4

Running as user "admin" and group "root". This could be dangerous.

Capturing on eth4

  0.000000 00:1b:53:50:0a:c0 -> 00:1b:53:50:0a:c0 LOOP Reply

  0.643978 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32779/00:1e:79:c4:e6:80  Cost = 0  Port = 0x8001

  1.155038 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32768/00:02:fd:a7:d6:c0  Cost = 19  Port = 0x8001

  1.700815 00:1e:79:c4:e6:81 -> 00:1e:79:c4:e6:81 LOOP Reply

  2.648238 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:cd STP Conf. Root = 32779/00:1e:79:c4:e6:80  Cost = 0  Port = 0x8001

  3.152556 00:1e:79:c4:e6:81 -> 01:00:0c:cc:cc:c6 packets captured

• на WAE есть grep

WAE1#sh run | in -h

Usage: grep [OPTION]... PATTERN [FILE]...

Try `grep --help' for more information.

WAE1#

• логин/пароль по умолчанию весьма оригинальны: admin/default

продолжение следует

Narbik's Fridays Puzzle

задание придумано Нарбиком, и опубликовано в групстади. публикую для тех кто не знает что такое групстади :)

топология:

R1 ---- R2

конфиг:

hostname R1
!
int fa0/0
 descr -- to R2
 ip add 10.1.1.1 255.255.255.0
 no sh
!
int lo0
 ip add 2.2.2.2 255.255.0.0
!
router eigrp 1
 network 10.0.0.0
 redistribute static

и

hostname R2
!
int fa0/0
 descr -- to R1
 ip add 10.1.1.2 255.255.255.0
 no sh
!
router eigrp 1
 network 10.0.0.0

задание:
* на R2 должен появится маршрут на лупбек R1, причем как D EX
* R2 настраивать нельзя
* R1 должен использовать именно redistribute static
* на R1 нельзя использовать: ip route, route-map, access-list, prefix-list, event manager :(


UPDATE:ответ:

R1(config)#ip default-network 2.0.0.0
R1(config)#end
R1#sh ip route static
     2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S       2.0.0.0/8 [1/0] via 2.2.0.0
R1#sh ip route 2.0.0.0 255.0.0.0
Routing entry for 2.0.0.0/8
  Known via "static", distance 1, metric 0
  Redistributing via eigrp 1
  Advertised by eigrp 1
  Routing Descriptor Blocks:
  * 2.2.0.0
      Route metric is 0, traffic share count is 1

R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

D EX 2.0.0.0/8 [170/2297856] via 10.1.1.1, 00:00:04, Serial0/0/1
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.1.0 is directly connected, Serial0/0/1

правда, косвенно, у нас появляется статический маршрут на R1, но ведь 
а) мы его не добавляли; 
б) мы его даже удалить не можем :)