when control_rancid runs, it actually uses temporary files which are
renamed to routers.{up,down}. so, the directory must also be writable.
Fix
# cd ~rancid # chown -R rancid .
Friday 23 September 2016
false "changes in XXX routers" reports Rancid
Thursday 22 September 2016
Install and Configure RSYSLOG
Install RSYSLOG
|
[root@server ~]# yum -y install rsyslog
|
|
|
Configure RSYSLOG
Edit /etc/rsyslog.conf
|
[root@server ~]# vi /etc/rsyslog.conf
|
Uncomment below lines
|
# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
|
|
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
|
Restart the syslog service
|
[root@server ~]# systemctl restart rsyslog.service
|
Verify the syslog server listening
|
[root@server ~]# netstat -antup | grep 514
tcp
0 0
0.0.0.0:514
0.0.0.0:*
LISTEN
759/rsyslogd
tcp6
0 0 :::514 :::* LISTEN
759/rsyslogd
udp
0 0
0.0.0.0:514
0.0.0.0:*
759/rsyslogd
udp6
0 0 :::514 :::*
759/rsyslogd
|
Client setup:
- Log
into syslog server
- Use
an editor to get into the rsyslog config file : vi /etc/rsyslog.conf
(use i to edit) toward the end of the file add the required
devices:
:fromhost-ip,isequal,"192.168.0.1"
/var/log/devicehostname.log
& ~
- Exit
from the file (press Esc and say :wq to save/:q! to quit without
saving)
- Now
restart the rsyslog Daemon : service rsyslog restart
Friday 16 September 2016
Site-to-Site VPN in multiple context mode
Site-to-Site VPN in multiple context mode (ASA 9.x)
Before configuring a Site-to-Site VPN in a multiple context
mode ASA, you must assign VPN resources to the context. By default, no VPN
site-to-site tunnels are allowed and you must manually configure a resource
class to allow any VPN sessions, otherwise you will see the message
"Tunnel Rejected: The maximum tunnel count allowed has been reached"
in IKE debug outputs.
Example:
ASA 5550 with base license supports 5000 VPN sessions.
You have two contexts and want to share VPN resources
assigning 2000 sessions to each context:
asa/admin(config)#
changeto system
asa(config)#
class vpn-2000
asa(config-class)#
limit-resource vpn other 2000
asa(config-class)#
limit-resource vpn burst other 1000
asa(config-class)#
exit
asa(config)#
context context-a
asa(config-ctx)#
member vpn-2000
asa(config-ctx)#exit
asa(config)#
context context-b
asa(config-ctx)#
member vpn-2000
asa(config-ctx)#exit
vpn burst other is the number of VPN sessions allowed beyond
the amount assigned to a context with vpn other. Unlike vpn other, which
guarantees the sessions to the context, vpn burst other can be oversubscribed;
the burst pool is available to all contexts on a first-come, first-served
basis.
Thursday 15 September 2016
Saturday 3 September 2016
Publisher vs Subscriber
These terms are used when discussing Call manager. Call manager handles call processing in Cisco's implementation of IP Telephony. So it is this particular area of VoIP that we would hear the terms publisher and subscriber. The terms are actually from the Microsoft SQL database that earlier version of call manager utilized. The publisher is the authoritative database for configuration. So when changes are made in configuration, they are made on the publisher and replicated to the subscribers. There is only one publisher and can be multiple subscribers. If the publisher is unavailable, the phones can re-home themselves to a subscriber in order to continue to be functional. This is an illustration as to how they function, but not necessarily best practice.In best practices, the phones should be actually use subscribers as their primary.It's more like the publisher contains the master database in which changes to configuration is made and replicated to the subscribers. For scalability, it is normal to point phones to subscribers, since there is only one publisher and can be many subscribers.
Friday 2 September 2016
Subscribe to:
Posts (Atom)